FIWARE / trusted-issuers-registry / #1

Committed 06 Dec 2023 11:14AM UTC coverage: 76.673%. First build

Build # #1

Build Type

push

Committed by

Commit Message

Merge eaf5d8c27 into 717cf99fd

Run Details

32 of 36 new or added lines in 3 files covered. (88.89%)

401 of 523 relevant lines covered (76.67%)

0.77 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

82.14

/src/main/java/org/fiware/iam/tir/repository/InMemoryPartiesRepo.java

package org.fiware.iam.tir.repository;

import io.micronaut.scheduling.annotation.Scheduled;
import jakarta.inject.Singleton;
import lombok.extern.slf4j.Slf4j;
import org.fiware.iam.did.model.DIDDocumentVO;
import org.fiware.iam.satellite.model.TrustedCAVO;
import org.fiware.iam.tir.auth.CertificateMapper;
import org.fiware.iam.tir.configuration.Party;
import org.fiware.iam.tir.configuration.SatelliteProperties;
import org.fiware.iam.tir.issuers.IssuersProvider;

import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.List;
import java.util.Optional;

@Slf4j
@Singleton
public class InMemoryPartiesRepo implements PartiesRepo {

    private final SatelliteProperties satelliteProperties;
    private final IssuersProvider issuersProvider;
    private final List<Party> parties;
    private final DidService didService;
    private final CertificateMapper certificateMapper;

    public InMemoryPartiesRepo(SatelliteProperties satelliteProperties, IssuersProvider issuersProvider, DidService didService, CertificateMapper certificateMapper) {
        this.parties = new ArrayList<>(satelliteProperties.getParties());
        this.satelliteProperties = satelliteProperties;
        this.issuersProvider = issuersProvider;
        this.didService = didService;
        this.certificateMapper = certificateMapper;
    }

    private Optional<TrustedCAVO> toTrustedCaVO(X509Certificate caCert) {

        try {
            String subject = caCert.getSubjectX500Principal().toString();
            String validity = isValid(caCert);
            String fingerprint = certificateMapper.getThumbprint(caCert);
            return Optional.of(new TrustedCAVO().status("granted").certificateFingerprint(fingerprint)
                    .validity(validity).subject(subject));
        } catch (CertificateEncodingException e) {
            log.warn("Was not able to get the fingerprint.");
        }
        return Optional.empty();
    }

    private String isValid(X509Certificate cert) {
        try {
            cert.checkValidity();
            return "valid";
        } catch (CertificateExpiredException | CertificateNotYetValidException e) {
            return "invalid";
        }
    }

    @Scheduled(fixedDelay = "15s")
    public void updateParties() {
        List<Party> updatedParties = new ArrayList<>(satelliteProperties.getParties());

        issuersProvider.getAllTrustedIssuers()
                .subscribe(til -> {
                    til.forEach(ti -> {
                        try {
                            log.debug("Attempting to add issuer {}", ti.getIssuer());
                            Optional<DIDDocumentVO> document = didService.retrieveDidDocument(ti.getIssuer());
                            if (document.isEmpty()) {
                                log.warn("Could not retrieve DID document for DID {}", ti.getIssuer());
                                return;
                            }
                            DIDDocumentVO didDocument = document.get();
                            log.debug("Retrieved DID document {}", didDocument);
                            Optional<String> certificate = didService.getCertificate(didDocument);
                            if (certificate.isEmpty()) {
                                log.warn("Could not retrieve certificate for DID {}", ti.getIssuer());
                                return;
                            }
                            Party party = new Party(didDocument.getId(), didDocument.getId(), didDocument.getId(), "Active", certificate.get(), didDocument);
                            log.debug("Adding party {}", party.id());
                            log.trace("Adding party {}", party);
                            updatedParties.add(party);
                        } catch (RuntimeException e) {
                            log.warn("Cannot resolve issuer {}, skip.", ti.getIssuer(), e);
                        }
                    });
                    parties.clear();
                    parties.addAll(updatedParties);
                });
    }


    @Override
    public List<Party> getParties() {
        return parties;
    }

    @Override
    public List<TrustedCAVO> getTrustedCAs() {
        List<TrustedCAVO> trustedCAVOS = new ArrayList<>();

        satelliteProperties.getTrustedList().stream()
                .forEach(trustedCA -> toTrustedCaVO(certificateMapper.getCertificates(trustedCA.crt()).get(0)).ifPresent(
                        trustedCAVOS::add));

        return trustedCAVOS;
    }

    @Override
    public Optional<Party> getPartyById(String id) {
        return parties.stream().filter(party -> party.id().equals(id)).findFirst();
    }

    @Override
    public Optional<Party> getPartyByDID(String did) {
        return parties.stream().filter(party -> party.did().equals(did)).findFirst();
    }

    @Override
    public void addParty(Party party) {

    }
}

1	package org.fiware.iam.tir.repository;
2
3	import io.micronaut.scheduling.annotation.Scheduled;
4	import jakarta.inject.Singleton;
5	import lombok.extern.slf4j.Slf4j;
6	import org.fiware.iam.did.model.DIDDocumentVO;
7	import org.fiware.iam.satellite.model.TrustedCAVO;
8	import org.fiware.iam.tir.auth.CertificateMapper;
9	import org.fiware.iam.tir.configuration.Party;
10	import org.fiware.iam.tir.configuration.SatelliteProperties;
11	import org.fiware.iam.tir.issuers.IssuersProvider;
12
13	import java.security.cert.CertificateEncodingException;
14	import java.security.cert.CertificateExpiredException;
15	import java.security.cert.CertificateNotYetValidException;
16	import java.security.cert.X509Certificate;
17	import java.util.ArrayList;
18	import java.util.List;
19	import java.util.Optional;
20
21	@Slf4j	1✔
22	@Singleton
23	public class InMemoryPartiesRepo implements PartiesRepo {
24
25	private final SatelliteProperties satelliteProperties;
26	private final IssuersProvider issuersProvider;
27	private final List<Party> parties;
28	private final DidService didService;
29	private final CertificateMapper certificateMapper;
30
31	public InMemoryPartiesRepo(SatelliteProperties satelliteProperties, IssuersProvider issuersProvider, DidService didService, CertificateMapper certificateMapper) {	1✔
32	this.parties = new ArrayList<>(satelliteProperties.getParties());	1✔
33	this.satelliteProperties = satelliteProperties;	1✔
34	this.issuersProvider = issuersProvider;	1✔
35	this.didService = didService;	1✔
36	this.certificateMapper = certificateMapper;	1✔
37	}	1✔
38
39	private Optional<TrustedCAVO> toTrustedCaVO(X509Certificate caCert) {
40
41	try {
42	String subject = caCert.getSubjectX500Principal().toString();	1✔
43	String validity = isValid(caCert);	1✔
44	String fingerprint = certificateMapper.getThumbprint(caCert);	1✔
45	return Optional.of(new TrustedCAVO().status("granted").certificateFingerprint(fingerprint)	1✔
46	.validity(validity).subject(subject));	1✔
47	} catch (CertificateEncodingException e) {	×
48	log.warn("Was not able to get the fingerprint.");	×
49	}
50	return Optional.empty();	×
51	}
52
53	private String isValid(X509Certificate cert) {
54	try {
55	cert.checkValidity();	1✔
56	return "valid";	1✔
57	} catch (CertificateExpiredException \| CertificateNotYetValidException e) {	×
58	return "invalid";	×
59	}
60	}
61
62	@Scheduled(fixedDelay = "15s")
63	public void updateParties() {
64	List<Party> updatedParties = new ArrayList<>(satelliteProperties.getParties());	1✔
65
66	issuersProvider.getAllTrustedIssuers()	1✔
67	.subscribe(til -> {	1✔
68	til.forEach(ti -> {	1✔
69	try {
70	log.debug("Attempting to add issuer {}", ti.getIssuer());	1✔
71	Optional<DIDDocumentVO> document = didService.retrieveDidDocument(ti.getIssuer());	1✔
72	if (document.isEmpty()) {	1✔
NEW 73	log.warn("Could not retrieve DID document for DID {}", ti.getIssuer());	×
NEW 74	return;	×
75	}
76	DIDDocumentVO didDocument = document.get();	1✔
77	log.debug("Retrieved DID document {}", didDocument);	1✔
78	Optional<String> certificate = didService.getCertificate(didDocument);	1✔
79	if (certificate.isEmpty()) {	1✔
NEW 80	log.warn("Could not retrieve certificate for DID {}", ti.getIssuer());	×
NEW 81	return;	×
82	}
83	Party party = new Party(didDocument.getId(), didDocument.getId(), didDocument.getId(), "Active", certificate.get(), didDocument);	1✔
84	log.debug("Adding party {}", party.id());	1✔
85	log.trace("Adding party {}", party);	1✔
86	updatedParties.add(party);	1✔
87	} catch (RuntimeException e) {	1✔
88	log.warn("Cannot resolve issuer {}, skip.", ti.getIssuer(), e);	1✔
89	}	1✔
90	});	1✔
91	parties.clear();	1✔
92	parties.addAll(updatedParties);	1✔
93	});	1✔
94	}	1✔
95
96
97	@Override
98	public List<Party> getParties() {
99	return parties;	1✔
100	}
101
102	@Override
103	public List<TrustedCAVO> getTrustedCAs() {
104	List<TrustedCAVO> trustedCAVOS = new ArrayList<>();	1✔
105
106	satelliteProperties.getTrustedList().stream()	1✔
107	.forEach(trustedCA -> toTrustedCaVO(certificateMapper.getCertificates(trustedCA.crt()).get(0)).ifPresent(	1✔
108	trustedCAVOS::add));	1✔
109
110	return trustedCAVOS;	1✔
111	}
112
113	@Override
114	public Optional<Party> getPartyById(String id) {
115	return parties.stream().filter(party -> party.id().equals(id)).findFirst();	1✔
116	}
117
118	@Override
119	public Optional<Party> getPartyByDID(String did) {
120	return parties.stream().filter(party -> party.did().equals(did)).findFirst();	1✔
121	}
122
123	@Override
124	public void addParty(Party party) {
125
126	}	×
127	}

FIWARE / trusted-issuers-registry / #1

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous