From 26af65e427557b6a226d66f428ce8c6572502dbd Mon Sep 17 00:00:00 2001 From: Risto Seene Date: Thu, 12 Oct 2023 15:08:01 +0300 Subject: [PATCH 1/5] SIGA-630 Migrate to Spring Boot 3 --- pom.xml | 81 ++++++++++--------- .../configuration/SiGaDemoProperties.java | 5 -- .../hashcode/HashcodeContainerWriter.java | 2 +- .../client/service/SigaApiClientService.java | 75 ++++++++++++++--- .../SiGaDemoClientApplicationTests.java | 14 ++-- 5 files changed, 113 insertions(+), 64 deletions(-) diff --git a/pom.xml b/pom.xml index 4419acf..8df6bea 100644 --- a/pom.xml +++ b/pom.xml @@ -6,7 +6,7 @@ org.springframework.boot spring-boot-starter-parent - 2.7.15 + 3.1.4 ee.openeid.siga.client @@ -19,37 +19,29 @@ 17 paketobuildpacks/builder:tiny ${project.artifactId}:latest - - - - 9.0.80 - 3.1.2.RELEASE - - org.projectlombok - lombok - 1.18.28 - ch.qos.logback logback-classic - 1.2.12 ch.qos.logback logback-core - 1.2.12 co.elastic.logging logback-ecs-encoder 1.5.0 + + org.projectlombok + lombok + org.springframework.boot - spring-boot-starter-test + spring-boot-starter-web org.yaml @@ -57,10 +49,6 @@ - - org.springframework.boot - spring-boot-starter-web - org.springframework.boot spring-boot-starter-cache @@ -86,17 +74,10 @@ jakarta.ws.rs jakarta.ws.rs-api - 3.1.0 jakarta.xml.bind jakarta.xml.bind-api - 4.0.0 - - - org.glassfish.jaxb - jaxb-runtime - 4.0.3 @@ -104,21 +85,44 @@ digidoc4j 5.2.0 + + ch.qos.logback + * + + + com.sun.xml.bind + * + + + jakarta.activation + * + + + jakarta.xml.bind + * + + + org.apache.santuario + * + org.bouncycastle * + + org.glassfish.jaxb + * + + + org.slf4j + * + org.yaml snakeyaml - - org.apache.httpcomponents - httpclient - 4.5.14 - org.bouncycastle bcpkix-jdk15on @@ -218,14 +222,15 @@ - org.junit.vintage - junit-vintage-engine - test - - - junit - junit + org.springframework.boot + spring-boot-starter-test test + + + org.yaml + snakeyaml + + @@ -238,7 +243,7 @@ org.apache.cxf cxf-wadl2java-plugin - 4.0.2 + 4.0.3 generate-sources diff --git a/src/main/java/ee/openeid/siga/client/configuration/SiGaDemoProperties.java b/src/main/java/ee/openeid/siga/client/configuration/SiGaDemoProperties.java index 36a067e..6786192 100644 --- a/src/main/java/ee/openeid/siga/client/configuration/SiGaDemoProperties.java +++ b/src/main/java/ee/openeid/siga/client/configuration/SiGaDemoProperties.java @@ -1,23 +1,18 @@ package ee.openeid.siga.client.configuration; import org.springframework.boot.context.properties.ConfigurationProperties; -import org.springframework.boot.context.properties.ConstructorBinding; -@ConstructorBinding @ConfigurationProperties(prefix = "siga") public record SiGaDemoProperties(SigaClient client, SigaApi api) { - @ConstructorBinding @ConfigurationProperties(prefix = "siga.client") public record SigaClient(Hmac hmac) { } - @ConstructorBinding @ConfigurationProperties(prefix = "siga.client.hmac") public record Hmac(String algorithm, String serviceUuid, String sharedSigningKey) { } - @ConstructorBinding @ConfigurationProperties(prefix = "siga.api") public record SigaApi(String uri, String trustStore, String trustStorePassword) { @Override diff --git a/src/main/java/ee/openeid/siga/client/hashcode/HashcodeContainerWriter.java b/src/main/java/ee/openeid/siga/client/hashcode/HashcodeContainerWriter.java index 3b6f70b..3d11a83 100644 --- a/src/main/java/ee/openeid/siga/client/hashcode/HashcodeContainerWriter.java +++ b/src/main/java/ee/openeid/siga/client/hashcode/HashcodeContainerWriter.java @@ -83,7 +83,7 @@ public void writeSignatures(List wrappers) { public void writeManifest(List hashcodeDataFiles) { List dataFiles = convertDataFiles(hashcodeDataFiles); final AsicManifest asicManifest = new AsicManifest(Container.DocumentType.ASICE.name()); - asicManifest.addFileEntry(dataFiles); + asicManifest.addFileEntries(dataFiles); new EntryCallback(new ZipEntry(AsicManifest.XML_PATH)) { @Override void doWithEntryStream(OutputStream stream) { diff --git a/src/main/java/ee/openeid/siga/client/service/SigaApiClientService.java b/src/main/java/ee/openeid/siga/client/service/SigaApiClientService.java index 45ced96..233930d 100644 --- a/src/main/java/ee/openeid/siga/client/service/SigaApiClientService.java +++ b/src/main/java/ee/openeid/siga/client/service/SigaApiClientService.java @@ -3,18 +3,64 @@ import ee.openeid.siga.client.configuration.SiGaDemoProperties; import ee.openeid.siga.client.hashcode.HashcodeContainer; import ee.openeid.siga.client.hmac.HmacTokenAuthorizationHeaderInterceptor; +import ee.openeid.siga.client.model.AsicContainerWrapper; +import ee.openeid.siga.client.model.FinalizeRemoteSigningRequest; import ee.openeid.siga.client.model.GetContainerMobileIdSigningStatusResponse; -import ee.openeid.siga.client.model.*; -import ee.openeid.siga.webapp.json.*; +import ee.openeid.siga.client.model.HashcodeContainerWrapper; +import ee.openeid.siga.client.model.MobileSigningRequest; +import ee.openeid.siga.client.model.PrepareRemoteSigningRequest; +import ee.openeid.siga.client.model.PrepareRemoteSigningResponse; +import ee.openeid.siga.client.model.ProcessingStatus; +import ee.openeid.siga.client.model.SmartIdCertificateChoiceStatusResponseWrapper; +import ee.openeid.siga.client.model.SmartIdSigningRequest; +import ee.openeid.siga.webapp.json.CreateContainerMobileIdSigningRequest; +import ee.openeid.siga.webapp.json.CreateContainerMobileIdSigningResponse; +import ee.openeid.siga.webapp.json.CreateContainerRemoteSigningRequest; +import ee.openeid.siga.webapp.json.CreateContainerRemoteSigningResponse; +import ee.openeid.siga.webapp.json.CreateContainerRequest; +import ee.openeid.siga.webapp.json.CreateContainerResponse; +import ee.openeid.siga.webapp.json.CreateContainerSmartIdCertificateChoiceRequest; +import ee.openeid.siga.webapp.json.CreateContainerSmartIdCertificateChoiceResponse; +import ee.openeid.siga.webapp.json.CreateContainerSmartIdSigningRequest; +import ee.openeid.siga.webapp.json.CreateContainerSmartIdSigningResponse; +import ee.openeid.siga.webapp.json.CreateHashcodeContainerMobileIdSigningRequest; +import ee.openeid.siga.webapp.json.CreateHashcodeContainerMobileIdSigningResponse; +import ee.openeid.siga.webapp.json.CreateHashcodeContainerRemoteSigningRequest; +import ee.openeid.siga.webapp.json.CreateHashcodeContainerRemoteSigningResponse; +import ee.openeid.siga.webapp.json.CreateHashcodeContainerRequest; +import ee.openeid.siga.webapp.json.CreateHashcodeContainerResponse; +import ee.openeid.siga.webapp.json.CreateHashcodeContainerSmartIdCertificateChoiceRequest; +import ee.openeid.siga.webapp.json.CreateHashcodeContainerSmartIdCertificateChoiceResponse; +import ee.openeid.siga.webapp.json.CreateHashcodeContainerSmartIdSigningRequest; +import ee.openeid.siga.webapp.json.CreateHashcodeContainerSmartIdSigningResponse; +import ee.openeid.siga.webapp.json.DeleteContainerResponse; +import ee.openeid.siga.webapp.json.DeleteHashcodeContainerResponse; +import ee.openeid.siga.webapp.json.GetContainerResponse; +import ee.openeid.siga.webapp.json.GetContainerSignaturesResponse; +import ee.openeid.siga.webapp.json.GetContainerSmartIdCertificateChoiceStatusResponse; +import ee.openeid.siga.webapp.json.GetContainerSmartIdSigningStatusResponse; +import ee.openeid.siga.webapp.json.GetContainerValidationReportResponse; +import ee.openeid.siga.webapp.json.GetHashcodeContainerResponse; +import ee.openeid.siga.webapp.json.GetHashcodeContainerSignaturesResponse; +import ee.openeid.siga.webapp.json.GetHashcodeContainerValidationReportResponse; +import ee.openeid.siga.webapp.json.UpdateContainerRemoteSigningRequest; +import ee.openeid.siga.webapp.json.UpdateContainerRemoteSigningResponse; +import ee.openeid.siga.webapp.json.UpdateHashcodeContainerRemoteSigningRequest; +import ee.openeid.siga.webapp.json.UpdateHashcodeContainerRemoteSigningResponse; +import ee.openeid.siga.webapp.json.UploadHashcodeContainerRequest; +import ee.openeid.siga.webapp.json.UploadHashcodeContainerResponse; +import jakarta.annotation.PostConstruct; import lombok.RequiredArgsConstructor; import lombok.SneakyThrows; import lombok.extern.slf4j.Slf4j; import org.apache.commons.lang3.StringUtils; -import org.apache.http.client.HttpClient; -import org.apache.http.conn.ssl.NoopHostnameVerifier; -import org.apache.http.conn.ssl.SSLConnectionSocketFactory; -import org.apache.http.impl.client.HttpClients; -import org.apache.http.ssl.SSLContextBuilder; +import org.apache.hc.client5.http.classic.HttpClient; +import org.apache.hc.client5.http.impl.classic.HttpClients; +import org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManagerBuilder; +import org.apache.hc.client5.http.io.HttpClientConnectionManager; +import org.apache.hc.client5.http.ssl.NoopHostnameVerifier; +import org.apache.hc.client5.http.ssl.SSLConnectionSocketFactory; +import org.apache.hc.core5.ssl.SSLContextBuilder; import org.springframework.boot.web.client.RestTemplateBuilder; import org.springframework.core.io.ResourceLoader; import org.springframework.http.HttpEntity; @@ -31,7 +77,6 @@ import org.springframework.web.context.annotation.RequestScope; import org.springframework.web.multipart.MultipartFile; -import javax.annotation.PostConstruct; import javax.net.ssl.SSLContext; import java.io.IOException; import java.util.Base64; @@ -42,8 +87,10 @@ import static ee.openeid.siga.client.hashcode.HashcodesDataFileCreator.createHashcodeDataFile; import static java.text.MessageFormat.format; import static org.apache.tomcat.util.codec.binary.Base64.encodeBase64String; -import static org.springframework.http.HttpMethod.*; -import static org.springframework.http.HttpStatus.Series.SUCCESSFUL; +import static org.springframework.http.HttpMethod.DELETE; +import static org.springframework.http.HttpMethod.GET; +import static org.springframework.http.HttpMethod.POST; +import static org.springframework.http.HttpMethod.PUT; import static org.springframework.web.util.UriComponentsBuilder.fromUriString; @Slf4j @@ -73,7 +120,11 @@ private void setUpRestTemplate() { .build(); SSLConnectionSocketFactory socketFactory = new SSLConnectionSocketFactory(sslContext, NoopHostnameVerifier.INSTANCE); - HttpClient httpClient = HttpClients.custom().setSSLSocketFactory(socketFactory).build(); + HttpClientConnectionManager connectionManager = PoolingHttpClientConnectionManagerBuilder.create() + .setSSLSocketFactory(socketFactory) + .build(); + + HttpClient httpClient = HttpClients.custom().setConnectionManager(connectionManager).build(); SiGaDemoProperties.Hmac hmac = sigaProperties.client().hmac(); restTemplate = restTemplateBuilder .requestFactory(() -> new HttpComponentsClientHttpRequestFactory(httpClient)) @@ -564,7 +615,7 @@ class RestTemplateResponseErrorHandler implements ResponseErrorHandler { @Override public boolean hasError(ClientHttpResponse httpResponse) throws IOException { log.info("HttpResponse: {}, {}", httpResponse.getStatusCode(), httpResponse.getStatusText()); - return (httpResponse.getStatusCode().series() != SUCCESSFUL); + return !httpResponse.getStatusCode().is2xxSuccessful(); } @Override diff --git a/src/test/java/ee/openeid/siga/client/SiGaDemoClientApplicationTests.java b/src/test/java/ee/openeid/siga/client/SiGaDemoClientApplicationTests.java index 09f5ed4..984309a 100644 --- a/src/test/java/ee/openeid/siga/client/SiGaDemoClientApplicationTests.java +++ b/src/test/java/ee/openeid/siga/client/SiGaDemoClientApplicationTests.java @@ -1,18 +1,16 @@ package ee.openeid.siga.client; -import org.junit.Assert; -import org.junit.Test; -import org.junit.runner.RunWith; +import org.junit.jupiter.api.Test; import org.springframework.boot.test.context.SpringBootTest; -import org.springframework.test.context.junit4.SpringRunner; -@RunWith(SpringRunner.class) +import static org.junit.jupiter.api.Assertions.assertTrue; + @SpringBootTest -public class SiGaDemoClientApplicationTests { +class SiGaDemoClientApplicationTests { @Test - public void contextLoads() { - Assert.assertTrue(true); + void contextLoads() { + assertTrue(true); } } From b59650a73b8852cc4897e1abdc875be49e5b3621 Mon Sep 17 00:00:00 2001 From: Risto Seene Date: Wed, 13 Dec 2023 16:59:15 +0200 Subject: [PATCH 2/5] SIGA-540 Improve SiGa API truststore loading --- Readme.md | 9 ++- .../client/configuration/SiGaApiConfig.java | 56 ++++++++++++++++++ .../configuration/SiGaDemoProperties.java | 8 ++- .../client/service/SigaApiClientService.java | 11 +--- src/main/resources/application.properties | 5 +- src/main/resources/siga_server_truststore.p12 | Bin 1642 -> 1642 bytes 6 files changed, 74 insertions(+), 15 deletions(-) create mode 100644 src/main/java/ee/openeid/siga/client/configuration/SiGaApiConfig.java diff --git a/Readme.md b/Readme.md index 58d6c2c..110aa9d 100644 --- a/Readme.md +++ b/Readme.md @@ -45,8 +45,9 @@ If everything was successful, open up the browser at `https://siga-demo.localhos ``` siga.api.uri=https://siga.localhost:8443/siga -siga.api.trustStore=file:/path/to/siga_server_truststore.p12 -siga.api.trustStorePassword=changeit +siga.api.trust-store=file:/path/to/siga_server_truststore.p12 +siga.api.trust-store-password=changeit +siga.api.trust-store-type=PKCS12 siga.client.hmac.algorithm=HmacSHA256 siga.client.hmac.service-uuid=a7fd7728-a3ea-4975-bfab-f240a67e894f siga.client.hmac.shared-signing-key=746573745365637265744b6579303031 @@ -55,7 +56,9 @@ siga.client.hmac.shared-signing-key=746573745365637265744b6579303031 | Parameter | Description | Example | |---------------------|-------------|---------| | siga.api.uri | SIGA server URL (without slash symbol in the end) | `https://siga.localhost:8443/siga` | -| siga.api.trustStore | Location of the trustore containing servers certificate or CA (path without quotes symbol) | `file:/path/to/siga_server_truststore.p12` | +| siga.api.trust-store | Location of the trustore containing server's certificate or CA (path without quotes symbol) | `classpath:siga_server_truststore.p12` or `file:/path/to/siga_server_truststore.p12` | +| siga.api.trust-store-password | Password of the trustore containing server's certificate or CA. | `changeit` | +| siga.api.trust-store-type | Type of the trustore containing server's certificate or CA. Defaults to system default if not provided. | `PKCS12` | 2. Build this project diff --git a/src/main/java/ee/openeid/siga/client/configuration/SiGaApiConfig.java b/src/main/java/ee/openeid/siga/client/configuration/SiGaApiConfig.java new file mode 100644 index 0000000..428ecee --- /dev/null +++ b/src/main/java/ee/openeid/siga/client/configuration/SiGaApiConfig.java @@ -0,0 +1,56 @@ +package ee.openeid.siga.client.configuration; + +import org.apache.commons.lang3.StringUtils; +import org.apache.hc.core5.ssl.SSLContextBuilder; +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; +import org.springframework.core.io.Resource; + +import javax.net.ssl.SSLContext; +import java.io.IOException; +import java.io.InputStream; +import java.security.KeyManagementException; +import java.security.KeyStore; +import java.security.KeyStoreException; +import java.security.NoSuchAlgorithmException; +import java.security.cert.CertificateException; +import java.util.Optional; + +@Configuration +public class SiGaApiConfig { + + @Bean + SSLContext sigaApiSslContext(SiGaDemoProperties.SigaApi sigaApiProperties) { + try { + return new SSLContextBuilder() + .loadTrustMaterial(loadTrustStore(sigaApiProperties), null) + .build(); + } catch (KeyManagementException | KeyStoreException | NoSuchAlgorithmException e) { + throw new IllegalStateException("Failed to create SiGa API SSL context", e); + } + } + + private static KeyStore loadTrustStore(SiGaDemoProperties.SigaApi sigaApiProperties) { + String trustStoreType = Optional + .ofNullable(sigaApiProperties.trustStoreType()) + .filter(StringUtils::isNotBlank) + .orElse(KeyStore.getDefaultType()); + + KeyStore trustStore; + try { + trustStore = KeyStore.getInstance(trustStoreType); + } catch (KeyStoreException e) { + throw new IllegalStateException("Failed to create keystore of type: " + trustStoreType, e); + } + + Resource trustStoreResource = sigaApiProperties.trustStore(); + try (InputStream in = trustStoreResource.getInputStream()) { + trustStore.load(in, sigaApiProperties.trustStorePassword()); + } catch (CertificateException | IOException | NoSuchAlgorithmException | NullPointerException e) { + throw new IllegalStateException("Failed to load truststore: " + trustStoreResource, e); + } + + return trustStore; + } + +} diff --git a/src/main/java/ee/openeid/siga/client/configuration/SiGaDemoProperties.java b/src/main/java/ee/openeid/siga/client/configuration/SiGaDemoProperties.java index 6786192..a1e9f42 100644 --- a/src/main/java/ee/openeid/siga/client/configuration/SiGaDemoProperties.java +++ b/src/main/java/ee/openeid/siga/client/configuration/SiGaDemoProperties.java @@ -1,6 +1,7 @@ package ee.openeid.siga.client.configuration; import org.springframework.boot.context.properties.ConfigurationProperties; +import org.springframework.core.io.Resource; @ConfigurationProperties(prefix = "siga") public record SiGaDemoProperties(SigaClient client, SigaApi api) { @@ -14,7 +15,12 @@ public record Hmac(String algorithm, String serviceUuid, String sharedSigningKey } @ConfigurationProperties(prefix = "siga.api") - public record SigaApi(String uri, String trustStore, String trustStorePassword) { + public record SigaApi( + String uri, + Resource trustStore, + char[] trustStorePassword, + String trustStoreType + ) { @Override public String uri() { return uri + "/"; diff --git a/src/main/java/ee/openeid/siga/client/service/SigaApiClientService.java b/src/main/java/ee/openeid/siga/client/service/SigaApiClientService.java index 233930d..8828660 100644 --- a/src/main/java/ee/openeid/siga/client/service/SigaApiClientService.java +++ b/src/main/java/ee/openeid/siga/client/service/SigaApiClientService.java @@ -60,9 +60,7 @@ import org.apache.hc.client5.http.io.HttpClientConnectionManager; import org.apache.hc.client5.http.ssl.NoopHostnameVerifier; import org.apache.hc.client5.http.ssl.SSLConnectionSocketFactory; -import org.apache.hc.core5.ssl.SSLContextBuilder; import org.springframework.boot.web.client.RestTemplateBuilder; -import org.springframework.core.io.ResourceLoader; import org.springframework.http.HttpEntity; import org.springframework.http.HttpMethod; import org.springframework.http.ResponseEntity; @@ -105,7 +103,7 @@ public class SigaApiClientService { private static final String SIGNATURE_PROFILE_LT = "LT"; private final ContainerService containerService; private final SimpMessageSendingOperations messagingTemplate; - private final ResourceLoader resourceLoader; + private final SSLContext sigaApiSslContext; private final RestTemplateBuilder restTemplateBuilder; private final SiGaDemoProperties sigaProperties; private RestTemplate restTemplate; @@ -114,12 +112,7 @@ public class SigaApiClientService { @SneakyThrows @PostConstruct private void setUpRestTemplate() { - SSLContext sslContext = new SSLContextBuilder() - .loadTrustMaterial(resourceLoader.getResource(sigaProperties.api().trustStore()).getFile(), - sigaProperties.api().trustStorePassword().toCharArray()) - .build(); - - SSLConnectionSocketFactory socketFactory = new SSLConnectionSocketFactory(sslContext, NoopHostnameVerifier.INSTANCE); + SSLConnectionSocketFactory socketFactory = new SSLConnectionSocketFactory(sigaApiSslContext, NoopHostnameVerifier.INSTANCE); HttpClientConnectionManager connectionManager = PoolingHttpClientConnectionManagerBuilder.create() .setSSLSocketFactory(socketFactory) .build(); diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties index 50c0ebf..d714444 100644 --- a/src/main/resources/application.properties +++ b/src/main/resources/application.properties @@ -9,8 +9,9 @@ spring.servlet.multipart.file-size-threshold=5KB spring.servlet.multipart.max-file-size=20MB spring.servlet.multipart.max-request-size=35MB siga.api.uri=https://siga.localhost:8443 -siga.api.trustStore=classpath:siga_server_truststore.p12 -siga.api.trustStorePassword=changeit +siga.api.trust-store=classpath:siga_server_truststore.p12 +siga.api.trust-store-password=changeit +siga.api.trust-store-type=PKCS12 siga.client.hmac.algorithm=HmacSHA256 siga.client.hmac.service-uuid=a7fd7728-a3ea-4975-bfab-f240a67e894f siga.client.hmac.shared-signing-key=746573745365637265744b6579303031 \ No newline at end of file diff --git a/src/main/resources/siga_server_truststore.p12 b/src/main/resources/siga_server_truststore.p12 index 74fe70e11f20a9697c3dcc9ef1c01c57249dddff..73da9661521b132fe8f03149be2c1ed994c957c5 100644 GIT binary patch delta 1568 zcmV+*2H*MW4C)M!U4Js{IvY+Y(i$$At*KfaUG(y@&lv&(0K-s#f(5WgVgp}H7ykT3 z)$DZQT>ke7#&@Ij`gSd>8h1juBW03KLcq(ZlI9oMR9||zHMW>5u?ZZ4g7!kfsxu$` z)G37M1Q5?(jf*>r8kBd246o^Q=^c0MFa#o<{rNGjjf3mGy-m(BoR`Lb2lTGPhYm1w^}Gt zltTZvvRggTiAPL=yP%h%GDH`1uEK7NG*(9T_*lB*1hiQW_~CbL<}g0VyQTfKX0aI% z9I%5<&o>k%{eSW?EkOunCsjfT;8)fcryBJNF##3XT2=hdJM0j{r^usDiR+Bi#2~A|UASMGGnLHjg$ExViZP>L1(H;dsnlxJ_7sn*tS25+84Ic9$Vz&tOZ5U5=b&Ja?wsWy*G~c&5|2mqz9AQG-J28SP3y*LNVBI`ii*`b-b=n ziGuX|>3?^}m5@&6Jx)uCG8{VQsvZ2*hZdMqQ(#NKkH5RZs72a96XoPe-n_oQmh8 zvfHO3|C=!ISN)J>%(0B56%6FEdjF&`TpymPKXSR9Qm?hIC7 zEq|CFtzs!W`r&{SXBkqR0R9NA6?RlSngm(U+xgam2a}pp5LwK@x=Vu#?m1G07m>Hs z1Sqe2xR&w1`Q>ph_Tc9sy<=J{%xeftlq^FHa4`Vu&W7)51Ha6+w`B?B zRj4kc;xaij%(;sQhNaO}c~b_O{-FkQgQCwc#r&&BApzyH7UQ3OUnYyCB%oQsdFVFR zgaGxkf7|01m^^Rg`>=Hyx{y^{5s3&os@=;iOnl0pMPU+oSh0xkS$l5@=lHYp1%K4i zA}kj{Y3$_Jj(aa8PSjDHU{cqolWdC-Bj^k$G5huKXYN!ISKa71-TE z8A@U*GI%17piMiRbz=>Mi#6mmjo?3Fk-e9fa9V+{F=ulu^Q!tB4owZ|^G3ys>S~7g z&BRzUm9yV6o2^ebz;*B3;XO)`lYg^eE<9nKPh?nXrcfa(?e*jxzZQdaY*A8Ie&{F& zymWj9?Qg_d+J$Uo(2IvyjZ|A7y%rYz2dfq-(;mX>X9Jipv*;kWy9a=6tvf4dqaJ3N zmaI#U;irmr$8qR&8l)4^RcTa}v%Gsw+lIYa(m1Q1U9&(VpYtw{O5h)s;D1fJY*2D# zr*L-=o~?lwkvmwEgdXl$Tq2~17g0G#`ddY1E@h1MLBwk0m=UVnB*&6%?5oisUx3=L z>eWr<>p35Z=}+#HEuQBFPU=s!C~yJFwB~=2Hr8+OCkQqP{61{9%IlfcL)4-a>T)*+ zu&f{Bb9%OjRj*|Nq;6d9}cF(Z1ty@q{e S8b`rBTP;;@LN@{f0fwN@|M|B7 delta 1568 zcmV+*2H*MW4C)M!U4NOlDk_T->`tfrla+U$O_c%z0K-s#f(5V}DyvOZshUHv z5BR4`yBMRHehxt?+c7u7Fc*78Tx`5r1PVX4poO@LQ`1QJ*PO7qT3Fv%V=J5xpH<_6M8Nm&GvN)9A%jYLkk!R0Qz zVfEj6Z+ENInSVPlG&P`Aq)?@!@c!6)^6iTZM$K&jPKOp8m?%sHE0W2wTXx_wYa$1~ zf!uVrc74v9bO3|ZkcZ_y1rMG?XQwxkzBd_j4`zHgluZ?w^N?J?(sdSvx|_=Iok${% zcF+2}oxSD*S7Uc}nB-Tv?Wj2UQ4I%Vn0UZG{Z(Dk9Ru%Ejh&G9s_7Jn=hNl>e8w=&e=9bNhAZR)a6rzHRMVLUU7MI9TRM z5rt&teP66WCD||p;08Z$HLURZ{N%< zyjGQ_oPUU$IrTgP^_87BfhO}T6C&NVFn+++XB;ek2WqxAm$StwxhQmTw+_%b5UG2Q z&T@`j^|T@|f&>6iog{8%@ zJm}0oapED`H>e`|Rs8Z%6^vss;g({(YM`-2Wl=-FG@VN<+0pU$0gb=yN$SivGTDHU zT>PvYc8gjMU}a#HCM5Lf(0uHNH<(DW?5dn+w7M1|6|Rs1`Fbel>$df?W-xd(hdA1U z$$!NOzR#~y$9F+Wz}O&Gb;><2=KT^wVCGeGAd!T$m3nVXULU#-2Qxipz3<_4RFRsP z25l3^mIAdV@#BM3Ml@&ph zSD!2Y>+>M=e)}*`7CC69$Wh;(kfsH)RP+B{&DgR^=G){l2l*GKub$d{x>gEoui0_Wev~V>SI-o91YZ=-mrR!Uh z$iLknu(jbe{H%hYojYVIv&FiEUy|Nb@!}N2e>IM^4q3LkiaW5cODW5YrmNed_J5Sr z14gW?J7JltU_HZ$){5Um;iSsn{kbK$3-M| z8{zPd0Y!W6*X9%ImH3h>!+&O`SR2oGtY$P&%=N*}NDXb`mq$E5=-du+JKI=V`nw+NseD)nqA0+R~ZF`Zi! zH!UzeFd;Ar1_dh)0|FWa00a~qzC`SvXj$A**LU2ASXHqM)Kx146dBa@k|r#%Er)OP S Date: Thu, 15 Feb 2024 12:54:29 +0200 Subject: [PATCH 3/5] SIGA-781 Update Docker instructions in readme --- Readme.md | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/Readme.md b/Readme.md index 110aa9d..3185904 100644 --- a/Readme.md +++ b/Readme.md @@ -22,17 +22,17 @@ towards sample APIs. **Preconditions**: -- Java 17 +1. **Java JDK 17** - to compile and run SiVa demo +2. **SiVa parent project** - Can be found [here](https://github.com/open-eid/SiGa) -### Option 1: Running with SiGa locally - -To build the docker image run the following command: +### Option 1: Running SiGa locally with Docker +1. Docker must be installed and running. +2. Build SiGa demo application docker image: ``` -./mvnw spring-boot:build-image +./mvnw clean spring-boot:build-image ``` - -Then, follow the Docker instructions at [SiGa webapp](https://github.com/open-eid/SiGa) to run both apps at the same +3. Then, follow the "Running SiGa with Docker" instructions at [SiGa webapp](https://github.com/open-eid/SiGa) to run both apps at the same time. If everything was successful, open up the browser at `https://siga-demo.localhost:9443/`. From da4065d1835c014568c97e96262a83b4e009d9dd Mon Sep 17 00:00:00 2001 From: Heiti Tobi Date: Thu, 15 Feb 2024 14:32:20 +0200 Subject: [PATCH 4/5] SIGA-781 Remove expired and unused siga-demo.localhost certificate --- src/main/resources/siga_demo_application.p12 | Bin 8214 -> 4253 bytes 1 file changed, 0 insertions(+), 0 deletions(-) diff --git a/src/main/resources/siga_demo_application.p12 b/src/main/resources/siga_demo_application.p12 index 38129c85f8acb67c8c5e28c1f0791b2f782cfb1c..22f3a7ca26f8f07772f047ff5f7f744cccd705b2 100644 GIT binary patch delta 1721 zcmV;q21faoK%F5yFoF=70s#Xsf)G*$2`Yw2hW8Bt2LYgh5JLol5I-=25IZn}3J(Se zDuzgg_YDCD0ic2k00e>w{4jzE__00u34aD81_>&LNQU~&Af5Q3u_vtPwo3*YgiSYDMtPeeRuKY#Z) z=oPn}qsq>~zznD&7ERw{5Cd0yHaeEO_FS#}Z*06eBIZqWoqxoREIg3M?&KjFPfg~j zIP%(C8g;iQeVo^8m3k&c+y; z=FR$s`-1_`QBnyPdxBy$flz_jIikcVYcR+<&nPD(25**4V&^vWPVhWA1#FU7++6DO zjM3#QkFF<=$s~lkOubn->}q?l+o46_oh$to!X_qm3lOfirTJ&-K!>D6rhlRMuC{Id zXp264$N)Pgbu*wDxCe38M!X&0g-?D+sCCGsuD&k__$xIhhIYqIeX)IUcpAEyMY>=b zTFvm$$JAILNNLqRo+k=UuVn!JtNE$S_iGf+0rrCEvp{%Tp@jS93?JUSfLu$y)HpwX z`v(heVwKd3lV{`DJ^A{H^M7kVEu@$thY+s7X2gMk?N}adh1+c?^`B(xci4CtQ=A=GZl>z9Vo#1qg;9Ma(j^8N__lS{7I(l?W(0ZOfk4HNRiiEBk3F!X9NWu%tJ%6T?@F_#-wGi zfRONlmKWxr5aP1VnDhj3*a2bLF_Y79ZA;kP`6s9+TBQAW$o2%bBgR9ayxz%XeoQ72 zA&x=yqx8H1nSWFtbUsEZy(QVE(;8Z((bCO(X(y`9^M97!ydyyW@Y-3ZY|LqvNIq2g zp_?}hwcgd|cE@ds1wL1rNq|x%bHD^vVQ(^P0xh(T2u+RWCVxz@^1-&A>&ND z7uaQjpnoEZjBLemm+btP){R~;B`T`|XP+=}W8?BJootITLnujx6hbTgb4$uT;U-TB zf1OiXrl|yyq@j4bDs7ASHipIP7dx_F77K&)BqSuS8U*DEDz0YT^91{wUud>_x6gXx zJreo_C>fH^@)i;H5M{IV8xrYWG0f@kC~9>?n}5P#ykR9s!N;Y`8SSu!8IfDwjNFpa1+(ef7;IXWzW`W7p3+SX7)JUC+)vjOZ8$T$_AozQ>yKy0gY z^1Y|9!GF+GsCgWEx(+DTh$5|qK1WNgVT>jpJB$NgDCTAopmDO@fpwNlhS7*LT_=# P6sD0@#ax{N0|ADh5tJzJ delta 5714 zcmY+GWmMD+xAq5Sh#5kJp*y5w2r20l>5>rXMx;UV4?~woNh%@TAtBw(4FVDpLw8FE z3~=tX-uFDuI$w7Du6^y#*B8dmGLi@+12HBB7=ff8#fEZ5yo|Uez`()CMbfuHko3*} z;_nC~T;~5saDE69&hszksFl2h0x%wIy#H^+hhbpmBB5OfB(x1-`yUe)0m29&`rj2F z!3BZmQ9i>rT{JFx=d(ssKXLkF##pHa6O)Yy6N3SPkB$5PK4L<#KnPlFsCmRo3>z>6 zgA+pJwx!cr((2x684zQeE0Zq^K#)+aMA47E;4sFOKjPxJlUa>CC2w@JY3)xwuv1{P zFWM_bJMzPTs$-9K3$LRW2r_Bvq7#%NI!?8NDedUzrHDozt>`i15(IZEi4;uv4w`@T zK-|EXl_z))|DXUri(PPcPrW~Qmqe)s`MxQ}ctWSY>>EMf2HQ)P*kl04CLEL4pBtm^ z&Z=e5ag=981%v#CK|8v<9QX%&Cn+$L($VdYv=lEFqAEMYW6;U@uNF*#JG`Q`{YY=Z zfdnf$$6uN~W&n@5dz`z8a4&HM>$F6fWWQuegwoH!-v+R$DB)|ql-!Y?AHpeMM2d}g zC#Dx1db4#z0cxt6`bE*Hm`?oC@`2;Bowpo0Me#F4=4d zI+^sFrf)=2pedY*qpSMwK!`^Bd+yJFU$QLsM7Lm}EUmG8>sIZ4u{nXThhyqiJ{ie1 z*b|C!d|S$>;LLR-kb|I2T~x;xpr=-#39<6@LHWm+MF}BO`(of+I&ZeZf4<%?4Rm{% zyKO7_^PZ3b8qFg3KyJs`x}!tD{6B z3bPE7zqV}nsP;KXBo4}RH%z!e`ZDHDK@U{>{0d+HZosl)N5D3;pkV!+TU7nx1vnC|^<==Ss z$(`ayTg23?`^Al54Q0xClP0!IJoaD(hrOy0|NVDIPDP;evz7oD(z%?UcoOV-Gja2L zJf@1xGq&Bo2D#i^Mod~y&510Rd78;yH44tHKq^FayvjJs5U=~#5dCZ@GLs-b->B@) z;?6rRUVm+N-^DbHY!fD9K2oK(X=k4&2IdoZf!X0UAF@5`tRZ2-Pb~bY42mG5D6Wp$ zvcN`7R0As(H>A$Dglqb-TonJLoU^LmTHqZFEYEru=O*>V9d*ax@Z6y4+k_{YuZzAM zzak$sz)MIMqUtR%`l=jzQ|j1!Ynh7a^m?y8syL)sP24ibgQZ3|D=hEV@LM0>A$SH7 z6PljsDPZ$pJD)1g=51?-_tA23%9PBzPhwGP%>odW7pp;Ez08RBFr~c`>x~pgW z8kJ%(2RX!vpK$k|Y~yc4b5+Fm&rOEz<*ilEFo2P%hj`54$O@T_Dh|B!T+{4M?AYiy z7|`(6El)V7l+SifWvHWCx}0M{@3HxP-sO{`6pBK~Q|k>wlZfyohSssDrHSURi=BG- zrMw6qnc&Qf+09i0b?ud(k0)f;OcLRp31R!S5xxBa$!I;R*{s!xSvpBKIyP$OyO*-! zYiwoGT_WE}ek3fGb{L+VO52=9woq9+69U=c(Z^NZtd-jyYpQd@m%=yKF3sRoYVuTd z=1R3l@xTQ3p1M2#bn*{|qLG+oe~y2BP<$O#dE!;GqMlZMEQppj@o!+b8gkWL?WMZO z!~z|4FEC6}PgZ?iDyM<&GWFY2DwU#Z%*mU6ibNKhD&~l_hQFS|3tSm|M`_GD$On9@ z6zrW{Z}X93P32^n@j|{-N2T|7XeQ=$JF65DD`l04pXl)7_&%G3nc98(>)=oyK=D~S zWK2?(_mnJ_PKICZAKFmr<4zjU-#KDl!K%I*ny#KUl+mx6i^n!;KD|}UvoBlO})!nFVshaqxW(}}8Z3sEf&!>S-; zDNeJrNZgZA+^6&lin+R|tyifjcX-iyq`sT~Y-%mx&^t5~)7gtxiF^qCho_Q9FL
  • e)>m9sDpYkB!oCyy6;A!WxBs@<>`d}2#~6yEDR7gbh(mJ|)(J>3%kyf?WF zkTzlphtj3O3@D|>;lJ~qJ~Lp>P8gZM&oS~WY9e2nriHwgwhhJgV6rWGvvCFA*lQv8 z`w$N2NE#y{@Ajh}pOX(|qxHfiU?m|RxmPr zZ~%KtA?8`l(HOJjOFS`lhH)D`aZwWWUF<5WE}QmMKPKoVZiw8~v?2d3*3$RiMMv$F z#($pB<8-Rv&u~-BmgU?-9rs<1j`7@x+wRd~4`+wdMuaeJZ1)&iJ^gIkr0b+roP^YiinkQhRCk2;) zFXwF26TX}8;(}VJs}VrPQQtI-o6mN?&>X!5zxdBVbw@1Qpe&nGp* zwZLrR(s30=laW(gzd%{{5AF^!ybXU|87!%Fomcx}D!(us_%P6RWoqVQwZd?<1>Z9# zkJIMtr4|==&?Uapf9Xl-s2w+*s3Bwn@lvn8#)uCL@@?Xc``iM^>60Wu-E5 zUr3hO5(0gdDq~oE-JRl|G1*xoZ{?)M_GrY%j4^K9+-=7@lKN?5z)LJ@LEWn> z>yh`Tp#AMpt?fzxIZ&dq`BFA2`5{OSw(u6`t%KnK%je&5dbp;K6*zJWis9t&4DZ+t z`(`kzp#~NM!k{rU`l@6pI>=Tdhn4ZXklce)vWESutVXnaN)tKF*oLNpkz~^uJFSCd zux*hnK^u?rqhAH2E8MwU@62lI{Yu0nb)nu;4p|{HUp4-C5O4 zlOqgkxpn(}VlSnG_BXUbD7_t*x1x*P%Za7vT&;0=$V_$G2u6uH@CwCe{9AO;h#e`# z=ip@$lz!a#m4Kptes;NDig>pVluae=22?q6Q1tak&e77YDgvW-oxT1xYP)~2XZ{e9?O-KLOs)?oXy)!T#H+Hos zb-LXRABjb$$BtEW9kH5(@4JmEU4VBuwiVV(dNl~I=C_&n^5nTT4;KXch&nNLFnVLf z+vLc%bA7YsA|~&F^Y62olI}>5q(rdb#6{ol>i3^|3CXT?*J|(Ii~F6Z`BRVL^Kj4X z>2HN;h%8ok@RqxH9V>HdhTH$1unvmps&jjf?3dTbK+MckI%pXck477wz+_dI!~8zT z`tV(9@A9{{{#KW1Mj2b>8hfAFM2QrN@q9c=`8GG_ltB^!d=W$Xt0@8YMu;E9n$x6< zs{@dyIwKS_MT}}}`iBGFs>K_>$?ONF)a?)|Em`Z7*063?UA0&riUZ#If^;2}{|S@; z{VC@_L)^(;SC$R-<%N)?vsF8EnKt0n-v#SwWCr`=XmPdP)VLJDnQW0Oy>%L5irYT< zI)LWe+X^Zm#6+J&$daWhhLlJ6HM9*aFaj7jS&uOkl%U^ zTT}7KA8Y(*M>uQT=L)o;oY?CNqI;BRm*s?`HDu?B`c|G^eLs2XxC39 z^MXFA(q%UPv$mR)eA3yCDGa|ABt@i7u* z)0=Ls)+sznRIJ9qY#(w$o{Na*yCDy4_W__}sqydcj8l!hS`9dgwFMlq4fifHFSiLJ zQ4Kf|uy2Kj8A`7gWHv-9<}J_^bdEJBF675*?J4u`^CNISl+E=0{G4qhc|68o^Vdpn zT^DQTspM9&!uTt-HEeF61yU`0uJhFAqt zMnsfjWV-#~fI;Y7w=p$OU91Kku=?GyR6e)gb(lI=^kNUrJ0_(ux`vx&Oq-9Rhc>l$)fZGT9DAC`V(zueY@Z z)Nt=dUVsy$NwGL>B&L~~igCAPP00X)=jMZFG@xFPuk%Fcxn5Sn+#^x%hgrL~pQL6y z8mr#X$nPXm+~DFzn(pjzm|GED(itPaE@DN6Des%kQ`!dzcK;PRe!x~PzsH;3<4St2t}?QF_-=ClvP}(|jIW?(Mg%XQ|CZ*YA_e}G9>TW{KfdvF z|5!GY^Ycb`BP%Tu7bO>}N{GMILVO|=%R1C;9CbM`uE}QZW#&9W!9TKIs7#bi&C9v# zY{LufhS^r&CSK5tyxv+{$6`jY z^&;tBv1rh&m5n<0VxIm7CA-rpUP@*BW3jB7)?fx1@VfYn8;JanB;Pbohk=r_p-aEw zqV^0C0}Ql#?%Ga?NR^%5z5YO!5Vl1t5?LTrtGUUe>Eu*b%r_-uS zw)gOhKC1?8P}9m364nXj`^bWN(#9w9(f#AO+OMn?O(7${5$^miQWFrdih(oN{{3T8 z1CFbvWv7oRXrSAjV%p$n>QGF^D7sM8n(D5^nRIQSw&ik>AQe5N9wX<$-k&KuicO%V z%5UV>qCFAt!nyEZ1ohPoGhS~&MMp}c+kiRDJiJ%98J9r0ERlCdQ6_)N*C=*R;kK`7 z>5hciBRDC$fy8(9Eq8fiYctJuq?-2szz^{G`YWHzuQ*H=psz%7HEIUX4aqRp}x8Is*oiw zobNl;akiH9`bG6;Jqz5kjq2LM87=>>k0Q$d{E>(i{^p_KNhAD*!AWhNDZ`lku(g+4 z*N=btaGL_irMCS1RHi5Nqk~>hV>DB-{kn!Xy9T)Gq00vt98k{>k|AlK_DB+q+W+Vi zPQ$fWuYL-)x9qGi!gxb(ksH62P~%9)wf!SUSI?=H?zX%-Q7>3gJXpYgCI3?Fq1Lbf zZLlMW{wgpssr1Er~U_dzO9<%UzxlU z@_}9WqZc@}yg((+N5@=T3fU`-ex4(K0L99RuN6Ub1sD#HBPZ>=0zmKb+&}LQl}z^;$+Co>9Ax+nQlRHPBn?LSh!sT8zuHShFf>EThgVu zel*Wjec_vFtp~=~%L|mte)O>xY)-ESZ$(jTas8kzL~=Hk6yvVOq0KeogG)+n7T{P| z#j&mhzR@z#28bqIb6M3>W+WjL65pau%yyG918V-t{_=A$)RmPbF!^=R-y9&ZA^RoC zn1IaQEDP^ZWh_Fzgn%q@e7jp#Q#fL@ZqR}B%%E0`mWH}s0Vx@g(+N>g`|$?9GM8y| zLCzfm8&=s9DpbU=;OH(p5stqhEk7^fxs_67_}uzjN6UnEpGxf$IZq0o z`}c=e^EU=(92p#}zZFCxq!5e Date: Fri, 10 May 2024 11:24:23 +0300 Subject: [PATCH 5/5] SIGA-728 Update version number to 3.3.0 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 8df6bea..99749c4 100644 --- a/pom.xml +++ b/pom.xml @@ -11,7 +11,7 @@ ee.openeid.siga.client siga-demo-application - 3.2.0 + 3.3.0 Contains SiGa demo client application jar