Skip to content

Commit

Permalink
ARC-1217: Review findings
Browse files Browse the repository at this point in the history
  • Loading branch information
thomasrichner-oviva committed Feb 1, 2024
1 parent 09db1c8 commit aa4e66e
Show file tree
Hide file tree
Showing 5 changed files with 120 additions and 6 deletions.
5 changes: 2 additions & 3 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -4,11 +4,10 @@
# Keycloak Identity Provider for GesundheitsID (eHealthID)

## Contents
- [gesundheitsid](./gesundheitsid) - A plain Java library to build RelyingParties for GesundheitsID with.
- [gesundheitsid](./gesundheitsid) - A plain Java library to build RelyingParties for GesundheitsID.
- API clients
- Models for the EntityStatments, IDP list endpoints etc.
- Narrow support for the 'Fachdienst' use-case.
- [keycloak-gesundheitsid-identityprovider]() - WIP, a full IdentityProvider for Keycloak

## End-to-End Test flow with Gematik Reference IDP

Expand Down Expand Up @@ -76,7 +75,7 @@ See [AuthenticationFlowExampleTest](https://github.com/oviva-ag/keycloak-gesundh

### Gematik Test Sektoraler IdP in Browser

Since the Gematik Referenze IDP in the Test Environment needs a custom header, it can not be used directly in the browser for authentication.
Since the Gematik reference IDP in the Test Environment needs a custom header, it can not be used directly in the browser for authentication.
Setting up a proxy with a header filter can get around that limitation though.

**Prerequisite:** Install some Chrome-ish browser like [Thorium](https://github.com/Alex313031/Thorium-MacOS/releases) or Chromium.
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ public static RuntimeException missingAuthorizationUrl(String sub) {
"entity statement of '%s' has no authorization url configuration".formatted(sub));
}

public static RuntimeException missingPARUrl(String sub) {
public static RuntimeException missingParUrl(String sub) {
return new RuntimeException(
"entity statement of '%s' has no pushed authorization request configuration"
.formatted(sub));
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@ public record IdToken(
@JsonProperty("urn:telematik:claims:profession") String telematikProfession,
@JsonProperty("urn:telematik:claims:given_name") String telematikGivenName,

/** vor insured person (IP) the immutable part of the Krankenversichertennummer (KVNR) * */
// for insured person (IP) the immutable part of the Krankenversichertennummer (KVNR)
@JsonProperty("urn:telematik:claims:id") String telematikKvnr,
@JsonProperty("urn:telematik:claims:email") String telematikEmail) {}
}
Original file line number Diff line number Diff line change
Expand Up @@ -118,7 +118,7 @@ private ParResponse doPushedAuthorizationRequest(
var openidConfig = getIdpOpenIdProvider(trustedEntityStatement);
var parEndpoint = openidConfig.pushedAuthorizationRequestEndpoint();
if (parEndpoint == null || parEndpoint.isBlank()) {
throw AuthExceptions.missingPARUrl(trustedEntityStatement.sub());
throw AuthExceptions.missingParUrl(trustedEntityStatement.sub());
}

return openIdClient.requestPushedUri(URI.create(parEndpoint), builder);
Expand Down
115 changes: 115 additions & 0 deletions oidc-server/pom.xml
Original file line number Diff line number Diff line change
@@ -0,0 +1,115 @@
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>

<parent>
<groupId>com.oviva.gesundheitsid</groupId>
<artifactId>gesundheitsid-parent</artifactId>
<version>0.0.1-SNAPSHOT</version>
</parent>

<artifactId>gesundheitsid</artifactId>
<packaging>jar</packaging>

<dependencies>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-api</artifactId>
</dependency>
<dependency>
<groupId>com.github.spotbugs</groupId>
<artifactId>spotbugs-annotations</artifactId>
</dependency>
<dependency>
<groupId>com.nimbusds</groupId>
<artifactId>nimbus-jose-jwt</artifactId>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-core</artifactId>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-annotations</artifactId>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-databind</artifactId>
</dependency>
<dependency>
<groupId>jakarta.ws.rs</groupId>
<artifactId>jakarta.ws.rs-api</artifactId>
</dependency>

<dependency>
<groupId>org.junit.jupiter</groupId>
<artifactId>junit-jupiter</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.junit.jupiter</groupId>
<artifactId>junit-jupiter-params</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.hamcrest</groupId>
<artifactId>hamcrest</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.mockito</groupId>
<artifactId>mockito-junit-jupiter</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.mockito</groupId>
<artifactId>mockito-core</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-jdk14</artifactId>
<scope>test</scope>
</dependency>

<!-- BEGIN wiremock // fix for broken dependency convergence -->
<dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-lang3</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>com.github.jknack</groupId>
<artifactId>handlebars-helpers</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>com.jayway.jsonpath</groupId>
<artifactId>json-path</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.wiremock</groupId>
<artifactId>wiremock</artifactId>
<scope>test</scope>
</dependency>
<!-- END wiremock -->

<dependency>
<groupId>org.jsoup</groupId>
<artifactId>jsoup</artifactId>
<version>1.16.1</version>
<scope>test</scope>
</dependency>

<dependency>
<groupId>org.jboss.resteasy</groupId>
<artifactId>resteasy-core</artifactId>
<scope>test</scope>
</dependency>

</dependencies>

</project>

0 comments on commit aa4e66e

Please sign in to comment.