Package com.helger.phase4.peppol.servlet

Class Phase4PeppolReceiverConfiguration

java.lang.Object
com.helger.phase4.peppol.servlet.Phase4PeppolReceiverConfiguration
@Immutable public final class Phase4PeppolReceiverConfiguration extends Object
This class contains the "per-request" data of Phase4PeppolDefaultReceiverConfiguration.
Old name before v3: Phase4PeppolReceiverCheckData
Since:
0.9.13
Author:
Philip Helger

  • Constructor Details

    • Phase4PeppolReceiverConfiguration

      public Phase4PeppolReceiverConfiguration(boolean bReceiverCheckEnabled, @Nullable com.helger.smpclient.peppol.ISMPExtendedServiceMetadataProvider aSMPClient, @Nullable com.helger.peppol.sml.ISMLInfo aSMLInfo, @Nullable com.helger.smpclient.url.ISMPURLProvider aSMPURLProvider, @Nullable com.helger.security.revocation.ERevocationCheckMode eSMPRevocationCheckMode, boolean bSMPRevocationSoftFail, @Nullable String sAS4EndpointURL, @Nullable X509Certificate aAPCertificate, @NonNull com.helger.peppolid.factory.IIdentifierFactory aSBDHIdentifierFactory, boolean bPerformSBDHValueChecks, boolean bCheckSBDHForMandatoryCountryC1, boolean bCheckAPSigningCertificateRevocation, @NonNull com.helger.security.certificate.TrustedCAChecker aAPCAChecker, boolean bAPRevocationSoftFail, @NonNull com.helger.base.state.ETriState eAPCacheRevocationCheckResult, @Nullable com.helger.security.revocation.ERevocationCheckMode eAPRevocationCheckMode)
      Constructor
      Parameters:
      bReceiverCheckEnabled - true if the receiver checks are enabled, false otherwise
      aSMPClient - The SMP metadata provider to be used. May be null if aSMLInfo is provided instead.
      aSMLInfo - The SML information for dynamic SMP client resolution per participant ID. May be null if aSMPClient is provided instead.
      aSMPURLProvider - The SMP URL provider to be used for dynamic SMP client resolution. May be null to use the default (PeppolNaptrURLProvider.INSTANCE).
      eSMPRevocationCheckMode - The revocation check mode to apply when verifying SMP response certificates. null means "use the JVM-wide default from CertificateRevocationCheckerDefaults". Only applied to SMP clients created internally via getOrCreateSMPClientForRecipient(com.helger.peppolid.IParticipantIdentifier). Pre-built SMP clients passed via aSMPClient must be configured by the caller.
      bSMPRevocationSoftFail - true to accept an indeterminable revocation status of an SMP response certificate (soft-fail), false to reject. Defaults to CertificateRevocationCheckerDefaults.isAllowSoftFail(). Only applied to SMP clients created internally via getOrCreateSMPClientForRecipient(com.helger.peppolid.IParticipantIdentifier).
      sAS4EndpointURL - The endpoint URL to check against. May neither be null nor empty if receiver checks are enabled.
      aAPCertificate - The AP certificate to be used for compatibility. May not be null if receiver checks are enabled.
      aSBDHIdentifierFactory - The identifier factory to be used for SBDH parsing. May not be null.
      bPerformSBDHValueChecks - true if SBDH value checks should be performed.
      bCheckSBDHForMandatoryCountryC1 - true if SBDH value checks should be performed for mandatory C1 country code.
      bCheckAPSigningCertificateRevocation - true if signing certificate revocation checks should be performed.
      aAPCAChecker - The Peppol AP CA checker. May not be null.
      bAPRevocationSoftFail - true to accept ECertificateCheckResult.REVOCATION_STATUS_UNKNOWN from the AP CA checker as valid, false to treat it as invalid. Defaults to CertificateRevocationCheckerDefaults.isAllowSoftFail(). Applies to the inbound signing certificate check.
      eAPCacheRevocationCheckResult - Override for the revocation result caching flag of the inbound signing certificate check. ETriState.UNDEFINED (the default) means "use the JVM-wide default from CertificateRevocationCheckerDefaults". Must not be null.
      eAPRevocationCheckMode - Override for the revocation check mode of the inbound signing certificate check. null (the default) means "use the JVM-wide default from CertificateRevocationCheckerDefaults".
      Since:
      3.0.3

  • Method Details

    • isReceiverCheckEnabled

      public boolean isReceiverCheckEnabled()

    • getSMPClient

      public @Nullable com.helger.smpclient.peppol.ISMPExtendedServiceMetadataProvider getSMPClient()
      Returns:
      The SMP client object that should be used for the SMP lookup. It is customizable because it depends either on the SML or a direct URL to the SMP may be provided. May be null if SML info is configured for dynamic resolution instead.
      See Also:

    • getSMLInfo

      public @Nullable com.helger.peppol.sml.ISMLInfo getSMLInfo()
      Returns:
      The SML information for dynamic SMP client resolution. May be null if a fixed SMP client is configured instead.
      Since:
      v4.4.2
      See Also:

    • getSMPURLProvider

      public @NonNull com.helger.smpclient.url.ISMPURLProvider getSMPURLProvider()
      Returns:
      The SMP URL provider to be used for dynamic SMP client resolution. Never null. Defaults to PeppolNaptrURLProvider.INSTANCE.
      Since:
      v4.4.2

    • getSMPRevocationCheckMode

      public @Nullable com.helger.security.revocation.ERevocationCheckMode getSMPRevocationCheckMode()
      Returns:
      The revocation check mode to apply when verifying SMP response certificates. null means "use the JVM-wide default from CertificateRevocationCheckerDefaults". Only applied to SMP clients created internally via getOrCreateSMPClientForRecipient(IParticipantIdentifier).
      Since:
      4.5.0

    • isSMPRevocationSoftFail

      public boolean isSMPRevocationSoftFail()
      Returns:
      true to accept an indeterminable revocation status of an SMP response certificate (soft-fail), false to reject. Defaults to CertificateRevocationCheckerDefaults.isAllowSoftFail(). Only applied to SMP clients created internally via getOrCreateSMPClientForRecipient(IParticipantIdentifier).
      Since:
      4.5.0

    • getOrCreateSMPClientForRecipient

      public @Nullable com.helger.smpclient.peppol.ISMPExtendedServiceMetadataProvider getOrCreateSMPClientForRecipient(@NonNull com.helger.peppolid.IParticipantIdentifier aRecipientID) throws com.helger.smpclient.url.SMPDNSResolutionException
      Get the existing SMP client or create a new one dynamically for the provided recipient participant ID using the configured SML info and URL provider.
      Parameters:
      aRecipientID - The recipient participant identifier. May not be null.
      Returns:
      The SMP client. May be null if neither a fixed SMP client nor SML info is configured.
      Throws:
      com.helger.smpclient.url.SMPDNSResolutionException - If DNS resolution of the SMP address fails.
      Since:
      v4.4.2

    • getAS4EndpointURL

      public @Nullable String getAS4EndpointURL()
      Returns:
      The URL of this AP to compare to against the SMP lookup result upon retrieval. Neither null nor empty if receiver checks are enabled.
      See Also:

    • getAPCertificate

      public @NonNull X509Certificate getAPCertificate()
      Returns:
      The certificate of this AP to compare to against the SMP lookup result upon retrieval. Never null if receiver checks are enabled.
      See Also:

    • getSBDHIdentifierFactory

      public @NonNull com.helger.peppolid.factory.IIdentifierFactory getSBDHIdentifierFactory()
      Returns:
      The identifier factory to be used for SBDH parsing.
      Since:
      3.0.1

    • isPerformSBDHValueChecks

      public boolean isPerformSBDHValueChecks()

    • isCheckSBDHForMandatoryCountryC1

      @Deprecated(forRemoval=true, since="4.2.4") public boolean isCheckSBDHForMandatoryCountryC1()
      Deprecated, for removal: This API element is subject to removal in a future version.

    • isCheckSigningCertificateRevocation

      @Deprecated(forRemoval=true, since="4.5.0") public boolean isCheckSigningCertificateRevocation()
      Deprecated, for removal: This API element is subject to removal in a future version.
      Use isCheckAPSigningCertificateRevocation() instead
      Returns:
      true if the AP signing certificate should be used.

    • isCheckAPSigningCertificateRevocation

      public boolean isCheckAPSigningCertificateRevocation()
      Returns:
      true if the AP signing certificate should be used.

    • getAPCAChecker

      public @NonNull com.helger.security.certificate.TrustedCAChecker getAPCAChecker()
      Returns:
      The Peppol CA checker to be used. Must not be null.
      Since:
      3.0.3

    • isAPRevocationSoftFail

      public boolean isAPRevocationSoftFail()
      Returns:
      true to accept ECertificateCheckResult.REVOCATION_STATUS_UNKNOWN from the AP CA checker as valid (soft-fail), false to treat it as invalid. Applies to the inbound signing certificate check.
      Since:
      4.5.0

    • getAPCacheRevocationCheckResult

      public @NonNull com.helger.base.state.ETriState getAPCacheRevocationCheckResult()
      Returns:
      The revocation result caching override applied during the inbound signing certificate check. ETriState.UNDEFINED means "use the JVM-wide default from CertificateRevocationCheckerDefaults". Never null.
      Since:
      4.5.0

    • getAPRevocationCheckMode

      public @Nullable com.helger.security.revocation.ERevocationCheckMode getAPRevocationCheckMode()
      Returns:
      The revocation check mode override applied during the inbound signing certificate check. null means "use the JVM-wide default from CertificateRevocationCheckerDefaults".
      Since:
      4.5.0

    • toString

      public String toString()
      Overrides:
      toString in class Object

    • builder

      public static @NonNull Phase4PeppolReceiverConfiguration.Phase4PeppolReceiverConfigurationBuilder builder()
      Returns:
      An empty builder instance. Never null.

    • builder

      public static @NonNull Phase4PeppolReceiverConfiguration.Phase4PeppolReceiverConfigurationBuilder builder(@NonNull Phase4PeppolReceiverConfiguration aSrc)
      Create a builder instance with the data of the provided object already filled in.
      Parameters:
      aSrc - The source Phase4PeppolReceiverConfiguration to take the data from. May not be null.
      Returns:
      A non-null filled builder instance.