Merge branch 'develop'

disain/package.json

@@ -13,7 +13,7 @@
     "pump": "^1.0.2"
   },
   "dependencies": {
-    "npm": "^5.10.0"
+    "npm": "^6.13.4"
   },
   "scripts": {
     "build:images": "gulp build:images",

pom.xml

@@ -6,13 +6,11 @@
     <groupId>ee.ria.tara</groupId>
     <artifactId>tara-server</artifactId>
     <packaging>war</packaging>
-    <version>1.4.13</version>
+    <version>1.4.14</version>
 
     <properties>
-        <cas.version>5.3.9</cas.version>
-        <springboot.version>1.5.18.RELEASE</springboot.version>
+        <cas.version>5.3.14</cas.version>
         <banklink.version>2.1.15</banklink.version>
-        <jersey.version>2.28</jersey.version>
         <!-- app.server could be -jetty, -undertow, -tomcat, or blank if you plan to provide appserver -->
         <app.server>-tomcat</app.server>
         <maven.compiler.source>1.8</maven.compiler.source>
@@ -44,7 +42,7 @@
             <plugin>
                 <groupId>org.springframework.boot</groupId>
                 <artifactId>spring-boot-maven-plugin</artifactId>
-                <version>${springboot.version}</version>
+                <version>1.5.22.RELEASE</version>
                 <configuration>
                     <mainClass>org.springframework.boot.loader.WarLauncher</mainClass>
                     <addResources>true</addResources>
@@ -60,7 +58,7 @@
             <plugin>
                 <groupId>pl.project13.maven</groupId>
                 <artifactId>git-commit-id-plugin</artifactId>
-                <version>2.2.4</version>
+                <version>4.0.0</version>
                 <executions>
                     <execution>
                         <goals>
@@ -81,7 +79,7 @@
             <plugin>
                 <groupId>org.apache.maven.plugins</groupId>
                 <artifactId>maven-war-plugin</artifactId>
-                <version>3.2.2</version>
+                <version>3.2.3</version>
                 <configuration>
                     <warName>cas</warName>
                     <failOnMissingWebXml>false</failOnMissingWebXml>
@@ -108,12 +106,12 @@
             <plugin>
                 <groupId>org.apache.maven.plugins</groupId>
                 <artifactId>maven-compiler-plugin</artifactId>
-                <version>3.7.0</version>
+                <version>3.8.1</version>
             </plugin>
             <plugin>
                 <groupId>org.jacoco</groupId>
                 <artifactId>jacoco-maven-plugin</artifactId>
-                <version>0.8.2</version>
+                <version>0.8.5</version>
                 <executions>
                     <execution>
                         <id>jacoco-initialize</id>
@@ -134,13 +132,20 @@
         <finalName>cas</finalName>
     </build>
 
+    <!-- Override a CAS dependency by including it BEFORE the BOM -->
     <dependencyManagement>
         <dependencies>
-            <!-- Override a dependency by including it BEFORE the BOM -->
             <dependency>
                 <groupId>com.fasterxml.jackson.core</groupId>
                 <artifactId>jackson-databind</artifactId>
-                <version>2.9.9</version>
+                <version>2.9.10.1</version>
+            </dependency>
+
+            <!-- Override dependency needed for mid-rest-java-client -->
+            <dependency>
+                <groupId>org.glassfish.jersey.inject</groupId>
+                <artifactId>jersey-hk2</artifactId>
+                <version>2.28</version>
             </dependency>
 
             <dependency>
@@ -151,13 +156,6 @@
                 <scope>import</scope>
             </dependency>
 
-            <!-- Force-override given dependency version used by mid-rest-java-client -->
-            <!-- At the moment version 2.27 is for some reason taken from spring, even tho jersey is only used by mid-rest-java-client and it has defined use of ${jersey.version}  -->
-            <dependency>
-                <groupId>org.glassfish.jersey.inject</groupId>
-                <artifactId>jersey-hk2</artifactId>
-                <version>${jersey.version}</version>
-            </dependency>
         </dependencies>
     </dependencyManagement>
 
@@ -301,7 +299,7 @@
         <dependency>
             <groupId>org.postgresql</groupId>
             <artifactId>postgresql</artifactId>
-            <version>42.2.5</version>
+            <version>42.2.8</version>
         </dependency>
 
         <!-- cas cluster support -->
@@ -363,14 +361,13 @@
         <dependency>
             <groupId>ee.sk.smartid</groupId>
             <artifactId>smart-id-java-client</artifactId>
-            <version>1.0</version>
+            <version>1.5</version>
         </dependency>
 
         <!-- test -->
         <dependency>
             <groupId>org.springframework.boot</groupId>
             <artifactId>spring-boot-starter-test</artifactId>
-            <version>${springboot.version}</version>
             <scope>test</scope>
             <exclusions>
                 <exclusion>
@@ -382,19 +379,19 @@
         <dependency>
             <groupId>com.github.tomakehurst</groupId>
             <artifactId>wiremock-standalone</artifactId>
-            <version>2.18.0</version>
+            <version>2.25.1</version>
             <scope>test</scope>
         </dependency>
         <dependency>
             <groupId>com.h2database</groupId>
             <artifactId>h2</artifactId>
-            <version>1.4.197</version>
+            <version>1.4.200</version>
             <scope>test</scope>
         </dependency>
         <dependency>
             <groupId>com.fasterxml</groupId>
             <artifactId>classmate</artifactId>
-            <version>1.4.0</version>
+            <version>1.5.1</version>
             <scope>test</scope>
         </dependency>
         <dependency>

src/main/java/ee/ria/sso/config/smartid/SmartIDConfiguration.java

@@ -18,6 +18,7 @@
 import java.security.cert.CertificateException;
 import java.security.cert.CertificateFactory;
 import java.security.cert.X509Certificate;
+import java.util.concurrent.TimeUnit;
 
 @ConditionalOnProperty("smart-id.enabled")
 @Configuration
@@ -40,7 +41,9 @@ public ClientConfig clientConfig() {
 
     @Bean
     public SmartIdConnector smartIdConnector() {
-        return new SmartIdRestConnector(confProvider.getHostUrl(), clientConfig());
+        SmartIdRestConnector connector = new SmartIdRestConnector(confProvider.getHostUrl(), clientConfig());
+        connector.setSessionStatusResponseSocketOpenTime(TimeUnit.MILLISECONDS, confProvider.getSessionStatusSocketOpenDuration());
+        return connector;
     }
 
     @Bean

src/main/java/ee/ria/sso/service/smartid/SmartIDAuthenticationService.java

@@ -79,8 +79,8 @@ public Event initSmartIdAuthenticationSession(RequestContext context) {
             AuthenticationRequest authRequest = formSubjectAuthenticationRequest(personIdentifier, personCountry);
             AuthenticationSessionResponse authResponse = smartIdClient.authenticateSubject(authRequest);
 
-            LOGGER.info("Authentication response received <sessionId:{}>", authResponse.getSessionId());
-            writeAuthSessionToFlowContext(context, authRequest, authResponse.getSessionId());
+            LOGGER.info("Authentication response received <sessionId:{}>", authResponse.getSessionID());
+            writeAuthSessionToFlowContext(context, authRequest, authResponse.getSessionID());
             return new Event(this, CasWebflowConstants.TRANSITION_ID_SUCCESS);
         } catch (UserAuthenticationFailedException e) {
             logEvent(context, e, AuthenticationType.SmartID);

src/main/java/ee/ria/sso/service/smartid/SmartIDAuthenticationValidatorWrapper.java

@@ -55,13 +55,13 @@ private void validateSessionEndResult(String sessionEndResult) {
     private SmartIdAuthenticationResponse formAuthenticationResponse(SessionStatus sessionStatus, AuthenticationHash authHash, CertificateLevel certificateLevel) {
         SessionResult sessionResult = sessionStatus.getResult();
         SessionSignature sessionSignature = sessionStatus.getSignature();
-        SessionCertificate certificate = sessionStatus.getCertificate();
+        SessionCertificate certificate = sessionStatus.getCert();
 
         SmartIdAuthenticationResponse authenticationResponse = new SmartIdAuthenticationResponse();
         authenticationResponse.setEndResult(sessionResult.getEndResult());
         authenticationResponse.setSignedHashInBase64(authHash.getHashInBase64());
         authenticationResponse.setHashType(authHash.getHashType());
-        authenticationResponse.setSignatureValueInBase64(sessionSignature.getValueInBase64());
+        authenticationResponse.setSignatureValueInBase64(sessionSignature.getValue());
         authenticationResponse.setAlgorithmName(sessionSignature.getAlgorithm());
         authenticationResponse.setRequestedCertificateLevel(certificateLevel.name());
         if (certificate.getValue() != null) {

src/main/java/ee/ria/sso/service/smartid/SmartIDClient.java

@@ -3,15 +3,16 @@
 import ee.ria.sso.config.smartid.SmartIDConfigurationProvider;
 import ee.sk.smartid.AuthenticationHash;
 import ee.sk.smartid.rest.SmartIdConnector;
-import ee.sk.smartid.rest.dao.*;
+import ee.sk.smartid.rest.dao.AuthenticationSessionRequest;
+import ee.sk.smartid.rest.dao.AuthenticationSessionResponse;
+import ee.sk.smartid.rest.dao.NationalIdentity;
+import ee.sk.smartid.rest.dao.SessionStatus;
 import lombok.Builder;
 import lombok.Getter;
 import lombok.RequiredArgsConstructor;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
 import org.springframework.stereotype.Component;
 
-import java.util.concurrent.TimeUnit;
-
 @ConditionalOnProperty("smart-id.enabled")
 @Component
 @RequiredArgsConstructor
@@ -27,8 +28,7 @@ public AuthenticationSessionResponse authenticateSubject(AuthenticationRequest a
     }
 
     public SessionStatus getSessionStatus(String sessionId) {
-        SessionStatusRequest request = formSessionStatusRequest(sessionId);
-        return smartIdConnector.getSessionStatus(request);
+        return smartIdConnector.getSessionStatus(sessionId);
     }
 
     private AuthenticationSessionRequest formAuthenticationSessionRequest(AuthenticationRequest authRequest) {
@@ -43,12 +43,6 @@ private AuthenticationSessionRequest formAuthenticationSessionRequest(Authentica
         return request;
     }
 
-    private SessionStatusRequest formSessionStatusRequest(String sessionId) {
-        SessionStatusRequest request = new SessionStatusRequest(sessionId);
-        request.setResponseSocketOpenTime(TimeUnit.MILLISECONDS, confProvider.getSessionStatusSocketOpenDuration());
-        return request;
-    }
-
     @Builder
     @Getter
     public static class AuthenticationRequest {

src/main/webapp/WEB-INF/classes/log4j2.xml

@@ -15,7 +15,7 @@
         <Property name="tara.audit_log.pattern">{&quot;request&quot;:&quot;%enc{%X{method} %X{scheme}://%X{serverName}:%X{serverPort}%X{requestUri}}{JSON}&quot;, &quot;requestId&quot;:&quot;%X{requestId}&quot;, &quot;sessionId&quot;:&quot;%X{sessionId}&quot;, &quot;message&quot;:&quot;%enc{%msg}{JSON}&quot;}%n</Property>
 
         <!-- Log record format: stats.log -->
-        <Property name="tara.stats_log.pattern">%m%n</Property>
+        <Property name="tara.stats_log.pattern">%enc{%.-1000msg}{JSON}%n</Property>
 
         <!-- Log record format for syslog. Note that the syslog facility code is constant: 'local1' (17). And syslog priority is assigned error (3) in case of ERROR level, otherwise 'notice' (5) shall be used) -->
         <Property name="tara.syslog.pattern">&lt;%level{WARN=141, DEBUG=141, ERROR=139, TRACE=141, INFO=141}&gt;1 %d{yyyy-MM-dd'T'HH:mm:ss.SSSZ} ${hostName} rak-tara.log - - - ${sys:tara.log.pattern}</Property>
@@ -178,7 +178,6 @@
             <AppenderRef ref="casConsole" level="${sys:tara.console.level}" />
             <AppenderRef ref="casAudit"/>
             <AppenderRef ref="errorFile" level="error" />
-            <AppenderRef ref="casFile" level="${sys:tara.log.level}" />
 
             <!-- Uncomment when using syslog appender -->
             <!--AppenderRef ref="taraAuditSyslog" level="${sys:tara.log.level}" /-->

src/main/webapp/WEB-INF/classes/messages_ru.properties

@@ -8,7 +8,7 @@ label.header.ru=РУССКИЙ
 
 logo.footer.cef=/assets/cef-logo-en.svg
 label.footer.alt=Co-financed by the Connecting Europe Facility of the European Union
-label.footer.about=Подробнее о сервиса аутентификации
+label.footer.about=Подробнее о сервисе аутентификации
 link.footer.about=https://www.ria.ee/en/state-information-system/eid/partners.html#tara
 
 label.common.back=Нажмите здесь, чтобы вернуться к выбору метода аутентификации!
@@ -40,7 +40,7 @@ label.bank-link.nojavascript-redirect=Перенаправление вокру
 message.bank-link.nojavascript=Нажмите кнопку перенаправления, если вы не перенаправлены автоматически.
 
 label.smart-id.title=Smart-ID
-label.smart-id.instruction=Для входа в систему требуется действующей договор <span lang="en">Smart-ID</span>. Введите свой личный код в поле для входа в портал <span lang="en">Smart-ID</span>. Затем вашему смартфону будет отправлено контрольное сообщение.
+label.smart-id.instruction=Для входа в систему требуется действующей договор <span lang="en">Smart-ID</span>. Введите свой личный код в поле для входа в портал <span lang="en">Smart-ID</span>. Затем на ваш смартфон будет отправлено контрольное сообщение.
 label.smart-id.instruction-check=На ваш смартфон был отправлен контрольный код.
 label.smart-id.personalCodePrefix=EE
 label.smart-id.help = Помощь со smart-id.com

src/test/java/ee/ria/sso/service/smartid/SmartIDAuthenticationServiceTest.java

@@ -496,7 +496,7 @@ private void assertErrorStatisticsCollected(String exceptionMessage) {
 
     private void mockSubjectAuthenticationCall(String sessionId) {
         AuthenticationSessionResponse mockResponse = new AuthenticationSessionResponse();
-        mockResponse.setSessionId(sessionId);
+        mockResponse.setSessionID(sessionId);
         when(smartIdClient.authenticateSubject(authenticationRequestCaptor.capture()))
                 .thenReturn(mockResponse);
     }

src/test/java/ee/ria/sso/service/smartid/SmartIDAuthenticationValidatorWrapperTest.java

@@ -104,7 +104,7 @@ public void getAuthenticationSessionStatus_sessionComplete_endResultUnknown() {
     @Test
     public void getAuthenticationSessionStatus_sessionComplete_endResultOk_certMissing() {
         SessionStatus sessionStatus = mockCompleteSessionStatus(SessionEndResult.OK);
-        sessionStatus.getCertificate().setValue(null);
+        sessionStatus.getCert().setValue(null);
         expectException(
                 () -> validatorWrapper.validateAuthenticationResponse(sessionStatus, AuthenticationHash.generateRandomHash(), CERTIFICATE_LEVEL),
                 TechnicalErrorException.class,
@@ -116,7 +116,7 @@ public void getAuthenticationSessionStatus_sessionComplete_endResultOk_certMissi
     @Test
     public void getAuthenticationSessionStatus_sessionComplete_endResultOk_invalidSignature() {
         SessionStatus sessionStatus = mockCompleteSessionStatus(SessionEndResult.OK);
-        sessionStatus.getSignature().setValueInBase64(SmartIDMockData.INVALID_SIGNATURE_IN_BASE64);
+        sessionStatus.getSignature().setValue(SmartIDMockData.INVALID_SIGNATURE_IN_BASE64);
         expectException(
                 () -> validatorWrapper.validateAuthenticationResponse(sessionStatus, AuthenticationHash.generateRandomHash(), CERTIFICATE_LEVEL),
                 SessionValidationException.class,
@@ -128,7 +128,7 @@ public void getAuthenticationSessionStatus_sessionComplete_endResultOk_invalidSi
     @Test
     public void getAuthenticationSessionStatus_sessionComplete_endResultOk_certLevelMismatch() {
         SessionStatus sessionStatus = mockCompleteSessionStatus(SessionEndResult.OK);
-        sessionStatus.getCertificate().setCertificateLevel(CertificateLevel.ADVANCED.name());
+        sessionStatus.getCert().setCertificateLevel(CertificateLevel.ADVANCED.name());
         expectException(
                 () -> validatorWrapper.validateAuthenticationResponse(sessionStatus, SmartIDMockData.mockAuthenticationHash(), CERTIFICATE_LEVEL),
                 SessionValidationException.class,
@@ -155,7 +155,7 @@ public void getAuthenticationSessionStatus_sessionComplete_endResultOk_certifica
     @Test
     public void getAuthenticationSessionStatus_sessionComplete_endResultOk_multipleFailures() {
         SessionStatus sessionStatus = mockCompleteSessionStatus(SessionEndResult.OK);
-        sessionStatus.getCertificate().setValue(SmartIDMockData.EXPIRED_AUTH_CERTIFICATE);
+        sessionStatus.getCert().setValue(SmartIDMockData.EXPIRED_AUTH_CERTIFICATE);
         expectException(
                 () -> validatorWrapper.validateAuthenticationResponse(sessionStatus, SmartIDMockData.mockAuthenticationHash(), CERTIFICATE_LEVEL),
                 SessionValidationException.class,

src/test/java/ee/ria/sso/service/smartid/SmartIDClientTest.java

@@ -11,6 +11,7 @@
 import org.mockito.ArgumentCaptor;
 import org.mockito.Captor;
 import org.mockito.Mock;
+import org.mockito.Mockito;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.test.context.ConfigFileApplicationContextInitializer;
 import org.springframework.test.context.ContextConfiguration;
@@ -55,7 +56,7 @@ public void init() {
     @Test
     public void authenticateSubject() {
         AuthenticationSessionResponse mockAuthResponse = new AuthenticationSessionResponse();
-        mockAuthResponse.setSessionId(UUID.randomUUID().toString());
+        mockAuthResponse.setSessionID(UUID.randomUUID().toString());
         when(smartIdConnector.authenticate(any(NationalIdentity.class), any())).thenReturn(mockAuthResponse);
 
         AuthenticationHash authHash = AuthenticationHash.generateRandomHash();
@@ -80,7 +81,7 @@ public void getSessionStatus() {
         SessionStatus sessionStatus = smartIDClient.getSessionStatus(sessionId);
 
         assertEquals(mockSessionStatusResponse, sessionStatus);
-        verifySessionStatusRequest(sessionId);
+        verify(smartIdConnector).getSessionStatus(Mockito.eq(sessionId));
     }
 
     private void verifyAuthenticationRequest(AuthenticationHash authHash) {
@@ -94,12 +95,4 @@ private void verifyAuthenticationRequest(AuthenticationHash authHash) {
         assertEquals(CertificateLevel.QUALIFIED.name(), authRequest.getCertificateLevel());
         assertNull(authRequest.getNonce());
     }
-
-    private void verifySessionStatusRequest(String sessionId) {
-        verify(smartIdConnector).getSessionStatus(sessionStatusRequestArgumentCaptor.capture());
-        SessionStatusRequest sessionStatusRequest = sessionStatusRequestArgumentCaptor.getValue();
-        assertEquals(sessionId, sessionStatusRequest.getSessionId());
-        assertEquals(TimeUnit.MILLISECONDS, sessionStatusRequest.getResponseSocketOpenTimeUnit());
-        assertEquals(confProvider.getSessionStatusSocketOpenDuration().longValue(), sessionStatusRequest.getResponseSocketOpenTimeValue());
-    }
 }

src/test/java/ee/ria/sso/service/smartid/SmartIDMockData.java

@@ -87,11 +87,11 @@ public static SessionStatus mockCompleteSessionStatus(SessionEndResult endResult
         SessionCertificate sessionCertificate = new SessionCertificate();
         sessionCertificate.setCertificateLevel(CertificateLevel.QUALIFIED.name());
         sessionCertificate.setValue(SMART_ID_TEST_CERTIFICATE);
-        sessionStatus.setCertificate(sessionCertificate);
+        sessionStatus.setCert(sessionCertificate);
 
         SessionSignature sessionSignature = new SessionSignature();
         sessionSignature.setAlgorithm("sha512WithRSAEncryption");
-        sessionSignature.setValueInBase64(AUTH_HASH_SIGNATURE_IN_BASE64);
+        sessionSignature.setValue(AUTH_HASH_SIGNATURE_IN_BASE64);
         sessionStatus.setSignature(sessionSignature);
         return sessionStatus;
     }