Fix Unit-Tests

Fix Checkstyle
WorldHealthOrganization · May 23, 2024 · a072319 · a072319
1 parent 525e48a
commit a072319
Show file tree

Hide file tree

Showing 8 changed files with 154 additions and 116 deletions.
diff --git a/src/main/java/tng/trustnetwork/keydistribution/config/KdsConfigProperties.java b/src/main/java/tng/trustnetwork/keydistribution/config/KdsConfigProperties.java
@@ -98,6 +98,9 @@ public static class DidConfig {
         private String didId;
         private String didController;
 
+        private String trustListPath;
+        private String trustListRefPath;
+
         private String trustListIdPrefix;
         private String trustListControllerPrefix;
 

diff --git a/src/main/java/tng/trustnetwork/keydistribution/repository/SignerInformationRepository.java b/src/main/java/tng/trustnetwork/keydistribution/repository/SignerInformationRepository.java
@@ -41,7 +41,8 @@ public interface SignerInformationRepository extends JpaRepository<SignerInforma
 
     List<SignerInformationEntity> getByDomainIsAndCountryIsAndGroupIs(String domain, String country, String group);
 
-    List<SignerInformationEntity> getBySubjectHashIsAndCountryIsAndDomainIs(String subjectHash, String country, String domain);
+    List<SignerInformationEntity> getBySubjectHashIsAndCountryIsAndDomainIs(
+        String subjectHash, String country, String domain);
 
     @Query("SELECT DISTINCT s.country FROM SignerInformationEntity s")
     List<String> getCountryList();

diff --git a/src/main/java/tng/trustnetwork/keydistribution/service/KdsCertUtils.java b/src/main/java/tng/trustnetwork/keydistribution/service/KdsCertUtils.java
@@ -1,20 +1,26 @@
 package tng.trustnetwork.keydistribution.service;
 
 import eu.europa.ec.dgc.utils.CertificateUtils;
-import lombok.RequiredArgsConstructor;
-import org.bouncycastle.cert.X509CertificateHolder;
-import org.springframework.stereotype.Service;
 import java.io.IOException;
 import java.security.cert.CertificateException;
 import java.security.cert.X509Certificate;
 import java.util.Base64;
+import lombok.RequiredArgsConstructor;
+import org.bouncycastle.cert.X509CertificateHolder;
+import org.springframework.stereotype.Service;
 
 @Service
 @RequiredArgsConstructor
 public class KdsCertUtils {
 
     private final CertificateUtils certificateUtils;
 
+    /**
+     * Parse Base64 Encoded Certificate.
+     *
+     * @param raw Base64 encoded certificate in DER format
+     * @return parsed Certificate instance
+     */
     public X509Certificate parseCertificate(String raw) {
 
         try {

diff --git a/src/main/java/tng/trustnetwork/keydistribution/service/SignerInformationService.java b/src/main/java/tng/trustnetwork/keydistribution/service/SignerInformationService.java
@@ -21,11 +21,11 @@
 package tng.trustnetwork.keydistribution.service;
 
 import eu.europa.ec.dgc.gateway.connector.model.TrustedCertificateTrustListItem;
+import eu.europa.ec.dgc.utils.CertificateUtils;
 import java.security.NoSuchAlgorithmException;
 import java.security.cert.X509Certificate;
 import java.time.ZonedDateTime;
 import java.util.List;
-import eu.europa.ec.dgc.utils.CertificateUtils;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.stereotype.Component;

diff --git a/src/main/java/tng/trustnetwork/keydistribution/service/did/DidTrustListService.java b/src/main/java/tng/trustnetwork/keydistribution/service/did/DidTrustListService.java
@@ -49,6 +49,7 @@
 import java.util.Map;
 import java.util.MissingResourceException;
 import java.util.function.Supplier;
+import lombok.AccessLevel;
 import lombok.Getter;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
@@ -103,22 +104,43 @@ public class DidTrustListService {
     @Getter
     private class DidSpecification {
 
+        @Getter(AccessLevel.PRIVATE)
         private final List<String> path;
 
         private final Supplier<List<SignerInformationEntity>> certSupplier;
 
         private final Supplier<List<TrustedIssuerEntity>> issuerSupplier;
 
-        public String getDocumentId() {
+        public List<String> getPath(boolean ref) {
+            ArrayList<String> path = new ArrayList<>(this.path);
+            path.add(0, getListPathElement(ref));
+            return path;
+        }
+
+        public String getDocumentId(boolean ref) {
             //Example: did:web:tng-cdn-dev.who.int:trustlist:v.2.0.0:DDCC:XXA:DSC
             return configProperties.getDid().getDidId()
+                + SEPARATOR_DID_PATH + getListPathElement(ref)
                 + (path.isEmpty() ? "" : SEPARATOR_DID_PATH
                 + String.join(SEPARATOR_DID_PATH, path));
         }
 
         public String getEntryId(String kid) {
             //Example: did:web:tng-cdn-dev.who.int:trustlist:v.2.0.0:DDCC:XXA:DSC#kidkidkid
-            return getDocumentId() + SEPARATOR_DID_ID + kid;
+            return getDocumentId(false) + SEPARATOR_DID_ID + kid;
+        }
+
+        private String getListPathElement(boolean ref) {
+            if (ref && configProperties.getDid().getTrustListRefPath() != null
+                    && !configProperties.getDid().getTrustListRefPath().isEmpty()) {
+                return configProperties.getDid().getTrustListRefPath();
+
+            } else if (!ref && configProperties.getDid().getTrustListPath() != null
+                && !configProperties.getDid().getTrustListPath().isEmpty()) {
+                return configProperties.getDid().getTrustListPath();
+            } else {
+                return "";
+            }
         }
     }
 
@@ -207,13 +229,10 @@ public void job() {
             .put(specification, this.generateTrustList(specification, true)));
 
         didDocuments.forEach((specification, document) ->
-                                 saveDid(String.join("/", specification.getPath()), document));
+                                 saveDid(String.join("/", specification.getPath(false)), document));
 
-        /*didRefDocuments.forEach((specification, document) -> {
-            ArrayList<String> path = new ArrayList<>(specification.getPath());
-            path.add(0, "ref");
-            saveDid(String.join("/", path), document);
-        });*/
+        didRefDocuments.forEach((specification, document) ->
+                                    saveDid(String.join("/", specification.getPath(true)), document));
 
         log.info("Finished DID Export Process: {} documents", didDocuments.size());
 
@@ -243,8 +262,8 @@ private String generateTrustList(DidSpecification specification, boolean onlyRef
 
         DidTrustList trustList = new DidTrustList();
         trustList.setContext(DID_CONTEXTS);
-        trustList.setId(specification.getDocumentId());
-        trustList.setController(specification.getDocumentId());
+        trustList.setId(specification.getDocumentId(onlyReferences));
+        trustList.setController(specification.getDocumentId(onlyReferences));
         trustList.setVerificationMethod(new ArrayList<>());
 
         // Add Certificates
@@ -341,7 +360,7 @@ private void addTrustListEntry(DidTrustList trustList,
         trustListEntry.setType("JsonWebKey2020");
         trustListEntry.setId(specification.getEntryId(
             URLEncoder.encode(signerInformationEntity.getKid(), StandardCharsets.UTF_8)));
-        trustListEntry.setController(specification.getDocumentId());
+        trustListEntry.setController(specification.getDocumentId(false));
         trustListEntry.setPublicKeyJwk(publicKeyJwk);
 
         trustList.getVerificationMethod().add(trustListEntry);
@@ -366,14 +385,16 @@ private String getMappedGroupName(String groupName) {
      * Recursively resolve certificate chains based on current database.
      * Resolving is done country-code and domain aware.
      *
-     * @param issuers List of SignerInformationEntity will be filled with found certs. Provide an empty List for initial call.
+     * @param issuers List of SignerInformationEntity will be filled with found certs.
+     *                Provide an empty List for initial call.
      * @param cert SignerInformationEntity to search issuers for.
      */
     private void searchIssuer(List<SignerInformationEntity> issuers, SignerInformationEntity cert) {
 
         try {
             X509Certificate parsedCertificate = kdsCertUtils.parseCertificate(cert.getRawData());
-            String issuerSubjectHash = certificateUtils.calculateHash(parsedCertificate.getIssuerX500Principal().getEncoded());
+            String issuerSubjectHash = certificateUtils.calculateHash(parsedCertificate.getIssuerX500Principal()
+                                                                                       .getEncoded());
 
             List<SignerInformationEntity> possibleIssuers = signerInformationService
                 .getCertificatesBySubjectHashCountryDomain(issuerSubjectHash, cert.getCountry(), cert.getDomain());
@@ -398,6 +419,7 @@ private void searchIssuer(List<SignerInformationEntity> issuers, SignerInformati
                 }
             });
         } catch (NoSuchAlgorithmException ignored) {
+            log.error("Failed to calculate Hash for Certificate Subject");
         }
     }
 

diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml
@@ -98,6 +98,8 @@ dgc:
     didSigningProvider: dummy
     ld-proof-verification-method: did:web:dummy.net
     did-id: did:web:abc
+    trust-list-path: trustlist
+    trust-list-ref-path: trustlist-ref
     did-controller: did:web:def
     trust-list-id-prefix: did:web:abc
     trust-list-controller-prefix: did:web:abc