I found an issue with hardcoded DAPS URL.
Inside ClearingHouseOutputProcessor.java:68 and ClearingHouseQueryOutputProcessor.java:68, dapsConfig variable is being initialized with default DAPS URL.
final var dapsConfig = new AisecDapsDriverConfig.Builder()
.setKeyStorePath(Paths.get("/root/etc/keystore.p12"))
.setTrustStorePath(Paths.get("/root/etc/truststore.p12"))
.setKeyAlias("1")
.setSecurityRequirements(securityRequirements)
.build();
AisecDapsDriverConfig.Builder() returns the following object
class AisecDapsDriverConfig {
var dapsUrl = "https://daps.aisec.fraunhofer.de"
private set
var keyStorePath: Path = Paths.get("DUMMY-FILENAME.p12")
private set
var keyStorePassword: CharArray = "password".toCharArray()
private set
var keyAlias = "1"
private set
var keyPassword: CharArray = "password".toCharArray()
private set
var trustStorePath: Path = Paths.get("DUMMY-FILENAME.p12")
private set
var trustStorePassword: CharArray = "password".toCharArray()
private set
var securityRequirements: SecurityRequirements? = null
private set
var dapsTokenRenewalThreshold: Float = DEFAULT_TOKEN_RENEWAL_THRESHOLD
There is a setter which allows to configure custom DAPS, but it is not used:
.setDapsUrl("https://my-custom-daps.com")
Could you please add method to pick DAPS URL from configuration or ENV vars?
Thanks in advance!
Hello!
I found an issue with hardcoded DAPS URL. Inside ClearingHouseOutputProcessor.java:68 and ClearingHouseQueryOutputProcessor.java:68, dapsConfig variable is being initialized with default DAPS URL.
AisecDapsDriverConfig.Builder() returns the following object
There is a setter which allows to configure custom DAPS, but it is not used:
.setDapsUrl("https://my-custom-daps.com")
Could you please add method to pick DAPS URL from configuration or ENV vars? Thanks in advance!