@Test
public void testSignPDF() throws Exception {
SignatureServiceImpl ssi = (SignatureServiceImpl) signatureService;
// first user signs
Blob origBlob = Blobs.createBlob(origPdfFile);
assertEquals(UNSIGNED, ssi.getSigningStatus(origBlob, user));
Blob signedBlob =
signatureService.signPDF(origBlob, null, user, USER_KEY_PASSWORD, "test reason");
assertNotNull(signedBlob);
assertEquals(SIGNED_CURRENT, ssi.getSigningStatus(signedBlob, user));
assertEquals(SIGNED_OTHER, ssi.getSigningStatus(signedBlob, user2));
// try for the same user to sign the certificate again
Blob signedBlobTwice = null;
try {
signedBlobTwice =
signatureService.signPDF(signedBlob, null, user, USER_KEY_PASSWORD, "test reason");
fail("Should raise AlreadySignedException");
} catch (AlreadySignedException e) {
// ok
}
// try for the second user to sign the certificate
signedBlobTwice =
signatureService.signPDF(signedBlob, null, user2, USER_KEY_PASSWORD, "test reason");
assertNotNull(signedBlobTwice);
assertEquals(SIGNED_CURRENT, ssi.getSigningStatus(signedBlobTwice, user));
assertEquals(SIGNED_CURRENT, ssi.getSigningStatus(signedBlobTwice, user2));
// test presence of multiple signatures
List<String> names = getSignatureNames(signedBlobTwice);
assertEquals(2, names.size());
assertEquals(Arrays.asList("Signature2", "Signature1"), names);
}
@Test
public void testSignPDFDocumentArchive() throws Exception {
Blob pdfBlob = Blobs.createBlob(origPdfFile, "application/pdf", null, "foo.pdf");
DocumentModel doc = session.createDocumentModel("File");
doc.setPropertyValue("file:content", (Serializable) pdfBlob);
Blob signedBlob =
signatureService.signDocument(
doc,
user,
USER_KEY_PASSWORD,
"test",
false,
SigningDisposition.ARCHIVE,
"foo archive.pdf");
assertEquals("foo.pdf", signedBlob.getFilename());
assertEquals(Arrays.asList("Signature1"), getSignatureNames(signedBlob));
assertEquals(signedBlob, doc.getPropertyValue("file:content"));
@SuppressWarnings("unchecked")
List<Map<String, Serializable>> files =
(List<Map<String, Serializable>>) doc.getPropertyValue("files:files");
assertEquals(1, files.size());
Blob archivedBlob = (Blob) files.get(0).get("file");
assertEquals("application/pdf", archivedBlob.getMimeType());
assertEquals("foo archive.pdf", archivedBlob.getFilename());
assertEquals("foo archive.pdf", files.get(0).get("filename"));
}
@Test
public void testResignDocument() throws Exception {
Blob pdfBlob = Blobs.createBlob(signedPdfFile, "application/pdf", null, "foo.pdf");
assertEquals(Arrays.asList("Signature1"), getSignatureNames(pdfBlob));
DocumentModel doc = session.createDocumentModel("File");
doc.setPropertyValue("file:content", (Serializable) pdfBlob);
Blob signedBlob =
signatureService.signDocument(
doc, user, USER_KEY_PASSWORD, "test", false, SigningDisposition.REPLACE, null);
assertEquals("foo.pdf", signedBlob.getFilename());
assertEquals(Arrays.asList("Signature2", "Signature1"), getSignatureNames(signedBlob));
}
@Test
public void testSignDocumentReplace() throws Exception {
Blob txtBlob = Blobs.createBlob(helloTxtFile, "text/plain", null, "foo.txt");
DocumentModel doc = session.createDocumentModel("File");
doc.setPropertyValue("file:content", (Serializable) txtBlob);
Blob signedBlob =
signatureService.signDocument(
doc, user, USER_KEY_PASSWORD, "test", false, SigningDisposition.REPLACE, null);
assertEquals("foo.pdf", signedBlob.getFilename());
assertEquals(Arrays.asList("Signature1"), getSignatureNames(signedBlob));
assertEquals(signedBlob, doc.getPropertyValue("file:content"));
assertEquals(Collections.emptyList(), doc.getPropertyValue("files:files"));
}
@Test
public void testGetCertificates() throws Exception {
SignatureServiceImpl ssi = (SignatureServiceImpl) signatureService;
// sign the original PDF file
Blob signedBlob =
signatureService.signPDF(
Blobs.createBlob(origPdfFile), null, user, USER_KEY_PASSWORD, "test reason");
assertNotNull(signedBlob);
// verify there are certificates in the signed file
List<X509Certificate> certificates = ssi.getCertificates(signedBlob);
assertTrue(
"There has to be at least 1 certificate in a signed document", certificates.size() > 0);
assertTrue(certificates.get(0).getSubjectDN().toString().contains("CN=Homer Simpson"));
}
@OperationMethod
public Blob run(DocumentModel doc) throws OperationException {
if (!(ctx.getPrincipal() instanceof NuxeoPrincipal)
|| !((NuxeoPrincipal) ctx.getPrincipal()).isAdministrator()) {
throw new OperationException("Not allowed. You must be administrator to use this operation");
}
DocumentModel user = userManager.getUserModel(username);
Blob originalBlob = doc.getAdapter(BlobHolder.class).getBlob();
boolean originalIsPdf = MIME_TYPE_PDF.equals(originalBlob.getMimeType());
// decide if we want PDF/A
boolean pdfa = SignatureHelper.getPDFA();
// decide disposition
SigningDisposition disposition = SignatureHelper.getDisposition(originalIsPdf);
// decide archive filename
String filename = originalBlob.getFilename();
String archiveFilename = SignatureHelper.getArchiveFilename(filename);
return signatureService.signDocument(
doc, user, password, reason, pdfa, disposition, archiveFilename);
}
@Test
public void testSignDocumentAttach() throws Exception {
Blob txtBlob = Blobs.createBlob(helloTxtFile, "text/plain", null, "foo.txt");
DocumentModel doc = session.createDocumentModel("File");
doc.setPropertyValue("file:content", (Serializable) txtBlob);
Blob signedBlob =
signatureService.signDocument(
doc, user, USER_KEY_PASSWORD, "test", false, SigningDisposition.ATTACH, null);
assertEquals("foo.pdf", signedBlob.getFilename());
assertEquals(Arrays.asList("Signature1"), getSignatureNames(signedBlob));
assertEquals(txtBlob, doc.getPropertyValue("file:content"));
@SuppressWarnings("unchecked")
List<Map<String, Serializable>> files =
(List<Map<String, Serializable>>) doc.getPropertyValue("files:files");
assertEquals(1, files.size());
assertEquals(signedBlob, files.get(0).get("file"));
}
@Test
public void testGetSigningStatus() throws Exception {
Serializable pdfBlob = (Serializable) Blobs.createBlob(origPdfFile, "application/pdf");
Serializable signedBlob = (Serializable) Blobs.createBlob(signedPdfFile, "application/pdf");
Blob otherBlob = Blobs.createBlob("foo", "application/octet-stream");
DocumentModel doc = session.createDocumentModel("File");
StatusWithBlob swb;
swb = signatureService.getSigningStatus(doc, null);
assertEquals(UNSIGNABLE, swb.status);
assertNull(swb.path);
assertNull(swb.blob);
// unsigned PDF in main file
doc.setPropertyValue("file:content", pdfBlob);
swb = signatureService.getSigningStatus(doc, null);
assertEquals(UNSIGNED, swb.status);
assertEquals("file:content", swb.path);
assertEquals(pdfBlob, swb.blob);
// signed PDF in main file
doc.setPropertyValue("file:content", signedBlob);
swb = signatureService.getSigningStatus(doc, null);
assertEquals(SIGNED_OTHER, swb.status);
assertEquals("file:content", swb.path);
assertEquals(signedBlob, swb.blob);
// not PDF in main file
doc.setPropertyValue("file:content", (Serializable) otherBlob);
swb = signatureService.getSigningStatus(doc, null);
assertEquals(UNSIGNED, swb.status);
assertEquals("file:content", swb.path);
assertEquals(otherBlob, swb.blob);
// no files attached
doc.setPropertyValue("file:content", null);
doc.setPropertyValue("files:files", null);
swb = signatureService.getSigningStatus(doc, null);
assertEquals(UNSIGNABLE, swb.status);
assertNull(swb.path);
assertNull(swb.blob);
doc.setPropertyValue("files:files", (Serializable) Collections.emptyList());
swb = signatureService.getSigningStatus(doc, null);
assertEquals(UNSIGNABLE, swb.status);
assertNull(swb.path);
assertNull(swb.blob);
// unsigned PDF attached
List<Map<String, Serializable>> fileList = new ArrayList<Map<String, Serializable>>();
fileList.add(Collections.singletonMap("file", pdfBlob));
doc.setPropertyValue("files:files", (Serializable) fileList);
swb = signatureService.getSigningStatus(doc, null);
assertEquals(UNSIGNABLE, swb.status);
assertNull(swb.path);
assertNull(swb.blob);
// signed PDF attached second
fileList.clear();
fileList.add(Collections.singletonMap("file", pdfBlob));
fileList.add(Collections.singletonMap("file", signedBlob));
doc.setPropertyValue("files:files", (Serializable) fileList);
swb = signatureService.getSigningStatus(doc, null);
assertEquals(SIGNED_OTHER, swb.status);
assertEquals("files:files/1/file", swb.path);
assertEquals(signedBlob, swb.blob);
// and PDF as main file
doc.setPropertyValue("file:content", pdfBlob);
swb = signatureService.getSigningStatus(doc, null);
assertEquals(SIGNED_OTHER, swb.status);
assertEquals("files:files/1/file", swb.path);
assertEquals(signedBlob, swb.blob);
}
