search

Fraunhofer-AISEC / ids-clearing-house-service

This is an implementation of the IDS Clearing House
Apache License 2.0
0 stars 11 forks source link

DAPS URL is hardcoded in clearing-house-processor code #3

Closed Muravlev closed 2 years ago

Muravlev commented 2 years ago

Hello!

I found an issue with hardcoded DAPS URL. Inside ClearingHouseOutputProcessor.java:68 and ClearingHouseQueryOutputProcessor.java:68, dapsConfig variable is being initialized with default DAPS URL. 

final var dapsConfig = new AisecDapsDriverConfig.Builder()
  .setKeyStorePath(Paths.get("/root/etc/keystore.p12"))
  .setTrustStorePath(Paths.get("/root/etc/truststore.p12"))
  .setKeyAlias("1")
  .setSecurityRequirements(securityRequirements)
  .build();

AisecDapsDriverConfig.Builder() returns the following object

class AisecDapsDriverConfig {
    var dapsUrl = "https://daps.aisec.fraunhofer.de"
        private set
    var keyStorePath: Path = Paths.get("DUMMY-FILENAME.p12")
        private set
    var keyStorePassword: CharArray = "password".toCharArray()
        private set
    var keyAlias = "1"
        private set
    var keyPassword: CharArray = "password".toCharArray()
        private set
    var trustStorePath: Path = Paths.get("DUMMY-FILENAME.p12")
        private set
    var trustStorePassword: CharArray = "password".toCharArray()
        private set
    var securityRequirements: SecurityRequirements? = null
        private set
    var dapsTokenRenewalThreshold: Float = DEFAULT_TOKEN_RENEWAL_THRESHOLD

There is a setter which allows to configure custom DAPS, but it is not used: .setDapsUrl("https://my-custom-daps.com")

Could you please add method to pick DAPS URL from configuration or ENV vars? Thanks in advance!

kragall commented 2 years ago

Fixed with v0.7.1. You can now use the ENV variable TC_DAPS_URL.