v25.0.5

README.md

@@ -52,7 +52,7 @@ or use docker compose:
 
 ```console
 $ mvn clean install -pl idp-server -am -Dskip.unittests -Dskip.inttests
-$ export appVersion=25.0.4
+$ export appVersion=25.0.5
 $ export serverLoglevel=info (default)
 $ docker-compose --project-name myidp -f docker-compose-ref.yml up -d
 ```

ReleaseNotes.md

@@ -1,3 +1,8 @@
+# Release 25.0.5
+
+- replace test certificates that are about to expire
+- update dependencies
+
 # Release 25.0.4
 
 - fix copywrite header

idp-client/pom.xml

@@ -7,13 +7,13 @@
  <parent>
  <groupId>de.gematik.idp</groupId>
  <artifactId>idp-global</artifactId>
- <version>25.0.4</version>
+ <version>25.0.5</version>
  <relativePath>../pom.xml</relativePath>
  </parent>
  <groupId>de.gematik.idp</groupId>
  <artifactId>idp-client</artifactId>
 
- <version>25.0.4</version>
+ <version>25.0.5</version>
  <packaging>jar</packaging>
 
  <dependencies>

idp-commons/pom.xml

@@ -6,12 +6,12 @@
  <parent>
  <groupId>de.gematik.idp</groupId>
  <artifactId>idp-global</artifactId>
- <version>25.0.4</version>
+ <version>25.0.5</version>
  <relativePath>../pom.xml</relativePath>
  </parent>
  <artifactId>idp-commons</artifactId>
 
- <version>25.0.4</version>
+ <version>25.0.5</version>
 
  <dependencies>
 

idp-crypto/pom.xml

@@ -6,12 +6,12 @@
  <parent>
  <groupId>de.gematik.idp</groupId>
  <artifactId>idp-global</artifactId>
- <version>25.0.4</version>
+ <version>25.0.5</version>
  <relativePath>../pom.xml</relativePath>
  </parent>
 
  <artifactId>idp-crypto</artifactId>
- <version>25.0.4</version>
+ <version>25.0.5</version>
 
  <dependencies>
  <dependency>

idp-report/pom.xml

@@ -6,7 +6,7 @@
  <parent>
  <groupId>de.gematik.idp</groupId>
  <artifactId>idp-global</artifactId>
- <version>25.0.4</version>
+ <version>25.0.5</version>
  </parent>
  <artifactId>idp-report</artifactId>
 

idp-sektoral/pom.xml

@@ -7,12 +7,12 @@
  <parent>
  <groupId>de.gematik.idp</groupId>
  <artifactId>idp-global</artifactId>
- <version>25.0.4</version>
+ <version>25.0.5</version>
  <relativePath>../pom.xml</relativePath>
  </parent>
 
  <artifactId>idp-sektoral</artifactId>
- <version>25.0.4</version>
+ <version>25.0.5</version>
  <packaging>jar</packaging>
 
  <properties>

idp-server/pom.xml

@@ -7,12 +7,12 @@
  <parent>
  <groupId>de.gematik.idp</groupId>
  <artifactId>idp-global</artifactId>
- <version>25.0.4</version>
+ <version>25.0.5</version>
  <relativePath>../pom.xml</relativePath>
  </parent>
 
  <artifactId>idp-server</artifactId>
- <version>25.0.4</version>
+ <version>25.0.5</version>
  <packaging>jar</packaging>
 
  <properties>
@@ -59,7 +59,7 @@
  <dependency>
  <groupId>org.springdoc</groupId>
  <artifactId>springdoc-openapi-starter-webmvc-ui</artifactId>
- <version>2.2.0</version>
+ <version>2.3.0</version>
  </dependency>
 
  <dependency>
@@ -138,16 +138,10 @@
  <artifactId>mysql-connector-j</artifactId>
  </dependency>
  <dependency>
- <groupId>com.github.tomakehurst</groupId>
+ <groupId>org.wiremock</groupId>
  <artifactId>wiremock</artifactId>
- <version>3.0.0-beta-10</version>
+ <version>3.3.1</version>
  <scope>test</scope>
- <exclusions>
- <exclusion>
- <groupId>com.google.guava</groupId>
- <artifactId>guava</artifactId>
- </exclusion>
- </exclusions>
  </dependency>
  <dependency>
  <groupId>commons-validator</groupId>

idp-server/src/main/resources/application.yml

@@ -1,5 +1,5 @@
 idp:
- version: @project.version@
+ version: '@project.version@'
  idpSig:
  fileName: classpath:idp_sig.p12
  keyId: puk_idp_sig
@@ -18,6 +18,7 @@ idp:
  fedAuthEndpoint: "https://idpfadi.dev.gematik.solutions/auth"
  debug:
  requestLogging: true
+ loglevel: info
  subjectSaltValue: fkdlsjaviaen4evdsnavaew4vcxo
  blockedClientSystems:
  - "blocked_user_agent"
@@ -225,10 +226,6 @@ idp:
  detailMessage: "Challenge ist abgelaufen"
  error: INVALID_REQUEST
  code: 2032
-
-caching:
- discoveryDocument:
- cacheControl: "max-age=300"
 server:
  port: ${SERVER_PORT:8080}
 management:

idp-test/pom.xml

@@ -6,11 +6,11 @@
  <parent>
  <groupId>de.gematik.idp</groupId>
  <artifactId>idp-global</artifactId>
- <version>25.0.4</version>
+ <version>25.0.5</version>
  <relativePath>../pom.xml</relativePath>
  </parent>
  <artifactId>idp-test</artifactId>
- <version>25.0.4</version>
+ <version>25.0.5</version>
 
  <dependencies>
  <dependency>

idp-testsuite/pom.xml

@@ -7,18 +7,18 @@
  <parent>
  <groupId>de.gematik.idp</groupId>
  <artifactId>idp-global</artifactId>
- <version>25.0.4</version>
+ <version>25.0.5</version>
  <relativePath>../pom.xml</relativePath>
  </parent>
 
  <artifactId>idp-testsuite</artifactId>
- <version>25.0.4</version>
+ <version>25.0.5</version>
  <packaging>jar</packaging>
 
  <properties>
  <idp-server.spring.profile>idp</idp-server.spring.profile>
  <sektoral-idp.spring.profile>sektoralIdp</sektoral-idp.spring.profile>
- <version.datatable>7.14.0</version.datatable>
+ <version.datatable>7.14.1</version.datatable>
  </properties>
 
  <dependencies>

idp-testsuite/src/test/resources/features/biometrics/registration.feature

@@ -257,10 +257,10 @@ Feature: Registrierung für Alternative Authentisierung am IDP Server
  And IDP the response is an <status> error with gematik code <errid> and error '<errcode>'
 
  Examples: Liste mit Einträgen wo immer ein Zertifikat unterschiedlich aber gültig ist
- | status | errcode | errid | key_identifier | cert_access | cert_keydata | cert_public_key | cert_sign | cert_register |
- | 403 | access_denied | 4001 | keyidentdiffcert03 | egk-idp-idnumber-a-valid-ecc-2.p12 | Pub_Se_Aut-1.pem | egk-idp-idnumber-a-folgekarte-ecc.p12 | egk-idp-idnumber-a-valid-ecc-2.p12 | egk-idp-idnumber-a-valid-ecc-2.p12 |
- | 403 | access_denied | 4001 | keyidentdiffcert04 | egk-idp-idnumber-a-valid-ecc-2.p12 | Pub_Se_Aut-1.pem | egk-idp-idnumber-a-valid-ecc-2.p12 | egk-idp-idnumber-a-folgekarte-ecc.p12 | egk-idp-idnumber-a-valid-ecc-2.p12 |
- | 403 | access_denied | 4001 | keyidentdiffcert05 | egk-idp-idnumber-a-valid-ecc-2.p12 | Pub_Se_Aut-1.pem | egk-idp-idnumber-a-valid-ecc-2.p12 | egk-idp-idnumber-a-valid-ecc-2.p12 | egk-idp-idnumber-a-folgekarte-ecc.p12 |
+ | status | errcode | errid | key_identifier | cert_access | cert_keydata | cert_public_key  | cert_sign  | cert_register  |
+ | 403 | access_denied | 4001 | keyidentdiffcert03 | egk-idp-idnumber-a-valid-ecc-2.p12 | Pub_Se_Aut-1.pem | egk-idp-idnumber-a-folgekarte-ecc-2.p12 | egk-idp-idnumber-a-valid-ecc-2.p12  | egk-idp-idnumber-a-valid-ecc-2.p12  |
+ | 403 | access_denied | 4001 | keyidentdiffcert04 | egk-idp-idnumber-a-valid-ecc-2.p12 | Pub_Se_Aut-1.pem | egk-idp-idnumber-a-valid-ecc-2.p12  | egk-idp-idnumber-a-folgekarte-ecc-2.p12 | egk-idp-idnumber-a-valid-ecc-2.p12  |
+ | 403 | access_denied | 4001 | keyidentdiffcert05 | egk-idp-idnumber-a-valid-ecc-2.p12 | Pub_Se_Aut-1.pem | egk-idp-idnumber-a-valid-ecc-2.p12  | egk-idp-idnumber-a-valid-ecc-2.p12  | egk-idp-idnumber-a-folgekarte-ecc-2.p12 |
 
 
  @Approval @Ready
@@ -283,7 +283,7 @@ Feature: Registrierung für Alternative Authentisierung am IDP Server
 
  Examples: Liste mit Einträgen wo immer ein Zertifikat mit anderer IDNummer unterschiedlich aber gültig ist
  | status | errcode | errid | key_identifier | cert_access | cert_keydata | cert_public_key | cert_sign | cert_register |
- # | 400 | invalid_parameter_value | -1 | keyidentdiffcert01 | egk-idp-idnumber-a-folgekarte-ecc.p12 | Pub_Se_Aut-1.pem | egk-idp-idnumber-a-valid-ecc-2.p12 | egk-idp-idnumber-a-valid-ecc-2.p12 | egk-idp-idnumber-a-valid-ecc-2.p12 |
+ # | 400 | invalid_parameter_value | -1 | keyidentdiffcert01 | egk-idp-idnumber-a-folgekarte-ecc-2.p12 | Pub_Se_Aut-1.pem | egk-idp-idnumber-a-valid-ecc-2.p12 | egk-idp-idnumber-a-valid-ecc-2.p12 | egk-idp-idnumber-a-valid-ecc-2.p12 |
  | 403 | access_denied | 4001 | keyidentdiffcert01 | egk-idp-idnumber-b-valid-ecc-2.p12 | Pub_Se_Aut-1.pem | egk-idp-idnumber-a-valid-ecc-2.p12 | egk-idp-idnumber-a-valid-ecc-2.p12 | egk-idp-idnumber-a-valid-ecc-2.p12 |
  # | 409 | invalid_request | 4004 | keyidentdiffcert03 | egk-idp-idnumber-a-valid-ecc-2.p12 | Pub_Se_Aut-1.pem | egk-idp-idnumber-b-valid-ecc-2.p12 | egk-idp-idnumber-a-valid-ecc-2.p12 | egk-idp-idnumber-a-valid-ecc-2.p12 |
  | 403 | access_denied | 4001 | keyidentdiffcert04 | egk-idp-idnumber-a-valid-ecc-2.p12 | Pub_Se_Aut-1.pem | egk-idp-idnumber-a-valid-ecc-2.p12 | egk-idp-idnumber-b-valid-ecc-2.p12 | egk-idp-idnumber-a-valid-ecc-2.p12 |

idp-testsuite/src/test/resources/features/coreFeatures/getTokenWithSignedChallenge.feature

@@ -430,7 +430,7 @@ Feature: Fordere Access Token mit einer signierten Challenge an
  | client_id | scope | code_challenge | code_challenge_method | redirect_uri | state | nonce | response_type |
  | ${TESTENV.client_id} | ${TESTENV.scope_basisflow} | ${TESTENV.code_challenge02} | S256 | ${TESTENV.redirect_uri} | xxxstatexxx | 887766 | code |
 
- When IDP I sign the challenge with '/certs/valid/egk-idp-idnumber-a-folgekarte-ecc.p12'
+ When IDP I sign the challenge with '/certs/valid/egk-idp-idnumber-a-folgekarte-ecc-2.p12'
  And IDP I request a code token with signed challenge successfully
  And IDP I set the context with key REDIRECT_URI to '${TESTENV.redirect_uri}'
  And IDP I request an access token
@@ -676,5 +676,5 @@ Feature: Fordere Access Token mit einer signierten Challenge an
  | /certs/invalid/egk-idp-famname-null-ecc-2.p12 |
  | /certs/invalid/egk-idp-firstname-null-ecc-2.p12 |
 # | '/certs/invalid/egk-idp-orgname-null-ecc-2.p12' |
- | /certs/invalid/egk-idp-profid-null-ecc-2.p12  |
+ | /certs/invalid/egk-idp-profid-null-ecc-2.p12 |
 

pom.xml

@@ -13,7 +13,7 @@
 
  <groupId>de.gematik.idp</groupId>
  <artifactId>idp-global</artifactId>
- <version>25.0.4</version>
+ <version>25.0.5</version>
  <packaging>pom</packaging>
 
  <description>IDP</description>
@@ -91,7 +91,7 @@
  <version.aforeporter>1.2.1</version.aforeporter>
  <version.assertj>3.24.2</version.assertj>
  <version.bouncycastle.bcpkix>1.77</version.bouncycastle.bcpkix>
- <version.commons-io>2.15.0</version.commons-io>
+ <version.commons-io>2.15.1</version.commons-io>
  <version.gemLibPki>2.0.2</version.gemLibPki>
  <version.h2>2.2.224</version.h2>
  <version.json>20231013</version.json>
@@ -102,7 +102,7 @@
  <version.tiger>2.3.0</version.tiger>
  <version.unirest>3.14.5</version.unirest>
 
- <version.build-helper-maven-plugin>3.4.0</version.build-helper-maven-plugin>
+ <version.build-helper-maven-plugin>3.5.0</version.build-helper-maven-plugin>
  <version.docker-maven-plugin>0.43.4</version.docker-maven-plugin>
  <version.copy-rename-maven-plugin>1.0.1</version.copy-rename-maven-plugin>
  <version.jacoco-maven-plugin>0.8.11</version.jacoco-maven-plugin>
@@ -116,8 +116,8 @@
  <version.maven-failsafe-plugin>3.2.2</version.maven-failsafe-plugin>
  <version.maven-gpg-plugin>3.1.0</version.maven-gpg-plugin>
  <version.maven-jar-plugin>3.3.0</version.maven-jar-plugin>
- <version.maven-javadoc-plugin>3.6.2</version.maven-javadoc-plugin>
- <version.maven-project-info-reports-plugin>3.4.5</version.maven-project-info-reports-plugin>
+ <version.maven-javadoc-plugin>3.6.3</version.maven-javadoc-plugin>
+ <version.maven-project-info-reports-plugin>3.5.0</version.maven-project-info-reports-plugin>
  <!-- only needed for mvn site to avoid stack traces flooding the console -->
  <version.maven-resources-plugin>3.3.1</version.maven-resources-plugin>
  <version.maven-site-plugin>3.12.1</version.maven-site-plugin>
@@ -126,9 +126,9 @@
  <version.maven-surefire-plugin>3.2.2</version.maven-surefire-plugin>
  <version.nexus-staging-maven-plugin>1.6.13</version.nexus-staging-maven-plugin>
  <version.sonar-maven-plugin>3.10.0.2594</version.sonar-maven-plugin>
- <version.spotless-maven-plugin>2.40.0</version.spotless-maven-plugin>
+ <version.spotless-maven-plugin>2.41.1</version.spotless-maven-plugin>
  <version.spotless.google-java-format>1.15.0</version.spotless.google-java-format>
- <version.spring-boot-maven-plugin>3.1.5</version.spring-boot-maven-plugin>
+ <version.spring-boot-maven-plugin>3.2.0</version.spring-boot-maven-plugin>
  <yarnAuditAnalyzerEnabled>false</yarnAuditAnalyzerEnabled>
  </properties>