Search in sources :

Example 1 with SormasToSormasConfig

use of de.symeda.sormas.api.sormastosormas.SormasToSormasConfig in project SORMAS-Project by hzi-braunschweig.

the class ConfigFacadeEjb method validateExternalUrls.

@Override
public void validateExternalUrls() {
    List<String> urls = Lists.newArrayList(getSymptomJournalConfig().getUrl(), getSymptomJournalConfig().getAuthUrl(), getPatientDiaryConfig().getUrl(), getPatientDiaryConfig().getProbandsUrl(), getPatientDiaryConfig().getAuthUrl(), getPatientDiaryConfig().getFrontendAuthUrl(), getSormasStatsUrl());
    SormasToSormasConfig s2sConfig = getS2SConfig();
    if (s2sConfig.getOidcServer() != null && s2sConfig.getOidcRealm() != null) {
        urls.add(s2sConfig.getOidcRealmCertEndpoint());
        urls.add(s2sConfig.getOidcRealmTokenEndpoint());
        urls.add(s2sConfig.getOidcRealmUrl());
        urls.add(s2sConfig.getOidcServer());
    }
    UrlValidator urlValidator = new UrlValidator(new String[] { "http", "https" }, UrlValidator.ALLOW_LOCAL_URLS);
    urls.forEach(url -> {
        if (StringUtils.isBlank(url)) {
            return;
        }
        if (!urlValidator.isValid(url)) {
            throw new IllegalArgumentException("'" + url + "' is not a valid URL");
        }
    });
}
Also used : SormasToSormasConfig(de.symeda.sormas.api.sormastosormas.SormasToSormasConfig) UrlValidator(org.apache.commons.validator.routines.UrlValidator)

Example 2 with SormasToSormasConfig

use of de.symeda.sormas.api.sormastosormas.SormasToSormasConfig in project SORMAS-Project by hzi-braunschweig.

the class S2SAuthFilter method fetchPublicKey.

private PublicKey fetchPublicKey() throws VerificationException {
    SormasToSormasConfig sormasToSormasConfig = FacadeProvider.getConfigFacade().getS2SConfig();
    ObjectMapper mapper = new ObjectMapper();
    JSONWebKeySet jwks;
    try {
        String certEndpoint = sormasToSormasConfig.getOidcRealmCertEndpoint();
        jwks = mapper.readValue(new URL(certEndpoint).openStream(), JSONWebKeySet.class);
    } catch (IOException e) {
        LOGGER.error(String.format("Could not fetch public key for realm: %s", e));
        throw new VerificationException("Could not fetch public key for realm");
    }
    JWK jwk = jwks.getKeys()[0];
    return JWKParser.create(jwk).toPublicKey();
}
Also used : SormasToSormasConfig(de.symeda.sormas.api.sormastosormas.SormasToSormasConfig) JSONWebKeySet(org.keycloak.jose.jwk.JSONWebKeySet) VerificationException(org.keycloak.common.VerificationException) IOException(java.io.IOException) ObjectMapper(com.fasterxml.jackson.databind.ObjectMapper) URL(java.net.URL) JWK(org.keycloak.jose.jwk.JWK)

Example 3 with SormasToSormasConfig

use of de.symeda.sormas.api.sormastosormas.SormasToSormasConfig in project SORMAS-Project by hzi-braunschweig.

the class SormasToSormasEncryptionFacadeEjb method loadOwnPrivateKey.

private PrivateKey loadOwnPrivateKey() throws CertificateException, KeyStoreException, IOException, NoSuchAlgorithmException, UnrecoverableKeyException {
    KeyStore keystore = getKeystore();
    SormasToSormasConfig sormasToSormasConfig = configFacadeEjb.getS2SConfig();
    PrivateKey privKey = (PrivateKey) keystore.getKey(sormasToSormasConfig.getId(), sormasToSormasConfig.getKeystorePass().toCharArray());
    if (privKey == null) {
        LOGGER.error("Could not load private key.");
        throw new KeyStoreException("Unable to load private key.");
    }
    LOGGER.info("Successfully loaded private key.");
    return privKey;
}
Also used : PrivateKey(java.security.PrivateKey) SormasToSormasConfig(de.symeda.sormas.api.sormastosormas.SormasToSormasConfig) KeyStoreException(java.security.KeyStoreException) KeyStore(java.security.KeyStore)

Example 4 with SormasToSormasConfig

use of de.symeda.sormas.api.sormastosormas.SormasToSormasConfig in project SORMAS-Project by hzi-braunschweig.

the class ReceivedDataProcessor method handleIgnoredProperties.

protected <T> void handleIgnoredProperties(T receivedEntity, T originalEntity) {
    Class<?> dtoType = receivedEntity.getClass();
    SormasToSormasConfig s2SConfig = configFacade.getS2SConfig();
    for (Field field : dtoType.getDeclaredFields()) {
        if (field.isAnnotationPresent(S2SIgnoreProperty.class)) {
            String s2sConfigProperty = field.getAnnotation(S2SIgnoreProperty.class).configProperty();
            if (s2SConfig.getIgnoreProperties().get(s2sConfigProperty)) {
                field.setAccessible(true);
                try {
                    Object originalValue = originalEntity != null ? field.get(originalEntity) : null;
                    field.set(receivedEntity, originalValue);
                } catch (IllegalAccessException e) {
                    logger.error("Could not set field {} for {}", field.getName(), dtoType.getSimpleName());
                }
                field.setAccessible(false);
            }
        }
    }
}
Also used : Field(java.lang.reflect.Field) SormasToSormasConfig(de.symeda.sormas.api.sormastosormas.SormasToSormasConfig) AbstractDomainObject(de.symeda.sormas.backend.common.AbstractDomainObject) S2SIgnoreProperty(de.symeda.sormas.api.sormastosormas.S2SIgnoreProperty)

Example 5 with SormasToSormasConfig

use of de.symeda.sormas.api.sormastosormas.SormasToSormasConfig in project SORMAS-Project by hzi-braunschweig.

the class ConfigFacadeEjb method getS2SConfig.

@Override
public SormasToSormasConfig getS2SConfig() {
    SormasToSormasConfig config = new SormasToSormasConfig();
    config.setPath(getProperty(SORMAS2SORMAS_FILES_PATH, null));
    config.setKeystoreName(getProperty(SORMAS2SORMAS_KEYSTORE_NAME, null));
    config.setKeystorePass(getProperty(SORMAS2SORMAS_KEYSTORE_PASSWORD, null));
    config.setTruststoreName(getProperty(SORMAS2SORMAS_TRUSTSTORE_NAME, null));
    config.setTruststorePass(getProperty(SORMAS2SORMAS_TRUSTSTORE_PASS, null));
    config.setRootCaAlias(getProperty(SORMAS2SORMAS_ROOT_CA_ALIAS, null));
    config.setId(getProperty(SORMAS2SORMAS_ID, null));
    config.setOidcServer(getProperty(CENTRAL_OIDC_URL, null));
    config.setOidcRealm(getProperty(SORMAS2SORMAS_OIDC_REALM, null));
    config.setOidcClientId(getProperty(SORMAS2SORMAS_OIDC_CLIENT_ID, null));
    config.setOidcClientSecret(getProperty(SORMAS2SORMAS_OIDC_CLIENT_SECRET, null));
    config.setKeyPrefix(getProperty(SORMAS2SORMAS_ETCD_KEY_PREFIX, null));
    config.getIgnoreProperties().putAll(getS2SIgnoreProperties());
    config.setDistrictExternalId(getProperty(SORMAS2SORMAS_DISTRICT_EXTERNAL_ID, null));
    return config;
}
Also used : SormasToSormasConfig(de.symeda.sormas.api.sormastosormas.SormasToSormasConfig)

Aggregations

SormasToSormasConfig (de.symeda.sormas.api.sormastosormas.SormasToSormasConfig)12 VerificationException (org.keycloak.common.VerificationException)4 ObjectMapper (com.fasterxml.jackson.databind.ObjectMapper)3 IOException (java.io.IOException)3 JsonProcessingException (com.fasterxml.jackson.core.JsonProcessingException)2 I18nProperties (de.symeda.sormas.api.i18n.I18nProperties)2 S2SIgnoreProperty (de.symeda.sormas.api.sormastosormas.S2SIgnoreProperty)2 Field (java.lang.reflect.Field)2 PublicKey (java.security.PublicKey)2 List (java.util.List)2 Collectors (java.util.stream.Collectors)2 LocalBean (javax.ejb.LocalBean)2 Stateless (javax.ejb.Stateless)2 TokenVerifier (org.keycloak.TokenVerifier)2 AccessToken (org.keycloak.representations.AccessToken)2 Logger (org.slf4j.Logger)2 LoggerFactory (org.slf4j.LoggerFactory)2 JsonAutoDetect (com.fasterxml.jackson.annotation.JsonAutoDetect)1 PropertyAccessor (com.fasterxml.jackson.annotation.PropertyAccessor)1 Lists (com.google.common.collect.Lists)1