Merge branch 'v2.2.x' into backport-v3-to-v2-helper

Author: mrts

pom.xml

@@ -18,7 +18,7 @@
         <java.version>11</java.version>
         <jjwt.version>0.12.6</jjwt.version>
         <bouncycastle.version>1.80</bouncycastle.version>
-        <jackson.version>2.18.3</jackson.version>
+        <jackson.version>2.18.5</jackson.version>
         <slf4j.version>2.0.17</slf4j.version>
         <junit-jupiter.version>5.12.0</junit-jupiter.version>
         <assertj.version>3.27.3</assertj.version>

src/main/java/eu/webeid/security/validator/AuthTokenValidatorBuilder.java

@@ -77,7 +77,7 @@ public AuthTokenValidatorBuilder withTrustedCertificateAuthorities(X509Certifica
         if (LOG.isDebugEnabled()) {
             LOG.debug("Trusted intermediate certificate authorities set to {}",
                 configuration.getTrustedCACertificates().stream()
-                    .map(X509Certificate::getSubjectDN)
+                    .map(X509Certificate::getSubjectX500Principal)
                     .collect(Collectors.toList()));
         }
         return this;

src/main/java/eu/webeid/security/validator/AuthTokenValidatorImpl.java

@@ -106,7 +106,7 @@ public WebEidAuthToken parse(String authToken) throws AuthTokenException {
             validateTokenLength(authToken);
             return parseToken(authToken);
         } catch (Exception e) {
-            // Generally "log and rethrow" is an anti-pattern, but it fits with the surrounding logging style.
+            // Generally "log and rethrow" is an antipattern, but it fits with the surrounding logging style.
             LOG.warn("Token parsing was interrupted:", e);
             throw e;
         }
@@ -118,7 +118,7 @@ public X509Certificate validate(WebEidAuthToken authToken, String currentChallen
             LOG.info("Starting token validation");
             return validateToken(authToken, currentChallengeNonce);
         } catch (Exception e) {
-            // Generally "log and rethrow" is an anti-pattern, but it fits with the surrounding logging style.
+            // Generally "log and rethrow" is an antipattern, but it fits with the surrounding logging style.
             LOG.warn("Token validation was interrupted:", e);
             throw e;
         }

src/main/java/eu/webeid/security/validator/ocsp/OcspResponseValidator.java

@@ -58,7 +58,7 @@ public static void validateHasSigningExtension(X509Certificate certificate) thro
         Objects.requireNonNull(certificate, "certificate");
         try {
             if (certificate.getExtendedKeyUsage() == null || !certificate.getExtendedKeyUsage().contains(OID_OCSP_SIGNING)) {
-                throw new OCSPCertificateException("Certificate " + certificate.getSubjectDN() +
+                throw new OCSPCertificateException("Certificate " + certificate.getSubjectX500Principal() +
                     " does not contain the key usage extension for OCSP response signing");
             }
         } catch (CertificateParsingException e) {