FIWARE / contract-management / #91

Committed 22 Apr 2026 06:29AM UTC coverage: 1.776% (+0.1%) from 1.681%

Build # #91

Build Type

push

Committed by

Commit Message

Merge pull request #23 from FIWARE/fix/proxy

fix(proxy): do not require proxyHost and proxyPort when proxy is disabled

Coverage Stats

20 of 136 new or added lines in 11 files covered. (14.71%)

1 existing line in 1 file now uncovered.

621 of 34976 relevant lines covered (1.78%)

0.02 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

0.0

/src/main/java/org/fiware/iam/bean/Oid4VpBeanFactory.java

package org.fiware.iam.bean;

import com.fasterxml.jackson.databind.ObjectMapper;
import com.fasterxml.jackson.databind.PropertyNamingStrategies;
import com.fasterxml.jackson.databind.module.SimpleModule;
import com.nimbusds.jose.JWEAlgorithm;
import io.github.wistefan.dcql.DCQLEvaluator;
import io.github.wistefan.dcql.DcSdJwtCredentialEvaluator;
import io.github.wistefan.dcql.JwtCredentialEvaluator;
import io.github.wistefan.dcql.VcSdJwtCredentialEvaluator;
import io.github.wistefan.dcql.model.CredentialFormat;
import io.github.wistefan.dcql.model.TrustedAuthorityType;
import io.github.wistefan.oid4vp.HolderSigningService;
import io.github.wistefan.oid4vp.OID4VPClient;
import io.github.wistefan.oid4vp.SigningService;
import io.github.wistefan.oid4vp.client.X509SanDnsClientResolver;
import io.github.wistefan.oid4vp.config.HolderConfiguration;
import io.github.wistefan.oid4vp.credentials.CredentialsRepository;
import io.github.wistefan.oid4vp.credentials.FileSystemCredentialsRepository;
import io.github.wistefan.oid4vp.mapping.CredentialFormatDeserializer;
import io.github.wistefan.oid4vp.mapping.TrustedAuthorityTypeDeserializer;
import io.micronaut.context.annotation.Bean;
import io.micronaut.context.annotation.Factory;
import io.micronaut.context.annotation.Requires;
import jakarta.inject.Singleton;

import lombok.extern.slf4j.Slf4j;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.fiware.iam.cert.CertReader;
import org.fiware.iam.configuration.Oid4VpConfiguration;

import java.net.InetSocketAddress;
import java.net.ProxySelector;
import java.net.http.HttpClient;
import java.security.PrivateKey;
import java.security.Security;
import java.security.cert.TrustAnchor;
import java.util.List;
import java.util.Set;
import java.util.stream.Collectors;

@Factory
@Slf4j
public class Oid4VpBeanFactory {

    private final CertReader certReader;

    public Oid4VpBeanFactory(CertReader certReader) {
        this.certReader = certReader;
    }

    @Requires(bean = Oid4VpConfiguration.class)
    @Singleton
    public HttpClient httpClient(Oid4VpConfiguration.ProxyConfig proxyConfig) {
        HttpClient.Builder httpClientBuilder = HttpClient.newBuilder();
        httpClientBuilder.followRedirects(HttpClient.Redirect.NORMAL);
        if (proxyConfig.useProxy()) {
            ProxySelector proxySelector = ProxySelector.of(new InetSocketAddress(proxyConfig.proxyHost(), proxyConfig.proxyPort()));
            httpClientBuilder.proxy(proxySelector);
        }
        return httpClientBuilder.build();
    }

    @Requires(bean = Oid4VpConfiguration.class)
    @Bean
    public CredentialsRepository credentialsRepository(Oid4VpConfiguration oid4VpConfiguration, ObjectMapper objectMapper) {
        return new FileSystemCredentialsRepository(oid4VpConfiguration.getCredentialsFolder(), objectMapper);
    }

    @Requires(bean = Oid4VpConfiguration.class)
    @Bean
    public OID4VPClient oid4VPClient(HttpClient httpClient, ObjectMapper objectMapper, Oid4VpConfiguration oid4VpConfiguration, CredentialsRepository credentialsRepository) {
        Security.addProvider(new BouncyCastleProvider());

        ObjectMapper authObjectMapper = objectMapper.copy();
        authObjectMapper.setPropertyNamingStrategy(PropertyNamingStrategies.SNAKE_CASE);
        SimpleModule deserializerModule = new SimpleModule();
        deserializerModule.addDeserializer(CredentialFormat.class, new CredentialFormatDeserializer());
        deserializerModule.addDeserializer(TrustedAuthorityType.class, new TrustedAuthorityTypeDeserializer());
        authObjectMapper.registerModule(deserializerModule);

        PrivateKey privateKey = certReader.loadPrivateKey(oid4VpConfiguration.getHolder().keyPath());
        HolderConfiguration holderConfiguration = new HolderConfiguration(
                oid4VpConfiguration.getHolder().holderId(),
                oid4VpConfiguration.getHolder().holderId().toString(),
                JWEAlgorithm.parse(oid4VpConfiguration.getHolder().signatureAlgorithm()),
                privateKey);
        SigningService signingService = new HolderSigningService(holderConfiguration, objectMapper);

        Set<TrustAnchor> trustAnchors = oid4VpConfiguration.getTrustAnchors()
                .stream()
                .map(certReader::loadCertificates)
                .flatMap(List::stream)
                .map(c -> new TrustAnchor(c, null))
                .collect(Collectors.toSet());


        if (trustAnchors.isEmpty()) {
            try {
                log.info("No trust anchors provided, loading system trust anchors");
                trustAnchors = X509SanDnsClientResolver.getTrustAnchors();
            } catch (Exception e) {
                throw new RuntimeException("Failed to load system trust anchors and no additional trust anchors provided.", e);
            }
        }

        X509SanDnsClientResolver clientResolver = new X509SanDnsClientResolver(trustAnchors, oid4VpConfiguration.isEnableRevocation());

        DCQLEvaluator dcqlEvaluator = new DCQLEvaluator(List.of(
                new JwtCredentialEvaluator(),
                new DcSdJwtCredentialEvaluator(),
                new VcSdJwtCredentialEvaluator()));

        return new OID4VPClient(
                httpClient,
                holderConfiguration,
                authObjectMapper,
                List.of(clientResolver),
                dcqlEvaluator,
                credentialsRepository,
                signingService);
    }
}

1	package org.fiware.iam.bean;
2
3	import com.fasterxml.jackson.databind.ObjectMapper;
4	import com.fasterxml.jackson.databind.PropertyNamingStrategies;
5	import com.fasterxml.jackson.databind.module.SimpleModule;
6	import com.nimbusds.jose.JWEAlgorithm;
7	import io.github.wistefan.dcql.DCQLEvaluator;
8	import io.github.wistefan.dcql.DcSdJwtCredentialEvaluator;
9	import io.github.wistefan.dcql.JwtCredentialEvaluator;
10	import io.github.wistefan.dcql.VcSdJwtCredentialEvaluator;
11	import io.github.wistefan.dcql.model.CredentialFormat;
12	import io.github.wistefan.dcql.model.TrustedAuthorityType;
13	import io.github.wistefan.oid4vp.HolderSigningService;
14	import io.github.wistefan.oid4vp.OID4VPClient;
15	import io.github.wistefan.oid4vp.SigningService;
16	import io.github.wistefan.oid4vp.client.X509SanDnsClientResolver;
17	import io.github.wistefan.oid4vp.config.HolderConfiguration;
18	import io.github.wistefan.oid4vp.credentials.CredentialsRepository;
19	import io.github.wistefan.oid4vp.credentials.FileSystemCredentialsRepository;
20	import io.github.wistefan.oid4vp.mapping.CredentialFormatDeserializer;
21	import io.github.wistefan.oid4vp.mapping.TrustedAuthorityTypeDeserializer;
22	import io.micronaut.context.annotation.Bean;
23	import io.micronaut.context.annotation.Factory;
24	import io.micronaut.context.annotation.Requires;
25	import jakarta.inject.Singleton;
26
27	import lombok.extern.slf4j.Slf4j;
28	import org.bouncycastle.jce.provider.BouncyCastleProvider;
29	import org.fiware.iam.cert.CertReader;
30	import org.fiware.iam.configuration.Oid4VpConfiguration;
31
32	import java.net.InetSocketAddress;
33	import java.net.ProxySelector;
34	import java.net.http.HttpClient;
35	import java.security.PrivateKey;
36	import java.security.Security;
37	import java.security.cert.TrustAnchor;
38	import java.util.List;
39	import java.util.Set;
40	import java.util.stream.Collectors;
41
42	@Factory
NEW 43	@Slf4j	×
44	public class Oid4VpBeanFactory {
45
46	private final CertReader certReader;
47
NEW 48	public Oid4VpBeanFactory(CertReader certReader) {	×
NEW 49	this.certReader = certReader;	×
NEW 50	}	×
51
52	@Requires(bean = Oid4VpConfiguration.class)
53	@Singleton
54	public HttpClient httpClient(Oid4VpConfiguration.ProxyConfig proxyConfig) {
NEW 55	HttpClient.Builder httpClientBuilder = HttpClient.newBuilder();	×
NEW 56	httpClientBuilder.followRedirects(HttpClient.Redirect.NORMAL);	×
NEW 57	if (proxyConfig.useProxy()) {	×
NEW 58	ProxySelector proxySelector = ProxySelector.of(new InetSocketAddress(proxyConfig.proxyHost(), proxyConfig.proxyPort()));	×
NEW 59	httpClientBuilder.proxy(proxySelector);	×
60	}
NEW 61	return httpClientBuilder.build();	×
62	}
63
64	@Requires(bean = Oid4VpConfiguration.class)
65	@Bean
66	public CredentialsRepository credentialsRepository(Oid4VpConfiguration oid4VpConfiguration, ObjectMapper objectMapper) {
NEW 67	return new FileSystemCredentialsRepository(oid4VpConfiguration.getCredentialsFolder(), objectMapper);	×
68	}
69
70	@Requires(bean = Oid4VpConfiguration.class)
71	@Bean
72	public OID4VPClient oid4VPClient(HttpClient httpClient, ObjectMapper objectMapper, Oid4VpConfiguration oid4VpConfiguration, CredentialsRepository credentialsRepository) {
NEW 73	Security.addProvider(new BouncyCastleProvider());	×
74
NEW 75	ObjectMapper authObjectMapper = objectMapper.copy();	×
NEW 76	authObjectMapper.setPropertyNamingStrategy(PropertyNamingStrategies.SNAKE_CASE);	×
NEW 77	SimpleModule deserializerModule = new SimpleModule();	×
NEW 78	deserializerModule.addDeserializer(CredentialFormat.class, new CredentialFormatDeserializer());	×
NEW 79	deserializerModule.addDeserializer(TrustedAuthorityType.class, new TrustedAuthorityTypeDeserializer());	×
NEW 80	authObjectMapper.registerModule(deserializerModule);	×
81
NEW 82	PrivateKey privateKey = certReader.loadPrivateKey(oid4VpConfiguration.getHolder().keyPath());	×
NEW 83	HolderConfiguration holderConfiguration = new HolderConfiguration(	×
NEW 84	oid4VpConfiguration.getHolder().holderId(),	×
NEW 85	oid4VpConfiguration.getHolder().holderId().toString(),	×
NEW 86	JWEAlgorithm.parse(oid4VpConfiguration.getHolder().signatureAlgorithm()),	×
87	privateKey);
NEW 88	SigningService signingService = new HolderSigningService(holderConfiguration, objectMapper);	×
89
NEW 90	Set<TrustAnchor> trustAnchors = oid4VpConfiguration.getTrustAnchors()	×
NEW 91	.stream()	×
NEW 92	.map(certReader::loadCertificates)	×
NEW 93	.flatMap(List::stream)	×
NEW 94	.map(c -> new TrustAnchor(c, null))	×
NEW 95	.collect(Collectors.toSet());	×
96
97
NEW 98	if (trustAnchors.isEmpty()) {	×
99	try {
NEW 100	log.info("No trust anchors provided, loading system trust anchors");	×
NEW 101	trustAnchors = X509SanDnsClientResolver.getTrustAnchors();	×
NEW 102	} catch (Exception e) {	×
NEW 103	throw new RuntimeException("Failed to load system trust anchors and no additional trust anchors provided.", e);	×
NEW 104	}	×
105	}
106
NEW 107	X509SanDnsClientResolver clientResolver = new X509SanDnsClientResolver(trustAnchors, oid4VpConfiguration.isEnableRevocation());	×
108
NEW 109	DCQLEvaluator dcqlEvaluator = new DCQLEvaluator(List.of(	×
110	new JwtCredentialEvaluator(),
111	new DcSdJwtCredentialEvaluator(),
112	new VcSdJwtCredentialEvaluator()));
113
NEW 114	return new OID4VPClient(	×
115	httpClient,
116	holderConfiguration,
117	authObjectMapper,
NEW 118	List.of(clientResolver),	×
119	dcqlEvaluator,
120	credentialsRepository,
121	signingService);
122	}
123	}

FIWARE / contract-management / #91

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous