diff --git a/src/central-server/admin-service/core/src/main/java/org/niis/xroad/cs/admin/core/service/CertificationServicesServiceImpl.java b/src/central-server/admin-service/core/src/main/java/org/niis/xroad/cs/admin/core/service/CertificationServicesServiceImpl.java index acf09822c8..01a9406565 100644 --- a/src/central-server/admin-service/core/src/main/java/org/niis/xroad/cs/admin/core/service/CertificationServicesServiceImpl.java +++ b/src/central-server/admin-service/core/src/main/java/org/niis/xroad/cs/admin/core/service/CertificationServicesServiceImpl.java @@ -221,8 +221,11 @@ private void addOcspAuditData(OcspInfoEntity ocspInfo) { auditDataHelper.put(CA_ID, ocspInfo.getCaInfo().getId()); auditDataHelper.put(OCSP_ID, ocspInfo.getId()); auditDataHelper.put(OCSP_URL, ocspInfo.getUrl()); - auditDataHelper.put(OCSP_CERT_HASH, calculateCertHexHashDelimited(ocspInfo.getCert())); - auditDataHelper.put(OCSP_CERT_HASH_ALGORITHM, DEFAULT_CERT_HASH_ALGORITHM_ID); + + if (ocspInfo.getCert() != null) { + auditDataHelper.put(OCSP_CERT_HASH, calculateCertHexHashDelimited(ocspInfo.getCert())); + auditDataHelper.put(OCSP_CERT_HASH_ALGORITHM, DEFAULT_CERT_HASH_ALGORITHM_ID); + } } } diff --git a/src/central-server/admin-service/core/src/main/java/org/niis/xroad/cs/admin/core/service/IntermediateCasServiceImpl.java b/src/central-server/admin-service/core/src/main/java/org/niis/xroad/cs/admin/core/service/IntermediateCasServiceImpl.java index 6046cc988c..b8f90852dd 100644 --- a/src/central-server/admin-service/core/src/main/java/org/niis/xroad/cs/admin/core/service/IntermediateCasServiceImpl.java +++ b/src/central-server/admin-service/core/src/main/java/org/niis/xroad/cs/admin/core/service/IntermediateCasServiceImpl.java @@ -125,8 +125,10 @@ private void addAuditData(Integer intermediateCaId, OcspInfoEntity savedOcspInfo auditDataHelper.put(INTERMEDIATE_CA_ID, intermediateCaId); auditDataHelper.put(OCSP_ID, savedOcspInfo.getId()); auditDataHelper.put(OCSP_URL, savedOcspInfo.getUrl()); - auditDataHelper.put(OCSP_CERT_HASH, calculateCertHexHashDelimited(savedOcspInfo.getCert())); - auditDataHelper.put(OCSP_CERT_HASH_ALGORITHM, DEFAULT_CERT_HASH_ALGORITHM_ID); + if (savedOcspInfo.getCert() != null) { + auditDataHelper.put(OCSP_CERT_HASH, calculateCertHexHashDelimited(savedOcspInfo.getCert())); + auditDataHelper.put(OCSP_CERT_HASH_ALGORITHM, DEFAULT_CERT_HASH_ALGORITHM_ID); + } } private boolean isIntermediateCa(CaInfoEntity caInfo) { diff --git a/src/central-server/admin-service/core/src/main/java/org/niis/xroad/cs/admin/core/service/OcspRespondersServiceImpl.java b/src/central-server/admin-service/core/src/main/java/org/niis/xroad/cs/admin/core/service/OcspRespondersServiceImpl.java index 53f5548256..6aa8709081 100644 --- a/src/central-server/admin-service/core/src/main/java/org/niis/xroad/cs/admin/core/service/OcspRespondersServiceImpl.java +++ b/src/central-server/admin-service/core/src/main/java/org/niis/xroad/cs/admin/core/service/OcspRespondersServiceImpl.java @@ -86,8 +86,11 @@ public OcspResponder update(OcspResponderRequest updateRequest) { auditDataHelper.put(OCSP_ID, savedOcspInfo.getId()); auditDataHelper.put(OCSP_URL, savedOcspInfo.getUrl()); - auditDataHelper.put(OCSP_CERT_HASH, calculateCertHexHashDelimited(savedOcspInfo.getCert())); - auditDataHelper.put(OCSP_CERT_HASH_ALGORITHM, DEFAULT_CERT_HASH_ALGORITHM_ID); + + if (savedOcspInfo.getCert() != null) { + auditDataHelper.put(OCSP_CERT_HASH, calculateCertHexHashDelimited(savedOcspInfo.getCert())); + auditDataHelper.put(OCSP_CERT_HASH_ALGORITHM, DEFAULT_CERT_HASH_ALGORITHM_ID); + } return ocspResponderConverter.toModel(savedOcspInfo); } diff --git a/src/central-server/admin-service/infra-api-rest/src/main/java/org/niis/xroad/cs/admin/rest/api/openapi/CertificationServicesController.java b/src/central-server/admin-service/infra-api-rest/src/main/java/org/niis/xroad/cs/admin/rest/api/openapi/CertificationServicesController.java index 4332384ecf..c336dbe958 100644 --- a/src/central-server/admin-service/infra-api-rest/src/main/java/org/niis/xroad/cs/admin/rest/api/openapi/CertificationServicesController.java +++ b/src/central-server/admin-service/infra-api-rest/src/main/java/org/niis/xroad/cs/admin/rest/api/openapi/CertificationServicesController.java @@ -110,9 +110,15 @@ public ResponseEntity addCertificationServiceIntermedia @PreAuthorize("hasAuthority('ADD_APPROVED_CA')") public ResponseEntity addCertificationServiceOcspResponder(Integer caId, String url, MultipartFile certificate) { final var addRequest = new OcspResponderAddRequest(); - byte[] fileBytes = MultipartFileUtils.readBytes(certificate); - fileVerifier.validateCertificate(certificate.getOriginalFilename(), fileBytes); - addRequest.setCaId(caId).setUrl(url).setCertificate(fileBytes); + addRequest + .setCaId(caId) + .setUrl(url); + + if (certificate != null && !certificate.isEmpty()) { + byte[] fileBytes = MultipartFileUtils.readBytes(certificate); + fileVerifier.validateCertificate(certificate.getOriginalFilename(), fileBytes); + addRequest.setCertificate(fileBytes); + } var ocspResponder = certificationServicesService.addOcspResponder(addRequest); return status(CREATED).body(ocspResponderDtoConverter.toDto(ocspResponder)); diff --git a/src/central-server/admin-service/infra-api-rest/src/main/java/org/niis/xroad/cs/admin/rest/api/openapi/IntermediateCasController.java b/src/central-server/admin-service/infra-api-rest/src/main/java/org/niis/xroad/cs/admin/rest/api/openapi/IntermediateCasController.java index 648920bd43..566d7c3d7b 100644 --- a/src/central-server/admin-service/infra-api-rest/src/main/java/org/niis/xroad/cs/admin/rest/api/openapi/IntermediateCasController.java +++ b/src/central-server/admin-service/infra-api-rest/src/main/java/org/niis/xroad/cs/admin/rest/api/openapi/IntermediateCasController.java @@ -48,7 +48,6 @@ import java.util.List; -import static java.util.stream.Collectors.toList; import static org.niis.xroad.restapi.config.audit.RestApiAuditEvent.ADD_INTERMEDIATE_CA_OCSP_RESPONDER; import static org.niis.xroad.restapi.config.audit.RestApiAuditEvent.DELETE_INTERMEDIATE_CA; import static org.niis.xroad.restapi.config.audit.RestApiAuditEvent.DELETE_OCSP_RESPONDER; @@ -74,12 +73,14 @@ public class IntermediateCasController implements IntermediateCasApi { @PreAuthorize("hasAuthority('ADD_APPROVED_CA')") @AuditEventMethod(event = ADD_INTERMEDIATE_CA_OCSP_RESPONDER) public ResponseEntity addIntermediateCaOcspResponder(Integer id, String url, MultipartFile certificate) { - byte[] fileBytes = readBytes(certificate); - fileVerifier.validateCertificate(certificate.getOriginalFilename(), fileBytes); final OcspResponderRequest ocspResponderRequest = new OcspResponderAddRequest() - .setUrl(url) - .setCertificate(fileBytes); + .setUrl(url); + if (certificate != null && !certificate.isEmpty()) { + byte[] fileBytes = readBytes(certificate); + fileVerifier.validateCertificate(certificate.getOriginalFilename(), fileBytes); + ocspResponderRequest.setCertificate(fileBytes); + } final OcspResponder ocspResponder = intermediateCasService.addOcspResponder(id, ocspResponderRequest); return status(CREATED).body(ocspResponderDtoConverter.toDto(ocspResponder)); @@ -112,6 +113,6 @@ public ResponseEntity getIntermediateCa(Integer id) { public ResponseEntity> getIntermediateCaOcspResponders(Integer id) { return ok(intermediateCasService.getOcspResponders(id).stream() .map(ocspResponderDtoConverter::toDto) - .collect(toList())); + .toList()); } } diff --git a/src/central-server/admin-service/ui-system-test/src/intTest/java/org/niis/xroad/cs/test/ui/glue/TrustServicesOcspRespondersStepDefs.java b/src/central-server/admin-service/ui-system-test/src/intTest/java/org/niis/xroad/cs/test/ui/glue/TrustServicesOcspRespondersStepDefs.java index 4e1e903aee..75878c75d4 100644 --- a/src/central-server/admin-service/ui-system-test/src/intTest/java/org/niis/xroad/cs/test/ui/glue/TrustServicesOcspRespondersStepDefs.java +++ b/src/central-server/admin-service/ui-system-test/src/intTest/java/org/niis/xroad/cs/test/ui/glue/TrustServicesOcspRespondersStepDefs.java @@ -27,7 +27,6 @@ package org.niis.xroad.cs.test.ui.glue; -import com.codeborne.selenide.Condition; import io.cucumber.java.en.Step; import org.niis.xroad.cs.test.ui.page.OcspRespondersPageObj; import org.niis.xroad.cs.test.ui.page.TrustServicesPageObj; @@ -35,6 +34,7 @@ import static com.codeborne.selenide.Condition.appear; import static com.codeborne.selenide.Condition.cssClass; +import static com.codeborne.selenide.Condition.enabled; import static com.codeborne.selenide.Condition.visible; import static org.niis.xroad.cs.test.ui.constants.Constants.CN_SUBJECT_PREFIX; import static org.niis.xroad.cs.test.ui.utils.VuetifyHelper.vTextField; @@ -48,11 +48,24 @@ public void ocspRespondersTabIsSelected() { trustServicesPageObj.certServiceDetails.tabOcspResponders().scrollIntoView(false).click(); } - @Step("OCSP responder with URL {} is added") - public void newOcspResponderIsAdded(String url) throws Exception { + @Step("OCSP responder with URL {string} is added") + public void newOcspResponderIsAdded(String url) { ocspRespondersPageObj.btnAddOcspResponder().click(); - commonPageObj.dialog.btnCancel().should(Condition.enabled); - commonPageObj.dialog.btnSave().shouldNotBe(Condition.enabled); + commonPageObj.dialog.btnCancel().should(enabled); + commonPageObj.dialog.btnSave().shouldNotBe(enabled); + + vTextField(ocspRespondersPageObj.addEditDialog.inputOcspResponderUrl()).setValue(url); + commonPageObj.dialog.btnSave().click(); + + commonPageObj.snackBar.success().shouldBe(visible); + commonPageObj.snackBar.btnClose().click(); + } + + @Step("OCSP responder with URL {string} and random cert is added") + public void newOcspResponderWithCertIsAdded(String url) throws Exception { + ocspRespondersPageObj.btnAddOcspResponder().click(); + commonPageObj.dialog.btnCancel().should(enabled); + commonPageObj.dialog.btnSave().shouldNotBe(enabled); final byte[] certificate = CertificateUtils.generateAuthCert(CN_SUBJECT_PREFIX + url); @@ -67,7 +80,7 @@ public void newOcspResponderIsAdded(String url) throws Exception { @Step("OCSP responder table is visible") public void ocspResponderTableIsVisible() { - ocspRespondersPageObj.table().shouldBe(Condition.enabled); + ocspRespondersPageObj.table().shouldBe(enabled); } @Step("OCSP responder with URL {} is visible in the OCSP responders list") @@ -103,6 +116,12 @@ public void userIsAbleToViewTheCertificate(String url) { ocspRespondersPageObj.certificateView.certificateDetails().shouldBe(visible); } + @Step("view certificate of OCSP responder with URL {} button is missing") + public void viewCertButtonMissing(String url) { + ocspRespondersPageObj.btnViewOcspResponder(url).shouldNotBe(visible); + ocspRespondersPageObj.certificateView.certificateDetails().shouldBe(visible); + } + @Step("User is able click Edit button in OCSP responder with URL {}") public void userIsAbleToEditOcspResponder(String url) { ocspRespondersPageObj.btnEditOcspResponder(url).click(); @@ -110,13 +129,13 @@ public void userIsAbleToEditOcspResponder(String url) { @Step("User is able change the URL to new URL {}") public void userIsAbleEditTheUrl(String newUrl) { - commonPageObj.dialog.btnCancel().should(Condition.enabled); - commonPageObj.dialog.btnSave().should(Condition.enabled); + commonPageObj.dialog.btnCancel().should(enabled); + commonPageObj.dialog.btnSave().should(enabled); vTextField(ocspRespondersPageObj.addEditDialog.inputOcspResponderUrl()) .clear(); - commonPageObj.dialog.btnSave().shouldNotBe(Condition.enabled); + commonPageObj.dialog.btnSave().shouldNotBe(enabled); vTextField(ocspRespondersPageObj.addEditDialog.inputOcspResponderUrl()) .setValue(newUrl); @@ -149,8 +168,8 @@ public void userIsAbleChangeTheCertificate(String url) throws Exception { public void userIsAbleToDeleteOcspResponder(String url) { ocspRespondersPageObj.btnDeleteOcspResponder(url).click(); - commonPageObj.dialog.btnCancel().shouldBe(Condition.enabled); - commonPageObj.dialog.btnSave().shouldBe(Condition.enabled).click(); + commonPageObj.dialog.btnCancel().shouldBe(enabled); + commonPageObj.dialog.btnSave().shouldBe(enabled).click(); commonPageObj.snackBar.success().shouldBe(visible); commonPageObj.snackBar.btnClose().click(); diff --git a/src/central-server/admin-service/ui-system-test/src/intTest/resources/behavior/ui/0550-cs-intermediate-ca-ocsp-responders.feature b/src/central-server/admin-service/ui-system-test/src/intTest/resources/behavior/ui/0550-cs-intermediate-ca-ocsp-responders.feature index ce636ffd03..8a62a09b69 100644 --- a/src/central-server/admin-service/ui-system-test/src/intTest/resources/behavior/ui/0550-cs-intermediate-ca-ocsp-responders.feature +++ b/src/central-server/admin-service/ui-system-test/src/intTest/resources/behavior/ui/0550-cs-intermediate-ca-ocsp-responders.feature @@ -18,17 +18,19 @@ Feature: 0550 - CS: Trust Services -> CA Details -> Intermediate CAs -> Intermed And Intermediate CA OCSP responders tab is selected Scenario: Intermediate CA OCSP responder can be added - When OCSP responder with URL http://e2e-test-ocsp-responder.com is added + When OCSP responder with URL "http://e2e-test-ocsp-responder.com" is added + And OCSP responder with URL "http://e2e-test-ocsp-responder-cert.com" and random cert is added Then OCSP responder with URL http://e2e-test-ocsp-responder.com is visible in the OCSP responders list + And OCSP responder with URL http://e2e-test-ocsp-responder-cert.com is visible in the OCSP responders list Scenario: Intermediate CA OCSP responders list is correctly shown When OCSP responder table is visible - And OCSP responder with URL http://e2e-test-ocsp-responder.com is added + And OCSP responder with URL "http://e2e-test-ocsp-responder.com" and random cert is added Then User is able to sort OCSP responders by URL And User is able to view the certificate of OCSP responder with URL http://e2e-test-ocsp-responder.com Scenario: Intermediate CA OCSP responder can be edit in list - When OCSP responder with URL http://e2e-test-ocsp-responder.com is added + When OCSP responder with URL "http://e2e-test-ocsp-responder.com" and random cert is added And User is able click Edit button in OCSP responder with URL http://e2e-test-ocsp-responder.com Then User is able view the certificate of OCSP responder When User is able click Edit button in OCSP responder with URL http://e2e-test-ocsp-responder.com @@ -38,6 +40,6 @@ Feature: 0550 - CS: Trust Services -> CA Details -> Intermediate CAs -> Intermed Then OCSP responder with URL http://new-e2e-test-ocsp-responder.com is visible in the OCSP responders list Scenario: Intermediate CA OCSP responder can be delete in list - When OCSP responder with URL http://e2e-test-ocsp-responder.com is added + When OCSP responder with URL "http://e2e-test-ocsp-responder.com" is added Then User is able to click delete button in OCSP responder with URL http://e2e-test-ocsp-responder.com And OCSP responder with URL http://e2e-test-ocsp-responder.com should removed in list diff --git a/src/central-server/admin-service/ui-system-test/src/intTest/resources/behavior/ui/0560-cs-ocsp-responders.feature b/src/central-server/admin-service/ui-system-test/src/intTest/resources/behavior/ui/0560-cs-ocsp-responders.feature index f1f9c3d5f6..d5b2029426 100644 --- a/src/central-server/admin-service/ui-system-test/src/intTest/resources/behavior/ui/0560-cs-ocsp-responders.feature +++ b/src/central-server/admin-service/ui-system-test/src/intTest/resources/behavior/ui/0560-cs-ocsp-responders.feature @@ -13,17 +13,21 @@ Feature: 0560 - CS: Trust Services -> CA Details -> OCSP Responders And OCSP responders tab is selected Scenario: OCSP responder can be added - When OCSP responder with URL http://e2e-test-ocsp-responder.com is added + When OCSP responder with URL "http://e2e-test-ocsp-responder.com" is added Then OCSP responder with URL http://e2e-test-ocsp-responder.com is visible in the OCSP responders list Scenario: OCSP responders list is correctly shown When OCSP responder table is visible - And OCSP responder with URL http://e2e-test-ocsp-responder.com is added + And OCSP responder with URL "http://e2e-test-ocsp-responder.com" is added + And OCSP responder with URL "http://e2e-test-ocsp-responder-cert.com" and random cert is added Then User is able to sort OCSP responders by URL - And User is able to view the certificate of OCSP responder with URL http://e2e-test-ocsp-responder.com + And OCSP responder with URL http://e2e-test-ocsp-responder.com is visible in the OCSP responders list + And OCSP responder with URL http://e2e-test-ocsp-responder-cert.com is visible in the OCSP responders list + And User is able to view the certificate of OCSP responder with URL http://e2e-test-ocsp-responder-cert.com + And view certificate of OCSP responder with URL http://e2e-test-ocsp-responder.com button is missing Scenario: OCSP responder can be edit in list - When OCSP responder with URL http://e2e-test-ocsp-responder.com is added + When OCSP responder with URL "http://e2e-test-ocsp-responder.com" and random cert is added And User is able click Edit button in OCSP responder with URL http://e2e-test-ocsp-responder.com Then User is able view the certificate of OCSP responder When User is able click Edit button in OCSP responder with URL http://e2e-test-ocsp-responder.com @@ -33,6 +37,6 @@ Feature: 0560 - CS: Trust Services -> CA Details -> OCSP Responders Then OCSP responder with URL http://new-e2e-test-ocsp-responder.com is visible in the OCSP responders list Scenario: OCSP responder can be delete in list - When OCSP responder with URL http://e2e-test-ocsp-responder.com is added + When OCSP responder with URL "http://e2e-test-ocsp-responder.com" is added Then User is able to click delete button in OCSP responder with URL http://e2e-test-ocsp-responder.com And OCSP responder with URL http://e2e-test-ocsp-responder.com should removed in list diff --git a/src/central-server/admin-service/ui/src/components/ocspResponders/AddOcspResponderDialog.vue b/src/central-server/admin-service/ui/src/components/ocspResponders/AddOcspResponderDialog.vue index 93c0cf184d..a70d9c87d4 100644 --- a/src/central-server/admin-service/ui/src/components/ocspResponders/AddOcspResponderDialog.vue +++ b/src/central-server/admin-service/ui/src/components/ocspResponders/AddOcspResponderDialog.vue @@ -26,7 +26,7 @@ -->