Avoids webapp crashing when the payload is unexpected.

Path-Check · Oct 13, 2023 · 6f07be6 · 6f07be6
1 parent 0f24ee0
commit 6f07be6
Show file tree

Hide file tree

Showing 2 changed files with 63 additions and 10 deletions.
diff --git a/verify/src/main/java/org/who/ddccverifier/verify/hcert/HCertVerifier.kt b/verify/src/main/java/org/who/ddccverifier/verify/hcert/HCertVerifier.kt
@@ -12,6 +12,7 @@ import org.who.ddccverifier.trust.TrustRegistry
 import org.who.ddccverifier.verify.hcert.dcc.DccMapper
 import org.who.ddccverifier.verify.hcert.dcc.logical.CWT
 import org.who.ddccverifier.verify.hcert.dcc.logical.WHOLogicalModel
+import org.who.ddccverifier.verify.hcert.dcc.logical.WHO_CWT
 import org.who.ddccverifier.verify.hcert.who.WhoMapper
 import java.security.PublicKey
 import java.util.*
@@ -96,21 +97,42 @@ class HCertVerifier (private val registry: TrustRegistry) {
 
     val EU_DCC_CODE = -260
 
-    fun toFhir(hcertPayload: CBORObject): Bundle {
+    fun toFhir(hcertPayload: CBORObject): Bundle? {
         if (hcertPayload[EU_DCC_CODE] != null)
-            return DccMapper().run(
+            try {
+                return DccMapper().run(
+                    jacksonObjectMapper().readValue(
+                        hcertPayload.ToJSONString(),
+                        CWT::class.java
+                    )
+                )
+            } catch (e: Exception) {
+                e.printStackTrace()
+            }
+
+        try {
+            return WhoMapper().run(
                 jacksonObjectMapper().readValue(
                     hcertPayload.ToJSONString(),
-                    CWT::class.java
+                    WHOLogicalModel::class.java
                 )
-            )
+            );
+        } catch (e: Exception) {
+            e.printStackTrace()
+        }
 
-        return WhoMapper().run(
+        try {
             jacksonObjectMapper().readValue(
                 hcertPayload.ToJSONString(),
-                WHOLogicalModel::class.java
-            )
-        );
+                WHO_CWT::class.java
+            ).data?.cert?.let {
+                return WhoMapper().run(it);
+            }
+        } catch (e: Exception) {
+            e.printStackTrace()
+        }
+
+        return null
     }
 
     fun unpackAndVerify(qr: String): QRDecoder.VerificationResult {
@@ -120,9 +142,10 @@ class HCertVerifier (private val registry: TrustRegistry) {
         val signedMessage = decodeSignedMessage(deflatedBytes) ?: return QRDecoder.VerificationResult(
             QRDecoder.Status.INVALID_SIGNING_FORMAT, null, null, qr, null)
 
-        val unpacked = getContent(signedMessage).ToJSONString()
+        val contentsCBOR = getContent(signedMessage)
+        val unpacked = contentsCBOR.ToJSONString()
 
-        val contents = toFhir(getContent(signedMessage))
+        val contents = toFhir(contentsCBOR) ?: return QRDecoder.VerificationResult(QRDecoder.Status.NOT_SUPPORTED, null, null, qr, unpacked)
 
         val kid = getKID(signedMessage) ?: return QRDecoder.VerificationResult(QRDecoder.Status.KID_NOT_INCLUDED, contents, null, qr, unpacked)
         val issuer = resolveIssuer(kid) ?: return QRDecoder.VerificationResult(QRDecoder.Status.ISSUER_NOT_TRUSTED, contents, null, qr, unpacked)

diff --git a/verify/src/main/java/org/who/ddccverifier/verify/hcert/who/WhoModel.kt b/verify/src/main/java/org/who/ddccverifier/verify/hcert/who/WhoModel.kt
@@ -1,5 +1,6 @@
 package org.who.ddccverifier.verify.hcert.dcc.logical
 
+import com.fasterxml.jackson.annotation.JsonProperty
 import com.fasterxml.jackson.core.JsonParser
 import com.fasterxml.jackson.core.TreeNode
 import com.fasterxml.jackson.databind.DeserializationContext
@@ -9,8 +10,37 @@ import com.fasterxml.jackson.module.kotlin.jacksonObjectMapper
 import com.fasterxml.jackson.module.kotlin.readValue
 import org.hl7.fhir.r4.model.*
 import org.who.ddccverifier.verify.BaseModel
+import org.who.ddccverifier.verify.shc.DecimalToDataTimeDeserializer
 import kotlin.reflect.full.declaredMemberProperties
 
+
+class WHO_CWT (
+    @JsonProperty("1")
+    val iss: StringType?,   // Issuer
+    @JsonProperty("2")
+    val sub: StringType?,   // Subject
+    @JsonProperty("3")
+    val aud: StringType?,   // Audience
+    @JsonProperty("4")
+    @JsonDeserialize(using = DecimalToDataTimeDeserializer::class)
+    val exp: DateTimeType?, // expiration
+    @JsonProperty("5")
+    @JsonDeserialize(using = DecimalToDataTimeDeserializer::class)
+    val nbf: DateTimeType?, // not before date
+    @JsonProperty("6")
+    @JsonDeserialize(using = DecimalToDataTimeDeserializer::class)
+    val iat: DateTimeType?, // issued at date
+    @JsonProperty("7")
+    val id: StringType?,   // Audience
+    @JsonProperty("-260")
+    val data: WHO_HCERT?,      // Certificate
+): BaseModel()
+
+class WHO_HCERT(
+    @JsonProperty("1")
+    val cert: WHOLogicalModel?          // Cert
+): BaseModel()
+
 class WHOLogicalModel (
     val meta: Meta?,