View Javadoc
1   package org.openehealth.ipf.boot;
2   
3   import org.apache.camel.util.jsse.CipherSuitesParameters;
4   import org.apache.camel.util.jsse.ClientAuthentication;
5   import org.apache.camel.util.jsse.KeyManagersParameters;
6   import org.apache.camel.util.jsse.KeyStoreParameters;
7   import org.apache.camel.util.jsse.SSLContextClientParameters;
8   import org.apache.camel.util.jsse.SSLContextParameters;
9   import org.apache.camel.util.jsse.SSLContextServerParameters;
10  import org.apache.camel.util.jsse.SecureSocketProtocolsParameters;
11  import org.apache.camel.util.jsse.TrustManagersParameters;
12  import org.openehealth.ipf.commons.core.config.OrderedConfigurer;
13  import org.openehealth.ipf.commons.core.config.Registry;
14  import org.openehealth.ipf.commons.spring.core.config.SpringConfigurationPostProcessor;
15  import org.openehealth.ipf.commons.spring.core.config.SpringRegistry;
16  import org.openehealth.ipf.commons.spring.map.SpringBidiMappingService;
17  import org.openehealth.ipf.commons.spring.map.config.CustomMappingsConfigurer;
18  import org.springframework.beans.factory.annotation.Autowired;
19  import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
20  import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
21  import org.springframework.boot.autoconfigure.web.ServerProperties;
22  import org.springframework.boot.context.embedded.Ssl;
23  import org.springframework.boot.context.properties.EnableConfigurationProperties;
24  import org.springframework.context.annotation.Bean;
25  import org.springframework.context.annotation.Configuration;
26  
27  import java.util.ArrayList;
28  import java.util.Arrays;
29  import java.util.List;
30  
31  /**
32   * Configure a basic IPF setup, mostly configuring HL7v2 and Mapping stuff
33   */
34  @Configuration
35  @EnableConfigurationProperties(IpfConfigurationProperties.class)
36  public class IpfAutoConfiguration {
37  
38      @Autowired
39      private IpfConfigurationProperties ipfConfigurationProperties;
40  
41      @Bean
42      @ConditionalOnMissingBean(Registry.class)
43      Registry springRegistry() {
44          return new SpringRegistry();
45      }
46  
47      // Dynamically collect CustomMappings, if available
48  
49      @Bean
50      @ConditionalOnMissingBean(SpringConfigurationPostProcessor.class)
51      public SpringConfigurationPostProcessor postProcessor(CustomMappingsConfigurer customMappingsConfigurer) {
52          SpringConfigurationPostProcessor processor = new SpringConfigurationPostProcessor();
53          List<OrderedConfigurer> list = new ArrayList<>();
54          if (customMappingsConfigurer != null) list.add(customMappingsConfigurer);
55          processor.setSpringConfigurers(list);
56          return processor;
57      }
58  
59      @Bean
60      @ConditionalOnMissingBean(CustomMappingsConfigurer.class)
61      protected CustomMappingsConfigurer customMappingsConfigurer(SpringBidiMappingService mappingService) {
62          CustomMappingsConfigurer configurer = new CustomMappingsConfigurer();
63          configurer.setMappingService(mappingService);
64          return configurer;
65      }
66  
67      @Bean
68      @ConditionalOnMissingBean(SpringBidiMappingService.class)
69      public SpringBidiMappingService mappingService() {
70          return new SpringBidiMappingService();
71      }
72  
73  
74      // Set up sslContextParameters bean from the Spring Boot server config. Can be used for e.g.
75      // serving MLLP endpoints or as producer configuration.
76  
77      @Bean(name = "bootSslContextParameters")
78      @ConditionalOnProperty(prefix = "ipf.commons", name = "reuse-ssl-config")
79      public SSLContextParameters sslContextParameters(ServerProperties serverProperties) {
80          Ssl sslConfig = serverProperties.getSsl();
81  
82          // Keystore
83          KeyStoreParameters ksp = new KeyStoreParameters();
84          ksp.setResource(resourceName(sslConfig.getKeyStore()));
85          ksp.setPassword(sslConfig.getKeyStorePassword());
86          ksp.setProvider(sslConfig.getKeyStoreProvider());
87          ksp.setType(sslConfig.getKeyStoreType());
88          KeyManagersParameters kmp = new KeyManagersParameters();
89          kmp.setKeyStore(ksp);
90          kmp.setKeyPassword(sslConfig.getKeyPassword());
91  
92          // Truststore
93          KeyStoreParameters tsp = new KeyStoreParameters();
94          tsp.setResource(resourceName(sslConfig.getTrustStore()));
95          tsp.setPassword(sslConfig.getTrustStorePassword());
96          tsp.setProvider(sslConfig.getTrustStoreProvider());
97          tsp.setType(sslConfig.getTrustStoreType());
98          TrustManagersParameters tmp = new TrustManagersParameters();
99          tmp.setKeyStore(tsp);
100 
101         // Server-side TLS parameters
102         SSLContextServerParameters scsp = new SSLContextServerParameters();
103         if (sslConfig.getClientAuth() == Ssl.ClientAuth.WANT) {
104             scsp.setClientAuthentication(ClientAuthentication.WANT.name());
105         } else if (sslConfig.getClientAuth() == Ssl.ClientAuth.NEED) {
106             scsp.setClientAuthentication(ClientAuthentication.REQUIRE.name());
107         }
108         SecureSocketProtocolsParameters sspp = new SecureSocketProtocolsParameters();
109         sspp.setSecureSocketProtocol(Arrays.asList(sslConfig.getEnabledProtocols()));
110         scsp.setSecureSocketProtocols(sspp);
111         CipherSuitesParameters csp = new CipherSuitesParameters();
112         csp.setCipherSuite(Arrays.asList(sslConfig.getCiphers()));
113         scsp.setCipherSuites(csp);
114 
115         // Client-side TLS parameters - assume the same configuration as server-side
116         SSLContextClientParameters sccp = new SSLContextClientParameters();
117         sccp.setSecureSocketProtocols(sspp);
118         sccp.setCipherSuites(csp);
119 
120         SSLContextParameters scp = new SSLContextParameters();
121         scp.setCertAlias(sslConfig.getKeyAlias());
122         scp.setKeyManagers(kmp);
123         scp.setTrustManagers(tmp);
124         scp.setServerParameters(scsp);
125         scp.setClientParameters(sccp);
126 
127         return scp;
128     }
129 
130     // Spring Boot Keystore names are prepended with file: or classpath:, while
131     // Camel takes the plain resource name and tries all possibilities
132     private String resourceName(String resource) {
133         int i = resource.indexOf(":");
134         return i >= 0 ? resource.substring(i + 1) : resource;
135     }
136 }