refactor/Remove the props pem.decode.enabled

2026-02-06 10:48:13 +00:00 · 2023-09-28 10:33:41 +02:00 · 2023-09-28 10:33:41 +02:00 · 1df6a62e85
commit 1df6a62e85
parent 0a48b8dbe0
3 changed files with 10 additions and 12 deletions
--- a/application.properties.example
+++ b/application.properties.example
@ -12,7 +12,6 @@ spring.thymeleaf.servlet.content-type=text/html;
 oauth2.admin_url=https://path/to/hydra-private

 show_unhandled_errors=true
-pem.decode.enabled=false

 obp.base_url=https://apisandbox.openbankproject.com
 endpoint.path.prefix=${obp.base_url}/open-banking/v3.1
--- a/src/main/java/com/openbankproject/oauth2/controller/ConsentController.java
+++ b/src/main/java/com/openbankproject/oauth2/controller/ConsentController.java
@ -31,6 +31,7 @@ import java.net.URLDecoder;
 import java.nio.charset.StandardCharsets;
 import java.security.MessageDigest;
 import java.security.NoSuchAlgorithmException;
+import java.security.cert.X509Certificate;
 import java.util.*;
 import java.util.regex.Matcher;
 import java.util.regex.Pattern;
@ -89,9 +90,6 @@ public class ConsentController {
    @Value("${obp.base_url:#}")
    private String obpBaseUrl;

-    @Value("${pem.decode.enabled:true}")
-    private Boolean decodePem;
-
    @Resource
    private RestTemplate restTemplate;
    @Resource
@ -412,13 +410,16 @@ public class ConsentController {
            if(metadata != null && metadata.get("client_certificate") != null) {
                logger.debug("client_certificate: " + metadata.get("client_certificate"));
                String pem = metadata.get("client_certificate");
-                if(decodePem == true) {
-                    logger.debug("decodePem is true. I will decode the pem now.");
-                    pem = URLDecoder.decode(pem,"UTF-8");
-                }
+                String decodedPem = URLDecoder.decode(pem,"UTF-8");
                logger.debug("before computing SHA256 thumbprint using parsedPem");
+                if(X509CertUtils.parse(pem) == null) {
+                    logger.debug("Use a decoded pem");
+                    x5tS256 = X509CertUtils.computeSHA256Thumbprint(X509CertUtils.parse(decodedPem)).toString();
+                } else {
+                    logger.debug("Use a pem");
                    x5tS256 = X509CertUtils.computeSHA256Thumbprint(X509CertUtils.parse(pem)).toString();
                }
+            }

            final String state = getState(consentRequest.getRequestUrl());
            final String sHash = buildHash(state);
--- a/src/main/resources/application.properties
+++ b/src/main/resources/application.properties
@ -46,5 +46,3 @@ force_jws=BGv1.3
 #logo.bank.enabled=false
 #logo.bank.url=https://static.openbankproject.com/bank/img/bank-logo.png 
        
-### URL Decode PEM
-#pem.decode.enabled=true