All Downloads are FREE. Search and download functionalities are using the official Maven repository.

com.example.consumer1.ConsumerUtil Maven / Gradle / Ivy

package com.example.consumer1;

import com.example.BaseUtil;
import com.google.inject.Guice;
import com.google.inject.Injector;
import org.apache.logging.log4j.Level;
import org.apache.logging.log4j.core.config.Configurator;
import org.apache.logging.log4j.core.config.DefaultConfiguration;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.somda.sdc.biceps.guice.DefaultBicepsConfigModule;
import org.somda.sdc.biceps.guice.DefaultBicepsModule;
import org.somda.sdc.common.guice.DefaultHelperModule;
import org.somda.sdc.dpws.DpwsConfig;
import org.somda.sdc.dpws.crypto.CryptoConfig;
import org.somda.sdc.dpws.crypto.CryptoSettings;
import org.somda.sdc.dpws.guice.DefaultDpwsModule;
import org.somda.sdc.glue.GlueConstants;
import org.somda.sdc.glue.guice.DefaultGlueConfigModule;
import org.somda.sdc.glue.guice.DefaultGlueModule;
import org.somda.sdc.glue.guice.GlueDpwsConfigModule;

import javax.net.ssl.HostnameVerifier;
import java.net.URI;
import java.security.cert.X509Certificate;
import java.util.List;

/**
 * This class provides the configuration used for the consumer instance.
 * 

* Overwriting configuration steps allows customizing the behavior of the framework through * injection. */ public class ConsumerUtil extends BaseUtil { private static final Logger LOG = LoggerFactory.getLogger(ConsumerUtil.class); private final Injector injector; public ConsumerUtil(String[] args) { super(args); Configurator.initialize(new DefaultConfiguration()); Configurator.setRootLevel(Level.INFO); injector = Guice.createInjector( new DefaultGlueModule(), new DefaultGlueConfigModule(), new DefaultBicepsModule(), new DefaultBicepsConfigModule(), new DefaultHelperModule(), new DefaultDpwsModule(), new GlueDpwsConfigModule() { @Override protected void customConfigure() { super.customConfigure(); bind(CryptoConfig.CRYPTO_SETTINGS, CryptoSettings.class, createCustomCryptoSettings() ); bind(DpwsConfig.HTTPS_SUPPORT, Boolean.class, isUseTls()); bind(DpwsConfig.HTTP_SUPPORT, Boolean.class, !isUseTls()); bind(CryptoConfig.CRYPTO_CLIENT_HOSTNAME_VERIFIER, HostnameVerifier.class, (hostname, session) -> { try { // since this is not a real implementation, we still want to allow all peers // which is why this doesn't really filter anything // returning false in this filter would reject an incoming request var peerCerts = session.getPeerCertificates(); final X509Certificate x509 = (X509Certificate) peerCerts[0]; List extendedKeyUsage = x509.getExtendedKeyUsage(); if (extendedKeyUsage == null || extendedKeyUsage.isEmpty()) { LOG.warn("No EKU in peer certificate"); return true; } // find matching provider key purpose for (String key : extendedKeyUsage) { try { URI keyUri = URI.create(key); if (keyUri.equals(URI.create(GlueConstants.OID_KEY_PURPOSE_SDC_SERVICE_PROVIDER))) { LOG.debug("SDC Service Provider PKP found"); return true; } } catch (IllegalArgumentException e) { // don't care, was no uri } } return true; } catch (Exception e) { LOG.error("Error while validating provider certificate: {}", e.getMessage()); LOG.trace("Error while validating provider certificate", e); } return false; }); } }); } public Injector getInjector() { return injector; } }





© 2015 - 2024 Weber Informatics LLC | Privacy Policy