OZG-4383 Saml Services von PROPERTY_ANTRAGSRAUM_URL abhänig gemacht

455212cc · OZGCloud · 933f509c · 455212cc · 455212cc · 455212cc
Commit 455212cc authored 1 year ago by OZGCloud
--- a/src/main/java/de/ozgcloud/nachrichten/antragraum/Saml2Decrypter.java
+++ b/src/main/java/de/ozgcloud/nachrichten/antragraum/Saml2Decrypter.java
@@ -40,6 +40,7 @@ import org.opensaml.xmlsec.encryption.support.InlineEncryptedKeyResolver;
 import org.opensaml.xmlsec.encryption.support.SimpleRetrievalMethodEncryptedKeyResolver;
 import org.opensaml.xmlsec.keyinfo.KeyInfoCredentialResolver;
 import org.opensaml.xmlsec.keyinfo.impl.CollectionKeyInfoCredentialResolver;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
 import org.springframework.security.saml2.Saml2Exception;
 import org.springframework.stereotype.Service;
@@ -47,6 +48,7 @@ import lombok.RequiredArgsConstructor;
 @Service
 @RequiredArgsConstructor
+@ConditionalOnProperty(AntragraumProperties.PROPERTY_ANTRAGSRAUM_URL)
 class Saml2Decrypter {
 	private final BayernIdSamlConfiguration configuration;

--- a/src/main/java/de/ozgcloud/nachrichten/antragraum/Saml2Parser.java
+++ b/src/main/java/de/ozgcloud/nachrichten/antragraum/Saml2Parser.java
@@ -30,6 +30,7 @@ import org.opensaml.core.xml.config.XMLObjectProviderRegistrySupport;
 import org.opensaml.core.xml.io.UnmarshallingException;
 import org.opensaml.saml.saml2.core.Response;
 import org.opensaml.saml.saml2.core.impl.ResponseUnmarshaller;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
 import org.springframework.security.saml2.Saml2Exception;
 import org.springframework.stereotype.Service;
@@ -37,6 +38,7 @@ import lombok.RequiredArgsConstructor;
 import net.shibboleth.utilities.java.support.xml.XMLParserException;
 @Service
+@ConditionalOnProperty(AntragraumProperties.PROPERTY_ANTRAGSRAUM_URL)
 @RequiredArgsConstructor
 class Saml2Parser {
 	private final BayernIdSamlConfiguration configuration;

--- a/src/main/java/de/ozgcloud/nachrichten/antragraum/Saml2Verifier.java
+++ b/src/main/java/de/ozgcloud/nachrichten/antragraum/Saml2Verifier.java
@@ -28,6 +28,7 @@ import jakarta.annotation.PostConstruct;
 import org.opensaml.saml.security.impl.SAMLSignatureProfileValidator;
 import org.opensaml.xmlsec.signature.support.SignatureTrustEngine;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
 import org.springframework.security.saml2.core.Saml2Error;
 import org.springframework.security.saml2.core.Saml2ErrorCodes;
 import org.springframework.stereotype.Service;
@@ -39,6 +40,7 @@ import net.shibboleth.utilities.java.support.resolver.CriteriaSet;
 @Log4j2
 @RequiredArgsConstructor
 @Service
+@ConditionalOnProperty(AntragraumProperties.PROPERTY_ANTRAGSRAUM_URL)
 class Saml2Verifier {
 	public static final String INVALID_SIGNATURE = "Invalid signature for object [%s]: ";
 	public static final String SIGNATURE_MISSING = "Signature missing";

--- a/src/main/resources/application-bayern.yaml
+++ b/src/main/resources/application-bayern.yaml
@@ -5,11 +5,3 @@ ozgcloud:
    metadataUri: "classpath:/bayernid/metadata/bayernid-idp-infra.xml"
    decryptionPrivateKey: "classpath:/bayernid/bayernid-test-enc.key"
    decryptionCertificate: "classpath:/bayernid/bayernid-test-enc.crt"
-  nachrichten-manager:
-    url: static://localhost:9091
-grpc:
-  client:
-    info-manager:
-      address: static://localhost:9091
-  server:
-    port: 9092
\ No newline at end of file
--- a/src/test/resources/application-bayern.yaml
+++ b/src/test/resources/application-bayern.yaml
 ozgcloud:
  antragraum:
-    url: "https://antragsraum.de"
+    url: https://dev.antragsraum.de/
-    bayernid:
-      saml:
    entityId: https://antragsraum.ozgcloud.de/
    metadataUri: "classpath:/bayernid/metadata/bayernid-idp-infra.xml"
    decryptionPrivateKey: "classpath:/bayernid/bayernid-test-enc.key"
    decryptionCertificate: "classpath:/bayernid/bayernid-test-enc.crt"
+  nachrichten-manager:
+    url: static://localhost:9091
+grpc:
+  client:
+    info-manager:
+      address: static://localhost:9091
+  server:
+    port: 9092
\ No newline at end of file