release: v5.2.0 (#375)

* feat: throw exception and log error if no private key for alias found (#264) * feat: throw exception and log error if no private key for alias found * refactor: add used keyalias to printed logs * feat: check incoming payload for valid json and securityProfile attr (#266) * feat: check incoming payload for valid json and securityProfile attr * docs: update changelog * feat: enable or disable infomodel compatibility check (#267) * feat: enable or disable infomodel compatibility check via application properties * chore: fix checkstyle error * refactor: logs message reason formats (#269) * build(deps): bump infomodel-artifacts from 4.2.0 to 4.2.1 (#270) * build(deps): bump infomodel-artifacts from 4.2.0 to 4.2.1 * docs: update readme * chore: minor javadoc refactoring * docs: add missing throws to IDSBrokerService javadoc * refactor: minor log adjustments * docs: prepare release v4.3.0 * docs: add remaining missing throws and javadoc * build: pom set version to 4.3.1 * build(deps): bump checkstyle from 8.45.1 to 9.0 (#275) * build(deps): bump checkstyle from 8.45.1 to 9.0 Bumps [checkstyle](https://github.com/checkstyle/checkstyle) from 8.45.1 to 9.0. - [Release notes](https://github.com/checkstyle/checkstyle/releases) - [Commits](checkstyle/checkstyle@checkstyle-8.45.1...checkstyle-9.0) --- updated-dependencies: - dependency-name: com.puppycrawl.tools:checkstyle dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> * docs: update changelog Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Tim Berthold <[email protected]> * Add new Clearinghouse Endpoint for registering PIDs (#276) * [CLEARINGHOUSE] #FEAT 'file:ClearingHouseService' {Create method specification for registering PIDs at clearinghouse} * [CLEARINGHOUSE] #CHORE 'file:ClearingHouseService' {Remove sendlogtoclrearinghouse with random pid generation} * [CLEARINGHOUSE] #FEAT 'file:ClearingHouseService' {Implement method for sending pid request} * [CLEARINGHOUSE] #FIX 'file:ClearingHouseService' {Add PID to path, create RequestMessage Template} * [MESSAGING] #FIX 'file:RequestTemplateProvider' {Fix Checkstyle} * [CLEARINGHOUSE] #FIX 'file:ClearingHouseService' {Fix Checkstyle} * [CLEARINGHOUSE] #FEAT 'file:ClearingHouseService' {Make pid registering connectorIDs varargs, allow for arbitrary numbner of connectors sharing a pid} * refactor: code adjustments * build: set new version in pom * docs: update changelog Co-authored-by: Tim Berthold <[email protected]> Co-authored-by: Tim Berthold <[email protected]> * docs: update changelog * fix: new clearinghouse process endpoint setting * fix: response codes outside 200-299 provoke IOExceptions (#278) * fix: response codes outside 200-299 provoke IOExceptions * docs: update changelog, add links * refactor: remove not yet supported useIDSCP and useLDP (#279) * build(deps): bump maven-javadoc-plugin from 3.3.0 to 3.3.1 (#281) * build(deps): bump maven-javadoc-plugin from 3.3.0 to 3.3.1 Bumps [maven-javadoc-plugin](https://github.com/apache/maven-javadoc-plugin) from 3.3.0 to 3.3.1. - [Release notes](https://github.com/apache/maven-javadoc-plugin/releases) - [Commits](apache/maven-javadoc-plugin@maven-javadoc-plugin-3.3.0...maven-javadoc-plugin-3.3.1) --- updated-dependencies: - dependency-name: org.apache.maven.plugins:maven-javadoc-plugin dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> * docs: update changelog Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Tim Berthold <[email protected]> * chore: update infomodel artifacts 4.2.1 -> 4.2.3 (#289) * chore: update infomodel artifacts 4.2.1 -> 4.2.3 * docs: update changelog * docs: update readme * feat: log-debug outgoing messages (#286) * feat: log-debug outgoing messages * chore: fix checkstyle * chore: fix javadoc * docs: update changelog * feat: check if keystore-location is null on init (#291) * feat: check if keystore-location is null on init * chore: refactor javadoc * feat: validity check for proxy hostname (#285) * feat: Proxy-Config, if no hostname set, issue warn message and try sending without proxy * docs: update changelog * chore: add check for proxy port * test: fix ConfigProducerTest testProvider * chore: update test comment Co-authored-by: eakker <[email protected]> * chore: update org.junit.jupiter dependencies (#295) * chore: update org.junit.jupiter dependencies * chore: update changelog * docs: prepare release v5.0.0 * build(deps): bump spring dependencies (#302) * build(deps): bump spring-web from 5.3.9 to 5.3.10 (#301) Bumps [spring-web](https://github.com/spring-projects/spring-framework) from 5.3.9 to 5.3.10. - [Release notes](https://github.com/spring-projects/spring-framework/releases) - [Commits](spring-projects/spring-framework@v5.3.9...v5.3.10) --- updated-dependencies: - dependency-name: org.springframework:spring-web dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps): bump spring-webmvc from 5.3.9 to 5.3.10 (#300) Bumps [spring-webmvc](https://github.com/spring-projects/spring-framework) from 5.3.9 to 5.3.10. - [Release notes](https://github.com/spring-projects/spring-framework/releases) - [Commits](spring-projects/spring-framework@v5.3.9...v5.3.10) --- updated-dependencies: - dependency-name: org.springframework:spring-webmvc dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps-dev): bump spring-test from 5.3.9 to 5.3.10 (#299) Bumps [spring-test](https://github.com/spring-projects/spring-framework) from 5.3.9 to 5.3.10. - [Release notes](https://github.com/spring-projects/spring-framework/releases) - [Commits](spring-projects/spring-framework@v5.3.9...v5.3.10) --- updated-dependencies: - dependency-name: org.springframework:spring-test dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps): bump spring-tx from 5.3.9 to 5.3.10 (#298) Bumps [spring-tx](https://github.com/spring-projects/spring-framework) from 5.3.9 to 5.3.10. - [Release notes](https://github.com/spring-projects/spring-framework/releases) - [Commits](spring-projects/spring-framework@v5.3.9...v5.3.10) --- updated-dependencies: - dependency-name: org.springframework:spring-tx dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps): bump spring-core from 5.3.9 to 5.3.10 (#297) Bumps [spring-core](https://github.com/spring-projects/spring-framework) from 5.3.9 to 5.3.10. - [Release notes](https://github.com/spring-projects/spring-framework/releases) - [Commits](spring-projects/spring-framework@v5.3.9...v5.3.10) --- updated-dependencies: - dependency-name: org.springframework:spring-core dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * docs(changelog): spring dependency maintenance * build(pom): bump version to 5.0.1 Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(pom): exclude jena-core 4.1.0 use 4.2.0 instead (#303) * build(pom): exclude jena-core 4.1.0 use 4.2.0 instead * docs: update changelog * docs: update changelog * build: update infomodel-artifacts to v4.2.4 (#307) * build(pom): update infomodel-artifacts to v4.2.4 * docs(changelog): add infomodel maintenance * docs(changelog): fix link in infomodel maintenance * docs(readme): update used infomodel artifacts * build(pom): increase messaging-services to v5.0.2 * build(deps): bump junit-jupiter dependencies from 5.8.0 to 5.8.1 (#311) * build(deps-dev): bump junit-jupiter-engine from 5.8.0 to 5.8.1 (#310) Bumps [junit-jupiter-engine](https://github.com/junit-team/junit5) from 5.8.0 to 5.8.1. - [Release notes](https://github.com/junit-team/junit5/releases) - [Commits](https://github.com/junit-team/junit5/commits) --- updated-dependencies: - dependency-name: org.junit.jupiter:junit-jupiter-engine dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps-dev): bump junit-jupiter from 5.8.0 to 5.8.1 (#309) Bumps [junit-jupiter](https://github.com/junit-team/junit5) from 5.8.0 to 5.8.1. - [Release notes](https://github.com/junit-team/junit5/releases) - [Commits](https://github.com/junit-team/junit5/commits) --- updated-dependencies: - dependency-name: org.junit.jupiter:junit-jupiter dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps-dev): bump junit-jupiter-api from 5.8.0 to 5.8.1 (#308) Bumps [junit-jupiter-api](https://github.com/junit-team/junit5) from 5.8.0 to 5.8.1. - [Release notes](https://github.com/junit-team/junit5/releases) - [Commits](https://github.com/junit-team/junit5/commits) --- updated-dependencies: - dependency-name: org.junit.jupiter:junit-jupiter-api dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * docs(changelog): add org.junit.jupiter updates Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps): bump spring-boot-starter dependencies from 2.5.4 to 2.5.5 (#314) * build(deps): bump spring-boot-starter from 2.5.4 to 2.5.5 (#313) Bumps [spring-boot-starter](https://github.com/spring-projects/spring-boot) from 2.5.4 to 2.5.5. - [Release notes](https://github.com/spring-projects/spring-boot/releases) - [Commits](spring-projects/spring-boot@v2.5.4...v2.5.5) --- updated-dependencies: - dependency-name: org.springframework.boot:spring-boot-starter dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps-dev): bump spring-boot-starter-test from 2.5.4 to 2.5.5 (#312) Bumps [spring-boot-starter-test](https://github.com/spring-projects/spring-boot) from 2.5.4 to 2.5.5. - [Release notes](https://github.com/spring-projects/spring-boot/releases) - [Commits](spring-projects/spring-boot@v2.5.4...v2.5.5) --- updated-dependencies: - dependency-name: org.springframework.boot:spring-boot-starter-test dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * docs(changelog): bump spring-boot-starter dependencies Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps): bump checkstyle from 9.0 to 9.0.1 (#319) Bumps [checkstyle](https://github.com/checkstyle/checkstyle) from 9.0 to 9.0.1. - [Release notes](https://github.com/checkstyle/checkstyle/releases) - [Commits](checkstyle/checkstyle@checkstyle-9.0...checkstyle-9.0.1) --- updated-dependencies: - dependency-name: com.puppycrawl.tools:checkstyle dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps-dev): bump mockwebserver from 4.9.1 to 4.9.2 (#318) Bumps [mockwebserver](https://github.com/square/okhttp) from 4.9.1 to 4.9.2. - [Release notes](https://github.com/square/okhttp/releases) - [Changelog](https://github.com/square/okhttp/blob/master/CHANGELOG.md) - [Commits](square/okhttp@parent-4.9.1...parent-4.9.2) --- updated-dependencies: - dependency-name: com.squareup.okhttp3:mockwebserver dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: vdakker <[email protected]> * build(deps): bump okhttp from 4.9.1 to 4.9.2 (#317) * build(deps): bump okhttp from 4.9.1 to 4.9.2 Bumps [okhttp](https://github.com/square/okhttp) from 4.9.1 to 4.9.2. - [Release notes](https://github.com/square/okhttp/releases) - [Changelog](https://github.com/square/okhttp/blob/master/CHANGELOG.md) - [Commits](square/okhttp@parent-4.9.1...parent-4.9.2) --- updated-dependencies: - dependency-name: com.squareup.okhttp3:okhttp dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> * chore: add updates to CHANGELOG.md * chore: add pull request info to CHANGELOG.md Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: vdakker <[email protected]> * build(deps): bump lombok from 1.18.20 to 1.18.22 (#320) * build(deps): bump lombok from 1.18.20 to 1.18.22 Bumps [lombok](https://github.com/projectlombok/lombok) from 1.18.20 to 1.18.22. - [Release notes](https://github.com/projectlombok/lombok/releases) - [Changelog](https://github.com/projectlombok/lombok/blob/master/doc/changelog.markdown) - [Commits](projectlombok/lombok@v1.18.20...v1.18.22) --- updated-dependencies: - dependency-name: org.projectlombok:lombok dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> * chore: add pull request info to CHANGELOG.md Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: vdakker <[email protected]> * chore: upgrade spring 5.3.10 -> 5.3.11 (#326) * chore: upgrade spring 5.3.10 -> 5.3.11 * chore: upgrade PR info in CHANGELOG.md * feat: add log error codes (#332) * feat: add log error codes for error-level * feat: add log error codes for warn-level * feat: add log error codes for info-level * feat: add log error codes for debug-level * chore: fix checkstyle warning * docs: update changelog * build: update infomodel-artifacts to v4.2.5 (#330) * build(deps): infomodel artifacts 4.2.5 * docs(readme): update infomodel artifacts * docs: update changelog * Add check for referredConnector in MessageDispatcher (#329) * feat: add check for referredConnector in MessageDispatcher * chore: add referred.check flag defaulting to false * chore: fix checkstyle * chore: fix checkstyle * docs: edit CHANGELOG.md * chore: update changelog and pom to new minor version Co-authored-by: Tim Berthold <[email protected]> * chore: remove log-codes from log-info level * docs(readme): adapted description for log-codes * docs(changelog): adjustments to the descriptions and setting of a release date * docs(changelog): fix typos in dependency maintenance * refactor(MessageDispatcher): include issuerConnector and referringConnector URI in Rejectionmessage * docs(changelog): update description for referringConnector validation * build(deps): update spring dependencies (#341) * build(deps): bump spring-boot-starter from 2.5.5 to 2.5.6 (#340) Bumps [spring-boot-starter](https://github.com/spring-projects/spring-boot) from 2.5.5 to 2.5.6. - [Release notes](https://github.com/spring-projects/spring-boot/releases) - [Commits](spring-projects/spring-boot@v2.5.5...v2.5.6) --- updated-dependencies: - dependency-name: org.springframework.boot:spring-boot-starter dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps): bump spring-core from 5.3.11 to 5.3.12 (#339) Bumps [spring-core](https://github.com/spring-projects/spring-framework) from 5.3.11 to 5.3.12. - [Release notes](https://github.com/spring-projects/spring-framework/releases) - [Commits](spring-projects/spring-framework@v5.3.11...v5.3.12) --- updated-dependencies: - dependency-name: org.springframework:spring-core dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps): bump spring-webmvc from 5.3.11 to 5.3.12 (#338) Bumps [spring-webmvc](https://github.com/spring-projects/spring-framework) from 5.3.11 to 5.3.12. - [Release notes](https://github.com/spring-projects/spring-framework/releases) - [Commits](spring-projects/spring-framework@v5.3.11...v5.3.12) --- updated-dependencies: - dependency-name: org.springframework:spring-webmvc dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps-dev): bump spring-boot-starter-test from 2.5.5 to 2.5.6 (#337) Bumps [spring-boot-starter-test](https://github.com/spring-projects/spring-boot) from 2.5.5 to 2.5.6. - [Release notes](https://github.com/spring-projects/spring-boot/releases) - [Commits](spring-projects/spring-boot@v2.5.5...v2.5.6) --- updated-dependencies: - dependency-name: org.springframework.boot:spring-boot-starter-test dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps): bump spring-tx from 5.3.11 to 5.3.12 (#336) Bumps [spring-tx](https://github.com/spring-projects/spring-framework) from 5.3.11 to 5.3.12. - [Release notes](https://github.com/spring-projects/spring-framework/releases) - [Commits](spring-projects/spring-framework@v5.3.11...v5.3.12) --- updated-dependencies: - dependency-name: org.springframework:spring-tx dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps): bump spring-web from 5.3.11 to 5.3.12 (#335) Bumps [spring-web](https://github.com/spring-projects/spring-framework) from 5.3.11 to 5.3.12. - [Release notes](https://github.com/spring-projects/spring-framework/releases) - [Commits](spring-projects/spring-framework@v5.3.11...v5.3.12) --- updated-dependencies: - dependency-name: org.springframework:spring-web dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps-dev): bump spring-test from 5.3.11 to 5.3.12 (#334) Bumps [spring-test](https://github.com/spring-projects/spring-framework) from 5.3.11 to 5.3.12. - [Release notes](https://github.com/spring-projects/spring-framework/releases) - [Commits](spring-projects/spring-framework@v5.3.11...v5.3.12) --- updated-dependencies: - dependency-name: org.springframework:spring-test dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * docs(changelog): add spring updates * build(pom): set revision to 5.1.1 Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * feat(AisecTokenManagerService): log response body if DAT request fails (#342) * feat(AisecTokenManagerService): print response body at DAT request failure * docs(changelog): add as enhancement * build(deps): update infomodel artifacts to v4.2.6 (#343) * build(deps): update infomodel artifacts to v4.2.6 * docs(readme): update infomodel artifacts to v4.2.6 * docs(changelog): update infomodel artifacts to v4.2.6 * docs(changelog): add release date for v5.1.1 * build(deps): bump checkstyle from 9.0.1 to 9.1 (#347) * build(deps): bump checkstyle from 9.0.1 to 9.1 Bumps [checkstyle](https://github.com/checkstyle/checkstyle) from 9.0.1 to 9.1. - [Release notes](https://github.com/checkstyle/checkstyle/releases) - [Commits](checkstyle/checkstyle@checkstyle-9.0.1...checkstyle-9.1) --- updated-dependencies: - dependency-name: com.puppycrawl.tools:checkstyle dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> * docs(changelog): add dependency maintenance * build: update revision to 5.1.2 Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Tim Berthold <[email protected]> * build(deps): infomodel artifacts 4.2.7 (#350) * build(deps): bump interaction from 4.2.6 to 4.2.7 (#348) Bumps interaction from 4.2.6 to 4.2.7. --- updated-dependencies: - dependency-name: de.fraunhofer.iais.eis.ids:interaction dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps): bump infomodel-serializer from 4.2.6 to 4.2.7 (#349) Bumps infomodel-serializer from 4.2.6 to 4.2.7. --- updated-dependencies: - dependency-name: de.fraunhofer.iais.eis.ids:infomodel-serializer dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps): infomodel artifact java 4.2.7 * test: adapt major changes in test setups * docs(changelog): update infomodel maintenance * docs(readme): update IDS-Infomodel-Artifacts Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * feat: log claimsexception-message if securityprofile could not be verified (#352) * feat: log claimsexception-message if securityprofile could not verified * docs(changelog): add enhancement * refactor(DapsValidator): adjusted log message * docs(changelog): update SecurityProfile enhancement * refactor(DapsValidator): code refactoring and removing of trailing : at end of profile names * feat(AisecTokenManagerService): optional additional logging of DAPS response (#353) * feat(AisecTokenManagerService): optional additional logging of DAPS response * refactor(AisecTokenManagerService): log syntax * build(pom): set revision to 5.2.0 * docs(changelog): add text for new option * feat: cache DAT expiration and make DAT caching deactivatable and DAPS offset adjustable (#354) * feat(AisecTokenManagerService): new app.props var to configure DAPS time offset for nbf and isa in JWT to DAPS * docs(changelog): add daps.time.offset * fix(TokenProviderService): save DAT expiration on receipt instead of reading the claims each time * docs(changelog): add text for expiration date caching * feat(TokenProviderService): new app.props var to enable or disable caching of DAPS DAT * docs(changelog): add new app.props and log enhancements * refactor(TokenProviderService): only log cached DAT expiration info if DAT cached * chore: fix checkstyle * docs(changelog): add PR references * build(deps): spring updates (#360) * build(deps-dev): bump spring-test from 5.3.12 to 5.3.13 (#359) Bumps [spring-test](https://github.com/spring-projects/spring-framework) from 5.3.12 to 5.3.13. - [Release notes](https://github.com/spring-projects/spring-framework/releases) - [Commits](spring-projects/spring-framework@v5.3.12...v5.3.13) --- updated-dependencies: - dependency-name: org.springframework:spring-test dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps): bump spring-tx from 5.3.12 to 5.3.13 (#358) Bumps [spring-tx](https://github.com/spring-projects/spring-framework) from 5.3.12 to 5.3.13. - [Release notes](https://github.com/spring-projects/spring-framework/releases) - [Commits](spring-projects/spring-framework@v5.3.12...v5.3.13) --- updated-dependencies: - dependency-name: org.springframework:spring-tx dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps): bump spring-webmvc from 5.3.12 to 5.3.13 (#357) Bumps [spring-webmvc](https://github.com/spring-projects/spring-framework) from 5.3.12 to 5.3.13. - [Release notes](https://github.com/spring-projects/spring-framework/releases) - [Commits](spring-projects/spring-framework@v5.3.12...v5.3.13) --- updated-dependencies: - dependency-name: org.springframework:spring-webmvc dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps): bump spring-web from 5.3.12 to 5.3.13 (#356) Bumps [spring-web](https://github.com/spring-projects/spring-framework) from 5.3.12 to 5.3.13. - [Release notes](https://github.com/spring-projects/spring-framework/releases) - [Commits](spring-projects/spring-framework@v5.3.12...v5.3.13) --- updated-dependencies: - dependency-name: org.springframework:spring-web dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps): bump spring-core from 5.3.12 to 5.3.13 (#355) Bumps [spring-core](https://github.com/spring-projects/spring-framework) from 5.3.12 to 5.3.13. - [Release notes](https://github.com/spring-projects/spring-framework/releases) - [Commits](spring-projects/spring-framework@v5.3.12...v5.3.13) --- updated-dependencies: - dependency-name: org.springframework:spring-core dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * docs(changelog): add spring updates Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps): update spring dependencies (#363) * build(deps-dev): bump spring-boot-starter-test from 2.5.6 to 2.5.7 (#362) Bumps [spring-boot-starter-test](https://github.com/spring-projects/spring-boot) from 2.5.6 to 2.5.7. - [Release notes](https://github.com/spring-projects/spring-boot/releases) - [Commits](spring-projects/spring-boot@v2.5.6...v2.5.7) --- updated-dependencies: - dependency-name: org.springframework.boot:spring-boot-starter-test dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps): bump spring-boot-starter from 2.5.6 to 2.5.7 (#361) Bumps [spring-boot-starter](https://github.com/spring-projects/spring-boot) from 2.5.6 to 2.5.7. - [Release notes](https://github.com/spring-projects/spring-boot/releases) - [Commits](spring-projects/spring-boot@v2.5.6...v2.5.7) --- updated-dependencies: - dependency-name: org.springframework.boot:spring-boot-starter dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * docs(changelog): add spring-starter updates Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps): bump okhttp from 4.9.2 to 4.9.3 (#372) * build(deps): bump okhttp from 4.9.2 to 4.9.3 Bumps [okhttp](https://github.com/square/okhttp) from 4.9.2 to 4.9.3. - [Release notes](https://github.com/square/okhttp/releases) - [Changelog](https://github.com/square/okhttp/blob/master/CHANGELOG.md) - [Commits](square/okhttp@parent-4.9.2...parent-4.9.3) --- updated-dependencies: - dependency-name: com.squareup.okhttp3:okhttp dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> * docs(changelog): okhttp update Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Tim Berthold <[email protected]> * build(deps-dev): bump mockwebserver from 4.9.2 to 4.9.3 (#371) * build(deps-dev): bump mockwebserver from 4.9.2 to 4.9.3 Bumps [mockwebserver](https://github.com/square/okhttp) from 4.9.2 to 4.9.3. - [Release notes](https://github.com/square/okhttp/releases) - [Changelog](https://github.com/square/okhttp/blob/master/CHANGELOG.md) - [Commits](square/okhttp@parent-4.9.2...parent-4.9.3) --- updated-dependencies: - dependency-name: com.squareup.okhttp3:mockwebserver dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> * docs(changelog): mockwebserver update Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Tim Berthold <[email protected]> * build(deps): update spring dependencies (#373) * build(deps-dev): bump spring-boot-starter-test from 2.5.7 to 2.6.0 (#370) Bumps [spring-boot-starter-test](https://github.com/spring-projects/spring-boot) from 2.5.7 to 2.6.0. - [Release notes](https://github.com/spring-projects/spring-boot/releases) - [Commits](spring-projects/spring-boot@v2.5.7...v2.6.0) --- updated-dependencies: - dependency-name: org.springframework.boot:spring-boot-starter-test dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps): bump spring-boot-starter from 2.5.7 to 2.6.0 (#369) Bumps [spring-boot-starter](https://github.com/spring-projects/spring-boot) from 2.5.7 to 2.6.0. - [Release notes](https://github.com/spring-projects/spring-boot/releases) - [Commits](spring-projects/spring-boot@v2.5.7...v2.6.0) --- updated-dependencies: - dependency-name: org.springframework.boot:spring-boot-starter dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(spring): force reset Path-Matching-Strategy for Spring MVC * docs(changelog): add spring updates Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * refactor: rename new application properties (#374) * refactor: rename new application properties * docs(changelog): rename new application properties * chore: fix typo in new properties * docs(changelog): add release date Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: vdakker <[email protected]> Co-authored-by: eakker <[email protected]>
International-Data-Spaces-Association · Nov 24, 2021 · e13d25c · e13d25c
1 parent 52bab69
commit e13d25c
Show file tree

Hide file tree

Showing 10 changed files with 160 additions and 83 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -9,6 +9,37 @@
 # Changelog
 All notable changes to this project will be documented in this file.
 
+## Version [5.2.0] 2021-11-24
+
+### Minor Change: New application.properties flags
+- `daps.enable.log.jwt=true/false`, to enable DAPS response logging including the JWT. Default if not set is `false` (logging not enabled). ([PR 353](https://github.com/International-Data-Spaces-Association/IDS-Messaging-Services/pull/353))
+- `daps.enable.cache.dat=true/false`, enables or disables caching of DAPS DAT. Default if not set is `true` (caching enabled). ([PR 354](https://github.com/International-Data-Spaces-Association/IDS-Messaging-Services/pull/354))
+- `daps.time.offset.seconds=<INTEGER>`, to freely configure a possible time difference between the system of the connector and the DAPS. The entered interger value is subtracted from the current time in the form of seconds and the `isa` and `nbf` are set in the JWT from the connector to the DAPS with the adjusted time. Default if not set is `10` (current time minus 10 seconds). ([PR 354](https://github.com/International-Data-Spaces-Association/IDS-Messaging-Services/pull/354))
+
+### Patch Change: Enhancements
+- If the validation of the SecurityProfile is performed and is not successful, the reason is now also output in the logs. Possible reasons: no security profile given in DAT; registered security profile at DAPS does not match given security profile in message. ([PR 352](https://github.com/International-Data-Spaces-Association/IDS-Messaging-Services/pull/352))
+- When a DAPS DAT is received, the expiry time is cached directly when the DAT is received instead of being read from the claims for each message to be sent. Prevents an error-log-message from the JWT parser. ([Issue 351](https://github.com/International-Data-Spaces-Association/IDS-Messaging-Services/issues/351))
+- When using a cached DAPS DAT for sending a message, the expiration date is now logged at info-level, e.g. `Using cached DAPS DAT. [expiration=(Thu Nov 11 13:08:13 CET 2021)]` ([PR 354](https://github.com/International-Data-Spaces-Association/IDS-Messaging-Services/pull/354))
+
+### Patch Change: Infomodel Maintenance
+- Used Dependency Version: 4.2.7 ([PR 350](https://github.com/International-Data-Spaces-Association/IDS-Messaging-Services/pull/350))
+- Used Artifacts: java, infomodel-serializer, interaction
+- Note: There can be major changes depending on the setup, identified by us could be following:
+  - Configmodel: value of `ids:hasDefaultEndpoint` `@id` needs to be different from values of `ids:curator` `@id` and `ids:maintainer` `@id`, was allowed before (e.g. for testing).
+  - Serializer: `tokenvalue` of `DynamicAttributeToken` must not contain an empty string anymore (e.g. for testing or also in incoming requests), otherwise the serializer throws an `IOException` during deserializing -> `The following mandatory field(s) of DynamicAttributeToken are not filled or invalid: ids:tokenValue. [...]`. This change has no impact on the functionality of the `TEST_DEPLOYMENT`: if no DAT can be fetched, we use a dummy value as `tokenvalue` and thus no empty string. However, if, for whatever reason, requests are received with an empty `tokenvalue` in `TEST_DEPLOYMENT`, the serializer will now throw an `IOException`.
+
+### Patch Change: Dependency Maintenance
+- Upgrade: org.springframework.boot:spring-boot-starter-test 2.5.6 -> 2.6.0 ([PR 363](https://github.com/International-Data-Spaces-Association/IDS-Messaging-Services/pull/363), [PR 373](https://github.com/International-Data-Spaces-Association/IDS-Messaging-Services/pull/373))
+- Upgrade: org.springframework.boot:spring-boot-starter 2.5.6 -> 2.6.0 ([PR 363](https://github.com/International-Data-Spaces-Association/IDS-Messaging-Services/pull/363), [PR 373](https://github.com/International-Data-Spaces-Association/IDS-Messaging-Services/pull/373))
+- Upgrade: org.springframework:spring-webmvc 5.3.12 -> 5.3.13 ([PR 360](https://github.com/International-Data-Spaces-Association/IDS-Messaging-Services/pull/360))
+- Upgrade: org.springframework:spring-core 5.3.12 -> 5.3.13 ([PR 360](https://github.com/International-Data-Spaces-Association/IDS-Messaging-Services/pull/360))
+- Upgrade: org.springframework:spring-web 5.3.12 -> 5.3.13 ([PR 360](https://github.com/International-Data-Spaces-Association/IDS-Messaging-Services/pull/360))
+- Upgrade: org.springframework:spring-test 5.3.12 -> 5.3.13 ([PR 360](https://github.com/International-Data-Spaces-Association/IDS-Messaging-Services/pull/360))
+- Upgrade: org.springframework:spring-tx 5.3.12 -> 5.3.13 ([PR 360](https://github.com/International-Data-Spaces-Association/IDS-Messaging-Services/pull/360))
+- Upgrade: com.puppycrawl.tools:checkstyle 9.0.1 -> 9.1 ([PR 347](https://github.com/International-Data-Spaces-Association/IDS-Messaging-Services/pull/347))
+- Upgrade: com.squareup.okhttp3:mockwebserver 4.9.2 -> 4.9.3 ([PR 371](https://github.com/International-Data-Spaces-Association/IDS-Messaging-Services/pull/371))
+- Upgrade: com.squareup.okhttp3:okhttp 4.9.2 -> 4.9.3 ([PR 372](https://github.com/International-Data-Spaces-Association/IDS-Messaging-Services/pull/372))
+
 ## Version [5.1.1] 2021-10-26
 
 ### Patch Change: Enhancements

diff --git a/README.md b/README.md
@@ -25,9 +25,9 @@ The following IDS-Infomodel-Artifacts are used as dependencies.
 
 | Group | Artifact | Version |
 | ------ | ------ | ------ | 
-| de.fraunhofer.iais.eis.ids.infomodel | java | 4.2.6 |
-| de.fraunhofer.iais.eis.ids | infomodel-serializer | 4.2.6 |
-| de.fraunhofer.iais.eis.ids | interaction | 4.2.6 |
+| de.fraunhofer.iais.eis.ids.infomodel | java | 4.2.7 |
+| de.fraunhofer.iais.eis.ids | infomodel-serializer | 4.2.7 |
+| de.fraunhofer.iais.eis.ids | interaction | 4.2.7 |
 
 ## Overview: Supported IDS-Message protocols
 

diff --git a/core/src/main/java/de/fraunhofer/ids/messaging/core/daps/DapsValidator.java b/core/src/main/java/de/fraunhofer/ids/messaging/core/daps/DapsValidator.java
@@ -132,8 +132,8 @@ public boolean checkClaims(final Jws<Claims> claims,
                         extraAttributes.get("securityProfile").toString());
             } catch (ClaimsException e) {
                 if (log.isWarnEnabled()) {
-                    log.warn("Security profile does not match selfdescription!"
-                             + " [code=(IMSCOW0033)]");
+                    log.warn("SecurityProfile could not be successfully verified!"
+                             + " [message=({}), code=(IMSCOW0033)]", e.getMessage());
                 }
                 return false;
             }
@@ -142,7 +142,8 @@ public boolean checkClaims(final Jws<Claims> claims,
             return DapsVerifier.verify(claims);
         } catch (ClaimsException e) {
             if (log.isWarnEnabled()) {
-                log.warn("Claims could not be successfully verified! [code=(IMSCOW0034)]");
+                log.warn("Claims could not be successfully verified! [message=({}),"
+                         + " code=(IMSCOW0034)]", e.getMessage());
             }
             return false;
         }
@@ -191,36 +192,26 @@ public boolean checkDat(final DynamicAttributeToken token) {
     private void verifySecurityProfile(final String registered,
                                        final String given)
             throws ClaimsException {
-        //Replace full URIs (if present) by prefixed values.
-        //This simplifies the potential number of values these strings can have
-        var adjustedRegistered = registered;
-        var adjustedGiven = given;
-
         if (registered == null) {
             throw new ClaimsException("Security profile violation."
-                  + " No security profile given in DAT!");
-        }
-
-        if (registered.startsWith("https://w3id.org/idsa/code/")) {
-            adjustedRegistered = registered.replace("https://w3id.org/idsa/code/", "idsc:");
+                                      + " No security profile given in DAT!");
         }
 
-        if (given.startsWith("https://w3id.org/idsa/code/")) {
-            adjustedGiven = given.replace("https://w3id.org/idsa/code/", "idsc:");
-        }
+        final var adjustedRegistered = registered.replace("https://w3id.org/idsa/code/", "idsc:");
+        final var adjustedGiven = given.replace("https://w3id.org/idsa/code/", "idsc:");
 
         String[] includedProfiles;
         switch (adjustedRegistered) {
             case "idsc:BASE_CONNECTOR_SECURITY_PROFILE":
             case "idsc:BASE_SECURITY_PROFILE":
                 includedProfiles = baseSecProfVals;
                 break;
-            case "idsc:TRUST_SECURITY_PROFILE:":
-            case "idsc:TRUSTED_CONNECTOR_SECURITY_PROFILE:":
+            case "idsc:TRUST_SECURITY_PROFILE":
+            case "idsc:TRUSTED_CONNECTOR_SECURITY_PROFILE":
                 includedProfiles = trustSecProfVals;
                 break;
-            case "idsc:TRUST_PLUS_SECURITY_PROFILE:":
-            case "idsc:TRUSTED_CONNECTOR_PLUS_SECURITY_PROFILE:":
+            case "idsc:TRUST_PLUS_SECURITY_PROFILE":
+            case "idsc:TRUSTED_CONNECTOR_PLUS_SECURITY_PROFILE":
                 includedProfiles = plusTrustSecProfVals;
                 break;
             default:

diff --git a/core/src/main/java/de/fraunhofer/ids/messaging/core/daps/TokenProviderService.java b/core/src/main/java/de/fraunhofer/ids/messaging/core/daps/TokenProviderService.java
@@ -23,13 +23,11 @@
 import java.util.Map;
 import java.util.Objects;
 
-import de.fraunhofer.iais.eis.ConnectorDeployMode;
 import de.fraunhofer.iais.eis.DynamicAttributeToken;
 import de.fraunhofer.iais.eis.DynamicAttributeTokenBuilder;
 import de.fraunhofer.iais.eis.TokenFormat;
 import de.fraunhofer.ids.messaging.core.config.ClientProvider;
 import de.fraunhofer.ids.messaging.core.config.ConfigContainer;
-import io.jsonwebtoken.Claims;
 import lombok.extern.slf4j.Slf4j;
 import okhttp3.Request;
 import org.jose4j.jwk.JsonWebKeySet;
@@ -66,6 +64,11 @@ public class TokenProviderService implements DapsTokenProvider, DapsPublicKeyPro
      */
     private String currentJwt;
 
+    /**
+     * The expiration date of the cached DAT.
+     */
+    private Date expiration;
+
     /**
      * The public keys.
      */
@@ -77,6 +80,12 @@ public class TokenProviderService implements DapsTokenProvider, DapsPublicKeyPro
     @Value("${daps.token.url}")
     private String dapsTokenUrl;
 
+    /**
+     * Used to switch DAT caching on and off.
+     */
+    @Value("#{new Boolean('${daps.enable.cache.dat:true}')}")
+    private Boolean cacheDat;
+
     /**
      * The Daps key url kid.
      */
@@ -127,18 +136,36 @@ public String provideDapsToken()
             ConnectorMissingCertExtensionException,
             DapsConnectionException,
             DapsEmptyResponseException {
-        if (this.currentJwt == null || isExpired(currentJwt)) {
+        if (!cacheDat || currentJwt == null || isExpired()) {
             if (log.isDebugEnabled()) {
                 log.debug("Requesting a new DAT Token from DAPS! [code=(IMSCOD0101), url=({})]",
                           dapsTokenUrl);
             }
 
             currentJwt = tokenManagerService.acquireToken(dapsTokenUrl);
+            cacheExpiration();
         }
 
         return currentJwt;
     }
 
+    /**
+     * Will cache the expiration date of the acquired DAPS DAT.
+     */
+    private void cacheExpiration() {
+        try {
+            final var token = new DynamicAttributeTokenBuilder()
+                    ._tokenFormat_(TokenFormat.JWT)
+                    ._tokenValue_(currentJwt)
+                    .build();
+            final var claims = DapsValidator.getClaims(token, this.publicKeys).getBody();
+            expiration = claims.getExpiration();
+        } catch (Exception e) {
+            //Will force acquire a new token next message request.
+            expiration = null;
+        }
+    }
+
     /**
      * Return the Public Key from the DAPS JWKS.
      *
@@ -207,27 +234,22 @@ private void getPublicKeys() {
     }
 
     /**
-     * @param jwt The jwt to check expiration.
      * @return True if jwt expired.
      */
-    private boolean isExpired(final String jwt) {
-        final var token = new DynamicAttributeTokenBuilder()
-                ._tokenFormat_(TokenFormat.JWT)
-                ._tokenValue_(jwt)
-                .build();
-
-        Claims claims;
-        try {
-            claims = DapsValidator.getClaims(token, this.publicKeys).getBody();
-        } catch (ClaimsException e) {
-            if (configContainer.getConfigurationModel().getConnectorDeployMode()
-                != ConnectorDeployMode.TEST_DEPLOYMENT && log.isWarnEnabled()) {
-                    log.warn("Could not parse JWT! Treat JWT as having expired."
-                             + " [code=(IMSCOW0040)]");
+    private boolean isExpired() {
+        final var expired = expiration == null || expiration.before(Date.from(Instant.now()));
+
+        if (currentJwt != null) {
+            //Will only log if DAT was successfully acquired.
+            if (expired && log.isInfoEnabled()) {
+                log.info("Cached DAPS DAT expired or no expiration set. [expiration=({})]",
+                         expiration);
+            } else if (log.isInfoEnabled()) {
+                log.info("Using cached DAPS DAT. [expiration=({})]",
+                         expiration);
             }
-
-            return true;
         }
-        return claims.getExpiration().before(Date.from(Instant.now()));
+
+        return expired;
     }
 }
diff --git a/core/src/main/java/de/fraunhofer/ids/messaging/core/daps/aisec/AisecTokenManagerService.java b/core/src/main/java/de/fraunhofer/ids/messaging/core/daps/aisec/AisecTokenManagerService.java
@@ -45,6 +45,7 @@
 import org.bouncycastle.asn1.x509.SubjectKeyIdentifier;
 import org.jetbrains.annotations.NotNull;
 import org.json.JSONObject;
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
 import org.springframework.stereotype.Component;
 
@@ -66,9 +67,16 @@ public class AisecTokenManagerService implements TokenManagerService {
     public static final int ONE_DAY_IN_SECONDS  = 86_400;
 
     /**
-     * Seconds to subtract for the issued at value.
+     * Default offset to be used for DAPS and Connector nbf and issued at dates.
+     * Must also be declared here for special use cases.
      */
-    public static final int SECONDS_TO_SUBTRACT = 10;
+    public static final int DEFAULT_TIME_OFFSET = 10;
+
+    /**
+     * Seconds to subtract for the issued at and not before in the JWT to the DAPS.
+     */
+    @Value("#{new Integer('${daps.time.offset.seconds:10}')}")
+    private Integer offset;
 
     /**
      * The ClientProvider.
@@ -80,6 +88,12 @@ public class AisecTokenManagerService implements TokenManagerService {
      */
     private final ConfigContainer configContainer;
 
+    /**
+     * Used to switch logging the DAPS response on and off.
+     */
+    @Value("#{new Boolean('${daps.enable.log.jwt:false}')}")
+    private Boolean logDapsResponse;
+
     /***
      * Beautifies Hex strings and will generate a result later used to
      * create the client id (XX:YY:ZZ).
@@ -147,7 +161,11 @@ public String acquireToken(final String dapsUrl)
             dynamicAttributeToken = getDAT(jwtString);
 
             if (jwtResponse.isSuccessful() && log.isInfoEnabled()) {
-                log.info("Successfully received DAT from DAPS.");
+                if (logDapsResponse) {
+                    log.info("Successfully received DAT from DAPS. [response=({})]", jwtString);
+                } else {
+                    log.info("Successfully received DAT from DAPS.");
+                }
             }
         } catch (IOException e) {
             handleIOException(e);
@@ -347,15 +365,27 @@ private String getRequestToken(final String targetAudience,
     private JwtBuilder getJwtBuilder(final String targetAudience,
                                      final String connectorFingerprint,
                                      final Date expiryDate) {
+
+        if (offset == null) {
+            offset = DEFAULT_TIME_OFFSET;
+        }
+
+        if (log.isDebugEnabled()) {
+            log.debug("JWT for DAPS request: using offset seconds for issuedAt and notBefore"
+                      + " [offset=({}), code=(IMSCOD0143)]", offset);
+        }
+
+        final var timeWithOffset = Date.from(Instant.now().minusSeconds(offset));
+
         return Jwts.builder()
                    .setIssuer(connectorFingerprint)
                    .setSubject(connectorFingerprint)
                    .claim("@context", "https://w3id.org/idsa/contexts/context.jsonld")
                    .claim("@type", "ids:DatRequestToken")
                    .setExpiration(expiryDate)
-                   .setIssuedAt(Date.from(Instant.now().minusSeconds(SECONDS_TO_SUBTRACT)))
+                   .setIssuedAt(timeWithOffset)
                    .setAudience(targetAudience)
-                   .setNotBefore(Date.from(Instant.now().minusSeconds(SECONDS_TO_SUBTRACT)));
+                   .setNotBefore(timeWithOffset);
     }
 
     /**

diff --git a/core/src/test/resources/configmodel.json b/core/src/test/resources/configmodel.json
@@ -27,7 +27,7 @@
     },
     "ids:hasDefaultEndpoint" : {
       "@type": "ids:ConnectorEndpoint",
-      "@id": "https://example.com",
+      "@id": "https://example2.com",
       "ids:accessURL": {
         "@id": "https://localhost:8080/api/ids/data"
       }

diff --git a/messaging/pom.xml b/messaging/pom.xml
@@ -50,23 +50,23 @@
         <dependency>
             <groupId>org.springframework</groupId>
             <artifactId>spring-web</artifactId>
-            <version>5.3.12</version>
+            <version>5.3.13</version>
         </dependency>
 
         <!-- https://mvnrepository.com/artifact/org.springframework/spring-webmvc -->
         <!-- License: Apache License, Version 2.0 -->
         <dependency>
             <groupId>org.springframework</groupId>
             <artifactId>spring-webmvc</artifactId>
-            <version>5.3.12</version>
+            <version>5.3.13</version>
         </dependency>
 
         <!-- https://mvnrepository.com/artifact/org.springframework/spring-tx -->
         <!-- License: Apache License, Version 2.0 -->
         <dependency>
             <groupId>org.springframework</groupId>
             <artifactId>spring-tx</artifactId>
-            <version>5.3.12</version>
+            <version>5.3.13</version>
         </dependency>
     </dependencies>