1 package org.openehealth.ipf.boot;
2
3 import org.apache.camel.util.jsse.CipherSuitesParameters;
4 import org.apache.camel.util.jsse.ClientAuthentication;
5 import org.apache.camel.util.jsse.KeyManagersParameters;
6 import org.apache.camel.util.jsse.KeyStoreParameters;
7 import org.apache.camel.util.jsse.SSLContextClientParameters;
8 import org.apache.camel.util.jsse.SSLContextParameters;
9 import org.apache.camel.util.jsse.SSLContextServerParameters;
10 import org.apache.camel.util.jsse.SecureSocketProtocolsParameters;
11 import org.apache.camel.util.jsse.TrustManagersParameters;
12 import org.openehealth.ipf.commons.core.config.OrderedConfigurer;
13 import org.openehealth.ipf.commons.core.config.Registry;
14 import org.openehealth.ipf.commons.spring.core.config.SpringConfigurationPostProcessor;
15 import org.openehealth.ipf.commons.spring.core.config.SpringRegistry;
16 import org.openehealth.ipf.commons.spring.map.SpringBidiMappingService;
17 import org.openehealth.ipf.commons.spring.map.config.CustomMappingsConfigurer;
18 import org.springframework.beans.factory.annotation.Autowired;
19 import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
20 import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
21 import org.springframework.boot.autoconfigure.web.ServerProperties;
22 import org.springframework.boot.context.embedded.Ssl;
23 import org.springframework.boot.context.properties.EnableConfigurationProperties;
24 import org.springframework.context.annotation.Bean;
25 import org.springframework.context.annotation.Configuration;
26
27 import java.util.ArrayList;
28 import java.util.Arrays;
29 import java.util.List;
30
31
32
33
34 @Configuration
35 @EnableConfigurationProperties(IpfConfigurationProperties.class)
36 public class IpfAutoConfiguration {
37
38 @Autowired
39 private IpfConfigurationProperties ipfConfigurationProperties;
40
41 @Bean
42 @ConditionalOnMissingBean(Registry.class)
43 Registry springRegistry() {
44 return new SpringRegistry();
45 }
46
47
48
49 @Bean
50 @ConditionalOnMissingBean(SpringConfigurationPostProcessor.class)
51 public SpringConfigurationPostProcessor postProcessor(CustomMappingsConfigurer customMappingsConfigurer) {
52 SpringConfigurationPostProcessor processor = new SpringConfigurationPostProcessor();
53 List<OrderedConfigurer> list = new ArrayList<>();
54 if (customMappingsConfigurer != null) list.add(customMappingsConfigurer);
55 processor.setSpringConfigurers(list);
56 return processor;
57 }
58
59 @Bean
60 @ConditionalOnMissingBean(CustomMappingsConfigurer.class)
61 protected CustomMappingsConfigurer customMappingsConfigurer(SpringBidiMappingService mappingService) {
62 CustomMappingsConfigurer configurer = new CustomMappingsConfigurer();
63 configurer.setMappingService(mappingService);
64 return configurer;
65 }
66
67 @Bean
68 @ConditionalOnMissingBean(SpringBidiMappingService.class)
69 public SpringBidiMappingService mappingService() {
70 return new SpringBidiMappingService();
71 }
72
73
74
75
76
77 @Bean(name = "bootSslContextParameters")
78 @ConditionalOnProperty(prefix = "ipf.commons", name = "reuse-ssl-config")
79 public SSLContextParameters sslContextParameters(ServerProperties serverProperties) {
80 Ssl sslConfig = serverProperties.getSsl();
81
82
83 KeyStoreParameters ksp = new KeyStoreParameters();
84 ksp.setResource(resourceName(sslConfig.getKeyStore()));
85 ksp.setPassword(sslConfig.getKeyStorePassword());
86 ksp.setProvider(sslConfig.getKeyStoreProvider());
87 ksp.setType(sslConfig.getKeyStoreType());
88 KeyManagersParameters kmp = new KeyManagersParameters();
89 kmp.setKeyStore(ksp);
90 kmp.setKeyPassword(sslConfig.getKeyPassword());
91
92
93 KeyStoreParameters tsp = new KeyStoreParameters();
94 tsp.setResource(resourceName(sslConfig.getTrustStore()));
95 tsp.setPassword(sslConfig.getTrustStorePassword());
96 tsp.setProvider(sslConfig.getTrustStoreProvider());
97 tsp.setType(sslConfig.getTrustStoreType());
98 TrustManagersParameters tmp = new TrustManagersParameters();
99 tmp.setKeyStore(tsp);
100
101
102 SSLContextServerParameters scsp = new SSLContextServerParameters();
103 if (sslConfig.getClientAuth() == Ssl.ClientAuth.WANT) {
104 scsp.setClientAuthentication(ClientAuthentication.WANT.name());
105 } else if (sslConfig.getClientAuth() == Ssl.ClientAuth.NEED) {
106 scsp.setClientAuthentication(ClientAuthentication.REQUIRE.name());
107 }
108 SecureSocketProtocolsParameters sspp = new SecureSocketProtocolsParameters();
109 sspp.setSecureSocketProtocol(Arrays.asList(sslConfig.getEnabledProtocols()));
110 scsp.setSecureSocketProtocols(sspp);
111 CipherSuitesParameters csp = new CipherSuitesParameters();
112 csp.setCipherSuite(Arrays.asList(sslConfig.getCiphers()));
113 scsp.setCipherSuites(csp);
114
115
116 SSLContextClientParameters sccp = new SSLContextClientParameters();
117 sccp.setSecureSocketProtocols(sspp);
118 sccp.setCipherSuites(csp);
119
120 SSLContextParameters scp = new SSLContextParameters();
121 scp.setCertAlias(sslConfig.getKeyAlias());
122 scp.setKeyManagers(kmp);
123 scp.setTrustManagers(tmp);
124 scp.setServerParameters(scsp);
125 scp.setClientParameters(sccp);
126
127 return scp;
128 }
129
130
131
132 private String resourceName(String resource) {
133 int i = resource.indexOf(":");
134 return i >= 0 ? resource.substring(i + 1) : resource;
135 }
136 }