[SELC-8299] feat: added signature verification logic#158
Merged
fabiosalamonenttdata merged 17 commits intomainfrom Mar 16, 2026
Merged
[SELC-8299] feat: added signature verification logic#158fabiosalamonenttdata merged 17 commits intomainfrom
fabiosalamonenttdata merged 17 commits intomainfrom
Conversation
…into feature/SELC-8299
* Add institutionDescription and productId parameters to retrieveTemplateAttachment method. * Update DocumentServiceImp to sign documents with additional parameters. * Modify SignatureService
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
.../document-ms/src/main/java/it/pagopa/selfcare/document/service/impl/SignatureServiceImp.java
Fixed
Show fixed
Hide fixed
.../document-ms/src/main/java/it/pagopa/selfcare/document/service/impl/SignatureServiceImp.java
Fixed
Show fixed
Hide fixed
.../document-ms/src/main/java/it/pagopa/selfcare/document/service/impl/SignatureServiceImp.java
Fixed
Show fixed
Hide fixed
.../document-ms/src/main/java/it/pagopa/selfcare/document/service/impl/SignatureServiceImp.java
Fixed
Show fixed
Hide fixed
...ms/src/main/java/it/pagopa/selfcare/document/config/TrustedListsCertificateSourceConfig.java
Fixed
Show fixed
Hide fixed
… in path expression Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
…losure in a temporary directory Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
- Introduced a new parameter `skipSignatureVerification` in the SignatureRequest. - Updated tests
fabiosalamonenttdata
requested review from
a team,
giampiero-ferrara and
giulia-tremolada
as code owners
giampiero-ferrara
approved these changes
Mar 16, 2026
|
andrea-putzu
added a commit
that referenced
this pull request
Mar 23, 2026
…epo (#171) * Update headers for anac csv * Rename pdnd resources * remove validation from institution resource * fill some field description (#124) * Removed validation constraints on resource objects * Fix token analyzer for search in anac stations * Added logic to write index for ivass registry * Added api to get insurance companies by tax code and description * Changed name of ivass service from getAS to getInsurances * Added unit test about reader of insurance index * Added API to retrieve insurance company according to tax code * Added origin ID to stored document * Modified logs in order to have significant verbosity * Added api to search insurance company by description * Fix on get stations and get insurances if not file is found * Added try-catch resources to process file of ANAC/IVASS * Added format rule on tax code * Added left padding logic for taxCode in IVASS and ANAC * Added filter on getInsurance from IVASS registry * Update variables for ivass with trim whitespaces * Update helm variables for ivass * fix: Helm host dev * Update to jdk 17 * [SELC-3339] Add PodDisruptionBudget manifest in DEV and UAT (#144) * [SELC-3339] Disable PDB for all environments (#145) * [SELC-3340] Set host on ingress (UAT) (#147) * [SELC-3394] Added retry for NationalRegistries API (#149) Co-authored-by: Argentieri Luca <luca.argentieri@emeal.nttdata.com> * [SELC-3394] Added retry for NationalRegistries API (#149) (#151) * Added github action to detect breaking changes into open api (#150) * [SELC-3341] Set host on ingress (PROD) (#148) * [SELC-3470] Increase replicas - UAT (#152) * [SELC-3467] Increase replicas - PROD (#153) * [SELC-3485] Set resource request and limits - DEV (#154) * Update station model to avoid parse errors on boolean fields * [SELC-3487] Feat: add sftp connection to retrieve ANAC csv (#157) * add FTPClient and Method for download file from sftp * add sftp connection to retrieve ANAC csv * remove known-host file from repo * [SELC-3488] Feat: add scheduled Job to update anac index from sftp (#158) * add FTPClient and Method for download file from sftp * add scheduled Job to update anac index from sftp * add sftp connection to retrieve ANAC csv * remove known-host file from repo * Added commit id github action checkout * [SELC-3488] fix: update default port for anac_ftp (#160) update default port for anac_ftp * [SELC-3487][SELC-3488] (#161) * [SELC-3487] Feat: add sftp connection to retrieve ANAC csv (#157) * add FTPClient and Method for download file from sftp * add sftp connection to retrieve ANAC csv * remove known-host file from repo * [SELC-3488] Feat: add scheduled Job to update anac index from sftp (#158) * add FTPClient and Method for download file from sftp * add scheduled Job to update anac index from sftp * add sftp connection to retrieve ANAC csv * remove known-host file from repo * [SELC-3488] fix: update default port for anac_ftp (#160) update default port for anac_ftp --------- Co-authored-by: Manuel Rafeli <manuel.rafeli@pagopa.it> * [SELC-3514] Feat: - ANAC file update in AzureStorage (#162) * - added ANAC file update in AzureStorage when retrieve new file from FTP Server - added optional retrieving of file from Azure storage if server ftp doesn't contain file of the day * refactor InputStream to ByteArrayInputStream and add error log * update README * Update step for check breaking changes into github action * [SELC-3491] Set resource request and limits - UAT (#166) * [SELC-3607] Increase replicas - DEV (#167) * [SELC-3492] Set resource request and limits - PROD (#168) * feat: upgrade commons version (#170) * [EC-135] Add Terraform configuration to manage repository settings (#172) * [EC-156] Add pnpg release workflow (#173) * [EC-156] Fix typo in workflow file name (#174) * [SELC-4256] feat: modify nationalRegistriesConnector response management to avoid BadGatewayExceptions(502) (#176) * ops: disable log health check (#177) * ops: disable log health check * feat: modify verifyLegal response management (#178) * fix: Update pipeline * [SELC-3954] ops: using a common GitHub Action Swagger update (#180) * fix: Update pipeline * fix: Update pipeline * fix: Update pipeline * fix: Update pipeline * fix: Update pipeline * fix: Update pipeline * [EC-125] Add Container App infrastructure (#175) Co-authored-by: manuraf <manuel.rafeli@pagopa.it> * [EC-125] fix: added JWT_TOKEN_PUBLIC_KEY as secret (#182) * [SELC-4512] Added apim group BFF proxy for ca (#183) * chore: deployment k8s replica 0 dev (#184) * chore: fix private_dns_name pnpg * chore: added geotaxonomy-api-key secret * chore: create release pipeline * chore: remove api bff proxy unused by frontend #186 * chore: deployment k8s replica 0 uat * chore: refactor Promote prerelase release * chore: added ANAC and LUCENE env values * chore: added REST_CLIENT timeout * chore: Workload profiles migration (#188) * chore: private_dns_name for new cae * chore: Migration to Container App module with name and workload_profile empty (#189) * chore: Migration uat using terraform ca module with suffix (#191) * [SELC-4462] feat: added API to retrieve insurances by ivass code (#190) Co-authored-by: pierpaolo.didato@emeal.nttdata.com <Aiap1955?^@#> * [SELC-4622] feat: added deprecated on method findByTaxCode for IVASS registry (#192) Co-authored-by: pierpaolo.didato@emeal.nttdata.com <Aiap1955?^@#> * [SELC-4462] fix: Updated Swagger APIs description * [SELC-4462] fix: updated open api for apim * [SELC-4462] fix: Changed id for IVASS document from taxCode to originId * [SELC-4462] fix: Added trim to remove whitespaces into taxCode * [SELC-4462] fix: Added check to remove null fields from API response * chore: added initialDelaySeconds to startup health check (#199) * Fix find by tax code (#200) * [SELC-4850] fix: 500 error when search Institutions with 3 chars (#201) * [SELC-4783] feat: Added scheduler for indexing UOs with field codice_fiscale_sfe * [SELC-4851] feat: Added API to get UO from taxCodeSfe * ops: GitHub Action to detect breaking changes on Swagger (#204) * Pin dependencies (#195) Co-authored-by: renovate-pagopa[bot] <164534245+renovate-pagopa[bot]@users.noreply.github.com> * [APIM-v2 MIGRATION] change reference to apim-v2 (#205) * [SELC-5178] feat: Added classes for assertion generation (#206) * [SELC - 5220] feat: added PDND InfoCamere endpoint retrieveInstitutionsByDescription (#207) * [SELC - 5176] feat: added new endpoint to retrieve PDND infocamere institution by taxCode (#208) * [SELC-5177] feat: added PDND rest client and configs (#209) * [SELC-5177] feat: added pdnd connector with cache (#210) * [SELC-5177] feat: added cache to assertion generator and token provider (#211) * chore: Move to Container App Env workload DEV (#212) * SELC-5268 feat: added PDND authentication to infocamere API (#213) Co-authored-by: empassaro <emanuele.passaro@emeal.nttdata.com> * [SELC-5176] feat: Updated mapper to set city, county and zipCode (#214) Co-authored-by: pierpaolo.didato@emeal.nttdata.com <Aiap1955?^@#> * [SELC - 5298] feat: added PDND infocamere API to APIM (#215) * chore: Move to Container App Env workload UAT (#216) * chore: Move to Container App Env workload PROD (#217) * [SELC-4443] fix: added logs to detect anac services implementation * [SELC-4840] feat: added Ivass interceptor and utils to handle zip (#218) * [SELC-4840] feat: added Ivass base path config and set config for ivass rest connector (#219) * [SELC-4840] feat: added ivass client and ivass connector in rest connectors (#221) * [SELC-5587] feat: removed deprecated api for IVASS search by taxCode (#222) * hotfix: Disable check timestamp not Null on return Business list (#223) * [SELC-1548] feat: added scheduler for AOO IPA index (#224) * [SELC-5311] feat: Added Opex dashboard (dev) (#225) * [SELC-5311] feat: Added github action for opex * [SELC - 1547] feat: added scheduler for Institutions IPA index (#227) * fix: add skip_provider_registration true (#228) * [PNPG-241] feat: Added Tag support-pnpg to legalAddress API (#230) * [PNPG-240] feat: Added Tag support-pnpg to institutionsByLegalTaxId API (#229) * fix: Environment on opex action (#231) * [SELC-5311] feat: Added Opex dashboard * Set default value to ORIGIN Co-authored-by: pierpaolo.didato@emeal.nttdata.com * [PNPG-261] fix: separated national registries api summaries (#234) * fix: removed circuitBreaker and retry logic (#237) Co-authored-by: pierpaolo.didato@emeal.nttdata.com <Aiap1955?^@#> * [SELC-5962] feat: added tag internal-v1 to PDND-infocamere (#238) * [SALC-6134] Adding new scale rule for UAT (#239) * [SELC-5821] feat: migration to Spring Boot 3 * [SELC-5821] fix: Updated pom version for spring doc web-ui * [SELC-5821] fix: fixed rest client config for geotaxonomy apis * Updated selc-commons references * Fix request interceptor * [SELC-6432]: feat: Added check on contact field * feat: update ubuntu from 20.04 to 24.04 * [SELC-6728] fix: Fixed method of configuration of swagger * [SELC-6825] Add codeowners (#249) * [SELC-6839] feat: updated open api documentation Co-authored-by: pierpaolo.didato@emeal.nttdata.com <Aiap1955?^@#> * [SELC-6690] feat: added tag to expose IPA api to internal group * [SELC-6690] fix: removed tag from institution controller * fix: updated operation id for PDND infocamere APIs * Fix/empty mail from csv Co-authored-by: gianmarcoplutino <gianmarco.plutino@pagopa.it> Co-authored-by: pierpaolo.didato@emeal.nttdata.com <Aiap1955?^@#> * Fix swagger UI * [SELC-7257] feat: Created API to retrieve institution detail including atecoCode * Fix release-ms action in order to upload new APIs into APIM * [SELC-7257] fix: changed attribute atecoCode into a list * [SELC-7388] feat: Added new fields to pdnd to retrieve the legal nature of the entity and vatnumber * Added ResourceNotFoundException for api visura by rea * [SELC-7358] feat: Added api to retrieve xml visura document by taxCode (#261) Co-authored-by: pierpaolo.didato@emeal.nttdata.com <Aiap1955?^@#> * Fixed swagger for get visura document API * Renamed packages with bad naming * Fix error management in case of getInstitution API for PDND Infocamere (#264) * [SELC-7498] chore: Update modules version (#265) * [SELC-7548] feat: Add Azure AI Search for Institution indexing (#266) * [SELC-7550] feat: Implement event-driven indexing workflow via Dapr (#267) * [SELC-7550] feat: Add Dapr telemetry component for Application Insights (#268) * [SELC-7550] feat: Adding new domain config name (#269) * chore: Adding configuration (cherry picked from commit 0c74db10c117435db128651db20e00c8dde2584a) * chore: Adding configuration infra (cherry picked from commit b9f78c1dbbc51b2ce984ccec987fa216c4854b50) * [SELC-7553] feat: Add endpoint to search for institutions (#270) * Update CODEOWNERS * [SELC-7613] feat: Added new attr from response of infocamere * Fix source for anac data download * fix: Updated infra added env for anac FTP mode * [SELC-7765] feat: added new references to secrets for invitalia PDND infocamere (#275) * [SELC-7764] feat: added references for secret to encrypt/decrypt visura document * [SELC-7545]: fix: Updated selc common version (#277) * [SELC-7545]: fix: Updated selc common version * [SELC-7794] feat: Added onboarding-sdk * [SELC-7763] feat: Added dependency for crypto sdk to encrypt visura document * [SELC-7818]: chore: Filter Institution Search Results to Include Only Enabled Products (#282) * [SELC-7816] chore: Update openApi (#283) * Improve Entity Indexing and Min-Length Query Support for Azure AI Search (#284) * [SELC-7826] feat: Fixed search by category when category major than 3 characters * [SELC-7762] feat: added async service to store visura on Azure * Updates variables for env UAT and PROD * Updated variable for anac loader data to sftp * Feature/add cache * [SELC-7891] feat: Added localizzazioni node for pdnd vsiura mapper * chore: Update opex config * chore: Update opex config * [SELC-7897] feat: Avoided double encryption during visura storage * [SELC-7899] feat: disable dapr for pnpg (#294) * [SELC-7896] feat: Updated junit test for redis cache * [SELC-7892] feat: added env variable to skip localizzazione nodes from visura * feat: updated starter-parent version * fix: updated PDNDVisuraImpresa mapper * feat: Updated sdk onboarding * chore: Update status api tag (#299) * Update application.yml * Update infra release workflow * Update call_release_resources_infra.yml * chore: Add tag to retrieveInstitutionOnSearchEngine * chore: Migrating pipelines --------- Co-authored-by: manuraf <manuel.rafeli@pagopa.it> Co-authored-by: Pierpaolo Di Dato <pierpaolo.didato@emeal.nttdata.com> Co-authored-by: pierpaolodidato89 <137791912+pierpaolodidato89@users.noreply.github.com> Co-authored-by: pierpaolo.didato@emeal.nttdata.com <Aiap1955?^@#> Co-authored-by: Andrea Grillo <andrea.grillo@pagopa.it> Co-authored-by: flaminiaScarciofolo <113031535+flaminiaScarciofolo@users.noreply.github.com> Co-authored-by: Argentieri Luca <luca.argentieri@emeal.nttdata.com> Co-authored-by: Giulia Tremolada <124147597+giulia-tremolada@users.noreply.github.com> Co-authored-by: renovate-pagopa[bot] <164534245+renovate-pagopa[bot]@users.noreply.github.com> Co-authored-by: stefano-rughetti-nttdata <163128491+stefano-rughetti-nttdata@users.noreply.github.com> Co-authored-by: gianmarcoplutino <119858159+gianmarcoplutino@users.noreply.github.com> Co-authored-by: empassaro <113031808+empassaro@users.noreply.github.com> Co-authored-by: empassaro <emanuele.passaro@emeal.nttdata.com> Co-authored-by: Giampiero Ferrara <giampiero.ferrara@emeal.nttdata.com> Co-authored-by: Alessio Dore <57567806+AleDore@users.noreply.github.com> Co-authored-by: gianmarcoplutino <gianmarco.plutino@pagopa.it> Co-authored-by: selfcare-github-bot <146744076+selfcare-github-bot@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
List of Changes
Motivation and Context
This change aims to centralize the signature verification and signing logic within document-ms, removing the responsibility from onboarding-ms. This improves the separation of concerns and aligns with the architectural goal of delegating document-related operations to document-ms. Additionally, this change prepares the system for future enhancements related to signature management.
How Has This Been Tested?
Screenshots (if appropriate):
Types of changes
Checklist: