summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorThomas Lenz <thomas.lenz@egiz.gv.at>2019-05-29 13:57:17 +0200
committerThomas Lenz <thomas.lenz@egiz.gv.at>2019-05-29 13:57:17 +0200
commit3be8b5c3c139ab75db4ae9ac927800505194d987 (patch)
tree25780c470ab841a4848d5750a8ed8544900af7f0
parent522204d1c4b0cb9e3705e5e0d4605e20782fab36 (diff)
downloadEAAF-Components-3be8b5c3c139ab75db4ae9ac927800505194d987.tar.gz
EAAF-Components-3be8b5c3c139ab75db4ae9ac927800505194d987.tar.bz2
EAAF-Components-3be8b5c3c139ab75db4ae9ac927800505194d987.zip
add new attribute builder
fix some injection and dependency problems
-rw-r--r--eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/gui/AbstractGUIFormBuilderConfiguration.java13
-rw-r--r--eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/gui/AbstractVelocityGUIFormBuilderImpl.java4
-rw-r--r--eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/EidAuthenticationData.java86
-rw-r--r--eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/builder/AbstractAuthenticationDataBuilder.java3
-rw-r--r--eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java11
-rw-r--r--eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/EIDEIDTokenBuilder.java69
-rw-r--r--eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/EIDSignerCertificate.java80
-rw-r--r--eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/EidIdentityStatusLevelAttributeBuiler.java47
-rw-r--r--eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/conf/AbstractConfigurationImpl.java28
-rw-r--r--eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/conf/AbstractSpringBootConfigurationImpl.java21
-rw-r--r--eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/utils/HttpClientFactory.java4
-rw-r--r--eaaf_core/src/main/resources/META-INF/services/at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder3
-rw-r--r--eaaf_core/src/main/resources/eaaf_core.beans.xml3
-rw-r--r--eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/module/test/DummyConfiguration.java39
-rw-r--r--eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/data/PVPAttributeDefinitions.java24
-rw-r--r--eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IConfiguration.java32
-rw-r--r--eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IEidAuthData.java29
-rw-r--r--eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/tasks/AbstractCreateQualeIDRequestTask.java2
-rw-r--r--eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/tasks/AbstractReceiveQualeIDTask.java4
-rw-r--r--eaaf_modules/eaaf_module_pvp2_core/pom.xml5
-rw-r--r--eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/AuthenticationAction.java29
-rw-r--r--pom.xml9
22 files changed, 471 insertions, 74 deletions
diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/gui/AbstractGUIFormBuilderConfiguration.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/gui/AbstractGUIFormBuilderConfiguration.java
index 51b4e0b4..c9c2ec0b 100644
--- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/gui/AbstractGUIFormBuilderConfiguration.java
+++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/gui/AbstractGUIFormBuilderConfiguration.java
@@ -103,9 +103,9 @@ public abstract class AbstractGUIFormBuilderConfiguration implements IGUIBuilder
@Override
public final Map<String, Object> getViewParameters() {
//set generic parameters
- setViewParameter(PARAM_GROUP_FORM, PARAM_AUTHCONTEXT, this.authURL);
- setViewParameter(PARAM_GROUP_FORM, PARAM_FORMSUBMITENDPOINT, this.formSubmitEndpoint);
- setViewParameter(PARAM_GROUP_FORM, PARAM_VIEWNAME, this.viewName);
+ setViewParameter(getFromGroup(), PARAM_AUTHCONTEXT, this.authURL);
+ setViewParameter(getFromGroup(), PARAM_FORMSUBMITENDPOINT, this.formSubmitEndpoint);
+ setViewParameter(getFromGroup(), PARAM_VIEWNAME, this.viewName);
//get parameters from detail implementation
putSpecificViewParameters();
@@ -126,6 +126,13 @@ public abstract class AbstractGUIFormBuilderConfiguration implements IGUIBuilder
*
*/
abstract protected void putSpecificViewParameters();
+
+ /**
+ * Get the Group for generic form elements
+ *
+ * @return groupName or <code>null</code> if no groups are used
+ */
+ abstract protected String getFromGroup();
@SuppressWarnings("unchecked")
protected void setViewParameter(String group, String key, Object value) {
diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/gui/AbstractVelocityGUIFormBuilderImpl.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/gui/AbstractVelocityGUIFormBuilderImpl.java
index 65e13b5a..b9c16538 100644
--- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/gui/AbstractVelocityGUIFormBuilderImpl.java
+++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/gui/AbstractVelocityGUIFormBuilderImpl.java
@@ -77,7 +77,7 @@ public abstract class AbstractVelocityGUIFormBuilderImpl implements IVelocityGui
public final void build(HttpServletRequest httpReq, HttpServletResponse httpResp, IGUIBuilderConfiguration config,
String loggerName) throws GUIBuildException {
if (config instanceof IVelocityGUIBuilderConfiguration)
- build(httpReq, httpResp, config, loggerName);
+ build(httpReq, httpResp, (IVelocityGUIBuilderConfiguration)config, loggerName);
else
throw new IllegalStateException(this.getClass().getName() + " needs a " + IVelocityGUIBuilderConfiguration.class.getName());
@@ -88,7 +88,7 @@ public abstract class AbstractVelocityGUIFormBuilderImpl implements IVelocityGui
public final void build(HttpServletRequest httpReq, HttpServletResponse httpResp, IGUIBuilderConfiguration config,
String contentType, String loggerName) throws GUIBuildException {
if (config instanceof IVelocityGUIBuilderConfiguration)
- build(httpReq, httpResp, config, loggerName);
+ build(httpReq, httpResp, (IVelocityGUIBuilderConfiguration)config, contentType, loggerName);
else
throw new IllegalStateException(this.getClass().getName() + " needs a " + IVelocityGUIBuilderConfiguration.class.getName());
diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/EidAuthenticationData.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/EidAuthenticationData.java
new file mode 100644
index 00000000..71ee0172
--- /dev/null
+++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/EidAuthenticationData.java
@@ -0,0 +1,86 @@
+package at.gv.egiz.eaaf.core.impl.idp;
+
+import java.security.cert.CertificateEncodingException;
+import java.security.cert.X509Certificate;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.lang.NonNull;
+import org.springframework.util.Assert;
+
+import at.gv.egiz.eaaf.core.api.data.PVPAttributeDefinitions.EID_IDENTITY_STATUS_LEVEL_VALUES;
+import at.gv.egiz.eaaf.core.api.idp.IEidAuthData;
+
+public class EidAuthenticationData extends AuthenticationData implements IEidAuthData {
+ private static final Logger log = LoggerFactory.getLogger(EidAuthenticationData.class);
+
+
+ private static final long serialVersionUID = -7106142572904327044L;
+
+ private byte[] eIDToken;
+ private byte[] signerCertificate;
+ private EID_IDENTITY_STATUS_LEVEL_VALUES eidStatus;
+
+ @Override
+ public byte[] getSignerCertificate() {
+ return this.signerCertificate;
+ }
+
+ @Override
+ public byte[] getEIDToken() {
+ return this.eIDToken;
+ }
+
+ @Override
+ public EID_IDENTITY_STATUS_LEVEL_VALUES getEIDStatus() {
+ return this.eidStatus;
+
+ }
+
+
+ /**
+ * Set the status of the E-ID identity
+ *
+ * @param eidStatus
+ */
+ public void setEidStatus(EID_IDENTITY_STATUS_LEVEL_VALUES eidStatus) {
+ this.eidStatus = eidStatus;
+ }
+
+ /**
+ * Set Online IdentityLink to AuthenticationData
+ *
+ * @param eIDToken
+ */
+ public void seteIDToken(final byte[] eIDToken) {
+ this.eIDToken = eIDToken;
+
+ }
+
+ /**
+ * Set the signing certificate that was used to sign the user consent
+ *
+ * @param signerCertificate
+ */
+ public void setSignerCertificate(@NonNull final X509Certificate signerCertificate) {
+ Assert.notNull(signerCertificate, "Signer certificate is null");
+ try {
+ this.signerCertificate = signerCertificate.getEncoded();
+
+ } catch (final CertificateEncodingException e) {
+ log.warn("Can NOT serialized signer-certificate", e);
+ log.warn("Signer certificate will be ignored");
+
+ }
+ }
+
+ /**
+ * Set the signing certificate that was used to sign the user consent
+ *
+ * @param signerCertificate
+ */
+ public void setSignerCertificate(final byte[] signerCertificate) {
+ this.signerCertificate = signerCertificate;
+
+ }
+}
diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/builder/AbstractAuthenticationDataBuilder.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/builder/AbstractAuthenticationDataBuilder.java
index 2482d65f..47b1ecf9 100644
--- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/builder/AbstractAuthenticationDataBuilder.java
+++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/builder/AbstractAuthenticationDataBuilder.java
@@ -172,7 +172,6 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati
internalAuthData.setDateOfBirth(authProcessData.getGenericDataFromSession(ExtendedPVPAttributeDefinitions.BIRTHDATE_NAME, String.class));
internalAuthData.setEncSourceId(authProcessData.getGenericDataFromSession(ExtendedPVPAttributeDefinitions.EID_ENCRYPTED_SOURCEID_NAME, String.class));
internalAuthData.setEncSourceIdType(authProcessData.getGenericDataFromSession(ExtendedPVPAttributeDefinitions.EID_ENCRYPTED_SOURCEID_TYPE_NAME, String.class));
-
//####################################################
//set QAA level
@@ -574,7 +573,7 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati
* but there it is not neccesary. We fix this problem in 3.4.3, but the fix can be deactivated
* for dependency reasons.
*/
- if (basicConfig.getBasicMOAIDConfigurationBoolean(CONFIG_PROP_ENABLE_IDL_ATTRIBUTE_ESCAPEING, false)) {
+ if (basicConfig.getBasicConfigurationBoolean(CONFIG_PROP_ENABLE_IDL_ATTRIBUTE_ESCAPEING, false)) {
authData.setGivenName(identityLink.getGivenName().replaceAll("'", "&#39;"));
authData.setFamilyName(identityLink.getFamilyName().replaceAll("'", "&#39;"));
diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java
index 6f416414..087d83a2 100644
--- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java
+++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java
@@ -48,7 +48,7 @@ import at.gv.egiz.eaaf.core.api.IStatusMessenger;
import at.gv.egiz.eaaf.core.api.data.EAAFConstants;
import at.gv.egiz.eaaf.core.api.gui.IGUIBuilderConfiguration;
import at.gv.egiz.eaaf.core.api.gui.IGUIBuilderConfigurationFactory;
-import at.gv.egiz.eaaf.core.api.gui.ISpringMVCGUIFormBuilder;
+import at.gv.egiz.eaaf.core.api.gui.IGUIFormBuilder;
import at.gv.egiz.eaaf.core.api.gui.ModifyableGuiBuilderConfiguration;
import at.gv.egiz.eaaf.core.api.idp.IAction;
import at.gv.egiz.eaaf.core.api.idp.IAuthData;
@@ -83,7 +83,6 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer
@Autowired(required=true) private ITransactionStorage transactionStorage;
@Autowired(required=true) private IAuthenticationManager authmanager;
@Autowired(required=true) private IAuthenticationDataBuilder authDataBuilder;
- @Autowired(required=true) private ISpringMVCGUIFormBuilder guiBuilder;
@Autowired(required=true) private IGUIBuilderConfigurationFactory guiConfigFactory;
@Autowired(required=true) private IStatusMessenger statusMessager;
@Autowired(required=true) private IRequestStorage requestStorage;
@@ -93,6 +92,9 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer
@Autowired private IStatisticLogger statisticLogger;
@Autowired private IRevisionLogger revisionsLogger;
+
+ private IGUIFormBuilder guiBuilder;
+
/* (non-Javadoc)
* @see at.gv.egiz.eaaf.core.impl.idp.auth.services.IProtocolAuthenticationService#performAuthentication(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, at.gv.egiz.eaaf.core.api.IRequest)
*/
@@ -257,6 +259,11 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer
}
+
+ public void setGuiBuilder(IGUIFormBuilder guiBuilder) {
+ this.guiBuilder = guiBuilder;
+ }
+
/**
* Finalize the requested protocol operation
*
diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/EIDEIDTokenBuilder.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/EIDEIDTokenBuilder.java
new file mode 100644
index 00000000..698393ea
--- /dev/null
+++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/EIDEIDTokenBuilder.java
@@ -0,0 +1,69 @@
+/*******************************************************************************
+ * Copyright 2019 Graz University of Technology
+ * EAAF-Core Components has been developed in a cooperation between EGIZ,
+ * A-SIT Plus, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
+package at.gv.egiz.eaaf.core.impl.idp.builder.attributes;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.util.Base64Utils;
+
+import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator;
+import at.gv.egiz.eaaf.core.api.idp.IAuthData;
+import at.gv.egiz.eaaf.core.api.idp.IEidAuthData;
+import at.gv.egiz.eaaf.core.api.idp.IPVPAttributeBuilder;
+import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
+import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException;
+import at.gv.egiz.eaaf.core.exceptions.UnavailableAttributeException;
+
+@PVPMETADATA
+public class EIDEIDTokenBuilder implements IPVPAttributeBuilder {
+ private static final Logger log = LoggerFactory.getLogger(EIDEIDTokenBuilder.class);
+
+
+ @Override
+ public String getName() {
+ return EID_E_ID_TOKEN_NAME;
+ }
+
+ @Override
+ public <ATT> ATT build(final ISPConfiguration oaParam, final IAuthData authData,
+ final IAttributeGenerator<ATT> g) throws AttributeBuilderException {
+
+ if (authData instanceof IEidAuthData) {
+ if (((IEidAuthData)authData).getEIDToken() == null)
+ throw new UnavailableAttributeException(EID_E_ID_TOKEN_NAME);
+
+ return g.buildStringAttribute(EID_E_ID_TOKEN_FRIENDLY_NAME,
+ EID_E_ID_TOKEN_NAME, Base64Utils.encodeToString(((IEidAuthData)authData).getEIDToken()));
+ } else
+ log.info(EID_E_ID_TOKEN_FRIENDLY_NAME + " is only available in AuthHandler context");
+
+ throw new UnavailableAttributeException(EID_E_ID_TOKEN_NAME);
+ }
+
+ @Override
+ public <ATT> ATT buildEmpty(final IAttributeGenerator<ATT> g) {
+ return g.buildEmptyAttribute(EID_E_ID_TOKEN_FRIENDLY_NAME,
+ EID_E_ID_TOKEN_NAME);
+ }
+
+}
diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/EIDSignerCertificate.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/EIDSignerCertificate.java
new file mode 100644
index 00000000..bab521b4
--- /dev/null
+++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/EIDSignerCertificate.java
@@ -0,0 +1,80 @@
+/*******************************************************************************
+ * Copyright 2019 Graz University of Technology
+ * EAAF-Core Components has been developed in a cooperation between EGIZ,
+ * A-SIT Plus, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
+package at.gv.egiz.eaaf.core.impl.idp.builder.attributes;
+
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.util.Base64Utils;
+
+import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator;
+import at.gv.egiz.eaaf.core.api.idp.IAuthData;
+import at.gv.egiz.eaaf.core.api.idp.IEidAuthData;
+import at.gv.egiz.eaaf.core.api.idp.IPVPAttributeBuilder;
+import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
+import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException;
+import at.gv.egiz.eaaf.core.exceptions.UnavailableAttributeException;
+
+@PVPMETADATA
+public class EIDSignerCertificate implements IPVPAttributeBuilder {
+ private static final Logger log = LoggerFactory.getLogger(EIDSignerCertificate.class);
+
+ @Override
+ public String getName() {
+ return EID_SIGNER_CERTIFICATE_NAME;
+ }
+
+ @Override
+ public <ATT> ATT build(final ISPConfiguration oaParam, final IAuthData authData,
+ final IAttributeGenerator<ATT> g) throws AttributeBuilderException {
+
+ if (authData instanceof IEidAuthData) {
+ try {
+
+ final byte[] signerCertificate = ((IEidAuthData)authData).getSignerCertificate();
+ if (signerCertificate != null) {
+ return g.buildStringAttribute(EID_SIGNER_CERTIFICATE_FRIENDLY_NAME, EID_SIGNER_CERTIFICATE_NAME,
+ Base64Utils.encodeToString(signerCertificate));
+
+ } else
+ log.info(EID_SIGNER_CERTIFICATE_FRIENDLY_NAME + " is only available in MOA-ID context");
+
+ } catch (final Exception e) {
+ log.info("Signer certificate BASE64 encoding error");
+
+ }
+
+ } else
+ log.info(EID_SIGNER_CERTIFICATE_FRIENDLY_NAME + " is only available in AuthHandler context");
+
+
+ throw new UnavailableAttributeException(EID_SIGNER_CERTIFICATE_NAME);
+
+ }
+
+ @Override
+ public <ATT> ATT buildEmpty(final IAttributeGenerator<ATT> g) {
+ return g.buildEmptyAttribute(EID_SIGNER_CERTIFICATE_FRIENDLY_NAME, EID_SIGNER_CERTIFICATE_NAME);
+ }
+
+}
diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/EidIdentityStatusLevelAttributeBuiler.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/EidIdentityStatusLevelAttributeBuiler.java
new file mode 100644
index 00000000..6a8de559
--- /dev/null
+++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/EidIdentityStatusLevelAttributeBuiler.java
@@ -0,0 +1,47 @@
+package at.gv.egiz.eaaf.core.impl.idp.builder.attributes;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator;
+import at.gv.egiz.eaaf.core.api.idp.IAuthData;
+import at.gv.egiz.eaaf.core.api.idp.IEidAuthData;
+import at.gv.egiz.eaaf.core.api.idp.IPVPAttributeBuilder;
+import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
+import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException;
+import at.gv.egiz.eaaf.core.exceptions.UnavailableAttributeException;
+
+@PVPMETADATA
+public class EidIdentityStatusLevelAttributeBuiler implements IPVPAttributeBuilder {
+ private static final Logger log = LoggerFactory.getLogger(EidIdentityStatusLevelAttributeBuiler.class);
+
+ @Override
+ public String getName() {
+ return EID_IDENTITY_STATUS_LEVEL_NAME;
+ }
+
+ @Override
+ public <ATT> ATT build(ISPConfiguration oaParam, IAuthData authData, IAttributeGenerator<ATT> g)
+ throws AttributeBuilderException {
+
+ if (authData instanceof IEidAuthData) {
+ if (((IEidAuthData)authData).getEIDStatus() == null)
+ throw new UnavailableAttributeException(getName());
+
+ return g.buildStringAttribute(getFriendlyName(),
+ getName(), ((IEidAuthData)authData).getEIDStatus().getURI());
+ } else
+ log.info(getFriendlyName() + " is only available in EAAF context");
+
+ throw new UnavailableAttributeException(getName());
+ }
+
+ @Override
+ public <ATT> ATT buildEmpty(IAttributeGenerator<ATT> g) {
+ return g.buildEmptyAttribute(getFriendlyName(), getName());
+ }
+
+ private String getFriendlyName() {
+ return EID_IDENTITY_STATUS_LEVEL_FRIENDLY_NAME;
+ }
+}
diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/conf/AbstractConfigurationImpl.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/conf/AbstractConfigurationImpl.java
index af009b10..55662326 100644
--- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/conf/AbstractConfigurationImpl.java
+++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/conf/AbstractConfigurationImpl.java
@@ -158,19 +158,31 @@ public abstract class AbstractConfigurationImpl implements IExtendedConfiguratio
return defaultValue;
}
+
@Override
- public Map<String, String> getBasicMOAIDConfigurationWithPrefix(String prefix) {
- return KeyValueUtils.getSubSetWithPrefix(KeyValueUtils.convertPropertiesToMap(properties), addPrefixToKey(prefix));
+ public Boolean getBasicConfigurationBoolean(String key) {
+ final String value = getBasicConfiguration(key);
+ if (value != null)
+ return Boolean.parseBoolean(value);
+ else
+ return null;
}
+
@Override
- public boolean getBasicMOAIDConfigurationBoolean(String key, boolean defaultValue) {
- final String value = getBasicConfiguration(key);
- if (StringUtils.isNotEmpty(value))
- return Boolean.valueOf(value.trim());
-
- return defaultValue;
+ public boolean getBasicConfigurationBoolean(String key, boolean defaultValue) {
+ final Boolean result = getBasicConfigurationBoolean(key);
+ if (result != null)
+ return result;
+ else
+ return defaultValue;
+
+ }
+
+ @Override
+ public Map<String, String> getBasicConfigurationWithPrefix(String prefix) {
+ return KeyValueUtils.getSubSetWithPrefix(KeyValueUtils.convertPropertiesToMap(properties), addPrefixToKey(prefix));
}
diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/conf/AbstractSpringBootConfigurationImpl.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/conf/AbstractSpringBootConfigurationImpl.java
index 62245331..1a344feb 100644
--- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/conf/AbstractSpringBootConfigurationImpl.java
+++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/conf/AbstractSpringBootConfigurationImpl.java
@@ -88,7 +88,7 @@ public abstract class AbstractSpringBootConfigurationImpl implements IConfigurat
}
@Override
- public Map<String, String> getBasicMOAIDConfigurationWithPrefix(String prefix) {
+ public Map<String, String> getBasicConfigurationWithPrefix(String prefix) {
final Map<String, String> configProps = getPropertiesStartingWith((ConfigurableEnvironment) env, addPrefixToKey(prefix));
return KeyValueUtils.removePrefixFromKeys(configProps, addPrefixToKey(prefix) + ".");
@@ -96,17 +96,24 @@ public abstract class AbstractSpringBootConfigurationImpl implements IConfigurat
}
@Override
- public boolean getBasicMOAIDConfigurationBoolean(String key, boolean defaultValue) {
- final String value = getBasicConfiguration(key);
+ public Boolean getBasicConfigurationBoolean(String key) {
+ final String value = getBasicConfiguration(key);
if (StringUtils.isNotEmpty(value))
return Boolean.valueOf(value.trim());
-
- return defaultValue;
-
+ else
+ return null;
}
-
@Override
+ public boolean getBasicConfigurationBoolean(String key, boolean defaultValue) {
+ final Boolean value = getBasicConfigurationBoolean(key);
+ if (value != null)
+ return value;
+ else
+ return defaultValue;
+ }
+
+ @Override
public URI getConfigurationRootDirectory() {
try {
return new URI(env.getRequiredProperty(addPrefixToKey(PROP_CONFIG_ROOT_DIR)));
diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/utils/HttpClientFactory.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/utils/HttpClientFactory.java
index a5b79f6a..926b2bd5 100644
--- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/utils/HttpClientFactory.java
+++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/utils/HttpClientFactory.java
@@ -75,7 +75,7 @@ public class HttpClientFactory {
httpClientBuilder.setDefaultRequestConfig(requestConfig);
//set pool connection if requested
- if (basicConfig.getBasicMOAIDConfigurationBoolean(
+ if (basicConfig.getBasicConfigurationBoolean(
PROP_CONFIG_CLIENT_HTTP_CONNECTION_POOL_USE,
true)) {
final PoolingHttpClientConnectionManager pool = new PoolingHttpClientConnectionManager();
@@ -97,7 +97,7 @@ public class HttpClientFactory {
log.trace("Initializing SSL Context ... ");
final SSLContext sslContext = SSLContext.getDefault();
HostnameVerifier hostnameVerifier = null;
- if (basicConfig.getBasicMOAIDConfigurationBoolean(
+ if (basicConfig.getBasicConfigurationBoolean(
PROP_CONFIG_CLIENT_HTTP_SSL_HOSTNAMEVERIFIER_TRUSTALL,
false)) {
hostnameVerifier = new NoopHostnameVerifier();
diff --git a/eaaf_core/src/main/resources/META-INF/services/at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder b/eaaf_core/src/main/resources/META-INF/services/at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder
index 2decf67c..6e7f9a46 100644
--- a/eaaf_core/src/main/resources/META-INF/services/at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder
+++ b/eaaf_core/src/main/resources/META-INF/services/at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder
@@ -9,3 +9,6 @@ at.gv.egiz.eaaf.core.impl.idp.builder.attributes.EIDeIDASQAALevelAttributeBuilde
at.gv.egiz.eaaf.core.impl.idp.builder.attributes.BPKAttributeBuilder
at.gv.egiz.eaaf.core.impl.idp.builder.attributes.EIDSectorForIDAttributeBuilder
at.gv.egiz.eaaf.core.impl.idp.builder.attributes.EIDIdentityLinkBuilder
+at.gv.egiz.eaaf.core.impl.idp.builder.attributes.EIDEIDTokenBuilder
+at.gv.egiz.eaaf.core.impl.idp.builder.attributes.EIDSignerCertificate
+at.gv.egiz.eaaf.core.impl.idp.builder.attributes.EidIdentityStatusLevelAttributeBuiler \ No newline at end of file
diff --git a/eaaf_core/src/main/resources/eaaf_core.beans.xml b/eaaf_core/src/main/resources/eaaf_core.beans.xml
index e750a49f..27b0f381 100644
--- a/eaaf_core/src/main/resources/eaaf_core.beans.xml
+++ b/eaaf_core/src/main/resources/eaaf_core.beans.xml
@@ -12,9 +12,6 @@
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd
http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd">
- <bean id="eaafProtocolAuthenticationService"
- class="at.gv.egiz.eaaf.core.impl.idp.auth.services.ProtocolAuthenticationService" />
-
<bean id="httpClientFactory"
class="at.gv.egiz.eaaf.core.impl.utils.HttpClientFactory" />
diff --git a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/module/test/DummyConfiguration.java b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/module/test/DummyConfiguration.java
index 880582cd..ffb921ce 100644
--- a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/module/test/DummyConfiguration.java
+++ b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/module/test/DummyConfiguration.java
@@ -27,25 +27,11 @@ public class DummyConfiguration implements IConfiguration {
}
@Override
- public Map<String, String> getBasicMOAIDConfigurationWithPrefix(String prefix) {
+ public Map<String, String> getBasicConfigurationWithPrefix(String prefix) {
// TODO Auto-generated method stub
return null;
}
-
- @Override
- public boolean getBasicMOAIDConfigurationBoolean(String key, boolean defaultValue) {
- if (AbstractAuthenticationDataBuilder.CONFIG_PROP_ENABLE_IDL_ATTRIBUTE_ESCAPEING.equals(key)) {
- if (isIDLEscapingEnabled == null)
- return defaultValue;
- else
- return isIDLEscapingEnabled;
-
- }
-
-
- return false;
- }
-
+
@Override
public ISPConfiguration getServiceProviderConfiguration(String uniqueID) throws EAAFConfigurationException {
// TODO Auto-generated method stub
@@ -74,4 +60,25 @@ public class DummyConfiguration implements IConfiguration {
public void setIsIDLEscapingEnabled(Boolean isIDLEscapingEnabled) {
this.isIDLEscapingEnabled = isIDLEscapingEnabled;
}
+
+ @Override
+ public Boolean getBasicConfigurationBoolean(String key) {
+ return null;
+
+ }
+
+ @Override
+ public boolean getBasicConfigurationBoolean(String key, boolean defaultValue) {
+ if (AbstractAuthenticationDataBuilder.CONFIG_PROP_ENABLE_IDL_ATTRIBUTE_ESCAPEING.equals(key)) {
+ if (isIDLEscapingEnabled == null)
+ return defaultValue;
+ else
+ return isIDLEscapingEnabled;
+
+ }
+
+
+ return false;
+
+ }
}
diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/data/PVPAttributeDefinitions.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/data/PVPAttributeDefinitions.java
index 2a92e5f3..e4ebe433 100644
--- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/data/PVPAttributeDefinitions.java
+++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/data/PVPAttributeDefinitions.java
@@ -133,6 +133,30 @@ public interface PVPAttributeDefinitions {
public static final String EID_CITIZEN_EIDAS_QAA_LEVEL_OID = "1.2.40.0.10.2.1.1.261.108";
public static final String EID_CITIZEN_EIDAS_QAA_LEVEL_NAME = URN_OID_PREFIX + EID_CITIZEN_EIDAS_QAA_LEVEL_OID;
public static final String EID_CITIZEN_EIDAS_QAA_LEVEL_FRIENDLY_NAME = "EID-CITIZEN-QAA-EIDAS-LEVEL";
+
+ public static final String EID_IDENTITY_STATUS_LEVEL_OID = "1.2.40.0.10.2.1.1.261.109";
+ public static final String EID_IDENTITY_STATUS_LEVEL_NAME = URN_OID_PREFIX + EID_IDENTITY_STATUS_LEVEL_OID;
+ public static final String EID_IDENTITY_STATUS_LEVEL_FRIENDLY_NAME = "EID-IDENTITY-STATUS-LEVEL";
+ public enum EID_IDENTITY_STATUS_LEVEL_VALUES {
+ IDENTITY("http://eid.gv.at/eID/status/identity"),
+ TESTIDENTITY("http://eid.gv.at/eID/status/testidentity"),
+ SYSTEM("http://eid.gv.at/eID/status/system");
+
+ private final String uri;
+
+ private EID_IDENTITY_STATUS_LEVEL_VALUES(String uri) {
+ this.uri = uri;
+ }
+
+ /**
+ * Get the URI based status identifier of an E-ID
+ *
+ * @return
+ */
+ public String getURI() {
+ return this.uri;
+ }
+ };
public static final String EID_ISSUING_NATION_OID = "1.2.40.0.10.2.1.1.261.32";
public static final String EID_ISSUING_NATION_NAME = URN_OID_PREFIX + EID_ISSUING_NATION_OID;
diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IConfiguration.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IConfiguration.java
index eceec2a6..7d564b58 100644
--- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IConfiguration.java
+++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IConfiguration.java
@@ -57,27 +57,35 @@ public interface IConfiguration {
*/
public String getBasicConfiguration(final String key, final String defaultValue);
+
/**
- * Get a set of configuration values from file based configuration that starts with this prefix
- * <br><br>
- * <b>Important:</b> The configuration values must be of type String!
+ * Get a configuration value from file based configuration
*
- * @param prefix Prefix of the configuration key
- * @return Map<String, String> without prefix, but never null
+ * @param key configuration key
+ * @return configuration value as {@link Boolean.parseBoolean(value)} or <code>null</code> if key does not exist
*/
- public Map<String, String> getBasicMOAIDConfigurationWithPrefix(final String prefix);
-
+ public Boolean getBasicConfigurationBoolean(final String key);
/**
- * Get a boolean value from basic MOA-ID configuration file
+ * Get a configuration value from file based configuration
*
- * @param key Configuration key
- * @param defaultValue Default result
- * @return returns the value of the configuration key, or the default value if the key is not set
+ * @param key configuration key
+ * @param defaultValue Default value if no value with this key is found
+ * @return configuration value as {@link Boolean.parseBoolean(value)} or <code>defaultValue</code> if key does not exist
*/
- public boolean getBasicMOAIDConfigurationBoolean(String key, boolean defaultValue);
+ public boolean getBasicConfigurationBoolean(final String key, final boolean defaultValue);
/**
+ * Get a set of configuration values from file based configuration that starts with this prefix
+ * <br><br>
+ * <b>Important:</b> The configuration values must be of type String!
+ *
+ * @param prefix Prefix of the configuration key
+ * @return Map<String, String> without prefix, but never null
+ */
+ public Map<String, String> getBasicConfigurationWithPrefix(final String prefix);
+
+ /**
* Get a configuration entry for a specific Service Provider
*
* @param uniqueID Unique identifier of the Service Provider
diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IEidAuthData.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IEidAuthData.java
new file mode 100644
index 00000000..44ece8fe
--- /dev/null
+++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IEidAuthData.java
@@ -0,0 +1,29 @@
+package at.gv.egiz.eaaf.core.api.idp;
+
+import at.gv.egiz.eaaf.core.api.data.PVPAttributeDefinitions;
+
+public interface IEidAuthData extends IAuthData {
+
+ /**
+ * Get the serialized signing certificate that was used to sign the consent
+ *
+ * @return
+ */
+ byte[] getSignerCertificate();
+
+
+ /**
+ * Get the serialized E-ID token that can be used to validate the Identity-Link
+ *
+ * @return
+ */
+ byte[] getEIDToken();
+
+
+ /**
+ * Get the status of the E-ID
+ *
+ * @return {@link PVPAttributeDefinitions.EID_IDENTITY_STATUS_LEVEL_VALUES}
+ */
+ PVPAttributeDefinitions.EID_IDENTITY_STATUS_LEVEL_VALUES getEIDStatus();
+}
diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/tasks/AbstractCreateQualeIDRequestTask.java b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/tasks/AbstractCreateQualeIDRequestTask.java
index b0949cd3..dfcaaf5a 100644
--- a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/tasks/AbstractCreateQualeIDRequestTask.java
+++ b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/tasks/AbstractCreateQualeIDRequestTask.java
@@ -183,7 +183,7 @@ public abstract class AbstractCreateQualeIDRequestTask extends AbstractAuthServl
//String spSpecificVDAEndpoints = oaConfig.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_SL20_ENDPOINTS);
final String spSpecificVDAEndpoints = null;
- final Map<String, String> endPointMap = authConfig.getBasicMOAIDConfigurationWithPrefix(Constants.CONFIG_PROP_VDA_ENDPOINT_QUALeID_LIST);
+ final Map<String, String> endPointMap = authConfig.getBasicConfigurationWithPrefix(Constants.CONFIG_PROP_VDA_ENDPOINT_QUALeID_LIST);
if (StringUtils.isNotEmpty(spSpecificVDAEndpoints)) {
endPointMap.putAll(KeyValueUtils.convertListToMap(
KeyValueUtils.getListOfCSVValues(
diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/tasks/AbstractReceiveQualeIDTask.java b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/tasks/AbstractReceiveQualeIDTask.java
index a377a4c0..5abbd543 100644
--- a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/tasks/AbstractReceiveQualeIDTask.java
+++ b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/tasks/AbstractReceiveQualeIDTask.java
@@ -100,10 +100,10 @@ public abstract class AbstractReceiveQualeIDTask extends AbstractAuthServletTask
//validate signature
final VerificationResult payLoadContainer = SL20JSONExtractorUtils.extractSL20PayLoad(
sl20ReqObj, joseTools,
- authConfig.getBasicMOAIDConfigurationBoolean(Constants.CONFIG_PROP_FORCE_EID_SIGNED_RESULT, true));
+ authConfig.getBasicConfigurationBoolean(Constants.CONFIG_PROP_FORCE_EID_SIGNED_RESULT, true));
if ( (payLoadContainer.isValidSigned() == null || !payLoadContainer.isValidSigned())) {
- if (authConfig.getBasicMOAIDConfigurationBoolean(Constants.CONFIG_PROP_FORCE_EID_SIGNED_RESULT, true)) {
+ if (authConfig.getBasicConfigurationBoolean(Constants.CONFIG_PROP_FORCE_EID_SIGNED_RESULT, true)) {
log.info("SL20 result from VDA was not valid signed");
throw new SL20SecurityException(new Object[]{"Signature on SL20 result NOT valid."});
diff --git a/eaaf_modules/eaaf_module_pvp2_core/pom.xml b/eaaf_modules/eaaf_module_pvp2_core/pom.xml
index e5cc555a..ae942318 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/pom.xml
+++ b/eaaf_modules/eaaf_module_pvp2_core/pom.xml
@@ -62,6 +62,11 @@
<artifactId>xmlsec</artifactId>
</dependency>
<dependency>
+ <groupId>org.bouncycastle</groupId>
+ <artifactId>bcprov-jdk15on</artifactId>
+ </dependency>
+
+ <dependency>
<groupId>org.owasp.esapi</groupId>
<artifactId>esapi</artifactId>
</dependency>
diff --git a/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/AuthenticationAction.java b/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/AuthenticationAction.java
index 4ec7cf99..cbbed659 100644
--- a/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/AuthenticationAction.java
+++ b/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/AuthenticationAction.java
@@ -90,31 +90,32 @@ public class AuthenticationAction implements IAction {
}
+ @Override
public SLOInformationInterface processRequest(IRequest req, HttpServletRequest httpReq,
HttpServletResponse httpResp, IAuthData authData) throws ResponderErrorException {
- PVPSProfilePendingRequest pvpRequest = (PVPSProfilePendingRequest) req;
+ final PVPSProfilePendingRequest pvpRequest = (PVPSProfilePendingRequest) req;
try {
//get basic information
- PVPSProfileRequest moaRequest = (PVPSProfileRequest) pvpRequest.getRequest();
- AuthnRequest authnRequest = (AuthnRequest) moaRequest.getSamlRequest();
- EntityDescriptor peerEntity = moaRequest.getEntityMetadata(metadataProvider);
+ final PVPSProfileRequest moaRequest = (PVPSProfileRequest) pvpRequest.getRequest();
+ final AuthnRequest authnRequest = (AuthnRequest) moaRequest.getSamlRequest();
+ final EntityDescriptor peerEntity = moaRequest.getEntityMetadata(metadataProvider);
- AssertionConsumerService consumerService =
+ final AssertionConsumerService consumerService =
SAML2Utils.createSAMLObject(AssertionConsumerService.class);
consumerService.setBinding(pvpRequest.getBinding());
consumerService.setLocation(pvpRequest.getConsumerURL());
- DateTime date = new DateTime();
- SLOInformationImpl sloInformation = new SLOInformationImpl();
- String issuerEntityID = pvpBasicConfiguration.getIDPEntityId(pvpRequest.getAuthURL());
+ final DateTime date = new DateTime();
+ final SLOInformationImpl sloInformation = new SLOInformationImpl();
+ final String issuerEntityID = pvpBasicConfiguration.getIDPEntityId(pvpRequest.getAuthURL());
//build Assertion
- Assertion assertion = assertionBuilder.buildAssertion(issuerEntityID, pvpRequest, authnRequest, authData,
+ final Assertion assertion = assertionBuilder.buildAssertion(issuerEntityID, pvpRequest, authnRequest, authData,
peerEntity, date, consumerService, sloInformation);
- Response authResponse = AuthResponseBuilder.buildResponse(
+ final Response authResponse = AuthResponseBuilder.buildResponse(
metadataProvider, issuerEntityID, authnRequest,
- date, assertion, authConfig.getBasicMOAIDConfigurationBoolean(
+ date, assertion, authConfig.getBasicConfigurationBoolean(
CONFIG_PROPERTY_PVP2_ENABLE_ENCRYPTION, true));
IEncoder binding = null;
@@ -148,11 +149,11 @@ public class AuthenticationAction implements IAction {
log.warn("Message Encoding exception", e);
throw new ResponderErrorException("pvp2.01", null, e);
- } catch (EAAFException e) {
+ } catch (final EAAFException e) {
log.info("Response generation error: Msg: ", e.getMessage());
throw new ResponderErrorException(e.getErrorId(), e.getParams(), e);
- } catch (Exception e) {
+ } catch (final Exception e) {
log.warn("Response generation error", e);
throw new ResponderErrorException("pvp2.01", null, e);
@@ -160,11 +161,13 @@ public class AuthenticationAction implements IAction {
}
+ @Override
public boolean needAuthentication(IRequest req, HttpServletRequest httpReq,
HttpServletResponse httpResp) {
return true;
}
+ @Override
public String getDefaultActionName() {
return "PVPAuthenticationRequestAction";
diff --git a/pom.xml b/pom.xml
index 590c5f57..dd957eb9 100644
--- a/pom.xml
+++ b/pom.xml
@@ -50,7 +50,8 @@
<org.opensaml.version>2.6.6</org.opensaml.version>
<org.opensaml.xmltooling.version>1.4.6</org.opensaml.xmltooling.version>
<org.opensaml.openws.version>1.5.6</org.opensaml.openws.version>
- <org.apache.santuario.xmlsec.version>2.1.2</org.apache.santuario.xmlsec.version>
+ <org.apache.santuario.xmlsec.version>2.1.3</org.apache.santuario.xmlsec.version>
+ <org.bouncycastle.bcprov-jdk15on.version>1.61</org.bouncycastle.bcprov-jdk15on.version>
<org.owasp.esapi.version>2.1.0.1</org.owasp.esapi.version>
<surefire.version>2.22.0</surefire.version>
<org.slf4j.version>1.7.25</org.slf4j.version>
@@ -310,6 +311,12 @@
<version>${org.apache.santuario.xmlsec.version}</version>
</dependency>
<dependency>
+ <groupId>org.bouncycastle</groupId>
+ <artifactId>bcprov-jdk15on</artifactId>
+ <version>${org.bouncycastle.bcprov-jdk15on.version}</version>
+ </dependency>
+
+ <dependency>
<groupId>org.owasp.esapi</groupId>
<artifactId>esapi</artifactId>
<version>${org.owasp.esapi.version}</version>