Posts made in novembre, 2021
Configurer Retrofit ssl avec un jks
Ajouts des dependences maven : Shell com.squareup.retrofit2 retrofit com.squareup.retrofit2 converter-jackson com.squareup.okhttp3 logging-interceptor com.squareup.retrofit2 converter-scalars com.fasterxml.jackson.datatype jackson-datatype-jsr310</code><code> 123456789101112131415161718192021 com.squareup.retrofit2 retrofit com.squareup.retrofit2 converter-jackson com.squareup.okhttp3 logging-interceptor com.squareup.retrofit2 converter-scalars com.fasterxml.jackson.datatype jackson-datatype-jsr310</code><code> Voici la classe de config : Shell import com.fasterxml.jackson.databind.DeserializationFeature; import com.fasterxml.jackson.databind.ObjectMapper; import com.fasterxml.jackson.datatype.jsr310.JavaTimeModule; import java.io.File; import java.io.FileInputStream; import java.io.IOException; import java.io.InputStream; import java.security.KeyManagementException; import java.security.KeyStore; import java.security.KeyStoreException; import java.security.NoSuchAlgorithmException; import java.security.SecureRandom; import java.security.UnrecoverableKeyException; import java.security.cert.CertificateException; import java.time.Duration; import javax.net.ssl.KeyManagerFactory; import javax.net.ssl.SSLContext; import javax.net.ssl.TrustManagerFactory; import javax.net.ssl.X509TrustManager; import okhttp3.OkHttpClient; import okhttp3.logging.HttpLoggingInterceptor; import org.apache.commons.lang3.StringUtils; import org.springframework.beans.factory.annotation.Value; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import retrofit2.Retrofit; import retrofit2.converter.jackson.JacksonConverterFactory; import retrofit2.converter.scalars.ScalarsConverterFactory; @Configuration public class GedConfig { @Value("${wps.ged}") String gedUrl; @Value("${wps.jks.path}") private String pathJks; @Value("${wps.jks.password}") private String passwordJks; @Bean public Retrofit retrofitGedConfig() throws IOException, KeyStoreException, CertificateException, NoSuchAlgorithmException, UnrecoverableKeyException, KeyManagementException { String url = (StringUtils.endsWith(gedUrl, "/")) ? StringUtils.substringBeforeLast(gedUrl, "/") : gedUrl; return new Retrofit.Builder() .client(buildOkHttpClient()) .baseUrl(url) .addConverterFactory(ScalarsConverterFactory.create()) .addConverterFactory(JacksonConverterFactory.create( new ObjectMapper().registerModule(new JavaTimeModule()).disable(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES))) .build(); } @SuppressWarnings({"java:S5527", "java:S3510"}) private OkHttpClient buildOkHttpClient() throws CertificateException, KeyStoreException, IOException, NoSuchAlgorithmException, UnrecoverableKeyException, KeyManagementException { KeyStore keyStore = readKeyStore(new File(pathJks), passwordJks); SSLContext sslContext = SSLContext.getInstance("TLSv1.2"); TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); trustManagerFactory.init(keyStore); KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); keyManagerFactory.init(keyStore, passwordJks.toCharArray()); sslContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), new SecureRandom()); OkHttpClient.Builder builder = new OkHttpClient.Builder().connectTimeout(Duration.ofMinutes(3)).readTimeout(Duration.ofSeconds(60)); builder.sslSocketFactory(sslContext.getSocketFactory(), (X509TrustManager) trustManagerFactory.getTrustManagers()[0]); HttpLoggingInterceptor interceptor = new HttpLoggingInterceptor(); interceptor.setLevel(HttpLoggingInterceptor.Level.BODY); return builder.addInterceptor(interceptor).build(); } private KeyStore readKeyStore(File keystoreFile, String password) throws KeyStoreException, IOException, CertificateException, NoSuchAlgorithmException { KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType()); try (InputStream fis = new FileInputStream(keystoreFile)) { ks.load(fis, password.toCharArray()); } return ks; } } 12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485 import com.fasterxml.jackson.databind.DeserializationFeature;import com.fasterxml.jackson.databind.ObjectMapper;import com.fasterxml.jackson.datatype.jsr310.JavaTimeModule;import java.io.File;import java.io.FileInputStream;import java.io.IOException;import java.io.InputStream;import java.security.KeyManagementException;import java.security.KeyStore;import java.security.KeyStoreException;import java.security.NoSuchAlgorithmException;import java.security.SecureRandom;import java.security.UnrecoverableKeyException;import java.security.cert.CertificateException;import java.time.Duration;import javax.net.ssl.KeyManagerFactory;import javax.net.ssl.SSLContext;import javax.net.ssl.TrustManagerFactory;import javax.net.ssl.X509TrustManager;import okhttp3.OkHttpClient;import okhttp3.logging.HttpLoggingInterceptor;import org.apache.commons.lang3.StringUtils;import org.springframework.beans.factory.annotation.Value;import org.springframework.context.annotation.Bean;import org.springframework.context.annotation.Configuration;import retrofit2.Retrofit;import retrofit2.converter.jackson.JacksonConverterFactory;import retrofit2.converter.scalars.ScalarsConverterFactory; @Configurationpublic class GedConfig { @Value("${wps.ged}") String gedUrl; @Value("${wps.jks.path}") private String pathJks; @Value("${wps.jks.password}") private String passwordJks; @Bean public Retrofit retrofitGedConfig() throws IOException, KeyStoreException, CertificateException, NoSuchAlgorithmException, UnrecoverableKeyException, KeyManagementException { String url = (StringUtils.endsWith(gedUrl, "/")) ? StringUtils.substringBeforeLast(gedUrl, "/") : gedUrl; return new Retrofit.Builder() .client(buildOkHttpClient()) .baseUrl(url) .addConverterFactory(ScalarsConverterFactory.create()) .addConverterFactory(JacksonConverterFactory.create( new ObjectMapper().registerModule(new JavaTimeModule()).disable(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES))) .build(); } @SuppressWarnings({"java:S5527", "java:S3510"}) private OkHttpClient buildOkHttpClient() throws CertificateException, KeyStoreException, IOException, NoSuchAlgorithmException, UnrecoverableKeyException, KeyManagementException { KeyStore keyStore = readKeyStore(new File(pathJks), passwordJks); SSLContext sslContext = SSLContext.getInstance("TLSv1.2"); TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); trustManagerFactory.init(keyStore); KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); keyManagerFactory.init(keyStore, passwordJks.toCharArray()); sslContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), new SecureRandom()); OkHttpClient.Builder builder = new OkHttpClient.Builder().connectTimeout(Duration.ofMinutes(3)).readTimeout(Duration.ofSeconds(60)); builder.sslSocketFactory(sslContext.getSocketFactory(), (X509TrustManager) trustManagerFactory.getTrustManagers()[0]); HttpLoggingInterceptor interceptor = new HttpLoggingInterceptor(); interceptor.setLevel(HttpLoggingInterceptor.Level.BODY); return builder.addInterceptor(interceptor).build(); } private KeyStore readKeyStore(File keystoreFile, String password) throws KeyStoreException, IOException, CertificateException, NoSuchAlgorithmException { KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType()); try (InputStream fis = new FileInputStream(keystoreFile)) { ks.load(fis, password.toCharArray()); } return...
Read MoreAjouter @Autowired au constructeur générer par lombok
Shell @RequiredArgsConstructor(onConstructor_ = @Autowired) 1 @RequiredArgsConstructor(onConstructor_ =...
Read MoreDB2 suppression d’une clonne
Lorsqu’on execute une requete de supression de colonne sur l’as400 Shell ALTER TABLE COMMANDEPIECE DROP COLUMN excludeCutOff; 1 ALTER TABLE COMMANDEPIECE DROP COLUMN excludeCutOff; Il est possible que l’as400 nous renvoie une erreur car nous n’avons pas la permission de supprimer une colonne.Il suffit d’ajouter l’instruction suivante pour obtenir les droits : Shell CALL QSYS.QCMDEXC ('CHGJOB INQMSGRPY(*SYSRPYL)', 0000000026.00000); 1 CALL QSYS.QCMDEXC ('CHGJOB INQMSGRPY(*SYSRPYL)',...
Read MoreGestion des certificats auto-signés
Récupération d’un certificat Avec OpenSSL Aprés avoir installé et lancé le programme, on peut récupérer des certificats pour différents protocoles : http s_client -connect smtp.gmail.com:465 ftp avec tls s_client -connect qlf-ftpssl.pci.aw.atosorigin.com:20001 -starttls ftp smtp avec tls s_client -connect smtp.gmail.com:587 -starttls smtp Création du certificat crt Après avoir exécuté la commande, il faut copier les lignes depuis la ligne BEGIN CERTIFICATE (comprise) jusqu’à la ligne (END CERTIFICATE) puis un saut de ligne. Il faut ensuite convertir le fichier obtenu en UTF-8 vec Notepad++. Génération d’un keyStore Java (JKS) C:\Program Files\Java\jdk1.8.0_121\bin>keytool -importcert -trustcacerts -alias intermediate -file C:\FTP\myCert.crt -keystore C:\FTP\keystore.jks Lister les certificats présents dans un keyStore keytool -v -list -keystore keystore.jks Ajouter un certificat à un keyStore existant keytool -import -alias "myCert" -file myCert.crt -keystore keystore.jks Chargement du fichier JKS dans un objet KeyStore KeyStore ks = KeyStore.getInstance("JKS"); Resource jks = new ClassPathResource("keystore.jks"); ks.load(jks.getInputStream(), "password_choisi_lors_de_la_creation_du_jks".toCharArray()); Utilisation avec RestTemplate pour des connexions SSL en REST @Bean public RestTemplate restTemplate() throws Exception { KeyStore ks = ... SSLConnectionSocketFactory socketFactory = new SSLConnectionSocketFactory( new SSLContextBuilder().loadTrustMaterial(null, new TrustSelfSignedStrategy()) .loadKeyMaterial(ks, passwordJks.toCharArray()).build(), NoopHostnameVerifier.INSTANCE); HttpClient httpClient = HttpClients.custom().setSSLSocketFactory(socketFactory).build(); ClientHttpRequestFactory requestFactory = new HttpComponentsClientHttpRequestFactory(httpClient); return new RestTemplate(requestFactory);...
Read MoreJUNIT tester les log d’erreur
Il peut arriver des situations, ou l’on a envie de s’assurer qu’un log.error() est bien effectué lorsqu’on rentre dans une condition. Exemple de classe à tester : Java @Component public class VendeurUtil { private static final Logger LOGGER = LoggerFactory.getLogger(VendeurUtil.class); // ... private void ajouterNouveauCompte(@Nonnull final Marchand vendeur, final PaymentInfoDTO paymentInfoDTO, @Nonnull final Devise devise, final TypeEtatKYC typeEtatHistoKYC, final Utilisateur currentUser, @Nonnull final Marketplace marketplace) { if (!(paymentInfoDTO instanceof IbanBankAccountInformation)) { LOGGER.error( "Les informations bancaire du vendeur {} de la marketplace {} n'est pas un 'IBAN' et n'est pas géré. Aucune infos bancaire ajoutées pour le vendeur.", vendeur.getIdShop(), marketplace.getCodeClient()); return; } } 12345678910111213141516 @Componentpublic class VendeurUtil { private static final Logger LOGGER = LoggerFactory.getLogger(VendeurUtil.class); // ... private void ajouterNouveauCompte(@Nonnull final Marchand vendeur, final PaymentInfoDTO paymentInfoDTO, @Nonnull final Devise devise, final TypeEtatKYC typeEtatHistoKYC, final Utilisateur currentUser, @Nonnull final Marketplace marketplace) { if (!(paymentInfoDTO instanceof IbanBankAccountInformation)) { LOGGER.error( "Les informations bancaire du vendeur {} de la marketplace {} n'est pas un 'IBAN' et n'est pas géré. Aucune infos bancaire ajoutées pour le vendeur.", vendeur.getIdShop(), marketplace.getCodeClient()); return; } } Et dans le teste on peut tester cela comme ceci : Java import ch.qos.logback.classic.Level; import ch.qos.logback.classic.spi.ILoggingEvent; import ch.qos.logback.core.read.ListAppender; import org.assertj.core.groups.Tuple; import static org.assertj.core.api.Assertions.assertThat; @RunWith(MockitoJUnitRunner.class)<br />public class VendeurUtilTest { @Before<br />public void init() { // log Logger logger = (Logger) LoggerFactory.getLogger(CantonnementService.class); logAppender = new ListAppender<>(); logAppender.start(); logger.addAppender(logAppender); } @Test public void createVendeurFromShopMarketplace_withoutBank_shouldAlertSupport() { //GIVEN : a non supported payment info myShop.setPayment_info(new UKBankAccountInformation()); //WHEN Marchand vendeur = instance.createVendeurFromShopMarketplace(myShop, marketplace, null, EUR, histoKYC, user, null); //THEN assertLogContains(logAppender, Level.ERROR, "Les informations bancaire du vendeur 1 de la marketplace CASTO n'est pas un 'IBAN' et n'est pas géré. Aucune infos bancaire ajoutées pour le vendeur.", null); } 123456789101112131415161718192021222324252627282930 import ch.qos.logback.classic.Level;import ch.qos.logback.classic.spi.ILoggingEvent;import ch.qos.logback.core.read.ListAppender;import org.assertj.core.groups.Tuple;import static org.assertj.core.api.Assertions.assertThat; @RunWith(MockitoJUnitRunner.class)<br />public class VendeurUtilTest { @Before<br />public void init() { // log Logger logger = (Logger) LoggerFactory.getLogger(CantonnementService.class); logAppender = new ListAppender<>(); logAppender.start(); logger.addAppender(logAppender);} @Testpublic void createVendeurFromShopMarketplace_withoutBank_shouldAlertSupport() { //GIVEN : a non supported payment infomyShop.setPayment_info(new UKBankAccountInformation()); //WHEN Marchand vendeur = instance.createVendeurFromShopMarketplace(myShop, marketplace, null, EUR, histoKYC, user, null); //THENassertLogContains(logAppender, Level.ERROR, "Les informations bancaire du vendeur 1 de la marketplace CASTO n'est pas un 'IBAN' et n'est pas géré. Aucune infos bancaire ajoutées pour le vendeur.", null);} Shell private assertLogContains(@Nonnull ListAppender<ILoggingEvent> logAppender, @Nonnull Level level, @Nonnull String formattedMessage, @Nullable<br /> Throwable throwable) {<br /> List<Tuple> expectedLogLines = logAppender.list.stream()<br /> .map(l -> new Tuple(l.getLevel(), l.getFormattedMessage(), l.getThrowableProxy() == null ? null : l.getThrowableProxy().getClassName(),<br /> l.getThrowableProxy() == null ? null : l.getThrowableProxy().getMessage()))<br /> .collect(toList());<br /><br /> assertThat(expectedLogLines).contains(<br /> new Tuple(level, formattedMessage, throwable == null ? null : throwable.getClass().getCanonicalName(),<br...
Read More