Merge pull request #10 from diggsweden/feat/move-hardcoded-values

feat: move hardcoded values to properties file

Author: ChristofferKillander

src/main/java/se/digg/wallet/provider/application/config/WuaKeystoreProperties.java

@@ -13,7 +13,15 @@
 import org.springframework.core.io.Resource;
 
 @ConfigurationProperties(prefix = "wua.keystore")
-public record WuaKeystoreProperties(Resource location, String password, String alias, String type) {
+public record WuaKeystoreProperties(
+    Resource location,
+    String password,
+    String alias,
+    String type,
+    String eudiWalletInfo,
+    String status,
+    String issuer,
+    int validityHours) {
 
   public ECPrivateKey getSigningKey() {
     try {

src/main/java/se/digg/wallet/provider/application/service/WalletUnitAttestationService.java

@@ -4,6 +4,9 @@
 
 package se.digg.wallet.provider.application.service;
 
+import com.fasterxml.jackson.core.JsonProcessingException;
+import com.fasterxml.jackson.core.type.TypeReference;
+import com.fasterxml.jackson.databind.ObjectMapper;
 import com.nimbusds.jose.JOSEException;
 import com.nimbusds.jose.JOSEObjectType;
 import com.nimbusds.jose.JWSAlgorithm;
@@ -27,42 +30,41 @@
 public class WalletUnitAttestationService {
 
   private final WuaKeystoreProperties keystoreProperties;
+  private final ObjectMapper objectMapper;
 
-  public WalletUnitAttestationService(WuaKeystoreProperties keystoreProperties) {
+  public WalletUnitAttestationService(
+      WuaKeystoreProperties keystoreProperties,
+      ObjectMapper objectMapper) {
     this.keystoreProperties = keystoreProperties;
+    this.objectMapper = objectMapper;
   }
 
   public SignedJWT createWalletUnitAttestation(String walletPublicKeyJwk) throws Exception {
     ECKey attestedKey = ECKey.parse(walletPublicKeyJwk);
-
-    Map<String, Object> eudiWalletInfo =
-        Map.of(
-            "general_info",
-            Map.of(
-                "wallet_provider_name", "Digg",
-                "wallet_solution_id", "Diggidigg-id",
-                "wallet_solution_version", "0.0.1",
-                "wallet_solution_certification_information", "UNCERTIFIED"),
-            "wscd_info", Map.of("wscd_certification_information", "UNCERTIFIED"));
-
-    Map<String, Object> status =
-        Map.of("status_list", Map.of("idx", 412, "uri", "https://revocation_url/statuslists/1"));
-
     List<Map<String, Object>> attestedKeys = List.of(attestedKey.toJSONObject());
 
     Map<String, Object> claims = new HashMap<>();
-    claims.put("eudi_wallet_info", eudiWalletInfo);
-    claims.put("status", status);
+    claims.put("eudi_wallet_info", getEudiWalletInfo());
+    claims.put("status", getStatus());
     claims.put("attested_keys", attestedKeys);
 
     return createSignedJwt(
         keystoreProperties.getSigningKey(),
         keystoreProperties.alias(),
-        "Digg",
-        Duration.ofHours(24),
+        keystoreProperties.issuer(),
+        Duration.ofHours(keystoreProperties.validityHours()),
         claims);
   }
 
+  private Map<String, Object> getStatus() throws JsonProcessingException {
+    return objectMapper.readValue(keystoreProperties.status(), new TypeReference<>() {});
+  }
+
+  private Map<String, Object> getEudiWalletInfo() throws JsonProcessingException {
+    return objectMapper.readValue(
+        keystoreProperties.eudiWalletInfo(), new TypeReference<>() {});
+  }
+
   private SignedJWT createSignedJwt(
       ECPrivateKey signingKey,
       String keyId,
@@ -84,10 +86,11 @@ private SignedJWT createSignedJwt(
 
     JWTClaimsSet claimsSet = claimsBuilder.build();
 
-    JWSHeader header = new JWSHeader.Builder(JWSAlgorithm.ES256)
-        .keyID(keyId)
-        .type(new JOSEObjectType("keyattestation+jwt"))
-        .build();
+    JWSHeader header =
+        new JWSHeader.Builder(JWSAlgorithm.ES256)
+            .keyID(keyId)
+            .type(new JOSEObjectType("keyattestation+jwt"))
+            .build();
 
     SignedJWT signedJwt = new SignedJWT(header, claimsSet);
 

src/main/resources/application.yml

@@ -41,3 +41,24 @@ wua:
     password: ${WUA_KEYSTORE_PASSWORD}
     alias: ${WUA_KEYSTORE_ALIAS}
     type: PKCS12
+    issuer: "Digg"
+    validity-hours: 24
+    eudi-wallet-info: >
+      {
+        "general_info": {
+          "wallet_provider_name": "Digg",
+          "wallet_solution_id": "Diggidigg-id",
+          "wallet_solution_version": "0.0.1",
+          "wallet_solution_certification_information": "UNCERTIFIED"
+        },
+        "wscd_info": {
+          "wscd_certification_information": "UNCERTIFIED"
+        }
+      }
+    status: >
+      {
+        "status_list": {
+          "idx": 412,
+          "uri": "https://revocation_url/statuslists/1"
+        }
+      }

src/test/java/se/digg/wallet/provider/application/controller/WalletUnitAttestationControllerTest.java

@@ -40,9 +40,15 @@ void assertThatPostWalletUnitAttestation_givenWalletIdAndValidPublicKey_shouldRe
     when(service.createWalletUnitAttestation(anyString())).thenReturn(SignedJWT.parse(expectedJwt));
 
     String jwk =
-        "{\"kty\":\"EC\",\"use\":\"sig\",\"crv\":\"P-256\","
-            + "\"x\":\"18wHLeIgW9wVN6VD1Txgpqy2LszYkMf6J8njVAibvhM\","
-            + "\"y\":\"-V4dS4UaLMgP_4fY4j8ir7cl1TXlFdAgcx55o7TkcSA\"}";
+        """
+            {
+                "kty": "EC",
+                "use": "sig",
+                "crv": "P-256",
+                "x": "18wHLeIgW9wVN6VD1Txgpqy2LszYkMf6J8njVAibvhM",
+                "y": "-V4dS4UaLMgP_4fY4j8ir7cl1TXlFdAgcx55o7TkcSA"
+            }
+            """;
     WalletUnitAttestationDto input = new WalletUnitAttestationDto(UUID.randomUUID(), jwk);
 
     mockMvc

src/test/java/se/digg/wallet/provider/application/service/WalletUnitAttestationServiceTest.java

@@ -32,25 +32,6 @@ class WalletUnitAttestationServiceTest {
   @Autowired
   private WuaKeystoreProperties keystoreProperties;
 
-  @SuppressWarnings("unchecked")
-  @Test
-  void assertThatCreateWalletUnitAttestation_givenValidJwk_shouldSucceed() throws Exception {
-    KeyPairGenerator gen = KeyPairGenerator.getInstance("EC");
-    gen.initialize(Curve.P_256.toECParameterSpec());
-    KeyPair keyPair = gen.generateKeyPair();
-    ECKey jwk = new ECKey.Builder(Curve.P_256, (ECPublicKey) keyPair.getPublic()).build();
-
-    SignedJWT jwt = service.createWalletUnitAttestation(jwk.toString());
-
-    assertNotNull(jwt);
-    assertEquals("Digg", jwt.getJWTClaimsSet().getIssuer());
-
-    verifyAttestedKeysClaim(jwt, jwk);
-    verifyEudiWalletInfoClaim(jwt);
-    verifyStatusClaim(jwt);
-    verifyJwtSignature(jwt, keystoreProperties.getPublicKey());
-  }
-
   @SuppressWarnings("unchecked")
   private static void verifyStatusClaim(SignedJWT jwt) throws ParseException {
     Map<String, Object> status = jwt.getJWTClaimsSet().getJSONObjectClaim("status");
@@ -85,6 +66,25 @@ private static void verifyAttestedKeysClaim(SignedJWT jwt, ECKey jwk) throws Par
     assertEquals(jwk.getCurve().toString(), attestedKey.get("crv"));
   }
 
+  @SuppressWarnings("unchecked")
+  @Test
+  void assertThatCreateWalletUnitAttestation_givenValidJwk_shouldSucceed() throws Exception {
+    KeyPairGenerator gen = KeyPairGenerator.getInstance("EC");
+    gen.initialize(Curve.P_256.toECParameterSpec());
+    KeyPair keyPair = gen.generateKeyPair();
+    ECKey jwk = new ECKey.Builder(Curve.P_256, (ECPublicKey) keyPair.getPublic()).build();
+
+    SignedJWT jwt = service.createWalletUnitAttestation(jwk.toString());
+
+    assertNotNull(jwt);
+    assertEquals("Digg", jwt.getJWTClaimsSet().getIssuer());
+
+    verifyAttestedKeysClaim(jwt, jwk);
+    verifyEudiWalletInfoClaim(jwt);
+    verifyStatusClaim(jwt);
+    verifyJwtSignature(jwt, keystoreProperties.getPublicKey());
+  }
+
   private void verifyJwtSignature(SignedJWT jwt, ECPublicKey publicKey) throws JOSEException {
     assertTrue(jwt.verify(new ECDSAVerifier(publicKey)));
   }

src/test/resources/application.yml

@@ -12,3 +12,24 @@ wua:
     password: Test1234
     alias: wua-signing
     type: PKCS12
+    issuer: "Digg"
+    validity-hours: 24
+    eudi-wallet-info: >
+      {
+        "general_info": {
+          "wallet_provider_name": "Digg",
+          "wallet_solution_id": "Diggidigg-id",
+          "wallet_solution_version": "0.0.1",
+          "wallet_solution_certification_information": "UNCERTIFIED"
+        },
+        "wscd_info": {
+          "wscd_certification_information": "UNCERTIFIED"
+        }
+      }
+    status: >
+      {
+        "status_list": {
+          "idx": 412,
+          "uri": "https://revocation_url/statuslists/1"
+        }
+      }