Skip to content

Commit

Permalink
Merge pull request #47 from aasaru/update_dependencies
Browse files Browse the repository at this point in the history 
update versions of dependencies, add production certificate for tests
  • Loading branch information
@rasmuskukk
rasmuskukk authored Mar 23, 2022
2 parents cadd941 + 0c5510b commit a7bf68a
Show file tree
Hide file tree
Showing 29 changed files with 194 additions and 134 deletions.
6 changes: 5 additions & 1 deletion .travis.yml
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,10 @@
language: java
jdk:
- openjdk8
sudo: false
- openjdk11
- openjdk17
sudo: required

cache:
directories:
- $HOME/.m2
Expand All @@ -13,6 +16,7 @@ before_install:
- eval $(openssl aes-256-cbc -K $encrypted_key -iv $encrypted_iv -in private.key.enc -out private.key -d)
- chmod +x travis.sh
- pip install --user codecov
install: true
after_success:
- codecov
script:
Expand Down
10 changes: 10 additions & 0 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,16 @@
All notable changes to this project will be documented in this file.
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).

## [1.5] - March 20222

### Changed
- Update versions of dependencies

## [1.4] - 2021-12-21

### Changed
- Fixed a flaw that could potentially cause errors on high load

## [1.3] - 2020-09-17

### Changed
Expand Down
18 changes: 15 additions & 3 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -196,7 +196,7 @@ If you want you can then convert the Java keystore to a P12 key store and use it

#### Updating certs in tests of mid-rest-java-client

Integration tests (*_IT.java) that check the validity of server are configured not to run after server's certificate expiration.
Integration tests (*IntegrationTest.java) that check the validity of server are configured not to run after server's certificate expiration.
When server (either production server or demo server) certificate has expired
then to make the tests run again one needs to replace certificate value in respective constant and import it into the trust store.
Here is the process that needs to be followed.
Expand All @@ -216,7 +216,7 @@ password: changeit
trust this certificate: yes

LIVE:
`keytool -importcert -file new.mid.sk.ee.certificate.cer -keystore production_server_trusted_ssl_certs.jks -alias "mid.sk.ee that expires YYYY-MM-DD" `
`keytool -importcert -file new.mid.sk.ee.certificate.cer -keystore production_server_trusted_ssl_certs.jks -alias "mid.sk.ee that expires 2023.03.18" `
password: changeit
trust this certificate: yes

Expand All @@ -226,8 +226,20 @@ trust this certificate: yes
cd src/test/resources
keytool -importkeystore -srckeystore production_server_trusted_ssl_certs.jks -destkeystore production_server_trusted_ssl_certs.p12 -srcstoretype JKS -deststoretype PKCS12
```
Enter destination keystore password: changeit
Enter source keystore password: changeit
Existing entry alias trusted_mid_server_certs exists, overwrite?: yes
Existing entry alias mid.sk.ee that expires YYYY-MM_DD exists, overwrite?: yes

After following this process the tests (that were ignored programmatically) should run again and a Pull Request could be submitted.
6. You need to add the new expiration dates of the imported certificates into the constants
of class ee.sk.mid.integration.MobileIdSsIT
```
LIVE_SERVER_CERT_EXPIRATION_DATE = LocalDate.of(/* add new date of expiry */);
DEMO_SERVER_CERT_EXPIRATION_DATE = LocalDate.of(/* add new date of expiry */);
```

After following this process the tests (that were ignored programmatically) should run again
(check that there are no ignored tests) and a Pull Request could be submitted.

### Configuring a proxy
#### JBoss and WildFly
Expand Down
68 changes: 37 additions & 31 deletions pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,12 +21,12 @@
<developer>
<name>Juhan Aasaru</name>
<organization>Nortal</organization>
<organizationUrl>http://www.nortal.com</organizationUrl>
<organizationUrl>https://www.nortal.com</organizationUrl>
</developer>
<developer>
<name>Andreas Valdma</name>
<organization>Nortal</organization>
<organizationUrl>http://www.nortal.com</organizationUrl>
<organizationUrl>https://www.nortal.com</organizationUrl>
</developer>
</developers>
<scm>
Expand All @@ -35,11 +35,13 @@
</scm>

<properties>
<skip.integration.tests>true</skip.integration.tests>
<skip.integration.tests>false</skip.integration.tests>
<skip.gpg.sign>true</skip.gpg.sign>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<maven.compiler.source>1.8</maven.compiler.source>
<maven.compiler.target>1.8</maven.compiler.target>
<jackson.version>2.13.2</jackson.version>
<jersey.version>3.0.4</jersey.version>
</properties>

<profiles>
Expand Down Expand Up @@ -67,37 +69,37 @@
<dependency>
<groupId>org.glassfish.jersey.inject</groupId>
<artifactId>jersey-hk2</artifactId>
<version>2.31</version>
<version>${jersey.version}</version>
</dependency>
<dependency>
<groupId>org.glassfish.jersey.core</groupId>
<artifactId>jersey-client</artifactId>
<version>2.31</version>
<version>${jersey.version}</version>
</dependency>
<dependency>
<groupId>org.glassfish.jersey.media</groupId>
<artifactId>jersey-media-json-jackson</artifactId>
<version>2.31</version>
<version>${jersey.version}</version>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-annotations</artifactId>
<version>2.11.2</version>
<version>${jackson.version}</version>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-databind</artifactId>
<version>2.11.2</version>
<version>${jackson.version}</version>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-api</artifactId>
<version>1.7.30</version>
<version>1.7.36</version>
</dependency>
<dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-lang3</artifactId>
<version>3.11</version>
<version>3.12.0</version>
</dependency>
<dependency>
<groupId>commons-codec</groupId>
Expand All @@ -107,49 +109,49 @@
<dependency>
<groupId>commons-io</groupId>
<artifactId>commons-io</artifactId>
<version>2.8.0</version>
<version>2.11.0</version>
</dependency>

<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<version>4.13.1</version>
<version>4.13.2</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.hamcrest</groupId>
<artifactId>hamcrest-library</artifactId>
<version>1.3</version>
<artifactId>hamcrest</artifactId>
<version>2.2</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>ch.qos.logback</groupId>
<artifactId>logback-classic</artifactId>
<version>1.1.7</version>
<version>1.2.11</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>com.github.tomakehurst</groupId>
<artifactId>wiremock</artifactId>
<version>2.4.1</version>
<version>2.27.2</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.mockito</groupId>
<artifactId>mockito-core</artifactId>
<version>2.7.13</version>
<version>4.3.1</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.glassfish.jersey.connectors</groupId>
<artifactId>jersey-apache-connector</artifactId>
<version>2.24.1</version>
<version>${jersey.version}</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.jetbrains</groupId>
<artifactId>annotations-java5</artifactId>
<version>16.0.2</version>
<version>22.0.0</version>
<scope>compile</scope>
</dependency>
<dependency>
Expand All @@ -160,7 +162,7 @@
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk15on</artifactId>
<version>1.68</version>
<version>1.70</version>
</dependency>
<dependency>
<groupId>org.apache.commons</groupId>
Expand All @@ -174,7 +176,7 @@
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-failsafe-plugin</artifactId>
<version>2.22.1</version>
<version>3.0.0-M5</version>
<executions>
<execution>
<id>integration-tests</id>
Expand All @@ -196,7 +198,7 @@
<plugin>
<groupId>org.jacoco</groupId>
<artifactId>jacoco-maven-plugin</artifactId>
<version>0.8.3</version>
<version>0.8.7</version>
<executions>
<execution>
<goals>
Expand All @@ -216,7 +218,7 @@
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-surefire-plugin</artifactId>
<version>2.22.1</version>
<version>3.0.0-M5</version>
<configuration>
<forkCount>1</forkCount>
<reuseForks>true</reuseForks>
Expand All @@ -239,7 +241,7 @@
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-javadoc-plugin</artifactId>
<version>3.0.1</version>
<version>3.3.2</version>
<executions>
<execution>
<id>attach-javadocs</id>
Expand All @@ -253,7 +255,7 @@
<plugin>
<groupId>org.codehaus.mojo</groupId>
<artifactId>license-maven-plugin</artifactId>
<version>1.17</version>
<version>2.0.0</version>
<executions>
<execution>
<id>create-license-list</id>
Expand Down Expand Up @@ -284,9 +286,11 @@
<plugin>
<groupId>org.owasp</groupId>
<artifactId>dependency-check-maven</artifactId>
<version>6.0.5</version>
<version>7.0.0</version>
<configuration>
<failBuildOnCVSS>7</failBuildOnCVSS>
<skipTestScope>true</skipTestScope>
<skip>true</skip>
</configuration>
<executions>
<execution>
Expand All @@ -300,14 +304,17 @@
<plugin>
<groupId>com.github.spotbugs</groupId>
<artifactId>spotbugs-maven-plugin</artifactId>
<version>3.1.11</version>
<version>4.5.3.0</version>
<configuration>
<excludeFilterFile>spotbugs-exclude.xml</excludeFilterFile>
</configuration>
</plugin>

<!-- for publishing to Maven Central -->
<plugin>
<groupId>org.sonatype.plugins</groupId>
<artifactId>nexus-staging-maven-plugin</artifactId>
<version>1.6.8</version>
<version>1.6.12</version>
<extensions>true</extensions>
<configuration>
<serverId>ossrh</serverId>
Expand All @@ -318,7 +325,7 @@
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-gpg-plugin</artifactId>
<version>1.5</version>
<version>3.0.1</version>
<executions>
<execution>
<id>sign-artifacts</id>
Expand All @@ -333,12 +340,11 @@
</configuration>
</plugin>


<!-- to attach source with release -->
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-source-plugin</artifactId>
<version>3.0.1</version>
<version>3.2.1</version>
<executions>
<execution>
<id>attach-sources</id>
Expand Down
15 changes: 15 additions & 0 deletions spotbugs-exclude.xml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
<FindBugsFilter>
<Match>
<Or>
<Class name="~.*\.Test" />
</Or>
</Match>

<Match>
<Or>
<Bug pattern="EI_EXPOSE_REP"/>
<Bug pattern="EI_EXPOSE_REP2"/>
</Or>
</Match>

</FindBugsFilter>
4 changes: 3 additions & 1 deletion src/main/java/ee/sk/mid/MidAuthenticationHashToSign.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,6 +32,8 @@

public class MidAuthenticationHashToSign extends MidHashToSign {

public static final SecureRandom SECURE_RANDOM = new SecureRandom();

private MidAuthenticationHashToSign(MobileIdAuthenticationHashToSignBuilder builder) {
super(builder);
}
Expand All @@ -56,7 +58,7 @@ public static MobileIdAuthenticationHashToSignBuilder newBuilder() {

private static byte[] getRandomBytes(int lengthInBytes) {
byte[] randomBytes = new byte[lengthInBytes];
new SecureRandom().nextBytes(randomBytes);
SECURE_RANDOM.nextBytes(randomBytes);
return randomBytes;
}

Expand Down
12 changes: 11 additions & 1 deletion src/main/java/ee/sk/mid/MidAuthenticationIdentity.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@
* #L%
*/

public class MidAuthenticationIdentity {
public class MidAuthenticationIdentity implements Cloneable {

private String givenName;
private String surName;
Expand Down Expand Up @@ -65,6 +65,16 @@ public void setCountry(String country) {
this.country = country;
}

@Override
public MidAuthenticationIdentity clone() {
try {
return (MidAuthenticationIdentity) super.clone();
}
catch (CloneNotSupportedException e) {
throw new RuntimeException(e);
}
}

@Override
public String toString() {
return "MidAuthenticationIdentity{" +
Expand Down
2 changes: 1 addition & 1 deletion src/main/java/ee/sk/mid/MidAuthenticationResponseValidator.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -72,7 +72,7 @@ public MidAuthenticationResponseValidator(KeyStore trustStore) {
}

public MidAuthenticationResponseValidator(List<X509Certificate> trustedCACertificates) {
this.trustedCACertificates = trustedCACertificates;
this.trustedCACertificates = new ArrayList<>(trustedCACertificates);
}

public MidAuthenticationResult validate(MidAuthentication authentication) {
Expand Down
Loading

0 comments on commit a7bf68a

Please sign in to comment.