Search in sources :

Example 1 with SMPClientException

use of com.helger.smpclient.exception.SMPClientException in project phoss-directory by phax.

the class SMPBusinessCardProvider method getBusinessCardPeppolSMP.

@Nullable
@VisibleForTesting
PDExtendedBusinessCard getBusinessCardPeppolSMP(@Nonnull final IParticipantIdentifier aParticipantID, @Nonnull final SMPClientReadOnly aSMPClient, @Nonnull final HttpClientSettings aHCS) {
    LOGGER.info("Querying BusinessCard for '" + aParticipantID.getURIEncoded() + "' from Peppol SMP '" + aSMPClient.getSMPHostURI() + "'");
    // First query the service group
    com.helger.xsds.peppol.smp1.ServiceGroupType aServiceGroup;
    try {
        aServiceGroup = aSMPClient.getServiceGroupOrNull(aParticipantID);
    } catch (final SMPClientException ex) {
        LOGGER.error("Error querying SMP for ServiceGroup of '" + aParticipantID.getURIEncoded() + "'", ex);
        return null;
    }
    // If the service group is present, try querying the business card
    final PDBusinessCard aBusinessCard;
    try (final HttpClientManager aHCM = HttpClientManager.create(aHCS)) {
        // Use the optional business card API
        final HttpGet aRequest = new HttpGet(aSMPClient.getSMPHostURI() + "businesscard/" + aParticipantID.getURIPercentEncoded());
        aBusinessCard = aHCM.execute(aRequest, new PDSMPHttpResponseHandlerBusinessCard());
    } catch (final IOException ex) {
        if ((ex instanceof HttpResponseException && ((HttpResponseException) ex).getStatusCode() == CHttp.HTTP_NOT_FOUND) || ex instanceof UnknownHostException) {
            LOGGER.warn("No BusinessCard available for '" + aParticipantID.getURIEncoded() + "' - not in configured SMK/SML? - " + ex.getMessage());
        } else
            LOGGER.error("Error querying SMP for BusinessCard of '" + aParticipantID.getURIEncoded() + "'", ex);
        return null;
    }
    if (aBusinessCard == null) {
        // No extension present - no need to try again
        LOGGER.warn("Failed to get SMP BusinessCard of " + aParticipantID.getURIEncoded());
        return null;
    }
    // Query all document types
    final IIdentifierFactory aIdentifierFactory = PDMetaManager.getIdentifierFactory();
    final ICommonsList<IDocumentTypeIdentifier> aDocumentTypeIDs = SMPClientReadOnly.getAllDocumentTypes(aServiceGroup, aIdentifierFactory, UNHANDLED_HREF_HANDLER);
    return new PDExtendedBusinessCard(aBusinessCard, aDocumentTypeIDs);
}
Also used : PDBusinessCard(com.helger.pd.businesscard.generic.PDBusinessCard) UnknownHostException(java.net.UnknownHostException) HttpGet(org.apache.http.client.methods.HttpGet) IDocumentTypeIdentifier(com.helger.peppolid.IDocumentTypeIdentifier) HttpResponseException(org.apache.http.client.HttpResponseException) IOException(java.io.IOException) HttpClientManager(com.helger.httpclient.HttpClientManager) SMPClientException(com.helger.smpclient.exception.SMPClientException) IIdentifierFactory(com.helger.peppolid.factory.IIdentifierFactory) VisibleForTesting(com.helger.commons.annotation.VisibleForTesting) Nullable(javax.annotation.Nullable)

Example 2 with SMPClientException

use of com.helger.smpclient.exception.SMPClientException in project peppol-commons by phax.

the class BDXR2ClientReadOnly method getServiceMetadata.

/**
 * Gets a signed service metadata object given by its service group id and its
 * document type. This is a specification compliant method.
 *
 * @param aServiceGroupID
 *        The service group id of the service metadata to get. May not be
 *        <code>null</code>.
 * @param aDocumentTypeID
 *        The document type of the service metadata to get. May not be
 *        <code>null</code>.
 * @return A signed service metadata object. Never <code>null</code>.
 * @throws SMPClientException
 *         in case something goes wrong
 * @throws SMPClientUnauthorizedException
 *         A HTTP Forbidden was received, should not happen.
 * @throws SMPClientNotFoundException
 *         The service group id or document type did not exist.
 * @throws SMPClientBadRequestException
 *         The request was not well formed.
 * @see #getServiceMetadataOrNull(IParticipantIdentifier,
 *      IDocumentTypeIdentifier)
 */
@Nonnull
public ServiceMetadataType getServiceMetadata(@Nonnull final IParticipantIdentifier aServiceGroupID, @Nonnull final IDocumentTypeIdentifier aDocumentTypeID) throws SMPClientException {
    ValueEnforcer.notNull(aServiceGroupID, "ServiceGroupID");
    ValueEnforcer.notNull(aDocumentTypeID, "DocumentTypeID");
    final String sURI = getSMPHostURI() + PATH_OASIS_BDXR_SMP_2 + aServiceGroupID.getURIPercentEncoded() + "/" + URL_PART_SERVICES + "/" + aDocumentTypeID.getURIPercentEncoded();
    if (LOGGER.isDebugEnabled())
        LOGGER.debug("BDXR2Client getServiceRegistration@" + sURI);
    final boolean bXSDValidation = isXMLSchemaValidation();
    final boolean bVerifySignature = isVerifySignature();
    final KeyStore aTrustStore = getTrustStore();
    HttpGet aRequest = new HttpGet(sURI);
    BDXR2ServiceMetadataMarshaller aMarshaller = new BDXR2ServiceMetadataMarshaller(bXSDValidation);
    customizeMarshaller(aMarshaller);
    ServiceMetadataType aMetadata = executeGenericRequest(aRequest, new SMPHttpResponseHandlerSigned<>(aMarshaller, aTrustStore).setVerifySignature(bVerifySignature));
    if (LOGGER.isDebugEnabled())
        LOGGER.debug("Received response: " + aMetadata);
    if (!SimpleDocumentTypeIdentifier.wrap(aMetadata.getID()).equals(aDocumentTypeID)) {
        // Inconsistency between request and response
        throw new SMPClientException("Requested document type '" + aDocumentTypeID.getURIEncoded() + "' and received '" + CIdentifier.getURIEncoded(aMetadata.getID()) + "' - mismatch. Ignoring request.");
    }
    // If the Redirect element is present, then follow 1 redirect.
    if (isFollowSMPRedirects()) {
        for (final ProcessMetadataType aPM : aMetadata.getProcessMetadata()) {
            final RedirectType aRedirect = aPM.getRedirect();
            if (aRedirect != null) {
                // Follow the redirect
                if (LOGGER.isInfoEnabled())
                    LOGGER.info("Following a redirect from '" + sURI + "' to '" + aRedirect.getPublisherURIValue() + "'");
                aRequest = new HttpGet(aRedirect.getPublisherURIValue());
                // Create a new Marshaller to make sure customization is easy
                aMarshaller = new BDXR2ServiceMetadataMarshaller(bXSDValidation);
                customizeMarshaller(aMarshaller);
                aMetadata = executeGenericRequest(aRequest, new SMPHttpResponseHandlerSigned<>(new BDXR2ServiceMetadataMarshaller(bXSDValidation), aTrustStore).setVerifySignature(bVerifySignature));
                // Check that the certificateUID is correct.
                boolean bCertificateSubjectFound = false;
                if (aMetadata.hasSignatureEntries())
                    outer: for (final Object aObj : aMetadata.getSignatureAtIndex(0).getKeyInfo().getContent()) {
                        final Object aInfoValue = ((JAXBElement<?>) aObj).getValue();
                        if (aInfoValue instanceof X509DataType) {
                            final X509DataType aX509Data = (X509DataType) aInfoValue;
                            for (final Object aX509Obj : aX509Data.getX509IssuerSerialOrX509SKIOrX509SubjectName()) {
                                final JAXBElement<?> aX509element = (JAXBElement<?>) aX509Obj;
                                // Find the first subject (of type string)
                                if (aX509element.getValue() instanceof X509Certificate) {
                                    final X509Certificate aSecondCert = (X509Certificate) aX509element.getValue();
                                    // Check all certs of the source redirect
                                    boolean bFound = false;
                                    final ICommonsList<X509Certificate> aAllRedirectCerts = new CommonsArrayList<>();
                                    for (final CertificateType aCT : aRedirect.getCertificate()) {
                                        try {
                                            final X509Certificate aRedirectCert = CertificateHelper.convertByteArrayToCertficate(aCT.getContentBinaryObjectValue());
                                            if (aRedirectCert != null) {
                                                aAllRedirectCerts.add(aRedirectCert);
                                                // Certificate match?
                                                if (aRedirectCert.equals(aSecondCert)) {
                                                    bFound = true;
                                                    break;
                                                }
                                            }
                                        } catch (final CertificateException ex) {
                                            // Error in certificate in SMP response
                                            LOGGER.error("SMP Redirect contains an invalid certificate", ex);
                                        }
                                    }
                                    if (!bFound)
                                        throw new SMPClientException("No certificate of the redirect matched the provided certificate. Retrieved certificate is '" + aSecondCert + "'. Allowed certificates according to the redirect are: " + aAllRedirectCerts);
                                    bCertificateSubjectFound = true;
                                    break outer;
                                }
                            }
                        }
                    }
                if (!bCertificateSubjectFound)
                    throw new SMPClientException("The X509 certificate did not contain a certificate subject.");
            }
        }
    } else {
        if (LOGGER.isDebugEnabled())
            LOGGER.debug("Following SMP redirects is disabled");
    }
    return aMetadata;
}
Also used : SMPHttpResponseHandlerSigned(com.helger.smpclient.httpclient.SMPHttpResponseHandlerSigned) X509DataType(com.helger.xsds.xmldsig.X509DataType) HttpGet(org.apache.http.client.methods.HttpGet) CertificateException(java.security.cert.CertificateException) JAXBElement(javax.xml.bind.JAXBElement) KeyStore(java.security.KeyStore) ProcessMetadataType(com.helger.xsds.bdxr.smp2.ac.ProcessMetadataType) X509Certificate(java.security.cert.X509Certificate) RedirectType(com.helger.xsds.bdxr.smp2.ac.RedirectType) CertificateType(com.helger.xsds.bdxr.smp2.ac.CertificateType) SMPClientException(com.helger.smpclient.exception.SMPClientException) ServiceMetadataType(com.helger.xsds.bdxr.smp2.ServiceMetadataType) CommonsArrayList(com.helger.commons.collection.impl.CommonsArrayList) BDXR2ServiceMetadataMarshaller(com.helger.smpclient.bdxr2.marshal.BDXR2ServiceMetadataMarshaller) Nonnull(javax.annotation.Nonnull)

Example 3 with SMPClientException

use of com.helger.smpclient.exception.SMPClientException in project phoss-directory by phax.

the class SMPBusinessCardProvider method getBusinessCardBDXR2.

@Nullable
@VisibleForTesting
PDExtendedBusinessCard getBusinessCardBDXR2(@Nonnull final IParticipantIdentifier aParticipantID, @Nonnull final BDXR2ClientReadOnly aSMPClient, @Nonnull final HttpClientSettings aHCS) {
    LOGGER.info("Querying BusinessCard for '" + aParticipantID.getURIEncoded() + "' from OASIS BDXR SMP v2 '" + aSMPClient.getSMPHostURI() + "'");
    // First query the service group
    com.helger.xsds.bdxr.smp2.ServiceGroupType aServiceGroup;
    try {
        aServiceGroup = aSMPClient.getServiceGroupOrNull(aParticipantID);
    } catch (final SMPClientException ex) {
        LOGGER.error("Error querying SMP for ServiceGroup of '" + aParticipantID.getURIEncoded() + "'", ex);
        return null;
    }
    // If the service group is present, try querying the business card
    final PDBusinessCard aBusinessCard;
    try (final HttpClientManager aHCM = HttpClientManager.create(aHCS)) {
        // Use the optional business card API
        // TODO is the path "bdxr-smp-2" needed? Well, the PD is not yet
        // specified for this SMP type....
        final HttpGet aRequest = new HttpGet(aSMPClient.getSMPHostURI() + "businesscard/" + aParticipantID.getURIPercentEncoded());
        aBusinessCard = aHCM.execute(aRequest, new PDSMPHttpResponseHandlerBusinessCard());
    } catch (final IOException ex) {
        if ((ex instanceof HttpResponseException && ((HttpResponseException) ex).getStatusCode() == CHttp.HTTP_NOT_FOUND) || ex instanceof UnknownHostException) {
            LOGGER.warn("No BusinessCard available for '" + aParticipantID.getURIEncoded() + "' - not in configured SMK/SML? - " + ex.getMessage());
        } else
            LOGGER.error("Error querying SMP for BusinessCard of '" + aParticipantID.getURIEncoded() + "'", ex);
        return null;
    }
    if (aBusinessCard == null) {
        // No extension present - no need to try again
        LOGGER.warn("Failed to get SMP BusinessCard of " + aParticipantID.getURIEncoded());
        return null;
    }
    // Query all document types
    final IIdentifierFactory aIdentifierFactory = PDMetaManager.getIdentifierFactory();
    final ICommonsList<IDocumentTypeIdentifier> aDocumentTypeIDs = BDXR2ClientReadOnly.getAllDocumentTypes(aServiceGroup, aIdentifierFactory);
    return new PDExtendedBusinessCard(aBusinessCard, aDocumentTypeIDs);
}
Also used : PDBusinessCard(com.helger.pd.businesscard.generic.PDBusinessCard) UnknownHostException(java.net.UnknownHostException) HttpGet(org.apache.http.client.methods.HttpGet) IDocumentTypeIdentifier(com.helger.peppolid.IDocumentTypeIdentifier) HttpResponseException(org.apache.http.client.HttpResponseException) IOException(java.io.IOException) HttpClientManager(com.helger.httpclient.HttpClientManager) SMPClientException(com.helger.smpclient.exception.SMPClientException) IIdentifierFactory(com.helger.peppolid.factory.IIdentifierFactory) VisibleForTesting(com.helger.commons.annotation.VisibleForTesting) Nullable(javax.annotation.Nullable)

Example 4 with SMPClientException

use of com.helger.smpclient.exception.SMPClientException in project phoss-directory by phax.

the class SMPBusinessCardProvider method getBusinessCardBDXR1.

@Nullable
@VisibleForTesting
PDExtendedBusinessCard getBusinessCardBDXR1(@Nonnull final IParticipantIdentifier aParticipantID, @Nonnull final BDXRClientReadOnly aSMPClient, @Nonnull final HttpClientSettings aHCS) {
    LOGGER.info("Querying BusinessCard for '" + aParticipantID.getURIEncoded() + "' from OASIS BDXR SMP v1 '" + aSMPClient.getSMPHostURI() + "'");
    // First query the service group
    com.helger.xsds.bdxr.smp1.ServiceGroupType aServiceGroup;
    try {
        aServiceGroup = aSMPClient.getServiceGroupOrNull(aParticipantID);
    } catch (final SMPClientException ex) {
        LOGGER.error("Error querying SMP for ServiceGroup of '" + aParticipantID.getURIEncoded() + "'", ex);
        return null;
    }
    // If the service group is present, try querying the business card
    final PDBusinessCard aBusinessCard;
    try (final HttpClientManager aHCM = HttpClientManager.create(aHCS)) {
        // Use the optional business card API
        final HttpGet aRequest = new HttpGet(aSMPClient.getSMPHostURI() + "businesscard/" + aParticipantID.getURIPercentEncoded());
        aBusinessCard = aHCM.execute(aRequest, new PDSMPHttpResponseHandlerBusinessCard());
    } catch (final IOException ex) {
        if ((ex instanceof HttpResponseException && ((HttpResponseException) ex).getStatusCode() == CHttp.HTTP_NOT_FOUND) || ex instanceof UnknownHostException) {
            LOGGER.warn("No BusinessCard available for '" + aParticipantID.getURIEncoded() + "' - not in configured SMK/SML? - " + ex.getMessage());
        } else
            LOGGER.error("Error querying SMP for BusinessCard of '" + aParticipantID.getURIEncoded() + "'", ex);
        return null;
    }
    if (aBusinessCard == null) {
        // No extension present - no need to try again
        LOGGER.warn("Failed to get SMP BusinessCard of " + aParticipantID.getURIEncoded());
        return null;
    }
    // Query all document types
    final IIdentifierFactory aIdentifierFactory = PDMetaManager.getIdentifierFactory();
    final ICommonsList<IDocumentTypeIdentifier> aDocumentTypeIDs = BDXRClientReadOnly.getAllDocumentTypes(aServiceGroup, aIdentifierFactory, UNHANDLED_HREF_HANDLER);
    return new PDExtendedBusinessCard(aBusinessCard, aDocumentTypeIDs);
}
Also used : PDBusinessCard(com.helger.pd.businesscard.generic.PDBusinessCard) UnknownHostException(java.net.UnknownHostException) HttpGet(org.apache.http.client.methods.HttpGet) IDocumentTypeIdentifier(com.helger.peppolid.IDocumentTypeIdentifier) HttpResponseException(org.apache.http.client.HttpResponseException) IOException(java.io.IOException) HttpClientManager(com.helger.httpclient.HttpClientManager) SMPClientException(com.helger.smpclient.exception.SMPClientException) IIdentifierFactory(com.helger.peppolid.factory.IIdentifierFactory) VisibleForTesting(com.helger.commons.annotation.VisibleForTesting) Nullable(javax.annotation.Nullable)

Example 5 with SMPClientException

use of com.helger.smpclient.exception.SMPClientException in project peppol-commons by phax.

the class SMPClientReadOnly method getServiceMetadata.

/**
 * Gets a signed service metadata object given by its service group id and its
 * document type. This is a specification compliant method.
 *
 * @param aServiceGroupID
 *        The service group id of the service metadata to get. May not be
 *        <code>null</code>.
 * @param aDocumentTypeID
 *        The document type of the service metadata to get. May not be
 *        <code>null</code>.
 * @return A signed service metadata object. Never <code>null</code>.
 * @throws SMPClientException
 *         in case something goes wrong
 * @throws SMPClientUnauthorizedException
 *         A HTTP Forbidden was received, should not happen.
 * @throws SMPClientNotFoundException
 *         The service group id or document type did not exist.
 * @throws SMPClientBadRequestException
 *         The request was not well formed.
 * @see #getServiceMetadataOrNull(IParticipantIdentifier,
 *      IDocumentTypeIdentifier)
 * @since v8.0.0
 */
@Nonnull
public SignedServiceMetadataType getServiceMetadata(@Nonnull final IParticipantIdentifier aServiceGroupID, @Nonnull final IDocumentTypeIdentifier aDocumentTypeID) throws SMPClientException {
    ValueEnforcer.notNull(aServiceGroupID, "ServiceGroupID");
    ValueEnforcer.notNull(aDocumentTypeID, "DocumentTypeID");
    final String sURI = getSMPHostURI() + aServiceGroupID.getURIPercentEncoded() + "/" + URL_PART_SERVICES + "/" + aDocumentTypeID.getURIPercentEncoded();
    if (LOGGER.isDebugEnabled())
        LOGGER.debug("SMPClient getServiceRegistration@" + sURI);
    final boolean bXSDValidation = isXMLSchemaValidation();
    final boolean bVerifySignature = isVerifySignature();
    final KeyStore aTrustStore = getTrustStore();
    HttpGet aRequest = new HttpGet(sURI);
    SMPMarshallerSignedServiceMetadataType aMarshaller = new SMPMarshallerSignedServiceMetadataType(bXSDValidation);
    customizeMarshaller(aMarshaller);
    SignedServiceMetadataType aMetadata = executeGenericRequest(aRequest, new SMPHttpResponseHandlerSigned<>(aMarshaller, aTrustStore).setVerifySignature(bVerifySignature));
    if (LOGGER.isDebugEnabled())
        LOGGER.debug("Received response: " + aMetadata);
    // If the Redirect element is present, then follow 1 redirect.
    if (isFollowSMPRedirects()) {
        if (aMetadata.getServiceMetadata() != null && aMetadata.getServiceMetadata().getRedirect() != null) {
            final RedirectType aRedirect = aMetadata.getServiceMetadata().getRedirect();
            // Follow the redirect
            if (LOGGER.isInfoEnabled())
                LOGGER.info("Following a redirect from '" + sURI + "' to '" + aRedirect.getHref() + "'");
            aRequest = new HttpGet(aRedirect.getHref());
            // Create a new Marshaller to ensure customization is simple
            aMarshaller = new SMPMarshallerSignedServiceMetadataType(bXSDValidation);
            customizeMarshaller(aMarshaller);
            aMetadata = executeGenericRequest(aRequest, new SMPHttpResponseHandlerSigned<>(aMarshaller, aTrustStore).setVerifySignature(bVerifySignature));
            // Check that the certificateUID is correct.
            boolean bCertificateSubjectFound = false;
            for (final Object aObj : aMetadata.getSignature().getKeyInfo().getContent()) {
                final Object aInfoValue = ((JAXBElement<?>) aObj).getValue();
                if (aInfoValue instanceof X509DataType) {
                    final X509DataType aX509Data = (X509DataType) aInfoValue;
                    if (containsRedirectSubject(aX509Data, aRedirect.getCertificateUID())) {
                        bCertificateSubjectFound = true;
                        break;
                    }
                }
            }
            if (!bCertificateSubjectFound)
                throw new SMPClientException("The X509 certificate did not contain a certificate subject.");
        }
    } else {
        if (LOGGER.isDebugEnabled())
            LOGGER.debug("Following SMP redirects is disabled");
    }
    return aMetadata;
}
Also used : SMPHttpResponseHandlerSigned(com.helger.smpclient.httpclient.SMPHttpResponseHandlerSigned) X509DataType(com.helger.xsds.xmldsig.X509DataType) HttpGet(org.apache.http.client.methods.HttpGet) SignedServiceMetadataType(com.helger.xsds.peppol.smp1.SignedServiceMetadataType) SMPMarshallerSignedServiceMetadataType(com.helger.smpclient.peppol.marshal.SMPMarshallerSignedServiceMetadataType) JAXBElement(javax.xml.bind.JAXBElement) KeyStore(java.security.KeyStore) RedirectType(com.helger.xsds.peppol.smp1.RedirectType) SMPClientException(com.helger.smpclient.exception.SMPClientException) SMPMarshallerSignedServiceMetadataType(com.helger.smpclient.peppol.marshal.SMPMarshallerSignedServiceMetadataType) Nonnull(javax.annotation.Nonnull)

Aggregations

SMPClientException (com.helger.smpclient.exception.SMPClientException)7 HttpGet (org.apache.http.client.methods.HttpGet)6 UnknownHostException (java.net.UnknownHostException)4 Nonnull (javax.annotation.Nonnull)4 HttpResponseException (org.apache.http.client.HttpResponseException)4 VisibleForTesting (com.helger.commons.annotation.VisibleForTesting)3 HttpClientManager (com.helger.httpclient.HttpClientManager)3 PDBusinessCard (com.helger.pd.businesscard.generic.PDBusinessCard)3 IDocumentTypeIdentifier (com.helger.peppolid.IDocumentTypeIdentifier)3 IIdentifierFactory (com.helger.peppolid.factory.IIdentifierFactory)3 SMPHttpResponseHandlerSigned (com.helger.smpclient.httpclient.SMPHttpResponseHandlerSigned)3 X509DataType (com.helger.xsds.xmldsig.X509DataType)3 IOException (java.io.IOException)3 KeyStore (java.security.KeyStore)3 Nullable (javax.annotation.Nullable)3 JAXBElement (javax.xml.bind.JAXBElement)3 CommonsArrayList (com.helger.commons.collection.impl.CommonsArrayList)1 BDXR1MarshallerSignedServiceMetadataType (com.helger.smpclient.bdxr1.marshal.BDXR1MarshallerSignedServiceMetadataType)1 BDXR2ServiceMetadataMarshaller (com.helger.smpclient.bdxr2.marshal.BDXR2ServiceMetadataMarshaller)1 SMPClientBadRequestException (com.helger.smpclient.exception.SMPClientBadRequestException)1