From bf3ab9d09fd1526a5aa952892f327c2398300d70 Mon Sep 17 00:00:00 2001 From: Philip Helger Date: Sun, 10 Nov 2024 22:37:42 +0100 Subject: [PATCH] Updated to peppol-commons 9.6.0 --- .../AS4EndpointDetailProviderPeppol.java | 4 +- .../phase4/peppol/Phase4PeppolSender.java | 47 +++++++++++++++---- ...se4PeppolDefaultReceiverConfiguration.java | 15 ++---- .../Phase4PeppolReceiverConfiguration.java | 15 ++---- ...hase4PeppolServletMessageProcessorSPI.java | 3 +- .../profile/peppol/PeppolCRLDownloader.java | 6 +-- pom.xml | 2 +- 7 files changed, 58 insertions(+), 34 deletions(-) diff --git a/phase4-dynamic-discovery/src/main/java/com/helger/phase4/dynamicdiscovery/AS4EndpointDetailProviderPeppol.java b/phase4-dynamic-discovery/src/main/java/com/helger/phase4/dynamicdiscovery/AS4EndpointDetailProviderPeppol.java index 87c99ed3e..1d7d8dd9c 100644 --- a/phase4-dynamic-discovery/src/main/java/com/helger/phase4/dynamicdiscovery/AS4EndpointDetailProviderPeppol.java +++ b/phase4-dynamic-discovery/src/main/java/com/helger/phase4/dynamicdiscovery/AS4EndpointDetailProviderPeppol.java @@ -45,6 +45,7 @@ import com.helger.smpclient.peppol.ISMPServiceMetadataProvider; import com.helger.smpclient.peppol.PeppolWildcardSelector; import com.helger.smpclient.peppol.PeppolWildcardSelector.EMode; +import com.helger.smpclient.peppol.Pfuoi420; import com.helger.smpclient.peppol.SMPClientReadOnly; import com.helger.xsds.peppol.smp1.EndpointType; import com.helger.xsds.peppol.smp1.ServiceGroupType; @@ -175,6 +176,7 @@ public final EndpointType getEndpoint () @Nullable @OverrideOnDemand + @Pfuoi420 protected SignedServiceMetadataType resolvedBusdoxServiceMetadata (@Nonnull final IParticipantIdentifier aReceiverID, @Nonnull final IDocumentTypeIdentifier aDocTypeID) throws SMPClientException { @@ -183,9 +185,9 @@ protected SignedServiceMetadataType resolvedBusdoxServiceMetadata (@Nonnull fina return m_aServiceMetadataProvider.getServiceMetadata (aReceiverID, aDocTypeID); } - @SuppressWarnings ("removal") @Nullable @OverrideOnDemand + @Pfuoi420 protected SignedServiceMetadataType resolvedWildcardServiceMetadata (@Nonnull final IParticipantIdentifier aReceiverID, @Nonnull final IDocumentTypeIdentifier aDocTypeID) throws SMPClientException { diff --git a/phase4-peppol-client/src/main/java/com/helger/phase4/peppol/Phase4PeppolSender.java b/phase4-peppol-client/src/main/java/com/helger/phase4/peppol/Phase4PeppolSender.java index f85e7e950..8436ffb28 100644 --- a/phase4-peppol-client/src/main/java/com/helger/phase4/peppol/Phase4PeppolSender.java +++ b/phase4-peppol-client/src/main/java/com/helger/phase4/peppol/Phase4PeppolSender.java @@ -57,9 +57,9 @@ import com.helger.peppol.sbdh.spec12.BinaryContentType; import com.helger.peppol.sbdh.spec12.TextContentType; import com.helger.peppol.sbdh.write.PeppolSBDHDocumentWriter; -import com.helger.peppol.utils.CertificateRevocationChecker; import com.helger.peppol.utils.EPeppolCertificateCheckResult; import com.helger.peppol.utils.ERevocationCheckMode; +import com.helger.peppol.utils.PeppolCAChecker; import com.helger.peppol.utils.PeppolCertificateChecker; import com.helger.peppol.utils.PeppolCertificateHelper; import com.helger.peppolid.IDocumentTypeIdentifier; @@ -274,6 +274,9 @@ private static void _validatePayload (@Nonnull final Element aPayloadElement, /** * Check if the provided certificate is a valid Peppol AP certificate. * + * @param aCAChecker + * The Peppol CA checker to be used to verify the Peppol AP + * certificate. May not be null. * @param aReceiverCert * The determined receiver AP certificate to check. Never * null. @@ -292,7 +295,8 @@ private static void _validatePayload (@Nonnull final Element aPayloadElement, * @throws Phase4PeppolException * in case of error */ - private static void _checkReceiverAPCert (@Nullable final X509Certificate aReceiverCert, + private static void _checkReceiverAPCert (@Nonnull final PeppolCAChecker aCAChecker, + @Nullable final X509Certificate aReceiverCert, @Nullable final IPhase4PeppolCertificateCheckResultHandler aCertificateConsumer, @Nonnull final ETriState eCacheOSCResult, @Nullable final ERevocationCheckMode eCheckMode) throws Phase4PeppolException @@ -301,10 +305,10 @@ private static void _checkReceiverAPCert (@Nullable final X509Certificate aRecei LOGGER.debug ("Using the following receiver AP certificate from the SMP: " + aReceiverCert); final OffsetDateTime aNow = MetaAS4Manager.getTimestampMgr ().getCurrentDateTime (); - final EPeppolCertificateCheckResult eCertCheckResult = PeppolCertificateChecker.checkPeppolAPCertificate (aReceiverCert, - aNow, - eCacheOSCResult, - eCheckMode); + final EPeppolCertificateCheckResult eCertCheckResult = aCAChecker.checkCertificate (aReceiverCert, + aNow, + eCacheOSCResult, + eCheckMode); // Interested in the certificate? if (aCertificateConsumer != null) @@ -377,10 +381,12 @@ public abstract static class AbstractPeppolUserMessageBuilder m_aAPEndpointURLConsumer; private boolean m_bCheckReceiverAPCertificate; + protected PeppolCAChecker m_aCAChecker; // Status var private OffsetDateTime m_aEffectiveSendingDT; @@ -405,7 +411,10 @@ public AbstractPeppolUserMessageBuilder () toRole (CAS4.DEFAULT_RESPONDER_URL); payloadMimeType (CMimeType.APPLICATION_XML); compressPayload (DEFAULT_COMPRESS_PAYLOAD); + checkReceiverAPCertificate (DEFAULT_CHECK_RECEIVER_AP_CERTIFICATE); + // This value is set for backwards compatibility reasons + peppolAP_CAChecker (PeppolCertificateChecker.peppolAllAP ()); } catch (final Exception ex) { @@ -748,6 +757,28 @@ public final IMPLTYPE checkReceiverAPCertificate (final boolean bCheckReceiverAP return thisAsT (); } + /** + * Set a custom Peppol AP certificate CA checker. This is e.g. needed when a + * non-standard AP certificate (as for Peppol France PoC or Peppol eB2B) is + * needed. This CA checker checks the certificate provided by the endpoint + * detail provider (see below). This checker is only used, if + * {@link #checkReceiverAPCertificate(boolean)} was called with + * true. + * + * @param aCAChecker + * The Certificate CA checker to be used. May not be + * null. + * @return this for chaining + * @since 3.0.0-rc1 + */ + @Nonnull + public final IMPLTYPE peppolAP_CAChecker (@Nonnull final PeppolCAChecker aCAChecker) + { + ValueEnforcer.notNull (aCAChecker, "CAChecker"); + m_aCAChecker = aCAChecker; + return thisAsT (); + } + /** * The effective sending date time of the message. That is set only if * message sending takes place. @@ -805,9 +836,9 @@ protected ESuccess finishFields () throws Phase4Exception final X509Certificate aReceiverCert = m_aEndpointDetailProvider.getReceiverAPCertificate (); if (m_bCheckReceiverAPCertificate) { - // CHeck if the received certificate is a valid Peppol AP certificate + // Check if the received certificate is a valid Peppol AP certificate // Throws Phase4PeppolException in case of error - _checkReceiverAPCert (aReceiverCert, m_aCertificateConsumer, ETriState.UNDEFINED, null); + _checkReceiverAPCert (m_aCAChecker, aReceiverCert, m_aCertificateConsumer, ETriState.UNDEFINED, null); } else { diff --git a/phase4-peppol-servlet/src/main/java/com/helger/phase4/peppol/servlet/Phase4PeppolDefaultReceiverConfiguration.java b/phase4-peppol-servlet/src/main/java/com/helger/phase4/peppol/servlet/Phase4PeppolDefaultReceiverConfiguration.java index 7cd6d2a45..2cb732fe0 100644 --- a/phase4-peppol-servlet/src/main/java/com/helger/phase4/peppol/servlet/Phase4PeppolDefaultReceiverConfiguration.java +++ b/phase4-peppol-servlet/src/main/java/com/helger/phase4/peppol/servlet/Phase4PeppolDefaultReceiverConfiguration.java @@ -26,7 +26,6 @@ import org.slf4j.LoggerFactory; import com.helger.commons.ValueEnforcer; -import com.helger.commons.annotation.DevelopersNote; import com.helger.commons.string.StringHelper; import com.helger.peppol.sbdh.read.PeppolSBDHDocumentReader; import com.helger.phase4.CAS4; @@ -34,6 +33,7 @@ import com.helger.smpclient.peppol.ISMPExtendedServiceMetadataProvider; import com.helger.smpclient.peppol.PeppolWildcardSelector; import com.helger.smpclient.peppol.PeppolWildcardSelector.EMode; +import com.helger.smpclient.peppol.Pfuoi420; /** * This class contains the references values against which incoming values are @@ -51,8 +51,7 @@ public final class Phase4PeppolDefaultReceiverConfiguration { public static final boolean DEFAULT_RECEIVER_CHECK_ENABLED = true; - @Deprecated (forRemoval = true, since = "3.0.0") - @DevelopersNote ("This was valid for Policy for use of Identifiers 4.2.0. This is no longer valid with PFUOI 4.3.0 from May 15th 2025") + @Pfuoi420 public static final EMode DEFAULT_WILDCARD_SELECTION_MODE = EMode.WILDCARD_ONLY; public static final boolean DEFAULT_CHECK_SIGNING_CERTIFICATE_REVOCATION = true; @@ -60,8 +59,7 @@ public final class Phase4PeppolDefaultReceiverConfiguration private static boolean s_bReceiverCheckEnabled = DEFAULT_RECEIVER_CHECK_ENABLED; private static ISMPExtendedServiceMetadataProvider s_aSMPClient; - @Deprecated (forRemoval = true, since = "3.0.0") - @DevelopersNote ("This was valid for Policy for use of Identifiers 4.2.0. This is no longer valid with PFUOI 4.3.0 from May 15th 2025") + @Pfuoi420 private static PeppolWildcardSelector.EMode s_eWildcardSelectionMode = DEFAULT_WILDCARD_SELECTION_MODE; private static String s_sAS4EndpointURL; private static X509Certificate s_aAPCertificate; @@ -132,8 +130,7 @@ public static void setSMPClient (@Nullable final ISMPExtendedServiceMetadataProv * @since 2.7.3 */ @Nonnull - @Deprecated (forRemoval = true, since = "3.0.0") - @DevelopersNote ("This was valid for Policy for use of Identifiers 4.2.0. This is no longer valid with PFUOI 4.3.0 from May 15th 2025") + @Pfuoi420 public static PeppolWildcardSelector.EMode getWildcardSelectionMode () { return s_eWildcardSelectionMode; @@ -148,8 +145,7 @@ public static PeppolWildcardSelector.EMode getWildcardSelectionMode () * null. * @since 2.7.3 */ - @Deprecated (forRemoval = true, since = "3.0.0") - @DevelopersNote ("This was valid for Policy for use of Identifiers 4.2.0. This is no longer valid with PFUOI 4.3.0 from May 15th 2025") + @Pfuoi420 public static void setWildcardSelectionMode (@Nonnull final PeppolWildcardSelector.EMode eWildcardSelectionMode) { ValueEnforcer.notNull (eWildcardSelectionMode, "WildcardSlectionMode"); @@ -299,7 +295,6 @@ public static void setCheckSigningCertificateRevocation (final boolean b) * @return Completely filled builder. Never null. * @since 3.0.0 Beta7 */ - @SuppressWarnings ("removal") @Nonnull public static Phase4PeppolReceiverConfigurationBuilder getAsReceiverCheckDataBuilder () { diff --git a/phase4-peppol-servlet/src/main/java/com/helger/phase4/peppol/servlet/Phase4PeppolReceiverConfiguration.java b/phase4-peppol-servlet/src/main/java/com/helger/phase4/peppol/servlet/Phase4PeppolReceiverConfiguration.java index da73cde06..e07b4904f 100644 --- a/phase4-peppol-servlet/src/main/java/com/helger/phase4/peppol/servlet/Phase4PeppolReceiverConfiguration.java +++ b/phase4-peppol-servlet/src/main/java/com/helger/phase4/peppol/servlet/Phase4PeppolReceiverConfiguration.java @@ -23,12 +23,12 @@ import javax.annotation.concurrent.Immutable; import com.helger.commons.ValueEnforcer; -import com.helger.commons.annotation.DevelopersNote; import com.helger.commons.builder.IBuilder; import com.helger.commons.string.StringHelper; import com.helger.commons.string.ToStringGenerator; import com.helger.smpclient.peppol.ISMPExtendedServiceMetadataProvider; import com.helger.smpclient.peppol.PeppolWildcardSelector; +import com.helger.smpclient.peppol.Pfuoi420; /** * This class contains the "per-request" data of @@ -43,8 +43,7 @@ public final class Phase4PeppolReceiverConfiguration { private final boolean m_bReceiverCheckEnabled; private final ISMPExtendedServiceMetadataProvider m_aSMPClient; - @Deprecated (forRemoval = true, since = "3.0.0") - @DevelopersNote ("This was valid for Policy for use of Identifiers 4.2.0. This is no longer valid with PFUOI 4.3.0 from May 15th 2025") + @Pfuoi420 private final PeppolWildcardSelector.EMode m_eWildcardSelectionMode; private final String m_sAS4EndpointURL; private final X509Certificate m_aAPCertificate; @@ -80,7 +79,6 @@ public final class Phase4PeppolReceiverConfiguration * performed. * @since 2.8.1 */ - @SuppressWarnings ("deprecation") public Phase4PeppolReceiverConfiguration (final boolean bReceiverCheckEnabled, @Nullable final ISMPExtendedServiceMetadataProvider aSMPClient, @Nonnull final PeppolWildcardSelector.EMode eWildcardSelectionMode, @@ -130,8 +128,7 @@ public ISMPExtendedServiceMetadataProvider getSMPClient () * @since 2.7.3 */ @Nonnull - @Deprecated (forRemoval = true, since = "3.0.0") - @DevelopersNote ("This was valid for Policy for use of Identifiers 4.2.0. This is no longer valid with PFUOI 4.3.0 from May 15th 2025") + @Pfuoi420 public PeppolWildcardSelector.EMode getWildcardSelectionMode () { return m_eWildcardSelectionMode; @@ -225,8 +222,7 @@ public static class Phase4PeppolReceiverConfigurationBuilder implements IBuilder { private boolean m_bReceiverCheckEnabled; private ISMPExtendedServiceMetadataProvider m_aSMPClient; - @Deprecated (forRemoval = true, since = "3.0.0") - @DevelopersNote ("This was valid for Policy for use of Identifiers 4.2.0. This is no longer valid with PFUOI 4.3.0 from May 15th 2025") + @Pfuoi420 private PeppolWildcardSelector.EMode m_eWildcardSelectionMode; private String m_sAS4EndpointURL; private X509Certificate m_aAPCertificate; @@ -264,8 +260,7 @@ public Phase4PeppolReceiverConfigurationBuilder serviceMetadataProvider (@Nullab } @Nonnull - @Deprecated (forRemoval = true, since = "3.0.0") - @DevelopersNote ("This was valid for Policy for use of Identifiers 4.2.0. This is no longer valid with PFUOI 4.3.0 from May 15th 2025") + @Pfuoi420 public Phase4PeppolReceiverConfigurationBuilder wildcardSelectionMode (@Nullable final PeppolWildcardSelector.EMode e) { m_eWildcardSelectionMode = e; diff --git a/phase4-peppol-servlet/src/main/java/com/helger/phase4/peppol/servlet/Phase4PeppolServletMessageProcessorSPI.java b/phase4-peppol-servlet/src/main/java/com/helger/phase4/peppol/servlet/Phase4PeppolServletMessageProcessorSPI.java index 2c16f7a0c..a0273b0f1 100644 --- a/phase4-peppol-servlet/src/main/java/com/helger/phase4/peppol/servlet/Phase4PeppolServletMessageProcessorSPI.java +++ b/phase4-peppol-servlet/src/main/java/com/helger/phase4/peppol/servlet/Phase4PeppolServletMessageProcessorSPI.java @@ -88,6 +88,7 @@ import com.helger.security.certificate.CertificateHelper; import com.helger.smpclient.peppol.ISMPExtendedServiceMetadataProvider; import com.helger.smpclient.peppol.PeppolWildcardSelector; +import com.helger.smpclient.peppol.Pfuoi420; import com.helger.smpclient.peppol.SMPClientReadOnly; import com.helger.xml.serialize.write.XMLWriter; import com.helger.xsds.peppol.smp1.EndpointType; @@ -269,7 +270,6 @@ public final Phase4PeppolServletMessageProcessorSPI setReceiverCheckData (@Nulla return this; } - @SuppressWarnings ({ "deprecation", "removal" }) @Nullable private EndpointType _getReceiverEndpoint (@Nonnull final String sLogPrefix, @Nonnull final ISMPExtendedServiceMetadataProvider aSMPClient, @@ -305,6 +305,7 @@ private EndpointType _getReceiverEndpoint (@Nonnull final String sLogPrefix, if (bWildcard) { // Wildcard lookup + @Pfuoi420 final SignedServiceMetadataType aSSM = aSMPClient.getWildcardServiceMetadataOrNull (aRecipientID, aDocTypeID, eWildcardSelectionMode); diff --git a/phase4-profile-peppol/src/main/java/com/helger/phase4/profile/peppol/PeppolCRLDownloader.java b/phase4-profile-peppol/src/main/java/com/helger/phase4/profile/peppol/PeppolCRLDownloader.java index 3bc41ac1d..4a0f81799 100644 --- a/phase4-profile-peppol/src/main/java/com/helger/phase4/profile/peppol/PeppolCRLDownloader.java +++ b/phase4-profile-peppol/src/main/java/com/helger/phase4/profile/peppol/PeppolCRLDownloader.java @@ -26,7 +26,7 @@ import com.helger.httpclient.HttpClientSettings; import com.helger.peppol.utils.CRLCache; import com.helger.peppol.utils.CRLDownloader; -import com.helger.peppol.utils.CertificateRevocationChecker; +import com.helger.peppol.utils.CertificateRevocationCheckerDefaults; /** * The Peppol specific CRL downloader using the {@link HttpClientUrlDownloader} @@ -82,7 +82,7 @@ public static void setAsDefaultCRLCache (@Nonnull final HttpClientSettings aHCS) ValueEnforcer.notNull (aHCS, "HttpClientSettings"); LOGGER.info ("Installing the PeppolCRLDownloader as the default CRL cache using HttpClientSettings " + aHCS); - CertificateRevocationChecker.setDefaultCRLCache (new CRLCache (new PeppolCRLDownloader (aHCS), - CRLCache.DEFAULT_CACHING_DURATION)); + CertificateRevocationCheckerDefaults.setDefaultCRLCache (new CRLCache (new PeppolCRLDownloader (aHCS), + CRLCache.DEFAULT_CACHING_DURATION)); } } diff --git a/pom.xml b/pom.xml index 984c1463a..294efbef3 100644 --- a/pom.xml +++ b/pom.xml @@ -77,7 +77,7 @@ 1.79 2.24.1 3.0.0 - 9.6.0-SNAPSHOT + 9.6.0 3.0.2 11.1.10 9.0.3