diff --git a/.gitignore b/.gitignore index 829a4d52..2412c5d0 100644 --- a/.gitignore +++ b/.gitignore @@ -14,3 +14,4 @@ tmp/ .idea .DS_Store .vscode/launch.json +*.p12 diff --git a/src/main/java/it/finanze/sanita/fse2/ms/iniclient/service/impl/SecuritySRV.java b/src/main/java/it/finanze/sanita/fse2/ms/iniclient/service/impl/SecuritySRV.java index 5811182c..f6f05c2f 100644 --- a/src/main/java/it/finanze/sanita/fse2/ms/iniclient/service/impl/SecuritySRV.java +++ b/src/main/java/it/finanze/sanita/fse2/ms/iniclient/service/impl/SecuritySRV.java @@ -11,9 +11,8 @@ */ package it.finanze.sanita.fse2.ms.iniclient.service.impl; -import java.io.File; -import java.io.FileInputStream; import java.io.IOException; +import java.io.InputStream; import java.security.KeyManagementException; import java.security.KeyStore; import java.security.KeyStoreException; @@ -32,6 +31,7 @@ import it.finanze.sanita.fse2.ms.iniclient.config.IniCFG; import it.finanze.sanita.fse2.ms.iniclient.service.ISecuritySRV; +import it.finanze.sanita.fse2.ms.iniclient.utility.FileUtility; import lombok.extern.slf4j.Slf4j; @Service @@ -45,11 +45,11 @@ public class SecuritySRV implements ISecuritySRV { @Override public SSLContext createSslCustomContext() throws NoSuchAlgorithmException, CertificateException, IOException, KeyManagementException, KeyStoreException, UnrecoverableKeyException { - + KeyStore keystore = KeyStore.getInstance("JKS"); - try (FileInputStream fis = new FileInputStream(new File(iniCFG.getAuthCertLocation()))) { - keystore.load(fis, iniCFG.getAuthCertPassword().toCharArray()); - } + try (InputStream inputStream = FileUtility.getFileFromAbsoluteOrResourceInputStream(iniCFG.getAuthCertLocation())) { + keystore.load(inputStream, iniCFG.getAuthCertPassword().toCharArray()); + } KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); keyManagerFactory.init(keystore, iniCFG.getAuthCertPassword().toCharArray()); @@ -60,6 +60,7 @@ public SSLContext createSslCustomContext() throws NoSuchAlgorithmException, Cert } + private static TrustManager[] trustAllCerts = new TrustManager[]{ new X509TrustManager() { public X509Certificate[] getAcceptedIssuers() { @@ -76,5 +77,5 @@ public void checkServerTrusted(X509Certificate[] certs, String authType) throws } }; - + } diff --git a/src/main/java/it/finanze/sanita/fse2/ms/iniclient/utility/FileUtility.java b/src/main/java/it/finanze/sanita/fse2/ms/iniclient/utility/FileUtility.java index 5eb733b3..87fa41e0 100644 --- a/src/main/java/it/finanze/sanita/fse2/ms/iniclient/utility/FileUtility.java +++ b/src/main/java/it/finanze/sanita/fse2/ms/iniclient/utility/FileUtility.java @@ -12,8 +12,13 @@ package it.finanze.sanita.fse2.ms.iniclient.utility; import java.io.ByteArrayOutputStream; +import java.io.File; +import java.io.FileInputStream; import java.io.InputStream; +import org.springframework.core.io.ClassPathResource; +import org.springframework.core.io.Resource; + import it.finanze.sanita.fse2.ms.iniclient.exceptions.base.BusinessException; import lombok.AccessLevel; import lombok.NoArgsConstructor; @@ -76,4 +81,29 @@ private static byte[] getByteFromInputStream(final InputStream is) { } return b; } + + public static InputStream getFileFromAbsoluteOrResourceInputStream(String filePath) { + InputStream inputStream; + + try { + File file = new File(filePath); + if (file.exists() && file.isFile()) { + inputStream = new FileInputStream(file); + } else { + Resource resource = new ClassPathResource(filePath); + if (resource.exists()) { + inputStream = resource.getInputStream(); + } else { + throw new Exception("File not found in both absolute path and classpath: " + filePath); + } + } + + } catch(Exception ex) { + log.error("Error while get file input stream:", ex); + throw new BusinessException(ex); + } + + return inputStream; + } + } diff --git a/src/main/resources/application-dev.properties b/src/main/resources/application-dev.properties index 7cea1196..7cdb75a8 100644 --- a/src/main/resources/application-dev.properties +++ b/src/main/resources/application-dev.properties @@ -13,11 +13,11 @@ ini.client.enable-log=true ini.client.enable-ssl=true # TrustStore -> SSL Context -ini.client.auth-cert.path=auth/autenticazione110_IBM.p12 +ini.client.auth-cert.path=auth/A1#GTW-INI.p12 ini.client.auth-cert.password=123456 ini.client.auth-cert.alias= # KeyStore -> Digital Signature SAML -ini.client.ds-cert.path=sign/firma110_IBM.p12 +ini.client.ds-cert.path=sign/S1#GTW-INI.p12 ini.client.ds-cert.password=123456 ini.client.ds-cert.alias= ini.client.mock-enable=false diff --git a/src/main/resources/auth/autenticazione110_IBM.p12 b/src/main/resources/auth/autenticazione110_IBM.p12 deleted file mode 100644 index 00582d1e..00000000 Binary files a/src/main/resources/auth/autenticazione110_IBM.p12 and /dev/null differ diff --git a/src/main/resources/sign/firma110_IBM.p12 b/src/main/resources/sign/firma110_IBM.p12 deleted file mode 100644 index 273049d4..00000000 Binary files a/src/main/resources/sign/firma110_IBM.p12 and /dev/null differ