use of com.helger.smpclient.exception.SMPClientException in project phoss-directory by phax.
the class SMPBusinessCardProvider method getBusinessCardPeppolSMP.
@Nullable
@VisibleForTesting
PDExtendedBusinessCard getBusinessCardPeppolSMP(@Nonnull final IParticipantIdentifier aParticipantID, @Nonnull final SMPClientReadOnly aSMPClient, @Nonnull final HttpClientSettings aHCS) {
LOGGER.info("Querying BusinessCard for '" + aParticipantID.getURIEncoded() + "' from Peppol SMP '" + aSMPClient.getSMPHostURI() + "'");
// First query the service group
com.helger.xsds.peppol.smp1.ServiceGroupType aServiceGroup;
try {
aServiceGroup = aSMPClient.getServiceGroupOrNull(aParticipantID);
} catch (final SMPClientException ex) {
LOGGER.error("Error querying SMP for ServiceGroup of '" + aParticipantID.getURIEncoded() + "'", ex);
return null;
}
// If the service group is present, try querying the business card
final PDBusinessCard aBusinessCard;
try (final HttpClientManager aHCM = HttpClientManager.create(aHCS)) {
// Use the optional business card API
final HttpGet aRequest = new HttpGet(aSMPClient.getSMPHostURI() + "businesscard/" + aParticipantID.getURIPercentEncoded());
aBusinessCard = aHCM.execute(aRequest, new PDSMPHttpResponseHandlerBusinessCard());
} catch (final IOException ex) {
if ((ex instanceof HttpResponseException && ((HttpResponseException) ex).getStatusCode() == CHttp.HTTP_NOT_FOUND) || ex instanceof UnknownHostException) {
LOGGER.warn("No BusinessCard available for '" + aParticipantID.getURIEncoded() + "' - not in configured SMK/SML? - " + ex.getMessage());
} else
LOGGER.error("Error querying SMP for BusinessCard of '" + aParticipantID.getURIEncoded() + "'", ex);
return null;
}
if (aBusinessCard == null) {
// No extension present - no need to try again
LOGGER.warn("Failed to get SMP BusinessCard of " + aParticipantID.getURIEncoded());
return null;
}
// Query all document types
final IIdentifierFactory aIdentifierFactory = PDMetaManager.getIdentifierFactory();
final ICommonsList<IDocumentTypeIdentifier> aDocumentTypeIDs = SMPClientReadOnly.getAllDocumentTypes(aServiceGroup, aIdentifierFactory, UNHANDLED_HREF_HANDLER);
return new PDExtendedBusinessCard(aBusinessCard, aDocumentTypeIDs);
}
use of com.helger.smpclient.exception.SMPClientException in project peppol-commons by phax.
the class BDXR2ClientReadOnly method getServiceMetadata.
/**
* Gets a signed service metadata object given by its service group id and its
* document type. This is a specification compliant method.
*
* @param aServiceGroupID
* The service group id of the service metadata to get. May not be
* <code>null</code>.
* @param aDocumentTypeID
* The document type of the service metadata to get. May not be
* <code>null</code>.
* @return A signed service metadata object. Never <code>null</code>.
* @throws SMPClientException
* in case something goes wrong
* @throws SMPClientUnauthorizedException
* A HTTP Forbidden was received, should not happen.
* @throws SMPClientNotFoundException
* The service group id or document type did not exist.
* @throws SMPClientBadRequestException
* The request was not well formed.
* @see #getServiceMetadataOrNull(IParticipantIdentifier,
* IDocumentTypeIdentifier)
*/
@Nonnull
public ServiceMetadataType getServiceMetadata(@Nonnull final IParticipantIdentifier aServiceGroupID, @Nonnull final IDocumentTypeIdentifier aDocumentTypeID) throws SMPClientException {
ValueEnforcer.notNull(aServiceGroupID, "ServiceGroupID");
ValueEnforcer.notNull(aDocumentTypeID, "DocumentTypeID");
final String sURI = getSMPHostURI() + PATH_OASIS_BDXR_SMP_2 + aServiceGroupID.getURIPercentEncoded() + "/" + URL_PART_SERVICES + "/" + aDocumentTypeID.getURIPercentEncoded();
if (LOGGER.isDebugEnabled())
LOGGER.debug("BDXR2Client getServiceRegistration@" + sURI);
final boolean bXSDValidation = isXMLSchemaValidation();
final boolean bVerifySignature = isVerifySignature();
final KeyStore aTrustStore = getTrustStore();
HttpGet aRequest = new HttpGet(sURI);
BDXR2ServiceMetadataMarshaller aMarshaller = new BDXR2ServiceMetadataMarshaller(bXSDValidation);
customizeMarshaller(aMarshaller);
ServiceMetadataType aMetadata = executeGenericRequest(aRequest, new SMPHttpResponseHandlerSigned<>(aMarshaller, aTrustStore).setVerifySignature(bVerifySignature));
if (LOGGER.isDebugEnabled())
LOGGER.debug("Received response: " + aMetadata);
if (!SimpleDocumentTypeIdentifier.wrap(aMetadata.getID()).equals(aDocumentTypeID)) {
// Inconsistency between request and response
throw new SMPClientException("Requested document type '" + aDocumentTypeID.getURIEncoded() + "' and received '" + CIdentifier.getURIEncoded(aMetadata.getID()) + "' - mismatch. Ignoring request.");
}
// If the Redirect element is present, then follow 1 redirect.
if (isFollowSMPRedirects()) {
for (final ProcessMetadataType aPM : aMetadata.getProcessMetadata()) {
final RedirectType aRedirect = aPM.getRedirect();
if (aRedirect != null) {
// Follow the redirect
if (LOGGER.isInfoEnabled())
LOGGER.info("Following a redirect from '" + sURI + "' to '" + aRedirect.getPublisherURIValue() + "'");
aRequest = new HttpGet(aRedirect.getPublisherURIValue());
// Create a new Marshaller to make sure customization is easy
aMarshaller = new BDXR2ServiceMetadataMarshaller(bXSDValidation);
customizeMarshaller(aMarshaller);
aMetadata = executeGenericRequest(aRequest, new SMPHttpResponseHandlerSigned<>(new BDXR2ServiceMetadataMarshaller(bXSDValidation), aTrustStore).setVerifySignature(bVerifySignature));
// Check that the certificateUID is correct.
boolean bCertificateSubjectFound = false;
if (aMetadata.hasSignatureEntries())
outer: for (final Object aObj : aMetadata.getSignatureAtIndex(0).getKeyInfo().getContent()) {
final Object aInfoValue = ((JAXBElement<?>) aObj).getValue();
if (aInfoValue instanceof X509DataType) {
final X509DataType aX509Data = (X509DataType) aInfoValue;
for (final Object aX509Obj : aX509Data.getX509IssuerSerialOrX509SKIOrX509SubjectName()) {
final JAXBElement<?> aX509element = (JAXBElement<?>) aX509Obj;
// Find the first subject (of type string)
if (aX509element.getValue() instanceof X509Certificate) {
final X509Certificate aSecondCert = (X509Certificate) aX509element.getValue();
// Check all certs of the source redirect
boolean bFound = false;
final ICommonsList<X509Certificate> aAllRedirectCerts = new CommonsArrayList<>();
for (final CertificateType aCT : aRedirect.getCertificate()) {
try {
final X509Certificate aRedirectCert = CertificateHelper.convertByteArrayToCertficate(aCT.getContentBinaryObjectValue());
if (aRedirectCert != null) {
aAllRedirectCerts.add(aRedirectCert);
// Certificate match?
if (aRedirectCert.equals(aSecondCert)) {
bFound = true;
break;
}
}
} catch (final CertificateException ex) {
// Error in certificate in SMP response
LOGGER.error("SMP Redirect contains an invalid certificate", ex);
}
}
if (!bFound)
throw new SMPClientException("No certificate of the redirect matched the provided certificate. Retrieved certificate is '" + aSecondCert + "'. Allowed certificates according to the redirect are: " + aAllRedirectCerts);
bCertificateSubjectFound = true;
break outer;
}
}
}
}
if (!bCertificateSubjectFound)
throw new SMPClientException("The X509 certificate did not contain a certificate subject.");
}
}
} else {
if (LOGGER.isDebugEnabled())
LOGGER.debug("Following SMP redirects is disabled");
}
return aMetadata;
}
use of com.helger.smpclient.exception.SMPClientException in project phoss-directory by phax.
the class SMPBusinessCardProvider method getBusinessCardBDXR2.
@Nullable
@VisibleForTesting
PDExtendedBusinessCard getBusinessCardBDXR2(@Nonnull final IParticipantIdentifier aParticipantID, @Nonnull final BDXR2ClientReadOnly aSMPClient, @Nonnull final HttpClientSettings aHCS) {
LOGGER.info("Querying BusinessCard for '" + aParticipantID.getURIEncoded() + "' from OASIS BDXR SMP v2 '" + aSMPClient.getSMPHostURI() + "'");
// First query the service group
com.helger.xsds.bdxr.smp2.ServiceGroupType aServiceGroup;
try {
aServiceGroup = aSMPClient.getServiceGroupOrNull(aParticipantID);
} catch (final SMPClientException ex) {
LOGGER.error("Error querying SMP for ServiceGroup of '" + aParticipantID.getURIEncoded() + "'", ex);
return null;
}
// If the service group is present, try querying the business card
final PDBusinessCard aBusinessCard;
try (final HttpClientManager aHCM = HttpClientManager.create(aHCS)) {
// Use the optional business card API
// TODO is the path "bdxr-smp-2" needed? Well, the PD is not yet
// specified for this SMP type....
final HttpGet aRequest = new HttpGet(aSMPClient.getSMPHostURI() + "businesscard/" + aParticipantID.getURIPercentEncoded());
aBusinessCard = aHCM.execute(aRequest, new PDSMPHttpResponseHandlerBusinessCard());
} catch (final IOException ex) {
if ((ex instanceof HttpResponseException && ((HttpResponseException) ex).getStatusCode() == CHttp.HTTP_NOT_FOUND) || ex instanceof UnknownHostException) {
LOGGER.warn("No BusinessCard available for '" + aParticipantID.getURIEncoded() + "' - not in configured SMK/SML? - " + ex.getMessage());
} else
LOGGER.error("Error querying SMP for BusinessCard of '" + aParticipantID.getURIEncoded() + "'", ex);
return null;
}
if (aBusinessCard == null) {
// No extension present - no need to try again
LOGGER.warn("Failed to get SMP BusinessCard of " + aParticipantID.getURIEncoded());
return null;
}
// Query all document types
final IIdentifierFactory aIdentifierFactory = PDMetaManager.getIdentifierFactory();
final ICommonsList<IDocumentTypeIdentifier> aDocumentTypeIDs = BDXR2ClientReadOnly.getAllDocumentTypes(aServiceGroup, aIdentifierFactory);
return new PDExtendedBusinessCard(aBusinessCard, aDocumentTypeIDs);
}
use of com.helger.smpclient.exception.SMPClientException in project phoss-directory by phax.
the class SMPBusinessCardProvider method getBusinessCardBDXR1.
@Nullable
@VisibleForTesting
PDExtendedBusinessCard getBusinessCardBDXR1(@Nonnull final IParticipantIdentifier aParticipantID, @Nonnull final BDXRClientReadOnly aSMPClient, @Nonnull final HttpClientSettings aHCS) {
LOGGER.info("Querying BusinessCard for '" + aParticipantID.getURIEncoded() + "' from OASIS BDXR SMP v1 '" + aSMPClient.getSMPHostURI() + "'");
// First query the service group
com.helger.xsds.bdxr.smp1.ServiceGroupType aServiceGroup;
try {
aServiceGroup = aSMPClient.getServiceGroupOrNull(aParticipantID);
} catch (final SMPClientException ex) {
LOGGER.error("Error querying SMP for ServiceGroup of '" + aParticipantID.getURIEncoded() + "'", ex);
return null;
}
// If the service group is present, try querying the business card
final PDBusinessCard aBusinessCard;
try (final HttpClientManager aHCM = HttpClientManager.create(aHCS)) {
// Use the optional business card API
final HttpGet aRequest = new HttpGet(aSMPClient.getSMPHostURI() + "businesscard/" + aParticipantID.getURIPercentEncoded());
aBusinessCard = aHCM.execute(aRequest, new PDSMPHttpResponseHandlerBusinessCard());
} catch (final IOException ex) {
if ((ex instanceof HttpResponseException && ((HttpResponseException) ex).getStatusCode() == CHttp.HTTP_NOT_FOUND) || ex instanceof UnknownHostException) {
LOGGER.warn("No BusinessCard available for '" + aParticipantID.getURIEncoded() + "' - not in configured SMK/SML? - " + ex.getMessage());
} else
LOGGER.error("Error querying SMP for BusinessCard of '" + aParticipantID.getURIEncoded() + "'", ex);
return null;
}
if (aBusinessCard == null) {
// No extension present - no need to try again
LOGGER.warn("Failed to get SMP BusinessCard of " + aParticipantID.getURIEncoded());
return null;
}
// Query all document types
final IIdentifierFactory aIdentifierFactory = PDMetaManager.getIdentifierFactory();
final ICommonsList<IDocumentTypeIdentifier> aDocumentTypeIDs = BDXRClientReadOnly.getAllDocumentTypes(aServiceGroup, aIdentifierFactory, UNHANDLED_HREF_HANDLER);
return new PDExtendedBusinessCard(aBusinessCard, aDocumentTypeIDs);
}
use of com.helger.smpclient.exception.SMPClientException in project peppol-commons by phax.
the class SMPClientReadOnly method getServiceMetadata.
/**
* Gets a signed service metadata object given by its service group id and its
* document type. This is a specification compliant method.
*
* @param aServiceGroupID
* The service group id of the service metadata to get. May not be
* <code>null</code>.
* @param aDocumentTypeID
* The document type of the service metadata to get. May not be
* <code>null</code>.
* @return A signed service metadata object. Never <code>null</code>.
* @throws SMPClientException
* in case something goes wrong
* @throws SMPClientUnauthorizedException
* A HTTP Forbidden was received, should not happen.
* @throws SMPClientNotFoundException
* The service group id or document type did not exist.
* @throws SMPClientBadRequestException
* The request was not well formed.
* @see #getServiceMetadataOrNull(IParticipantIdentifier,
* IDocumentTypeIdentifier)
* @since v8.0.0
*/
@Nonnull
public SignedServiceMetadataType getServiceMetadata(@Nonnull final IParticipantIdentifier aServiceGroupID, @Nonnull final IDocumentTypeIdentifier aDocumentTypeID) throws SMPClientException {
ValueEnforcer.notNull(aServiceGroupID, "ServiceGroupID");
ValueEnforcer.notNull(aDocumentTypeID, "DocumentTypeID");
final String sURI = getSMPHostURI() + aServiceGroupID.getURIPercentEncoded() + "/" + URL_PART_SERVICES + "/" + aDocumentTypeID.getURIPercentEncoded();
if (LOGGER.isDebugEnabled())
LOGGER.debug("SMPClient getServiceRegistration@" + sURI);
final boolean bXSDValidation = isXMLSchemaValidation();
final boolean bVerifySignature = isVerifySignature();
final KeyStore aTrustStore = getTrustStore();
HttpGet aRequest = new HttpGet(sURI);
SMPMarshallerSignedServiceMetadataType aMarshaller = new SMPMarshallerSignedServiceMetadataType(bXSDValidation);
customizeMarshaller(aMarshaller);
SignedServiceMetadataType aMetadata = executeGenericRequest(aRequest, new SMPHttpResponseHandlerSigned<>(aMarshaller, aTrustStore).setVerifySignature(bVerifySignature));
if (LOGGER.isDebugEnabled())
LOGGER.debug("Received response: " + aMetadata);
// If the Redirect element is present, then follow 1 redirect.
if (isFollowSMPRedirects()) {
if (aMetadata.getServiceMetadata() != null && aMetadata.getServiceMetadata().getRedirect() != null) {
final RedirectType aRedirect = aMetadata.getServiceMetadata().getRedirect();
// Follow the redirect
if (LOGGER.isInfoEnabled())
LOGGER.info("Following a redirect from '" + sURI + "' to '" + aRedirect.getHref() + "'");
aRequest = new HttpGet(aRedirect.getHref());
// Create a new Marshaller to ensure customization is simple
aMarshaller = new SMPMarshallerSignedServiceMetadataType(bXSDValidation);
customizeMarshaller(aMarshaller);
aMetadata = executeGenericRequest(aRequest, new SMPHttpResponseHandlerSigned<>(aMarshaller, aTrustStore).setVerifySignature(bVerifySignature));
// Check that the certificateUID is correct.
boolean bCertificateSubjectFound = false;
for (final Object aObj : aMetadata.getSignature().getKeyInfo().getContent()) {
final Object aInfoValue = ((JAXBElement<?>) aObj).getValue();
if (aInfoValue instanceof X509DataType) {
final X509DataType aX509Data = (X509DataType) aInfoValue;
if (containsRedirectSubject(aX509Data, aRedirect.getCertificateUID())) {
bCertificateSubjectFound = true;
break;
}
}
}
if (!bCertificateSubjectFound)
throw new SMPClientException("The X509 certificate did not contain a certificate subject.");
}
} else {
if (LOGGER.isDebugEnabled())
LOGGER.debug("Following SMP redirects is disabled");
}
return aMetadata;
}
Aggregations