Skip to content

Commit

Permalink
Merge pull request #1953 from nordic-institute/XRDDEV-2584_XRDDEV-2585
Browse files Browse the repository at this point in the history 
chore: Up sprinboot to version 3.2.2 and jetty to version 12.0.5
  • Loading branch information
@ovidijusnortal
ovidijusnortal authored Feb 15, 2024
2 parents dea4666 + 8fad590 commit ff5f2aa
Show file tree
Hide file tree
Showing 440 changed files with 2,845 additions and 2,426 deletions.
4 changes: 2 additions & 2 deletions ...ddons/hwtoken/src/main/java/ee/ria/xroad/signer/tokenmanager/token/HardwareTokenUtil.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -280,15 +280,15 @@ static TokenStatusInfo getTokenStatus(TokenInfo tokenInfo, long errorCode) {
@SuppressWarnings("unchecked")
static <T extends iaik.pkcs.pkcs11.objects.Object> List<T> find(
T template, Session session, int maxObjectCount)
throws TokenException {
throws TokenException {
iaik.pkcs.pkcs11.objects.Object[] tmpArray;

List<T> foundObjects = new ArrayList<>();

session.findObjectsInit(template);
do {
tmpArray = session.findObjects(maxObjectCount);
for (iaik.pkcs.pkcs11.objects.Object object: tmpArray) {
for (iaik.pkcs.pkcs11.objects.Object object : tmpArray) {
foundObjects.add((T) object);
}
} while (tmpArray.length != 0);
Expand Down
89 changes: 46 additions & 43 deletions ...don/src/main/java/ee/ria/xroad/proxy/clientproxy/AsicContainerClientRequestProcessor.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -52,10 +52,10 @@
import ee.ria.xroad.proxy.messagelog.MessageLog;
import ee.ria.xroad.proxy.util.MessageProcessorBase;

import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.io.IOUtils;
import org.eclipse.jetty.server.Request;
import org.eclipse.jetty.server.Response;

import java.io.ByteArrayInputStream;
import java.io.Closeable;
Expand All @@ -77,7 +77,13 @@
import static ee.ria.xroad.common.conf.globalconf.ConfigurationDirectory.METADATA_SUFFIX;
import static ee.ria.xroad.common.metadata.MetadataRequests.ASIC;
import static ee.ria.xroad.common.metadata.MetadataRequests.VERIFICATIONCONF;
import static ee.ria.xroad.common.util.JettyUtils.setContentType;
import static ee.ria.xroad.proxy.clientproxy.AbstractClientProxyHandler.getIsAuthenticationData;
import static org.eclipse.jetty.http.HttpStatus.BAD_REQUEST_400;
import static org.eclipse.jetty.http.HttpStatus.INTERNAL_SERVER_ERROR_500;
import static org.eclipse.jetty.http.HttpStatus.NOT_FOUND_404;
import static org.eclipse.jetty.http.HttpStatus.UNAUTHORIZED_401;
import static org.eclipse.jetty.io.Content.Sink.asOutputStream;

@Slf4j
public class AsicContainerClientRequestProcessor extends MessageProcessorBase {
Expand Down Expand Up @@ -113,21 +119,18 @@ public class AsicContainerClientRequestProcessor extends MessageProcessorBase {
private final GroupingStrategy groupingStrategy = MessageLogProperties.getArchiveGrouping();
private final EncryptionConfigProvider encryptionConfigProvider;

public AsicContainerClientRequestProcessor(String target, HttpServletRequest request, HttpServletResponse response)
public AsicContainerClientRequestProcessor(String target, Request request, Response response)
throws IOException {
super(request, response, null);
this.target = target;
this.encryptionConfigProvider = EncryptionConfigProvider.getInstance(groupingStrategy);
}

public boolean canProcess() {
switch (target) {
case ASIC:
case VERIFICATIONCONF:
return true;
default:
return false;
}
return switch (target) {
case ASIC, VERIFICATIONCONF -> true;
default -> false;
};
}

@Override
Expand All @@ -147,10 +150,10 @@ public void process() {
throw ex;
} catch (CodedException ex) {
log.error("ERROR:", ex);
throw new CodedExceptionWithHttpStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, ex);
throw new CodedExceptionWithHttpStatus(INTERNAL_SERVER_ERROR_500, ex);
} catch (Exception ex) {
log.error("ERROR:", ex);
throw new CodedExceptionWithHttpStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR,
throw new CodedExceptionWithHttpStatus(INTERNAL_SERVER_ERROR_500,
X_INTERNAL_ERROR, ex.getMessage());
}
}
Expand All @@ -160,10 +163,10 @@ private void handleVerificationConfRequest() throws Exception {

VersionedConfigurationDirectory confDir = new VersionedConfigurationDirectory(SystemProperties.getConfigurationPath());

servletResponse.setContentType(MimeTypes.ZIP);
servletResponse.setHeader(HttpHeaders.CONTENT_DISPOSITION, "filename=\"verificationconf.zip\"");
setContentType(jResponse, MimeTypes.ZIP);
jResponse.getHeaders().put(HttpHeaders.CONTENT_DISPOSITION, "filename=\"verificationconf.zip\"");
try (VerificationConfWriter writer = new VerificationConfWriter(confDir.getInstanceIdentifier(),
servletResponse.getOutputStream())) {
asOutputStream(jResponse))) {
confDir.eachFile(writer);
}
}
Expand All @@ -179,9 +182,9 @@ private void handleAsicRequest() throws Exception {
private void verifyClientAuthentication(ClientId clientId) throws Exception {
log.trace("verifyClientAuthentication({})", clientId);
try {
IsAuthentication.verifyClientAuthentication(clientId, getIsAuthenticationData(servletRequest));
IsAuthentication.verifyClientAuthentication(clientId, getIsAuthenticationData(jRequest));
} catch (CodedException ex) {
throw new CodedExceptionWithHttpStatus(HttpServletResponse.SC_UNAUTHORIZED, ex);
throw new CodedExceptionWithHttpStatus(UNAUTHORIZED_401, ex);
}
}

Expand All @@ -191,7 +194,7 @@ private void handleAsicRequest(ClientId clientId) throws Exception {
boolean requestOnly = hasParameter(PARAM_REQUEST_ONLY);
boolean responseOnly = hasParameter(PARAM_RESPONSE_ONLY);
if (requestOnly && responseOnly) {
throw new CodedExceptionWithHttpStatus(HttpServletResponse.SC_BAD_REQUEST, ErrorCodes.X_BAD_REQUEST,
throw new CodedExceptionWithHttpStatus(BAD_REQUEST_400, ErrorCodes.X_BAD_REQUEST,
INVALID_PARAM_COMBINATION_FAULT_MESSAGE);
}

Expand All @@ -205,7 +208,7 @@ private void handleAsicRequest(ClientId clientId) throws Exception {
} else if (!unique) {
writeContainers(clientId, queryId, nameGen, response);
} else {
throw new CodedExceptionWithHttpStatus(HttpServletResponse.SC_BAD_REQUEST, ErrorCodes.X_BAD_REQUEST,
throw new CodedExceptionWithHttpStatus(BAD_REQUEST_400, ErrorCodes.X_BAD_REQUEST,
MISSING_CONSTRAINT_FAULT_MESSAGE);
}
}
Expand All @@ -214,7 +217,7 @@ private void ensureTimestamped(ClientId id, String queryId, Boolean response, bo
final List<MessageRecord> records = LogRecordManager.getByQueryId(queryId, id, response, Function.identity());

if (records.isEmpty()) {
throw new CodedExceptionWithHttpStatus(HttpServletResponse.SC_NOT_FOUND, ErrorCodes.X_NOT_FOUND,
throw new CodedExceptionWithHttpStatus(NOT_FOUND_404, ErrorCodes.X_NOT_FOUND,
DOCUMENTS_NOT_FOUND_FAULT_MESSAGE);
}

Expand All @@ -231,23 +234,23 @@ private void ensureTimestamped(ClientId id, String queryId, Boolean response, bo
}
}

private boolean hasParameter(String param) {
return servletRequest.getParameterMap().containsKey(param);
private boolean hasParameter(String param) throws Exception {
return Request.getParameters(jRequest).toStringArrayMap().containsKey(param);
}

private void writeContainers(ClientId clientId, String queryId, AsicContainerNameGenerator nameGen,
Boolean response) throws Exception {
Boolean response) throws Exception {

if (encryptionConfigProvider.isEncryptionEnabled()) {
writeEncryptedContainers(clientId, queryId, nameGen, response);
} else {
final String filename = AsicUtils.escapeString(queryId)
+ (response == null ? "" : (response ? "-response" : "-request")) + ".zip";
final CheckedSupplier<OutputStream> supplier = () -> {
servletResponse.setContentType(MimeTypes.ZIP);
servletResponse.setHeader(HttpHeaders.CONTENT_DISPOSITION,
setContentType(jResponse, MimeTypes.ZIP);
jResponse.getHeaders().put(HttpHeaders.CONTENT_DISPOSITION,
CONTENT_DISPOSITION_FILENAME_PREFIX + filename + "\"");
return servletResponse.getOutputStream();
return asOutputStream(jResponse);
};

writeContainers(clientId, queryId, nameGen, response, supplier);
Expand All @@ -260,7 +263,7 @@ interface CheckedSupplier<T> {
}

private void writeEncryptedContainers(ClientId clientId, String queryId, AsicContainerNameGenerator nameGen,
Boolean response) throws Exception {
Boolean response) throws Exception {

final String filename = AsicUtils.escapeString(queryId)
+ (response == null ? "" : (response ? "-response" : "-request")) + ".zip.gpg";
Expand All @@ -272,8 +275,8 @@ private void writeEncryptedContainers(ClientId clientId, String queryId, AsicCon

try {
final CheckedSupplier<OutputStream> supplier = () -> {
servletResponse.setContentType(MimeTypes.BINARY);
servletResponse.setHeader(HttpHeaders.CONTENT_DISPOSITION,
setContentType(jResponse, MimeTypes.BINARY);
jResponse.getHeaders().put(HttpHeaders.CONTENT_DISPOSITION,
CONTENT_DISPOSITION_FILENAME_PREFIX + filename + "\"");
return new GPGOutputStream(encryptionConfig.getGpgHomeDir(), tempFile,
encryptionConfig.getEncryptionKeys());
Expand All @@ -282,7 +285,7 @@ private void writeEncryptedContainers(ClientId clientId, String queryId, AsicCon
writeContainers(clientId, queryId, nameGen, response, supplier);

try (InputStream is = Files.newInputStream(tempFile)) {
IOUtils.copyLarge(is, servletResponse.getOutputStream());
IOUtils.copyLarge(is, asOutputStream(jResponse));
}

} finally {
Expand All @@ -292,11 +295,11 @@ private void writeEncryptedContainers(ClientId clientId, String queryId, AsicCon
}

private void writeContainers(ClientId clientId, String queryId, AsicContainerNameGenerator nameGen,
Boolean response, CheckedSupplier<OutputStream> outputSupplier) throws Exception {
Boolean response, CheckedSupplier<OutputStream> outputSupplier) throws Exception {

LogRecordManager.getByQueryId(queryId, clientId, response, records -> {
if (records.isEmpty()) {
throw new CodedExceptionWithHttpStatus(HttpServletResponse.SC_NOT_FOUND, ErrorCodes.X_NOT_FOUND,
throw new CodedExceptionWithHttpStatus(NOT_FOUND_404, ErrorCodes.X_NOT_FOUND,
DOCUMENTS_NOT_FOUND_FAULT_MESSAGE);
}
final MessageRecordEncryption messageRecordEncryption = MessageRecordEncryption.getInstance();
Expand Down Expand Up @@ -350,7 +353,7 @@ public void close() {
}

private void writeAsicContainer(ClientId clientId, String queryId, AsicContainerNameGenerator nameGen,
boolean response) throws Exception {
boolean response) throws Exception {

final EncryptionConfig encryptionConfig =
encryptionConfigProvider.forGrouping(groupingStrategy.forClient(clientId));
Expand All @@ -359,7 +362,7 @@ private void writeAsicContainer(ClientId clientId, String queryId, AsicContainer
LogRecordManager.getByQueryIdUnique(queryId, clientId, response, record -> {
try {
if (record == null) {
throw new CodedExceptionWithHttpStatus(HttpServletResponse.SC_NOT_FOUND, ErrorCodes.X_NOT_FOUND,
throw new CodedExceptionWithHttpStatus(NOT_FOUND_404, ErrorCodes.X_NOT_FOUND,
DOCUMENTS_NOT_FOUND_FAULT_MESSAGE);
}
if (record.getTimestampRecord() == null) {
Expand All @@ -371,17 +374,17 @@ private void writeAsicContainer(ClientId clientId, String queryId, AsicContainer
String filename = nameGen.getArchiveFilename(queryId, response, record.getId());
if (encryptionEnabled) {
filename += ".gpg";
servletResponse.setContentType(MimeTypes.BINARY);
setContentType(jResponse, MimeTypes.BINARY);
} else {
servletResponse.setContentType(MimeTypes.ASIC_ZIP);
setContentType(jResponse, MimeTypes.ASIC_ZIP);
}
servletResponse.setHeader(HttpHeaders.CONTENT_DISPOSITION,
jResponse.getHeaders().put(HttpHeaders.CONTENT_DISPOSITION,
CONTENT_DISPOSITION_FILENAME_PREFIX + filename + "\"");

if (encryptionEnabled) {
encryptContainer(encryptionConfig, asicContainer);
} else {
asicContainer.write(servletResponse.getOutputStream());
asicContainer.write(asOutputStream(jResponse));
}

} catch (CodedException ce) {
Expand All @@ -402,14 +405,14 @@ private void encryptContainer(EncryptionConfig encryptionConfig, AsicContainer a
asicContainer.write(os);
}
try (InputStream is = Files.newInputStream(tempFile)) {
IOUtils.copyLarge(is, servletResponse.getOutputStream());
IOUtils.copyLarge(is, asOutputStream(jResponse));
}
} finally {
Files.deleteIfExists(tempFile);
}
}

private ClientId.Conf getClientIdFromRequest() {
private ClientId.Conf getClientIdFromRequest() throws Exception {
String instanceIdentifier = getParameter(PARAM_INSTANCE_IDENTIFIER, false);
String memberClass = getParameter(PARAM_MEMBER_CLASS, false);
String memberCode = getParameter(PARAM_MEMBER_CODE, false);
Expand All @@ -418,11 +421,11 @@ private ClientId.Conf getClientIdFromRequest() {
return ClientId.Conf.create(instanceIdentifier, memberClass, memberCode, subsystemCode);
}

private String getParameter(String param, boolean optional) {
String paramValue = servletRequest.getParameter(param);
private String getParameter(String param, boolean optional) throws Exception {
String paramValue = Request.getParameters(jRequest).getValue(param);

if (paramValue == null && !optional) {
throw new CodedExceptionWithHttpStatus(HttpServletResponse.SC_BAD_REQUEST, ErrorCodes.X_BAD_REQUEST,
throw new CodedExceptionWithHttpStatus(BAD_REQUEST_400, ErrorCodes.X_BAD_REQUEST,
String.format(MISSING_PARAMETER_FAULT_MESSAGE, param));
}

Expand Down
13 changes: 7 additions & 6 deletions ...g/messagelog-addon/src/main/java/ee/ria/xroad/proxy/clientproxy/AsicContainerHandler.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,12 +29,13 @@
import ee.ria.xroad.common.opmonitoring.OpMonitoringData;
import ee.ria.xroad.proxy.util.MessageProcessorBase;

import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import lombok.extern.slf4j.Slf4j;
import org.apache.http.client.HttpClient;
import org.eclipse.jetty.server.Request;
import org.eclipse.jetty.server.Response;

import static ee.ria.xroad.common.ErrorCodes.X_INVALID_REQUEST;
import static ee.ria.xroad.common.util.JettyUtils.getTarget;

/**
* AsicContainerHandler
Expand All @@ -50,10 +51,10 @@ public AsicContainerHandler(HttpClient client) {
}

@Override
MessageProcessorBase createRequestProcessor(String target,
HttpServletRequest request, HttpServletResponse response,
OpMonitoringData opMonitoringData) throws Exception {
log.trace("createRequestProcessor({})", target);
MessageProcessorBase createRequestProcessor(Request request, Response response,
OpMonitoringData opMonitoringData) throws Exception {
var target = getTarget(request);
log.trace("createRequestProcessor({})", getTarget(request));

// opMonitoringData is null, do not use it.

Expand Down
4 changes: 2 additions & 2 deletions ...essagelog-addon/src/main/java/ee/ria/xroad/proxy/messagelog/AbstractTimestampRequest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -77,9 +77,9 @@ public static class TsRequest {
}

protected Timestamper.TimestampResult makeTsRequest(TimeStampRequest tsRequest,
List<String> tspUrls) throws Exception {
List<String> tspUrls) throws Exception {
log.debug("tspUrls: {}", tspUrls);
for (String url: tspUrls) {
for (String url : tspUrls) {
try {
log.debug("Sending time-stamp request to {}", url);

Expand Down
14 changes: 7 additions & 7 deletions ...agelog/messagelog-addon/src/main/java/ee/ria/xroad/proxy/messagelog/LogRecordManager.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -96,7 +96,7 @@ static LogRecord getByQueryId(String queryId, Date startTime, Date endTime) thro
* @throws Exception if an error occurs while communicating with database.
*/
public static <R> R getByQueryIdUnique(String queryId, ClientId clientId, Boolean isResponse,
Function<MessageRecord, R> processor)
Function<MessageRecord, R> processor)
throws Exception {
log.trace(GET_BY_QUERY_ID_LOG_FORMAT, queryId, clientId, isResponse);

Expand All @@ -112,7 +112,7 @@ public static <R> R getByQueryIdUnique(String queryId, ClientId clientId, Boolea
* @throws Exception if an error occurs while communicating with database.
*/
public static <R> R getByQueryId(String queryId, ClientId clientId, Boolean isResponse,
Function<List<MessageRecord>, R> processor)
Function<List<MessageRecord>, R> processor)
throws Exception {
log.trace(GET_BY_QUERY_ID_LOG_FORMAT, queryId, clientId, isResponse);

Expand Down Expand Up @@ -222,7 +222,7 @@ static long getNextRecordId(Session session) {
* @param hashChains the time-stamp hash chains.
*/
private static void setMessageRecordsTimestamped(Session session, Long[] messageRecords,
TimestampRecord timestampRecord, String[] hashChains) {
TimestampRecord timestampRecord, String[] hashChains) {
if (log.isTraceEnabled()) {
log.trace("setMessageRecordsTimestamped({}, {})", Arrays.toString(messageRecords),
timestampRecord.getId());
Expand All @@ -242,7 +242,7 @@ private static void setMessageRecordsTimestamped(Session session, Long[] message

private static void setMessageRecordsTimestamped(Long[] messageRecords, TimestampRecord
timestampRecord,
String[] hashChains, Connection connection, int batchSize) throws SQLException {
String[] hashChains, Connection connection, int batchSize) throws SQLException {
log.trace("setMessageRecordsTimestamped({})", messageRecords.length);

int storedCount = 0;
Expand Down Expand Up @@ -290,20 +290,20 @@ private static MessageRecord getMessageRecord(Session session, String queryId, D
}

private static MessageRecord getMessageRecord(Session session, String queryId, ClientId clientId,
Boolean isResponse) {
Boolean isResponse) {
final CriteriaQuery<MessageRecord> query = createRecordCriteria(session, queryId, clientId, isResponse);
return session.createQuery(query).setReadOnly(true).setMaxResults(1).uniqueResult();
}

private static List<MessageRecord> getMessageRecords(Session session, String queryId, ClientId
clientId,
Boolean isResponse) {
Boolean isResponse) {
final CriteriaQuery<MessageRecord> query = createRecordCriteria(session, queryId, clientId, isResponse);
return session.createQuery(query).setReadOnly(true).getResultList();
}

private static CriteriaQuery<MessageRecord> createRecordCriteria(Session session, String queryId, ClientId clientId,
Boolean isResponse) {
Boolean isResponse) {

final CriteriaBuilder cb = session.getCriteriaBuilder();
final CriteriaQuery<MessageRecord> query = cb.createQuery(MessageRecord.class);
Expand Down
Loading

0 comments on commit ff5f2aa

Please sign in to comment.