forked from swiftinc/mgw-java
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
a6dc36b
commit dcd9fac
Showing
6 changed files
with
340 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,29 @@ | ||
# mgw-java | ||
|
||
## Overview | ||
|
||
Sample java client application using [SWIFT Microgateway](https://developer.swift.com/swift-microgateway) to call SWIFT gpi Get Changed Payment Transaction API. | ||
|
||
## Getting Started | ||
|
||
### Prerequisites | ||
|
||
* Java 1.8 | ||
* maven 3.5.* and above | ||
|
||
### Install & Run packages | ||
``` | ||
mvn clean package assembly:single | ||
java -jar target\mgwclient-0.0.1-SNAPSHOT-jar-with-dependencies.jar | ||
``` | ||
|
||
## Authors | ||
|
||
vijay.mukundhan@swift.com | ||
|
||
## License | ||
|
||
Apache v2.0 | ||
|
||
SWIFT is not liable for the usage of this sample app. |
Binary file not shown.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,115 @@ | ||
<?xml version="1.0" encoding="UTF-8"?> | ||
|
||
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" | ||
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> | ||
<modelVersion>4.0.0</modelVersion> | ||
|
||
<groupId>com.swift.dvengers.sandbox</groupId> | ||
<artifactId>mgwclient</artifactId> | ||
<version>0.0.1-SNAPSHOT</version> | ||
|
||
<name>mgwclient</name> | ||
<!-- FIXME change it to the project's website --> | ||
<url>http://www.example.com</url> | ||
|
||
<properties> | ||
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding> | ||
<maven.compiler.source>1.7</maven.compiler.source> | ||
<maven.compiler.target>1.7</maven.compiler.target> | ||
</properties> | ||
|
||
<dependencies> | ||
<dependency> | ||
<groupId>junit</groupId> | ||
<artifactId>junit</artifactId> | ||
<version>4.11</version> | ||
<scope>test</scope> | ||
</dependency> | ||
|
||
<dependency> | ||
<groupId>com.squareup.okhttp3</groupId> | ||
<artifactId>okhttp</artifactId> | ||
<version>4.9.1</version> | ||
</dependency> | ||
|
||
<dependency> | ||
<groupId>org.bitbucket.b_c</groupId> | ||
<artifactId>jose4j</artifactId> | ||
<version>0.7.6</version> | ||
</dependency> | ||
</dependencies> | ||
|
||
<build> | ||
<pluginManagement><!-- lock down plugins versions to avoid using Maven defaults (may be moved to parent pom) --> | ||
<plugins> | ||
<!-- clean lifecycle, see https://maven.apache.org/ref/current/maven-core/lifecycles.html#clean_Lifecycle --> | ||
<plugin> | ||
<artifactId>maven-clean-plugin</artifactId> | ||
<version>3.1.0</version> | ||
</plugin> | ||
<!-- default lifecycle, jar packaging: see https://maven.apache.org/ref/current/maven-core/default-bindings.html#Plugin_bindings_for_jar_packaging --> | ||
<plugin> | ||
<artifactId>maven-resources-plugin</artifactId> | ||
<version>3.0.2</version> | ||
</plugin> | ||
<plugin> | ||
<artifactId>maven-compiler-plugin</artifactId> | ||
<version>3.8.0</version> | ||
</plugin> | ||
<plugin> | ||
<artifactId>maven-surefire-plugin</artifactId> | ||
<version>2.22.1</version> | ||
</plugin> | ||
<plugin> | ||
<artifactId>maven-jar-plugin</artifactId> | ||
<version>3.0.2</version> | ||
</plugin> | ||
<plugin> | ||
<artifactId>maven-install-plugin</artifactId> | ||
<version>2.5.2</version> | ||
</plugin> | ||
<plugin> | ||
<artifactId>maven-deploy-plugin</artifactId> | ||
<version>2.8.2</version> | ||
</plugin> | ||
<plugin> | ||
<artifactId>maven-site-plugin</artifactId> | ||
<version>3.7.1</version> | ||
</plugin> | ||
<plugin> | ||
<artifactId>maven-project-info-reports-plugin</artifactId> | ||
<version>3.0.0</version> | ||
</plugin> | ||
|
||
<plugin> | ||
<groupId>org.apache.maven.plugins</groupId> | ||
<artifactId>maven-assembly-plugin</artifactId> | ||
<version>3.3.0</version> | ||
|
||
<configuration> | ||
<descriptorRefs> | ||
<descriptorRef>jar-with-dependencies</descriptorRef> | ||
</descriptorRefs> | ||
<archive> | ||
<manifest> | ||
<mainClass>com.swift.dvengers.sandbox.mgwclient.ClientApp</mainClass> | ||
</manifest> | ||
</archive> | ||
</configuration> | ||
|
||
<executions> | ||
<execution> | ||
<id>make-assembly</id> | ||
<phase>package</phase> | ||
<goals> | ||
<goal>single</goal> | ||
</goals> | ||
</execution> | ||
</executions> | ||
|
||
</plugin> | ||
|
||
</plugins> | ||
</pluginManagement> | ||
</build> | ||
</project> |
94 changes: 94 additions & 0 deletions
94
src/main/java/com/swift/dvengers/sandbox/mgwclient/ClientApp.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,94 @@ | ||
package com.swift.dvengers.sandbox.mgwclient; | ||
|
||
import javax.net.ssl.*; | ||
|
||
import com.swift.dvengers.sandbox.util.Util; | ||
|
||
import okhttp3.Call; | ||
import okhttp3.OkHttpClient; | ||
import okhttp3.Request; | ||
import okhttp3.Response; | ||
|
||
public class ClientApp { | ||
|
||
private OkHttpClient client = null; | ||
private String busAppName = "BO2"; | ||
private String profileId = "trackerProfile"; | ||
private String sharedKey = "Abcd1234Abcd1234Abcd1234Abcd1234"; | ||
|
||
public ClientApp() { | ||
OkHttpClient.Builder builder = new OkHttpClient.Builder(); | ||
|
||
/* Setting up custom host name verifier to ignore the host name in the certificate provided by MGW. | ||
* This is only applicable for testing in sand box environment and should not be used in Live. | ||
*/ | ||
builder.hostnameVerifier(new HostnameVerifier() { | ||
@Override | ||
public boolean verify(String hostname, SSLSession session) { | ||
return true; | ||
} | ||
}); | ||
|
||
/* Setting up the trust store to connect to microgateway. */ | ||
System.setProperty("javax.net.ssl.trustStore", "config\\mgw.jks"); | ||
System.setProperty("javax.net.ssl.trustStorePassword", "Abcd1234"); | ||
|
||
client = builder.build(); | ||
} | ||
|
||
public static void main(String[] args) { | ||
ClientApp app = new ClientApp(); | ||
|
||
/* Run swift-apitracker/v4/payments/changed/transactions. */ | ||
app.runPaymentsChangedTransactions(); | ||
} | ||
|
||
public OkHttpClient getClient() { | ||
return client; | ||
} | ||
|
||
public String getBusAppName() { | ||
return busAppName; | ||
} | ||
|
||
public String getProfileId() { | ||
return profileId; | ||
} | ||
|
||
public String getSharedKey() { | ||
return sharedKey; | ||
} | ||
|
||
public void runPaymentsChangedTransactions() { | ||
try { | ||
/* Implementation for V4 changed transactions. */ | ||
String url = "https://localhost:9003/swift/mgw/swift-apitracker/v4/payments/changed/transactions"; | ||
String jwsSign = null; | ||
|
||
String payload = Util.buildPayload(getBusAppName(), getProfileId(), url, null); | ||
/* Sign the request. */ | ||
jwsSign = Util.sign(payload, getSharedKey()); | ||
|
||
/* Add authorization header to the request. */ | ||
Request request = new Request.Builder().url(url).addHeader("Authorization", "Bearer " + jwsSign) | ||
.addHeader("X-SWIFT-Signature", "false").build(); | ||
|
||
Call call = client.newCall(request); | ||
Response response = call.execute(); | ||
|
||
String jwsToken = response.header("Authorization"); | ||
String apiresp = response.body().string(); | ||
|
||
if (Util.verifyResponse(apiresp, jwsToken, getSharedKey())) { | ||
System.out.println("Response JWS signature is successfully verified."); | ||
} else { | ||
System.out.println("Failed to verify response JWS signature."); | ||
} | ||
/* API response. */ | ||
System.out.println("\nResponse - " + apiresp); | ||
} catch (Exception ex) { | ||
System.out.println("Error in running changed transactions"); | ||
ex.printStackTrace(); | ||
} | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,82 @@ | ||
package com.swift.dvengers.sandbox.util; | ||
|
||
import java.nio.charset.StandardCharsets; | ||
import java.security.Key; | ||
import java.security.MessageDigest; | ||
import java.util.Base64; | ||
|
||
import org.jose4j.jwa.AlgorithmConstraints; | ||
import org.jose4j.jws.AlgorithmIdentifiers; | ||
import org.jose4j.jws.JsonWebSignature; | ||
import org.jose4j.jwt.JwtClaims; | ||
import org.jose4j.keys.HmacKey; | ||
import org.jose4j.lang.HashUtil; | ||
import org.jose4j.lang.JoseException; | ||
|
||
public class Util { | ||
public static String sign(String jwsPayloadStr, String sharedKey) throws JoseException { | ||
JsonWebSignature jws = new JsonWebSignature(); | ||
jws.setPayload(jwsPayloadStr); | ||
jws.setAlgorithmHeaderValue(AlgorithmIdentifiers.HMAC_SHA256); | ||
jws.setHeader("typ", "JWT"); | ||
Key key = new HmacKey(sharedKey.getBytes()); | ||
jws.setKey(key); | ||
jws.sign(); | ||
return jws.getCompactSerialization(); | ||
} | ||
|
||
public static String buildPayload(String busAppName, String profileId, String path, Object payload) { | ||
JwtClaims claims = new JwtClaims(); | ||
|
||
claims.setGeneratedJwtId(); | ||
claims.setIssuer(busAppName); | ||
claims.setClaim("profileId", profileId); | ||
claims.setIssuedAtToNow(); | ||
claims.setExpirationTimeMinutesInTheFuture(30); | ||
claims.setClaim("absPath", path); | ||
String digest = calculateDigestValue(payload); | ||
if (digest != null) { | ||
claims.setClaim("digest", digest); | ||
} | ||
return claims.toJson(); | ||
} | ||
|
||
public static String calculateDigestValue(Object data) { | ||
String digestValue = null; | ||
if (data != null) { | ||
MessageDigest md = HashUtil.getMessageDigest("SHA-256"); | ||
digestValue = Base64.getUrlEncoder() | ||
.encodeToString(md.digest(data.toString().getBytes(StandardCharsets.UTF_8))); | ||
} | ||
return digestValue; | ||
} | ||
|
||
public static boolean verifyResponse(String responseBody, String jwsToken, String sharedKey) { | ||
boolean retval = false; | ||
|
||
try { | ||
JsonWebSignature jws = new JsonWebSignature(); | ||
jws.setCompactSerialization(jwsToken.substring("Bearer ".length())); | ||
|
||
JwtClaims jwtClaims = JwtClaims.parse(jws.getUnverifiedPayload()); | ||
if ((jwtClaims.getClaimValue("digest") != null) | ||
&& !jwtClaims.getClaimValue("digest").equals(calculateDigestValue(responseBody))) { | ||
System.out.println("Response payload digest is valid\n"); | ||
} else { | ||
System.out.println("Response payload digest is invalid\n"); | ||
return false; | ||
} | ||
|
||
jws.setAlgorithmConstraints(new AlgorithmConstraints(AlgorithmConstraints.ConstraintType.WHITELIST, | ||
AlgorithmIdentifiers.HMAC_SHA256)); | ||
Key key = new HmacKey(((String) sharedKey).getBytes(StandardCharsets.UTF_8)); | ||
jws.setKey(key); | ||
|
||
retval = jws.verifySignature(); | ||
} catch (Exception ex) { | ||
ex.printStackTrace(); | ||
} | ||
|
||
return retval; | ||
} | ||
} |
20 changes: 20 additions & 0 deletions
20
src/test/java/com/swift/dvengers/sandbox/mgwclient/AppTest.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,20 @@ | ||
package com.swift.dvengers.sandbox.mgwclient; | ||
|
||
import static org.junit.Assert.assertTrue; | ||
|
||
import org.junit.Test; | ||
|
||
/** | ||
* Unit test for simple App. | ||
*/ | ||
public class AppTest | ||
{ | ||
/** | ||
* Rigorous Test :-) | ||
*/ | ||
@Test | ||
public void shouldAnswerWithTrue() | ||
{ | ||
assertTrue( true ); | ||
} | ||
} |