Skip to content

Commit

Permalink
Improved APIs
Browse files Browse the repository at this point in the history
  • Loading branch information
phax committed Nov 10, 2024
1 parent 2354761 commit 6f42b81
Show file tree
Hide file tree
Showing 10 changed files with 200 additions and 72 deletions.
3 changes: 3 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -315,6 +315,9 @@ They depend on several other libraries so I suggest you are going for the Maven
* Made class `RevocationCheckBuilder` a top-level class
* Totally reworked class `PeppolCertificateChecker` to add flexibility and support multiple Peppol CAs
* Added new class `PeppolCAChecker` to support in the verification of Peppol certificates
* Renamed class `PeppolRevocationCache` to `RevocationCheckResultCache`
* Added new enum `EPeppolServiceDomain` to be able to provide specific settings for specific service domains
* Added new enum `EPeppolNetwork` to be able to easily different the different Peppol Network stages
* v9.5.1 - 2024-08-11
* Make sure that wildcard lookups including a "*" in the Customization ID will always fail
* Added additional `SMPClientReadOnly.getWildcardServiceMetadataOrNull` overload
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,112 @@
/*
* Copyright (C) 2015-2024 Philip Helger
* philip[at]helger[dot]com
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.helger.peppol.servicedomain;

import javax.annotation.Nonnull;
import javax.annotation.Nullable;

import com.helger.commons.annotation.Nonempty;
import com.helger.commons.id.IHasID;
import com.helger.commons.lang.EnumHelper;
import com.helger.commons.name.IHasDisplayName;
import com.helger.peppol.sml.ESML;
import com.helger.peppol.sml.ISMLInfo;

/**
* This enum lists all the Peppol Network stages
*
* @author Philip Helger
* @since 9.6.0
*/
public enum EPeppolNetwork implements IHasID <String>, IHasDisplayName
{
/**
* Peppol Test Network
*/
TEST ("test", "Peppol Test Network", "https://test-directory.peppol.eu", ESML.DIGIT_TEST),
/**
* Peppol Production Network
*/
PRODUCTION ("prod", "Peppol Production Network", "https://test-directory.peppol.eu", ESML.DIGIT_PRODUCTION);

private final String m_sID;
private final String m_sDisplayName;
private final String m_sDirectoryURL;
private final ISMLInfo m_aSMLInfo;

EPeppolNetwork (@Nonnull @Nonempty final String sID,
@Nonnull @Nonempty final String sDisplayName,
@Nonnull @Nonempty final String sDirectoryURL,
@Nonnull final ISMLInfo aSMLInfo)
{
m_sID = sID;
m_sDisplayName = sDisplayName;
m_sDirectoryURL = sDirectoryURL;
m_aSMLInfo = aSMLInfo;
}

@Nonnull
@Nonempty
public String getID ()
{
return m_sID;
}

@Nonnull
@Nonempty
public String getDisplayName ()
{
return m_sDisplayName;
}

/**
* @return The URL of the Peppol Directory for this network stage. Never
* <code>null</code>.
*/
@Nonnull
@Nonempty
public String getDirectoryURL ()
{
return m_sDirectoryURL;
}

/**
* @return The SML object to be used for this network stage. Never
* <code>null</code>.
*/
@Nonnull
public ISMLInfo getSMLInfo ()
{
return m_aSMLInfo;
}

public boolean isProduction ()
{
return this == PRODUCTION;
}

public boolean isTest ()
{
return this == TEST;
}

@Nullable
public static EPeppolNetwork getFromIDOrNull (@Nullable final String sID)
{
return EnumHelper.getFromIDOrNull (EPeppolNetwork.class, sID);
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -38,43 +38,43 @@ public enum EPeppolServiceDomain implements IHasID <String>
* Managed by PoAC
*/
POST_AWARD ("post-award",
PeppolCertificateChecker.peppolPilotAP (),
PeppolCertificateChecker.peppolTestAP (),
PeppolCertificateChecker.peppolProductionAP (),
PeppolCertificateChecker.peppolPilotSMP (),
PeppolCertificateChecker.peppolTestSMP (),
PeppolCertificateChecker.peppolProductionSMP ()),
/**
* Managed by PrAC
*/
PRE_AWARD ("pre-award",
PeppolCertificateChecker.peppolPilotAP (),
PeppolCertificateChecker.peppolTestAP (),
PeppolCertificateChecker.peppolProductionAP (),
PeppolCertificateChecker.peppolPilotSMP (),
PeppolCertificateChecker.peppolTestSMP (),
PeppolCertificateChecker.peppolProductionSMP ()),
/**
* Enhanced B2B for Peppol-GENA bridge
*/
ENHANCED_B2B ("eb2b",
PeppolCertificateChecker.peppolPilotEb2bAP (),
PeppolCertificateChecker.peppolTestEb2bAP (),
null,
PeppolCertificateChecker.peppolPilotSMP (),
PeppolCertificateChecker.peppolTestSMP (),
null);

private final String m_sID;
private final PeppolCAChecker m_aPilotAPChecker;
private final PeppolCAChecker m_aTestAPChecker;
private final PeppolCAChecker m_aProdAPChecker;
private final PeppolCAChecker m_aPilotSMPChecker;
private final PeppolCAChecker m_aTestSMPChecker;
private final PeppolCAChecker m_aProdSMPChecker;

EPeppolServiceDomain (@Nonnull @Nonempty final String sID,
@Nullable final PeppolCAChecker aPilotAPChecker,
@Nullable final PeppolCAChecker aTestAPChecker,
@Nullable final PeppolCAChecker aProdAPChecker,
@Nullable final PeppolCAChecker aPilotSMPChecker,
@Nullable final PeppolCAChecker aTestSMPChecker,
@Nullable final PeppolCAChecker aProdSMPChecker)
{
m_sID = sID;
m_aPilotAPChecker = aPilotAPChecker;
m_aTestAPChecker = aTestAPChecker;
m_aProdAPChecker = aProdAPChecker;
m_aPilotSMPChecker = aPilotSMPChecker;
m_aTestSMPChecker = aTestSMPChecker;
m_aProdSMPChecker = aProdSMPChecker;
}

Expand All @@ -86,29 +86,41 @@ public String getID ()
}

@Nullable
public final PeppolCAChecker getPilotAPChecker ()
public PeppolCAChecker getTestAPChecker ()
{
return m_aPilotAPChecker;
return m_aTestAPChecker;
}

@Nullable
public final PeppolCAChecker getProdAPChecker ()
public PeppolCAChecker getProdAPChecker ()
{
return m_aProdAPChecker;
}

@Nullable
public final PeppolCAChecker getPilotSMPChecker ()
public PeppolCAChecker getAPChecker (@Nonnull final EPeppolNetwork eNetwork)
{
return m_aPilotSMPChecker;
return eNetwork.isTest () ? m_aTestAPChecker : m_aProdAPChecker;
}

@Nullable
public final PeppolCAChecker getProdSMPChecker ()
public PeppolCAChecker getTestSMPChecker ()
{
return m_aTestSMPChecker;
}

@Nullable
public PeppolCAChecker getProdSMPChecker ()
{
return m_aProdSMPChecker;
}

@Nullable
public PeppolCAChecker getSMPChecker (@Nonnull final EPeppolNetwork eNetwork)
{
return eNetwork.isTest () ? m_aTestSMPChecker : m_aProdSMPChecker;
}

@Nullable
public static EPeppolServiceDomain getFromIDOrNull (@Nullable final String sID)
{
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -24,22 +24,21 @@

import com.helger.commons.ValueEnforcer;
import com.helger.commons.annotation.ReturnsMutableCopy;
import com.helger.commons.datetime.PDTFactory;
import com.helger.commons.state.EChange;
import com.helger.commons.state.ETriState;

/**
* This is a specific helper class to check the validity of Peppol certificates
* for a specific PA. See {@link PeppolCertificateChecker} for predefined
* instances of this class.
* for a specific CA. This class assumes the Peppol trust model. See
* {@link PeppolCertificateChecker} for predefined instances of this class.
*
* @author Philip Helger
* @since 9.6.0
*/
public final class PeppolCAChecker
{
private final TrustedCACertificates m_aTrustedCAs = new TrustedCACertificates ();
private final PeppolRevocationCache m_aRevocationCache;
private final RevocationCheckResultCache m_aRevocationCache;

/**
* Constructor
Expand All @@ -54,11 +53,11 @@ public PeppolCAChecker (@Nonnull final X509Certificate... aCACerts)
for (final X509Certificate aCACert : aCACerts)
m_aTrustedCAs.addTrustedCACertificate (aCACert);
// The cache always uses "now" as the checking date and time
m_aRevocationCache = new PeppolRevocationCache (aCert -> new RevocationCheckBuilder ().certificate (aCert)
.validCAs (aCACerts)
.checkMode (CertificateRevocationCheckerDefaults.getRevocationCheckMode ())
.build (),
CertificateRevocationCheckerDefaults.DEFAULT_REVOCATION_CHECK_CACHING_DURATION);
m_aRevocationCache = new RevocationCheckResultCache (aCert -> new RevocationCheckBuilder ().certificate (aCert)
.validCAs (aCACerts)
.checkMode (CertificateRevocationCheckerDefaults.getRevocationCheckMode ())
.build (),
CertificateRevocationCheckerDefaults.DEFAULT_REVOCATION_CHECK_CACHING_DURATION);
}

/**
Expand All @@ -77,7 +76,7 @@ public TrustedCACertificates getAllTrustedAPCertificates ()
* <code>null</code>.
*/
@Nonnull
public PeppolRevocationCache getRevocationCache ()
public RevocationCheckResultCache getRevocationCache ()
{
return m_aRevocationCache;
}
Expand All @@ -104,7 +103,7 @@ public EChange clearRevocationCache ()
@Nonnull
public EPeppolCertificateCheckResult checkCertificate (@Nullable final X509Certificate aCert)
{
return checkCertificate (aCert, PDTFactory.getCurrentOffsetDateTime ());
return checkCertificate (aCert, null);
}

/**
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -53,17 +53,17 @@ public final class PeppolCertificateChecker

private static final Logger LOGGER = LoggerFactory.getLogger (PeppolCertificateChecker.class);

private static final PeppolCAChecker PILOT_AP = new PeppolCAChecker (PeppolKeyStoreHelper.Config2018.CERTIFICATE_PILOT_AP);
private static final PeppolCAChecker TEST_AP = new PeppolCAChecker (PeppolKeyStoreHelper.Config2018.CERTIFICATE_PILOT_AP);
private static final PeppolCAChecker PROD_AP = new PeppolCAChecker (PeppolKeyStoreHelper.Config2018.CERTIFICATE_PRODUCTION_AP);
private static final PeppolCAChecker ALL_AP = new PeppolCAChecker (PeppolKeyStoreHelper.Config2018.CERTIFICATE_PILOT_AP,
PeppolKeyStoreHelper.Config2018.CERTIFICATE_PRODUCTION_AP);

private static final PeppolCAChecker PILOT_SMP = new PeppolCAChecker (PeppolKeyStoreHelper.Config2018.CERTIFICATE_PILOT_SMP);
private static final PeppolCAChecker TEST_SMP = new PeppolCAChecker (PeppolKeyStoreHelper.Config2018.CERTIFICATE_PILOT_SMP);
private static final PeppolCAChecker PROD_SMP = new PeppolCAChecker (PeppolKeyStoreHelper.Config2018.CERTIFICATE_PRODUCTION_SMP);
private static final PeppolCAChecker ALL_SMP = new PeppolCAChecker (PeppolKeyStoreHelper.Config2018.CERTIFICATE_PILOT_SMP,
PeppolKeyStoreHelper.Config2018.CERTIFICATE_PRODUCTION_SMP);

private static final PeppolCAChecker PILOT_EB2B_AP = new PeppolCAChecker (PeppolKeyStoreHelper.Config2018.CERTIFICATE_PILOT_EB2B_AP);
private static final PeppolCAChecker TEST_EB2B_AP = new PeppolCAChecker (PeppolKeyStoreHelper.Config2018.CERTIFICATE_PILOT_EB2B_AP);

private PeppolCertificateChecker ()
{}
Expand All @@ -73,9 +73,9 @@ private PeppolCertificateChecker ()
* @since 9.6.0
*/
@Nonnull
public static PeppolCAChecker peppolPilotAP ()
public static PeppolCAChecker peppolTestAP ()
{
return PILOT_AP;
return TEST_AP;
}

/**
Expand Down Expand Up @@ -103,9 +103,9 @@ public static PeppolCAChecker peppolAllAP ()
* @since 9.6.0
*/
@Nonnull
public static PeppolCAChecker peppolPilotSMP ()
public static PeppolCAChecker peppolTestSMP ()
{
return PILOT_SMP;
return TEST_SMP;
}

/**
Expand Down Expand Up @@ -133,9 +133,9 @@ public static PeppolCAChecker peppolAllSMP ()
* @since 9.6.0
*/
@Nonnull
public static PeppolCAChecker peppolPilotEb2bAP ()
public static PeppolCAChecker peppolTestEb2bAP ()
{
return PILOT_EB2B_AP;
return TEST_EB2B_AP;
}

/**
Expand Down Expand Up @@ -184,15 +184,15 @@ public static void clearOCSPCache ()
*/
public static void clearRevocationCheckCache ()
{
PILOT_AP.clearRevocationCache ();
TEST_AP.clearRevocationCache ();
PROD_AP.clearRevocationCache ();
ALL_AP.clearRevocationCache ();

PILOT_SMP.clearRevocationCache ();
TEST_SMP.clearRevocationCache ();
PROD_SMP.clearRevocationCache ();
ALL_SMP.clearRevocationCache ();

PILOT_EB2B_AP.clearRevocationCache ();
TEST_EB2B_AP.clearRevocationCache ();

LOGGER.info ("The PeppolCertificateChecker revocation cache was cleared");
}
Expand Down Expand Up @@ -231,7 +231,7 @@ public static RevocationCheckBuilder peppolRevocationCheck ()
*/
@Nonnull
public static EPeppolCertificateCheckResult checkCertificate (@Nullable final ICommonsSet <X500Principal> aIssuers,
@Nullable final PeppolRevocationCache aRevocationCache,
@Nullable final RevocationCheckResultCache aRevocationCache,
@Nonnull final AbstractRevocationCheckBuilder <?> aRevocationChecker)
{
ValueEnforcer.notNull (aRevocationChecker, "RevocationChecker");
Expand Down Expand Up @@ -351,7 +351,7 @@ public static EPeppolCertificateCheckResult checkCertificate (@Nullable final IC
* May be <code>null</code> to use the global flag from
* {@link CertificateRevocationCheckerDefaults#getRevocationCheckMode()}.
* @return {@link EPeppolCertificateCheckResult} and never <code>null</code>.
* @deprecated Use {@link #peppolAllAP()}, {@link #peppolPilotAP()} or
* @deprecated Use {@link #peppolAllAP()}, {@link #peppolTestAP()} or
* {@link #peppolProductionAP()} with
* {@link PeppolCAChecker#checkCertificate(X509Certificate, OffsetDateTime, ETriState, ERevocationCheckMode)}
* instead
Expand Down Expand Up @@ -383,7 +383,7 @@ public static EPeppolCertificateCheckResult checkPeppolAPCertificate (@Nullable
* May be <code>null</code> to use the global flag from
* {@link CertificateRevocationCheckerDefaults#getRevocationCheckMode()}.
* @return {@link EPeppolCertificateCheckResult} and never <code>null</code>.
* @deprecated Use {@link #peppolAllSMP()}, {@link #peppolPilotSMP()} or
* @deprecated Use {@link #peppolAllSMP()}, {@link #peppolTestSMP()} or
* {@link #peppolProductionSMP()} with
* {@link PeppolCAChecker#checkCertificate(X509Certificate, OffsetDateTime, ETriState, ERevocationCheckMode)}
* instead
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -41,6 +41,7 @@
public final class PeppolCertificateHelper
{
public static final String PRINCIPAL_TYPE_CN = "CN";
public static final String PRINCIPAL_TYPE_O = "O";

private PeppolCertificateHelper ()
{}
Expand Down
Loading

0 comments on commit 6f42b81

Please sign in to comment.