v7.0.2

README.md

@@ -2,16 +2,18 @@
 
 Project **gemSekIdp-global** consists of 2 subprojects. These are:
 
-* **gsi-server:** "gematik sektoraler IDP" - MVP of a sectoral IDP, used to develop/test the gsi-testsuite
-* **gsi-testsuite:** Approval test suite (Zulassungstests) for sectoral IDPs, will be executed as integration tests
+* **gsi-server:** "gematik sektoraler IDP" - MVP of a sectoral IDP, used to develop/test the
+  gsi-testsuite
+* **gsi-testsuite:** Approval test suite (Zulassungstests) for sectoral IDPs, will be executed as
+  integration tests
 
   <br>
 
 ### just build project
 
-To quickly check your build environment without running any tests (just build idp sektoral server and testsuite) do in
+To quickly check your build environment without running any tests (just build idp sektoral server
+and testsuite) do in
 project root:
-
 `mvn clean package -Dskip.unittests`
 
 ### build project and run unit tests (skip integration tests == skip testsuite execution)
@@ -20,12 +22,15 @@ project root:
 
 ### build project and run integration tests (unit tests will be executed as well as long as they are not skipped)
 
-To execute integration tests you have to set the environment variable where the tiger test framework find its configuration:
+To execute integration tests you have to set the environment variable where the tiger test framework
+find its
+configuration:
 
 `export TIGER_TESTENV_CFGFILE=tiger-external-Idp.yaml`
 `mvn test`
 
-In order to run the integration tests (= testsuite) follow the instruction listed under "Test an external sectoral IDP".
+In order to run the integration tests (= testsuite) follow the instruction listed under "Test an
+external sectoral IDP".
 
 The keys
 `gsi-fedmaster/src/main/resources/keys/ref-fedmaster-sig-privkey.pem`
@@ -37,8 +42,10 @@ are added for unit tests only and can be published.
 - To check test environment, the gsi-server can be used. Just build/start this server and
   execute [runTestsuite-external-Idp.sh](runTestsuite-external-Idp.sh).
 - The address of the SUT (system under test == sectoral IDP server) is configured
-  in [gsi-testsuite/tiger-external-Idp.yaml](gsi-testsuite/tiger-external-Idp.yaml). Local gsi-server is set as default.
-- In order to validate the structure of an ID_TOKEN one has to add its value (base64 encoded) to the tc_properties-file
+  in [gsi-testsuite/tiger-external-Idp.yaml](gsi-testsuite/tiger-external-Idp.yaml). Local
+  gsi-server is set as default.
+- In order to validate the structure of an ID_TOKEN one has to add its value (base64 encoded) to the
+  tc_properties-file
   that is used during the test execution
 
 #### Serenity BDD Report
@@ -59,66 +66,19 @@ Copy this jwt to the clipboard and paste it www.jwt.io to see the content.
 
 ### run federation locally
 
-Start a local federation consisting of a Fedmaster and an IDP server. Both are modules inside this maven project.
-You have to configure two things:
-
-1. The Authorization Server must be registerd in the federation. This is done by configuring the Authorization server in the fedmaster's configuration file:
-   gsi-fedmaster/src/main/resources/application.yml (section `relyingPartyConfigs`)
-2. Configure the servers to be started in `federation/startFederationLocal.sh` but
-   ootb the federation should start without any further configuration.
-
-The federation can be build and started then by executing this script:
-
-```shell
-./federation/startFederationLocalJars.sh
-```
-
-##### fedmaster
-
-```shell
-# get entity statement
-curl http://localhost:8083/.well-known/openid-federation
-```
-
-```shell
-# get federation list and idp list
-curl http://localhost:8083/federation_list
-curl http://localhost:8083/.well-known/idp_list
-```
-
-```shell
-# get entity statement about gsi-server 
-curl 'http://127.0.0.1:8083/federation_fetch_endpoint?sub=http://127.0.0.1:8085&iss=http://127.0.0.1:8083'
-# get entity statement about gra-server
-curl 'http://127.0.0.1:8083/federation_fetch_endpoint?sub=http://127.0.0.1:8084&iss=http://127.0.0.1:8083'
-```
-
-##### gra-server
-
-```shell
-# get entity statement
-curl http://localhost:8084/.well-known/openid-federation
-```
-
-##### gsi-server
-
-```shell
-# get entity statement
-curl http://localhost:8085/.well-known/openid-federation
-```
+content moved to project FEDIS
+not yet available,
+link will follow
 
-send PAR request to gsi-server
-expected is a HTTP 201 mit Content-Type: application/json with the redirect_uri
-like: `{"request_uri":"urn:http://127.0.0.1:8084:48ac8294c7ef112d","expires_in":90}`
+### OpenAPI Specification
 
-```shell
-curl --location --request POST 'http://127.0.0.1:8085/PAR_Auth?scope=urn%3Atelematik%3Adisplay_name%20urn%3Atelematik%3Aversicherter%20openid&acr_values=gematik-ehealth-loa-high&response_type=code&state=yyystateyyy&redirect_uri=https%3A%2F%2Fredirect.testsuite.gsi&code_challenge_method=S256&nonce=vy7rM801AQw1or22GhrZ&client_id=http%3A%2F%2F127.0.0.1%3A8084&code_challenge=9tI-0CQIkUYaGQOVR1emznlDFjlX0kVY1yd3oiMtGUI' \
---header 'AcceptAccept: */*' \
---header 'Content-Type: application/x-www-form-urlencoded; charset=UTF-8'
-```
+You can receive the OpenAPI Specification under the following paths
 
-send authorization request to auth endpoint of auth-server
+- GsiServer Port: 8085
+- FedMasterServer Port: 8083
 
-```shell
-curl --location 'http://127.0.0.1:8084/auth?client_id=e42RezeptApp&state=mystate&redirect_uri=anyUri&code_challenge=P62rd1KSUnScGIEs1WrpYj3g_poTqmx8mM4msxehNdk&code_challenge_method=S256&response_type=code&scope=e-rezept&idp_iss=http%3A%2F%2F127.0.0.1%3A8085'
-```
+| Format  | Path                                   |
+|---------|----------------------------------------|
+| JSON    | http://127.0.0.1:port/v3/api-docs      |
+| YAML    | http://127.0.0.1:port/v3/api-docs.yaml |
+| SWAGGER | http://127.0.0.1:port/swagger-ui.html  |

ReleaseNotes.md

@@ -1,3 +1,17 @@
+# Release 7.0.2
+
+- Java 21
+- switch to docker base image eclipse-temurin:21-jre
+- made jmdns dependant on active mdns Spring profile
+- introduce static host name resolving dependent on active hostsmap Spring profile
+- add optional parameter amr in par request
+- set request_uri as configuration property instead of constant
+- add mTLS configuration for par and token endpoint
+- add client cert validation
+- add parameters in metadata of entity statement
+- add dependency for openapi documentation
+- update dependencies
+
 # Release 6.0.0
 
 - add new maven module gsi-fedmaster

gsi-coverage-report/pom.xml

@@ -6,7 +6,7 @@
   <parent>
     <groupId>de.gematik.idp</groupId>
     <artifactId>gemSekIdp-global</artifactId>
-    <version>6.0.0</version>
+    <version>7.0.2</version>
     <relativePath>../pom.xml</relativePath>
   </parent>
 

gsi-fedmaster/pom.xml

@@ -7,12 +7,12 @@
   <parent>
     <groupId>de.gematik.idp</groupId>
     <artifactId>gemSekIdp-global</artifactId>
-    <version>6.0.0</version>
+    <version>7.0.2</version>
     <relativePath>../pom.xml</relativePath>
   </parent>
 
   <artifactId>gsi-fedmaster</artifactId>
-  <version>6.0.0</version>
+  <version>7.0.2</version>
   <packaging>jar</packaging>
 
   <name>gsi-fedmaster</name>
@@ -62,9 +62,14 @@
       <groupId>org.springframework</groupId>
       <artifactId>spring-webmvc</artifactId>
     </dependency>
+    <dependency>
+      <groupId>org.springdoc</groupId>
+      <artifactId>springdoc-openapi-starter-webmvc-ui</artifactId>
+      <version>2.6.0</version>
+    </dependency>
     <dependency>
       <groupId>com.konghq</groupId>
-      <artifactId>unirest-java</artifactId>
+      <artifactId>unirest-java-core</artifactId>
       <scope>test</scope>
     </dependency>
     <dependency>
@@ -87,6 +92,11 @@
       <groupId>org.apache.logging.log4j</groupId>
       <artifactId>log4j-core</artifactId>
     </dependency>
+    <dependency>
+      <groupId>org.jmdns</groupId>
+      <artifactId>jmdns</artifactId>
+      <version>3.5.9</version>
+    </dependency>
   </dependencies>
 
   <build>

gsi-fedmaster/src/main/docker/Dockerfile

@@ -1,4 +1,4 @@
-FROM eclipse-temurin:17-jre
+FROM eclipse-temurin:21-jre
 
 ARG COMMIT_HASH
 ARG VERSION

gsi-fedmaster/src/main/java/de/gematik/idp/gsi/fedmaster/Constants.java

@@ -21,6 +21,9 @@
 
 @NoArgsConstructor(access = AccessLevel.PRIVATE)
 public final class Constants {
+
   public static final String FEDMASTER_FEDERATION_FETCH_ENDPOINT = "/federation_fetch_endpoint";
   public static final String FED_LIST_ENDPOINT = "/federation_list";
+  public static final String LOGO_URI =
+      "https://raw.githubusercontent.com/gematik/zero-lab/main/static/images/GID_App_light_mode.svg";
 }