feat: Add configuration parameter ocsp-request-timeout

WE2-1113

Signed-off-by: Sven Mitt <[email protected]>

Author: svenzik

example/src/main/java/eu/webeid/example/config/ValidationConfiguration.java

@@ -77,8 +77,7 @@ public ChallengeNonceGenerator generator(ChallengeNonceStore challengeNonceStore
                 .build();
     }
 
-    @Bean
-    public X509Certificate[] loadTrustedCACertificatesFromCerFiles() {
+    private X509Certificate[] loadTrustedCACertificatesFromCerFiles() {
         List<X509Certificate> caCertificates = new ArrayList<>();
 
         try {
@@ -99,8 +98,7 @@ public X509Certificate[] loadTrustedCACertificatesFromCerFiles() {
         return caCertificates.toArray(new X509Certificate[0]);
     }
 
-    @Bean
-    public X509Certificate[] loadTrustedCACertificatesFromTrustStore() {
+    private X509Certificate[] loadTrustedCACertificatesFromTrustStore(YAMLConfig yamlConfig) {
         List<X509Certificate> caCertificates = new ArrayList<>();
 
         try (InputStream is = ValidationConfiguration.class.getResourceAsStream(CERTS_RESOURCE_PATH + activeProfile + "/" + TRUSTED_CERTIFICATES_JKS)) {
@@ -109,7 +107,7 @@ public X509Certificate[] loadTrustedCACertificatesFromTrustStore() {
                 return new X509Certificate[0];
             }
             KeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType());
-            keystore.load(is, yamlConfig().getTrustStorePassword().toCharArray());
+            keystore.load(is, yamlConfig.getTrustStorePassword().toCharArray());
             Enumeration<String> aliases = keystore.aliases();
             while (aliases.hasMoreElements()) {
                 String alias = aliases.nextElement();
@@ -124,12 +122,13 @@ public X509Certificate[] loadTrustedCACertificatesFromTrustStore() {
     }
 
     @Bean
-    public AuthTokenValidator validator() {
+    public AuthTokenValidator validator(YAMLConfig yamlConfig) {
         try {
             return new AuthTokenValidatorBuilder()
-                    .withSiteOrigin(URI.create(yamlConfig().getLocalOrigin()))
+                    .withSiteOrigin(URI.create(yamlConfig.getLocalOrigin()))
                     .withTrustedCertificateAuthorities(loadTrustedCACertificatesFromCerFiles())
-                    .withTrustedCertificateAuthorities(loadTrustedCACertificatesFromTrustStore())
+                    .withTrustedCertificateAuthorities(loadTrustedCACertificatesFromTrustStore(yamlConfig))
+                    .withOcspRequestTimeout(yamlConfig.getOcspRequestTimeout())
                     .build();
         } catch (JceException e) {
             throw new RuntimeException("Error building the Web eID auth token validator.", e);

example/src/main/java/eu/webeid/example/config/YAMLConfig.java

@@ -22,6 +22,7 @@
 
 package eu.webeid.example.config;
 
+import java.time.Duration;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.boot.context.properties.ConfigurationProperties;
 import org.springframework.boot.context.properties.EnableConfigurationProperties;
@@ -41,6 +42,8 @@ public class YAMLConfig {
     @Value("truststore-password")
     private String trustStorePassword;
 
+    private Duration ocspRequestTimeout = Duration.ofSeconds(5L);
+
     @Value("#{new Boolean('${web-eid-auth-token.validation.use-digidoc4j-prod-configuration}'.trim())}")
     private Boolean useDigiDoc4jProdConfiguration;
 
@@ -75,4 +78,12 @@ public boolean getUseDigiDoc4jProdConfiguration() {
     public void setUseDigiDoc4jProdConfiguration(boolean useDigiDoc4jProdConfiguration) {
         this.useDigiDoc4jProdConfiguration = useDigiDoc4jProdConfiguration;
     }
+
+    public Duration getOcspRequestTimeout() {
+        return ocspRequestTimeout;
+    }
+
+    public void setOcspRequestTimeout(Duration ocspRequestTimeout) {
+        this.ocspRequestTimeout = ocspRequestTimeout;
+    }
 }