Skip to content
This repository has been archived by the owner on Sep 15, 2023. It is now read-only.

Commit

Permalink
Merge pull request #7 from admin-ch/feature/revocation-list-v2
Browse files Browse the repository at this point in the history 
sync revocation list from v2 endpoint
  • Loading branch information
@ubhaller
ubhaller authored Sep 17, 2021
2 parents 9591b37 + 7276c4a commit 40c1115
Show file tree
Hide file tree
Showing 4 changed files with 56 additions and 26 deletions.
56 changes: 46 additions & 10 deletions .../bag/covidcertificate/backend/verification/check/ws/verification/VerificationService.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -52,6 +52,9 @@ public class VerificationService {
private static final String SINCE_PARAM = "since";
private static final String CERT_FORMAT_PARAM = "certFormat";
private static final String UP_TO_PARAM = "upTo";

private static final int MAX_REQUESTS = 1000;

private final TrustListConfig trustListConfig = new TrustListConfig();
private final CertificateVerifier certificateVerifier = new CertificateVerifier();

Expand All @@ -63,7 +66,7 @@ public class VerificationService {
@Value("${verifier.dsc.endpoint:/trust/v2/keys/updates}")
private String dscEndpoint;

@Value("${verifier.revocation.endpoint:/trust/v1/revocationList}")
@Value("${verifier.revocation.endpoint:/trust/v2/revocationList}")
private String revocationEndpoint;

@Value("${verifier.rules.endpoint:/trust/v1/verificationRules}")
Expand Down Expand Up @@ -107,21 +110,28 @@ private Jwks getDSCs() throws URISyntaxException {
List<Jwk> jwkList = new ArrayList<>();
boolean done = false;
int it = 0;
int MAX_REQUESTS = 1000;
do {
ResponseEntity<Jwks> response =
rt.exchange(getRequestEntity(dscEndpoint, params), Jwks.class);
jwkList.addAll(response.getBody().getCerts());
params.put(SINCE_PARAM, response.getHeaders().get(NEXT_SINCE_HEADER).get(0));
done = upToDateHeaderIsTrue(response);

HttpHeaders headers = response.getHeaders();
List<String> nextSince = headers.get(NEXT_SINCE_HEADER);
if (nextSince != null && !nextSince.isEmpty()) {
params.put(SINCE_PARAM, nextSince.get(0));
done = upToDateHeaderIsTrue(headers);
} else { // fallback. exit loop if no next since header sent
done = true;
}

it++;
} while (!done && it < MAX_REQUESTS);
logger.info("downloaded {} DSCs", jwkList.size());
return new Jwks(jwkList);
}

private boolean upToDateHeaderIsTrue(ResponseEntity<Jwks> response) {
List<String> upToDateHeaders = response.getHeaders().get(UP_TO_DATE_HEADER);
private boolean upToDateHeaderIsTrue(HttpHeaders headers) {
List<String> upToDateHeaders = headers.get(UP_TO_DATE_HEADER);
if (upToDateHeaders != null) {
for (String upToDateHeader : upToDateHeaders) {
if (Boolean.TRUE.toString().equals(upToDateHeader)) {
Expand All @@ -147,15 +157,41 @@ private Map<String, String> getKeyUpdatesParams() {
*/
private RevokedCertificates getRevokedCerts() throws URISyntaxException {
logger.info("Updating list of revoked certificates");
RevokedCertificates revokedCerts =
Map<String, String> params = new HashMap<>();
ResponseEntity<RevokedCertificates> response =
rt.exchange(
getRequestEntity(revocationEndpoint, new HashMap<>()),
RevokedCertificates.class)
.getBody();
getRequestEntity(revocationEndpoint, params), RevokedCertificates.class);
RevokedCertificates revokedCerts = response.getBody();
boolean done = upToDateHeaderIsTrue(response.getHeaders());
int it = 1;
while (!done && it < MAX_REQUESTS) {
HttpHeaders headers = response.getHeaders();
List<String> nextSince = headers.get(NEXT_SINCE_HEADER);
if (nextSince != null && !nextSince.isEmpty()) {
params.put(SINCE_PARAM, nextSince.get(0));
response =
rt.exchange(
getRequestEntity(revocationEndpoint, params),
RevokedCertificates.class);
addRevokedCerts(revokedCerts, response.getBody());
done = upToDateHeaderIsTrue(headers);
} else { // fallback. exit loop if no next since header sent
done = true;
}

it++;
}

logger.info("downloaded {} revoked certificates", revokedCerts.getRevokedCerts().size());
return revokedCerts;
}

private void addRevokedCerts(RevokedCertificates revokedCerts, RevokedCertificates toAdd) {
if (revokedCerts != null && toAdd != null) {
revokedCerts.getRevokedCerts().addAll(toAdd.getRevokedCerts());
}
}

/**
* Sends a request to the VerifierService to obtain an up-to-date list of national rules
*
Expand Down
22 changes: 8 additions & 14 deletions ...ion-check/ch-covidcertificate-backend-verification-check-ws/src/main/resources/banner.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -46,18 +46,12 @@
80GGCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCG08
8880000000000000000000000000000000000000000000000000000888

▄▄▄▄▄▄▄ ▄▄ ▄▄ ▄▄▄▄▄▄▄ ▄▄▄▄▄▄▄ ▄▄ ▄▄ ▄▄▄ ▄▄▄▄▄▄ ▄▄▄▄▄▄▄ ▄▄▄▄▄▄▄ ▄▄▄▄▄▄ ▄▄▄▄▄▄▄
█ █ █ █ █ █ █ █ █ █ █ █ ██ █ █ ▄ █ █ █
█ █ █▄█ █ █ █ ▄ █ █▄█ █ █ ▄ █ █ ▄▄▄█ █ █ █ █▄ ▄█
█ ▄▄█ █ █ ▄▄█ █ █ █ █ █ █ █ █ ▄▄█ █▄▄▄█ █▄▄█▄ █ █
█ █ █ ▄ █ █ █ █ █▄█ █ █ █ █▄█ █ █ █ ▄▄▄█ ▄▄ █ █ █
█ █▄▄█ █ █ █ █ █▄▄█ ██ ██ █ █ █▄▄█ █▄▄▄█ █ █ █ █ █
█▄▄▄▄▄▄▄█▄▄█ █▄▄█ █▄▄▄▄▄▄▄█▄▄▄▄▄▄▄█ █▄▄▄█ █▄▄▄█▄▄▄▄▄▄██▄▄▄▄▄▄▄█▄▄▄▄▄▄▄█▄▄▄█ █▄█ █▄▄▄█
___ _ _ ___ _ _ _ _ __ _ _
/ __| || | / __|_____ _(_)__| |__ ___ _ _| |_(_)/ _(_)__ __ _| |_ ___
| (__| __ | | (__/ _ \ V / / _` / _/ -_) '_| _| | _| / _/ _` | _/ -_)
\___|_||_| \___\___/\_/|_\__,_\__\___|_| \__|_|_| |_\__\__,_|\__\___|

▄▄ ▄▄ ▄▄▄▄▄▄▄ ▄▄▄▄▄▄ ▄▄▄ ▄▄▄▄▄▄▄ ▄▄▄ ▄▄▄▄▄▄▄ ▄▄▄▄▄▄ ▄▄▄▄▄▄▄ ▄▄▄ ▄▄▄▄▄▄▄ ▄▄ ▄
█ █ █ █ █ ▄ █ █ █ █ █ █ █ █ █ █ █ █ █
█ █▄█ █ ▄▄▄█ █ █ █ █ █ ▄▄▄█ █ █ ▄ █▄ ▄█ █ ▄ █ █▄█ █
█ █ █▄▄▄█ █▄▄█▄█ █ █▄▄▄█ █ ▄▄█ █▄█ █ █ █ █ █ █ █ █ █
█ █ ▄▄▄█ ▄▄ █ █ ▄▄▄█ █ █ █ █ █ █ █ █ █▄█ █ ▄ █
█ ██ █▄▄▄█ █ █ █ █ █ █ █ █▄▄█ ▄ █ █ █ █ █ █ █ █ █
█▄▄▄█ █▄▄▄▄▄▄▄█▄▄▄█ █▄█▄▄▄█▄▄▄█ █▄▄▄█▄▄▄▄▄▄▄█▄█ █▄▄█ █▄▄▄█ █▄▄▄█▄▄▄▄▄▄▄█▄█ █▄▄█
__ __ _ __ _ _ _ ___ _ _ __ __ ___
\ \ / /__ _ _(_)/ _(_)__ __ _| |_(_)___ _ _ / __| |_ ___ __| |__ \ \ / // __|
\ V / -_) '_| | _| / _/ _` | _| / _ \ ' \ | (__| ' \/ -_) _| / / \ \/\/ / \__ \
\_/\___|_| |_|_| |_\__\__,_|\__|_\___/_||_| \___|_||_\___\__|_\_\ \_/\_/ |___/
2 changes: 1 addition & 1 deletion ...t/java/ch/admin/bag/covidcertificate/backend/verification/check/ws/config/TestConfig.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,7 @@ public class TestConfig implements WebMvcConfigurer {
@Value("${verifier.dsc.endpoint:/trust/v1/keys/updates}")
private String dscEndpoint;

@Value("${verifier.revocation.endpoint:/trust/v1/revocationList}")
@Value("${verifier.revocation.endpoint:/trust/v2/revocationList}")
private String revocationEndpoint;

@Value("${verifier.rules.endpoint:/trust/v1/verificationRules}")
Expand Down
2 changes: 1 addition & 1 deletion ...dmin/bag/covidcertificate/backend/verification/check/ws/util/VerificationServiceTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,7 @@ class VerificationServiceTest {
private static final String verifierBaseUrl = "verifier.test.ch";
private static final String dscEndpoint = "/trust/v1/keys/updates";
private static final String rulesEndpoint = "/trust/v1/verificationRules";
private static final String revocationEndpoint = "/trust/v1/revocationList";
private static final String revocationEndpoint = "/trust/v2/revocationList";
private static Map<String, String> etagMap = new HashMap<>();
@Autowired ObjectMapper objectMapper;

Expand Down

0 comments on commit 40c1115

Please sign in to comment.