Skip to content

Commit e33b74d

Browse files
Develop2Master: restore function of isHostnameVerification flag (#44)
* App2App additional service implementation (#39) * App2App additional service -rest and cli initial implementation * App2App additional service -soap implementation * App2App additional service SignatureRequest model enhancements, refactoring and code quality checks * Potential fix for pull request finding 'Missing catch of NumberFormatException' Co-authored-by: Copilot Autofix powered by AI <223894421+github-code-quality[bot]@users.noreply.github.com> * App2App (AS) cont'd with loop on app2app service until expire of transaction * Version bump up to 1.6.0 * Revert "MID-2742: Update connect2id to 19.8 version" This reverts commit 9685e54b Signed-off-by: thomas4v <thomas4v@gmail.com> * MID-2936: keep services at model package level * MID-2936: correct for license formatting * MID-3071: restrore function of isHostnameVerification flag --------- Signed-off-by: thomas4v <thomas4v@gmail.com> Co-authored-by: Copilot Autofix powered by AI <223894421+github-code-quality[bot]@users.noreply.github.com>
1 parent 00cddcc commit e33b74d

7 files changed

Lines changed: 49 additions & 45 deletions

File tree

mid-java-client-core/pom.xml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -6,7 +6,7 @@
66
<parent>
77
<groupId>ch.mobileid.mid-java-client</groupId>
88
<artifactId>mid-java-client-parent</artifactId>
9-
<version>1.6.0</version>
9+
<version>1.6.1</version>
1010
</parent>
1111

1212
<artifactId>mid-java-client-core</artifactId>

mid-java-client-rest/pom.xml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -6,7 +6,7 @@
66
<parent>
77
<groupId>ch.mobileid.mid-java-client</groupId>
88
<artifactId>mid-java-client-parent</artifactId>
9-
<version>1.6.0</version>
9+
<version>1.6.1</version>
1010
</parent>
1111

1212
<artifactId>mid-java-client-rest</artifactId>

mid-java-client-rest/src/main/java/ch/swisscom/mid/client/rest/ComProtocolHandlerRestImpl.java

Lines changed: 20 additions & 23 deletions
Original file line numberDiff line numberDiff line change
@@ -15,10 +15,24 @@
1515
*/
1616
package ch.swisscom.mid.client.rest;
1717

18+
import ch.swisscom.mid.client.MIDFlowException;
19+
import ch.swisscom.mid.client.config.*;
20+
import ch.swisscom.mid.client.impl.ComProtocolHandler;
21+
import ch.swisscom.mid.client.impl.Loggers;
22+
import ch.swisscom.mid.client.model.*;
23+
import ch.swisscom.mid.client.rest.model.fault.MSSFault;
24+
import ch.swisscom.mid.client.rest.model.profqreq.MSSProfileQueryRequest;
25+
import ch.swisscom.mid.client.rest.model.profqresp.MSSProfileQueryResponse;
26+
import ch.swisscom.mid.client.rest.model.receiptreq.MSSReceiptRequest;
27+
import ch.swisscom.mid.client.rest.model.receiptresp.MSSReceiptResponse;
28+
import ch.swisscom.mid.client.rest.model.signreq.MSSSignatureRequest;
29+
import ch.swisscom.mid.client.rest.model.signresp.MSSSignatureResponse;
30+
import ch.swisscom.mid.client.rest.model.statusreq.MSSStatusRequest;
31+
import ch.swisscom.mid.client.rest.model.statusresp.MSSStatusResponse;
32+
import ch.swisscom.mid.client.utils.Utils;
1833
import com.fasterxml.jackson.core.JsonProcessingException;
1934
import com.fasterxml.jackson.databind.DeserializationFeature;
2035
import com.fasterxml.jackson.databind.ObjectMapper;
21-
2236
import org.apache.commons.codec.CharEncoding;
2337
import org.apache.hc.client5.http.auth.AuthScope;
2438
import org.apache.hc.client5.http.auth.UsernamePasswordCredentials;
@@ -30,6 +44,7 @@
3044
import org.apache.hc.client5.http.impl.classic.HttpClients;
3145
import org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManager;
3246
import org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManagerBuilder;
47+
import org.apache.hc.client5.http.ssl.NoopHostnameVerifier;
3348
import org.apache.hc.client5.http.ssl.SSLConnectionSocketFactory;
3449
import org.apache.hc.core5.http.ContentType;
3550
import org.apache.hc.core5.http.HttpHost;
@@ -43,32 +58,15 @@
4358
import org.slf4j.Logger;
4459
import org.slf4j.LoggerFactory;
4560

61+
import javax.net.ssl.SSLContext;
62+
import javax.net.ssl.SSLException;
4663
import java.io.ByteArrayInputStream;
4764
import java.io.FileInputStream;
4865
import java.io.IOException;
4966
import java.io.InputStream;
5067
import java.security.KeyStore;
5168
import java.util.concurrent.TimeUnit;
5269

53-
import javax.net.ssl.SSLContext;
54-
import javax.net.ssl.SSLException;
55-
56-
import ch.swisscom.mid.client.MIDFlowException;
57-
import ch.swisscom.mid.client.config.*;
58-
import ch.swisscom.mid.client.impl.ComProtocolHandler;
59-
import ch.swisscom.mid.client.impl.Loggers;
60-
import ch.swisscom.mid.client.model.*;
61-
import ch.swisscom.mid.client.rest.model.fault.MSSFault;
62-
import ch.swisscom.mid.client.rest.model.profqreq.MSSProfileQueryRequest;
63-
import ch.swisscom.mid.client.rest.model.profqresp.MSSProfileQueryResponse;
64-
import ch.swisscom.mid.client.rest.model.receiptreq.MSSReceiptRequest;
65-
import ch.swisscom.mid.client.rest.model.receiptresp.MSSReceiptResponse;
66-
import ch.swisscom.mid.client.rest.model.signreq.MSSSignatureRequest;
67-
import ch.swisscom.mid.client.rest.model.signresp.MSSSignatureResponse;
68-
import ch.swisscom.mid.client.rest.model.statusreq.MSSStatusRequest;
69-
import ch.swisscom.mid.client.rest.model.statusresp.MSSStatusResponse;
70-
import ch.swisscom.mid.client.utils.Utils;
71-
7270
public class ComProtocolHandlerRestImpl implements ComProtocolHandler {
7371

7472
private static final Logger logConfig = LoggerFactory.getLogger(Loggers.CONFIG);
@@ -115,9 +113,8 @@ public void initialize(ClientConfiguration config) {
115113
if (tlsConfig.isHostnameVerification()) {
116114
sslConnectionSocketFactory = new SSLConnectionSocketFactory(sslCtx);
117115
} else {
118-
logConfig.warn("Hostname verification is disabled in configuration. " +
119-
"This setting is ignored for security reasons. Hostname verification will remain active.");
120-
sslConnectionSocketFactory = new SSLConnectionSocketFactory(sslCtx);
116+
sslConnectionSocketFactory = new SSLConnectionSocketFactory(sslCtx, NoopHostnameVerifier.INSTANCE);
117+
logConfig.warn("Hostname verification is disabled in configuration.");
121118
}
122119

123120
if (tlsConfig.getSslContext() == null && sslCtx != null) {

mid-java-client-soap/pom.xml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -6,7 +6,7 @@
66
<parent>
77
<groupId>ch.mobileid.mid-java-client</groupId>
88
<artifactId>mid-java-client-parent</artifactId>
9-
<version>1.6.0</version>
9+
<version>1.6.1</version>
1010
</parent>
1111

1212
<artifactId>mid-java-client-soap</artifactId>

mid-java-client-soap/src/main/java/ch/swisscom/mid/client/soap/MssServiceFactory.java

Lines changed: 24 additions & 17 deletions
Original file line numberDiff line numberDiff line change
@@ -15,15 +15,26 @@
1515
*/
1616
package ch.swisscom.mid.client.soap;
1717

18+
import ch.swisscom.mid.client.MIDClientException;
19+
import ch.swisscom.mid.client.config.ClientConfiguration;
20+
import ch.swisscom.mid.client.config.ConfigurationException;
21+
import ch.swisscom.mid.client.config.ProxyConfiguration;
22+
import ch.swisscom.mid.client.config.TlsConfiguration;
23+
import ch.swisscom.mid.client.impl.Loggers;
1824
import com.sun.xml.ws.developer.JAXWSProperties;
19-
2025
import org.apache.commons.pool2.BasePooledObjectFactory;
2126
import org.apache.commons.pool2.PooledObject;
2227
import org.apache.commons.pool2.impl.DefaultPooledObject;
2328
import org.etsi.uri.ts102204.etsi204_kiuru.MSSSignatureService;
2429
import org.slf4j.Logger;
2530
import org.slf4j.LoggerFactory;
2631

32+
import javax.net.ssl.*;
33+
import javax.xml.namespace.QName;
34+
import javax.xml.ws.Binding;
35+
import javax.xml.ws.BindingProvider;
36+
import javax.xml.ws.Service;
37+
import javax.xml.ws.handler.Handler;
2738
import java.io.ByteArrayInputStream;
2839
import java.io.FileInputStream;
2940
import java.io.InputStream;
@@ -32,20 +43,6 @@
3243
import java.util.List;
3344
import java.util.function.Supplier;
3445

35-
import javax.net.ssl.*;
36-
import javax.xml.namespace.QName;
37-
import javax.xml.ws.Binding;
38-
import javax.xml.ws.BindingProvider;
39-
import javax.xml.ws.Service;
40-
import javax.xml.ws.handler.Handler;
41-
42-
import ch.swisscom.mid.client.MIDClientException;
43-
import ch.swisscom.mid.client.config.ClientConfiguration;
44-
import ch.swisscom.mid.client.config.ConfigurationException;
45-
import ch.swisscom.mid.client.config.ProxyConfiguration;
46-
import ch.swisscom.mid.client.config.TlsConfiguration;
47-
import ch.swisscom.mid.client.impl.Loggers;
48-
4946
public class MssServiceFactory<PortType> extends BasePooledObjectFactory<MssService<PortType>> {
5047

5148
private static final Logger log = LoggerFactory.getLogger(Loggers.CLIENT_PROTOCOL);
@@ -69,6 +66,7 @@ public class MssServiceFactory<PortType> extends BasePooledObjectFactory<MssServ
6966
private static final String JDK_JAXWS_REQUEST_TIMEOUT = "com.sun.xml.internal.ws.request.timeout";
7067
private static final String JBOSS_CXF_REQUEST_TIMEOUT = "javax.xml.ws.client.receiveTimeout";
7168

69+
private static final java.lang.String JAXWS_HOSTNAME_VERIFIER = "com.sun.xml.internal.ws.transport.https.client.hostname.verifier";
7270
private static final java.lang.String JAXWS_SSL_SOCKET_FACTORY = "com.sun.xml.internal.ws.transport.https.client.SSLSocketFactory";
7371

7472
private static final String MSSP_NAMESPACE = "http://uri.etsi.org/TS102204/etsi204-kiuru.wsdl";
@@ -149,8 +147,10 @@ private MssService<PortType> createMssService() {
149147
bindingProvider.getRequestContext().put(JAXWS_SSL_SOCKET_FACTORY, sslSocketFactory);
150148

151149
if (!clientConfiguration.getTls().isHostnameVerification()) {
152-
log.warn("MSS Soap client: Hostname verification is disabled in configuration. " +
153-
"This setting is ignored for security reasons. Hostname verification will remain active.");
150+
NoopHostnameVerifier noopHostnameVerifier = new NoopHostnameVerifier();
151+
bindingProvider.getRequestContext().put(JAXWSProperties.HOSTNAME_VERIFIER, noopHostnameVerifier);
152+
bindingProvider.getRequestContext().put(JAXWS_HOSTNAME_VERIFIER, noopHostnameVerifier);
153+
log.warn("MSS Soap client: Hostname verification is disabled in configuration.");
154154
}
155155

156156
String serviceBaseUrl = serviceUrlSupplier.get();
@@ -298,4 +298,11 @@ private KeyStore produceATrustStore(TlsConfiguration tlsConfig) {
298298
}
299299
}
300300

301+
// ----------------------------------------------------------------------------------------------------
302+
private static class NoopHostnameVerifier implements HostnameVerifier {
303+
@Override
304+
public boolean verify(String hostName, SSLSession session) {
305+
return true;
306+
}
307+
}
301308
}

mid-java-client-usage/pom.xml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -6,7 +6,7 @@
66
<parent>
77
<groupId>ch.mobileid.mid-java-client</groupId>
88
<artifactId>mid-java-client-parent</artifactId>
9-
<version>1.6.0</version>
9+
<version>1.6.1</version>
1010
</parent>
1111

1212
<artifactId>mid-java-client-usage</artifactId>

pom.xml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -6,7 +6,7 @@
66

77
<groupId>ch.mobileid.mid-java-client</groupId>
88
<artifactId>mid-java-client-parent</artifactId>
9-
<version>1.6.0</version>
9+
<version>1.6.1</version>
1010
<name>Mobile ID Java client</name>
1111
<description>Mobile ID client reference implementation in Java</description>
1212
<url>https://github.com/MobileID-Strong-Authentication/mobileid-client-java</url>

0 commit comments

Comments
 (0)