summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorThomas Lenz <thomas.lenz@egiz.gv.at>2020-01-28 16:24:27 +0100
committerThomas Lenz <thomas.lenz@egiz.gv.at>2020-01-28 16:24:27 +0100
commit0cf9926282ba4aa46bad3f4e8020cec72683492f (patch)
treef9d516bc2b20f2e67f172b5628705fc152eeedbd
parent4fa0cebed0438e0c00ce692424868c532490b95c (diff)
downloadEAAF-Components-0cf9926282ba4aa46bad3f4e8020cec72683492f.tar.gz
EAAF-Components-0cf9926282ba4aa46bad3f4e8020cec72683492f.tar.bz2
EAAF-Components-0cf9926282ba4aa46bad3f4e8020cec72683492f.zip
first steps in openSAML3 refactoring
-rw-r--r--eaaf_modules/eaaf_module_pvp2_core/pom.xml144
-rw-r--r--eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/PvpConstants.java72
-rw-r--r--eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/IPvp2BasicConfiguration.java6
-rw-r--r--eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/binding/IDecoder.java11
-rw-r--r--eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/binding/IEncoder.java12
-rw-r--r--eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/metadata/IPvpMetadataBuilderConfiguration.java12
-rw-r--r--eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/reqattr/EaafRequestedAttribute.java13
-rw-r--r--eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/reqattr/EaafRequestedAttributes.java4
-rw-r--r--eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/validation/IAuthnRequestPostProcessor.java4
-rw-r--r--eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/validation/ISamlValidator.java4
-rw-r--r--eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/BindingNotSupportedException.java4
-rw-r--r--eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/InvalidDateFormatException.java4
-rw-r--r--eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/NameIdFormatNotSupportedException.java6
-rw-r--r--eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/NoMetadataInformationException.java4
-rw-r--r--eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/Pvp2Exception.java6
-rw-r--r--eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/QaaNotAllowedException.java4
-rw-r--r--eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/QaaNotSupportedException.java4
-rw-r--r--eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/SamlMetadataSignatureException.java6
-rw-r--r--eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/SignatureValidationException.java2
-rw-r--r--eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/PostBinding.java58
-rw-r--r--eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/RedirectBinding.java56
-rw-r--r--eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/SoapBinding.java48
-rw-r--r--eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/CitizenTokenBuilder.java18
-rw-r--r--eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/PvpAttributeBuilder.java10
-rw-r--r--eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/PvpMetadataBuilder.java65
-rw-r--r--eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/SamlAttributeGenerator.java18
-rw-r--r--eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/utils/AbstractCredentialProvider.java67
-rw-r--r--eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/metadata/PvpEntityCategoryFilter.java6
-rw-r--r--pom.xml20
29 files changed, 351 insertions, 337 deletions
diff --git a/eaaf_modules/eaaf_module_pvp2_core/pom.xml b/eaaf_modules/eaaf_module_pvp2_core/pom.xml
index c91c20ed..abf2ebe5 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/pom.xml
+++ b/eaaf_modules/eaaf_module_pvp2_core/pom.xml
@@ -1,6 +1,8 @@
<?xml version="1.0"?>
-<project xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd" xmlns="http://maven.apache.org/POM/4.0.0"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+<project
+ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"
+ xmlns="http://maven.apache.org/POM/4.0.0"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>at.gv.egiz.eaaf</groupId>
@@ -13,74 +15,60 @@
<properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
</properties>
-
+
<dependencies>
- <dependency>
- <groupId>at.gv.egiz.eaaf</groupId>
- <artifactId>eaaf-core</artifactId>
- <version>${egiz.eaaf.version}</version>
- </dependency>
-
- <dependency>
- <groupId>org.opensaml</groupId>
- <artifactId>opensaml</artifactId>
- <exclusions>
- <exclusion>
- <groupId>org.slf4j</groupId>
- <artifactId>log4j-over-slf4j</artifactId>
- </exclusion>
- </exclusions>
- </dependency>
- <dependency>
- <groupId>org.opensaml</groupId>
- <artifactId>xmltooling</artifactId>
- <exclusions>
- <exclusion>
- <groupId>org.slf4j</groupId>
- <artifactId>log4j-over-slf4j</artifactId>
- </exclusion>
- </exclusions>
- </dependency>
- <dependency>
- <groupId>org.opensaml</groupId>
- <artifactId>openws</artifactId>
- <exclusions>
- <exclusion>
- <groupId>org.slf4j</groupId>
- <artifactId>log4j-over-slf4j</artifactId>
- </exclusion>
- </exclusions>
- </dependency>
- <dependency>
- <groupId>org.apache.santuario</groupId>
- <artifactId>xmlsec</artifactId>
- </dependency>
- <dependency>
- <groupId>org.bouncycastle</groupId>
- <artifactId>bcprov-jdk15on</artifactId>
- </dependency>
-
- <dependency>
- <groupId>org.owasp.esapi</groupId>
- <artifactId>esapi</artifactId>
- </dependency>
- <dependency>
- <groupId>javax.servlet</groupId>
- <artifactId>javax.servlet-api</artifactId>
- <scope>provided</scope>
- </dependency>
-
- <!-- Testing -->
+ <dependency>
+ <groupId>at.gv.egiz.eaaf</groupId>
+ <artifactId>eaaf-core</artifactId>
+ <version>${egiz.eaaf.version}</version>
+ </dependency>
+
+ <dependency>
+ <groupId>org.opensaml</groupId>
+ <artifactId>opensaml-core</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.opensaml</groupId>
+ <artifactId>opensaml-saml-impl</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.opensaml</groupId>
+ <artifactId>opensaml-xmlsec-api</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.opensaml</groupId>
+ <artifactId>opensaml-xmlsec-impl</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.santuario</groupId>
+ <artifactId>xmlsec</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.bouncycastle</groupId>
+ <artifactId>bcprov-jdk15on</artifactId>
+ </dependency>
+
+ <dependency>
+ <groupId>org.owasp.esapi</groupId>
+ <artifactId>esapi</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>javax.servlet</groupId>
+ <artifactId>javax.servlet-api</artifactId>
+ <scope>provided</scope>
+ </dependency>
+
+ <!-- Testing -->
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<scope>test</scope>
</dependency>
</dependencies>
-
+
<build>
<finalName>eaaf_module_pvp2_core</finalName>
-
+
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
@@ -91,24 +79,24 @@
<target>1.8</target>
</configuration>
</plugin>
-
+
<!-- enable co-existence of testng and junit -->
- <plugin>
- <artifactId>maven-surefire-plugin</artifactId>
- <version>${surefire.version}</version>
- <configuration>
- <threadCount>1</threadCount>
- <argLine>--add-modules java.xml.bind</argLine>
- </configuration>
- <dependencies>
- <dependency>
- <groupId>org.apache.maven.surefire</groupId>
- <artifactId>surefire-junit47</artifactId>
- <version>${surefire.version}</version>
- </dependency>
- </dependencies>
- </plugin>
-
+ <plugin>
+ <artifactId>maven-surefire-plugin</artifactId>
+ <version>${surefire.version}</version>
+ <configuration>
+ <threadCount>1</threadCount>
+ <argLine>--add-modules java.xml.bind</argLine>
+ </configuration>
+ <dependencies>
+ <dependency>
+ <groupId>org.apache.maven.surefire</groupId>
+ <artifactId>surefire-junit47</artifactId>
+ <version>${surefire.version}</version>
+ </dependency>
+ </dependencies>
+ </plugin>
+
</plugins>
</build>
</project>
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/PvpConstants.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/PvpConstants.java
index b271b46d..979a61d5 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/PvpConstants.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/PvpConstants.java
@@ -25,11 +25,11 @@ import java.util.List;
import javax.xml.namespace.QName;
-import org.opensaml.xml.encryption.EncryptionConstants;
-import org.opensaml.xml.signature.SignatureConstants;
-
import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions;
-import at.gv.egiz.eaaf.core.impl.data.Trible;
+import at.gv.egiz.eaaf.core.impl.data.Triple;
+
+import org.opensaml.xmlsec.encryption.support.EncryptionConstants;
+import org.opensaml.xmlsec.signature.support.SignatureConstants;
public interface PvpConstants extends PvpAttributeDefinitions {
@@ -60,22 +60,22 @@ public interface PvpConstants extends PvpAttributeDefinitions {
* Second: FriendlyName Third: Required.
*
*/
- List<Trible<String, String, Boolean>> EGOVTOKEN_PVP_ATTRIBUTES =
- Collections.unmodifiableList(new ArrayList<Trible<String, String, Boolean>>() {
+ List<Triple<String, String, Boolean>> EGOVTOKEN_PVP_ATTRIBUTES =
+ Collections.unmodifiableList(new ArrayList<Triple<String, String, Boolean>>() {
private static final long serialVersionUID = 1L;
{
// currently supported attributes
- add(Trible.newInstance(PVP_VERSION_NAME, PVP_VERSION_FRIENDLY_NAME, true));
- add(Trible.newInstance(PRINCIPAL_NAME_NAME, PRINCIPAL_NAME_FRIENDLY_NAME, true));
+ add(Triple.newInstance(PVP_VERSION_NAME, PVP_VERSION_FRIENDLY_NAME, true));
+ add(Triple.newInstance(PRINCIPAL_NAME_NAME, PRINCIPAL_NAME_FRIENDLY_NAME, true));
// currently not supported attributes
- add(Trible.newInstance(USERID_NAME, USERID_FRIENDLY_NAME, false));
- add(Trible.newInstance(GID_NAME, GID_FRIENDLY_NAME, false));
- add(Trible.newInstance(PARTICIPANT_ID_NAME, PARTICIPANT_ID_FRIENDLY_NAME, false));
- add(Trible.newInstance(OU_GV_OU_ID_NAME, OU_GV_OU_ID_FRIENDLY_NAME, false));
- add(Trible.newInstance(OU_NAME, OU_FRIENDLY_NAME, false));
- add(Trible.newInstance(SECCLASS_NAME, SECCLASS_FRIENDLY_NAME, false));
+ add(Triple.newInstance(USERID_NAME, USERID_FRIENDLY_NAME, false));
+ add(Triple.newInstance(GID_NAME, GID_FRIENDLY_NAME, false));
+ add(Triple.newInstance(PARTICIPANT_ID_NAME, PARTICIPANT_ID_FRIENDLY_NAME, false));
+ add(Triple.newInstance(OU_GV_OU_ID_NAME, OU_GV_OU_ID_FRIENDLY_NAME, false));
+ add(Triple.newInstance(OU_NAME, OU_FRIENDLY_NAME, false));
+ add(Triple.newInstance(SECCLASS_NAME, SECCLASS_FRIENDLY_NAME, false));
}
});
@@ -85,45 +85,45 @@ public interface PvpConstants extends PvpAttributeDefinitions {
* Second: FriendlyName Third: Required.
*
*/
- List<Trible<String, String, Boolean>> CITIZENTOKEN_PVP_ATTRIBUTES =
- Collections.unmodifiableList(new ArrayList<Trible<String, String, Boolean>>() {
+ List<Triple<String, String, Boolean>> CITIZENTOKEN_PVP_ATTRIBUTES =
+ Collections.unmodifiableList(new ArrayList<Triple<String, String, Boolean>>() {
private static final long serialVersionUID = -5947165770657082581L;
{
// required attributes - eIDAS minimal-data set
- add(Trible.newInstance(PVP_VERSION_NAME, PVP_VERSION_FRIENDLY_NAME, true));
- add(Trible.newInstance(PRINCIPAL_NAME_NAME, PRINCIPAL_NAME_FRIENDLY_NAME, true));
- add(Trible.newInstance(GIVEN_NAME_NAME, GIVEN_NAME_FRIENDLY_NAME, true));
- add(Trible.newInstance(BIRTHDATE_NAME, BIRTHDATE_FRIENDLY_NAME, true));
- add(Trible.newInstance(BPK_NAME, BPK_FRIENDLY_NAME, true));
+ add(Triple.newInstance(PVP_VERSION_NAME, PVP_VERSION_FRIENDLY_NAME, true));
+ add(Triple.newInstance(PRINCIPAL_NAME_NAME, PRINCIPAL_NAME_FRIENDLY_NAME, true));
+ add(Triple.newInstance(GIVEN_NAME_NAME, GIVEN_NAME_FRIENDLY_NAME, true));
+ add(Triple.newInstance(BIRTHDATE_NAME, BIRTHDATE_FRIENDLY_NAME, true));
+ add(Triple.newInstance(BPK_NAME, BPK_FRIENDLY_NAME, true));
// not required attributes
- add(Trible.newInstance(EID_CITIZEN_EIDAS_QAA_LEVEL_NAME,
+ add(Triple.newInstance(EID_CITIZEN_EIDAS_QAA_LEVEL_NAME,
EID_CITIZEN_EIDAS_QAA_LEVEL_FRIENDLY_NAME, false));
- add(Trible.newInstance(EID_ISSUING_NATION_NAME, EID_ISSUING_NATION_FRIENDLY_NAME, false));
- add(Trible.newInstance(EID_SECTOR_FOR_IDENTIFIER_NAME,
+ add(Triple.newInstance(EID_ISSUING_NATION_NAME, EID_ISSUING_NATION_FRIENDLY_NAME, false));
+ add(Triple.newInstance(EID_SECTOR_FOR_IDENTIFIER_NAME,
EID_SECTOR_FOR_IDENTIFIER_FRIENDLY_NAME, false));
- add(Trible.newInstance(MANDATE_TYPE_NAME, MANDATE_TYPE_FRIENDLY_NAME, false));
- add(Trible.newInstance(MANDATE_TYPE_OID_NAME, MANDATE_TYPE_OID_FRIENDLY_NAME, false));
- add(Trible.newInstance(MANDATE_LEG_PER_SOURCE_PIN_NAME,
+ add(Triple.newInstance(MANDATE_TYPE_NAME, MANDATE_TYPE_FRIENDLY_NAME, false));
+ add(Triple.newInstance(MANDATE_TYPE_OID_NAME, MANDATE_TYPE_OID_FRIENDLY_NAME, false));
+ add(Triple.newInstance(MANDATE_LEG_PER_SOURCE_PIN_NAME,
MANDATE_LEG_PER_SOURCE_PIN_FRIENDLY_NAME, false));
- add(Trible.newInstance(MANDATE_LEG_PER_SOURCE_PIN_TYPE_NAME,
+ add(Triple.newInstance(MANDATE_LEG_PER_SOURCE_PIN_TYPE_NAME,
MANDATE_LEG_PER_SOURCE_PIN_TYPE_FRIENDLY_NAME, false));
- add(Trible.newInstance(MANDATE_NAT_PER_BPK_NAME, MANDATE_NAT_PER_BPK_FRIENDLY_NAME,
+ add(Triple.newInstance(MANDATE_NAT_PER_BPK_NAME, MANDATE_NAT_PER_BPK_FRIENDLY_NAME,
false));
- add(Trible.newInstance(MANDATE_NAT_PER_GIVEN_NAME_NAME,
+ add(Triple.newInstance(MANDATE_NAT_PER_GIVEN_NAME_NAME,
MANDATE_NAT_PER_GIVEN_NAME_FRIENDLY_NAME, false));
- add(Trible.newInstance(MANDATE_NAT_PER_FAMILY_NAME_NAME,
+ add(Triple.newInstance(MANDATE_NAT_PER_FAMILY_NAME_NAME,
MANDATE_NAT_PER_FAMILY_NAME_FRIENDLY_NAME, false));
- add(Trible.newInstance(MANDATE_NAT_PER_BIRTHDATE_NAME,
+ add(Triple.newInstance(MANDATE_NAT_PER_BIRTHDATE_NAME,
MANDATE_NAT_PER_BIRTHDATE_FRIENDLY_NAME, false));
- add(Trible.newInstance(MANDATE_LEG_PER_FULL_NAME_NAME,
+ add(Triple.newInstance(MANDATE_LEG_PER_FULL_NAME_NAME,
MANDATE_LEG_PER_FULL_NAME_FRIENDLY_NAME, false));
- add(Trible.newInstance(MANDATE_PROF_REP_OID_NAME, MANDATE_PROF_REP_OID_FRIENDLY_NAME,
+ add(Triple.newInstance(MANDATE_PROF_REP_OID_NAME, MANDATE_PROF_REP_OID_FRIENDLY_NAME,
false));
- add(Trible.newInstance(MANDATE_PROF_REP_DESC_NAME, MANDATE_PROF_REP_DESC_FRIENDLY_NAME,
+ add(Triple.newInstance(MANDATE_PROF_REP_DESC_NAME, MANDATE_PROF_REP_DESC_FRIENDLY_NAME,
false));
- add(Trible.newInstance(MANDATE_REFERENCE_VALUE_NAME,
+ add(Triple.newInstance(MANDATE_REFERENCE_VALUE_NAME,
MANDATE_REFERENCE_VALUE_FRIENDLY_NAME, false));
}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/IPvp2BasicConfiguration.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/IPvp2BasicConfiguration.java
index f17b6924..08ff2d8e 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/IPvp2BasicConfiguration.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/IPvp2BasicConfiguration.java
@@ -21,11 +21,11 @@ package at.gv.egiz.eaaf.modules.pvp2.api;
import java.util.List;
-import org.opensaml.saml2.metadata.ContactPerson;
-import org.opensaml.saml2.metadata.Organization;
-
import at.gv.egiz.eaaf.core.exceptions.EaafException;
+import org.opensaml.saml.saml2.metadata.ContactPerson;
+import org.opensaml.saml.saml2.metadata.Organization;
+
public interface IPvp2BasicConfiguration {
String getIdpEntityId(String authUrl) throws EaafException;
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/binding/IDecoder.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/binding/IDecoder.java
index 89e6a384..57dd63bf 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/binding/IDecoder.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/binding/IDecoder.java
@@ -22,14 +22,15 @@ package at.gv.egiz.eaaf.modules.pvp2.api.binding;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
-import org.opensaml.common.binding.decoding.URIComparator;
-import org.opensaml.saml2.metadata.provider.MetadataProvider;
-import org.opensaml.ws.message.decoder.MessageDecodingException;
-import org.opensaml.xml.security.SecurityException;
-
import at.gv.egiz.eaaf.modules.pvp2.api.message.InboundMessageInterface;
import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2Exception;
+import org.opensaml.messaging.decoder.MessageDecodingException;
+import org.opensaml.saml2.metadata.provider.MetadataProvider;
+import org.opensaml.security.SecurityException;
+
+import net.shibboleth.utilities.java.support.net.URIComparator;
+
public interface IDecoder {
InboundMessageInterface decode(HttpServletRequest req, HttpServletResponse resp,
MetadataProvider metadataProvider, boolean isSpEndPoint, URIComparator comparator)
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/binding/IEncoder.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/binding/IEncoder.java
index fcab5fd8..01f541a9 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/binding/IEncoder.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/binding/IEncoder.java
@@ -22,15 +22,15 @@ package at.gv.egiz.eaaf.modules.pvp2.api.binding;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
-import org.opensaml.saml2.core.RequestAbstractType;
-import org.opensaml.saml2.core.StatusResponseType;
-import org.opensaml.ws.message.encoder.MessageEncodingException;
-import org.opensaml.xml.security.SecurityException;
-import org.opensaml.xml.security.credential.Credential;
-
import at.gv.egiz.eaaf.core.api.IRequest;
import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2Exception;
+import org.opensaml.messaging.encoder.MessageEncodingException;
+import org.opensaml.saml.saml2.core.RequestAbstractType;
+import org.opensaml.saml.saml2.core.StatusResponseType;
+import org.opensaml.security.SecurityException;
+import org.opensaml.security.credential.Credential;
+
public interface IEncoder {
/**
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/metadata/IPvpMetadataBuilderConfiguration.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/metadata/IPvpMetadataBuilderConfiguration.java
index ab39fefb..72cb3f3c 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/metadata/IPvpMetadataBuilderConfiguration.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/metadata/IPvpMetadataBuilderConfiguration.java
@@ -22,14 +22,14 @@ package at.gv.egiz.eaaf.modules.pvp2.api.metadata;
import java.util.Collection;
import java.util.List;
-import org.opensaml.saml2.core.Attribute;
-import org.opensaml.saml2.metadata.ContactPerson;
-import org.opensaml.saml2.metadata.Organization;
-import org.opensaml.saml2.metadata.RequestedAttribute;
-import org.opensaml.xml.security.credential.Credential;
-
import at.gv.egiz.eaaf.modules.pvp2.exception.CredentialsNotAvailableException;
+import org.opensaml.saml.saml2.core.Attribute;
+import org.opensaml.saml.saml2.metadata.ContactPerson;
+import org.opensaml.saml.saml2.metadata.Organization;
+import org.opensaml.saml.saml2.metadata.RequestedAttribute;
+import org.opensaml.security.credential.Credential;
+
/**
* PVP Metadata builder configuration.
*
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/reqattr/EaafRequestedAttribute.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/reqattr/EaafRequestedAttribute.java
index fe908869..ae5fccea 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/reqattr/EaafRequestedAttribute.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/reqattr/EaafRequestedAttribute.java
@@ -23,15 +23,16 @@ import java.util.List;
import javax.xml.namespace.QName;
-import org.opensaml.common.SAMLObject;
-import org.opensaml.xml.AttributeExtensibleXMLObject;
-import org.opensaml.xml.XMLObject;
-import org.opensaml.xml.schema.XSBooleanValue;
-
import at.gv.egiz.eaaf.modules.pvp2.PvpConstants;
+import org.opensaml.core.xml.AttributeExtensibleXMLObject;
+import org.opensaml.core.xml.XMLObject;
+import org.opensaml.core.xml.schema.XSBooleanValue;
+import org.opensaml.saml.common.SAMLObject;
+import org.opensaml.saml.saml2.metadata.RequestedAttribute;
+
public interface EaafRequestedAttribute extends SAMLObject, AttributeExtensibleXMLObject,
- org.opensaml.saml2.metadata.RequestedAttribute {
+ RequestedAttribute {
/** Element local name. */
String DEF_LOCAL_NAME = "RequestedAttribute";
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/reqattr/EaafRequestedAttributes.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/reqattr/EaafRequestedAttributes.java
index 4c168b31..6e8d6202 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/reqattr/EaafRequestedAttributes.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/reqattr/EaafRequestedAttributes.java
@@ -23,10 +23,10 @@ import java.util.List;
import javax.xml.namespace.QName;
-import org.opensaml.common.SAMLObject;
-
import at.gv.egiz.eaaf.modules.pvp2.PvpConstants;
+import org.opensaml.saml.common.SAMLObject;
+
public interface EaafRequestedAttributes extends SAMLObject {
/** The Constant DEFAULT_ELEMENT_LOCAL_NAME. */
String DEF_LOCAL_NAME = "RequestedAttributes";
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/validation/IAuthnRequestPostProcessor.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/validation/IAuthnRequestPostProcessor.java
index b23c230e..2e84413e 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/validation/IAuthnRequestPostProcessor.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/validation/IAuthnRequestPostProcessor.java
@@ -24,8 +24,8 @@ import javax.servlet.http.HttpServletRequest;
import at.gv.egiz.eaaf.core.api.IRequest;
import at.gv.egiz.eaaf.core.exceptions.AuthnRequestValidatorException;
-import org.opensaml.saml2.core.AuthnRequest;
-import org.opensaml.saml2.metadata.SPSSODescriptor;
+import org.opensaml.saml.saml2.core.AuthnRequest;
+import org.opensaml.saml.saml2.metadata.SPSSODescriptor;
/**
* SAML2 Authn. request post-processor.
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/validation/ISamlValidator.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/validation/ISamlValidator.java
index 3454e890..9042d874 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/validation/ISamlValidator.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/validation/ISamlValidator.java
@@ -19,10 +19,10 @@
package at.gv.egiz.eaaf.modules.pvp2.api.validation;
-import org.opensaml.saml2.core.RequestAbstractType;
-
import at.gv.egiz.eaaf.core.exceptions.EaafException;
+import org.opensaml.saml.saml2.core.RequestAbstractType;
+
public interface ISamlValidator {
void validateRequest(RequestAbstractType request) throws EaafException;
}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/BindingNotSupportedException.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/BindingNotSupportedException.java
index 2273d343..cc01aa43 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/BindingNotSupportedException.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/BindingNotSupportedException.java
@@ -19,7 +19,7 @@
package at.gv.egiz.eaaf.modules.pvp2.exception;
-import org.opensaml.saml2.core.StatusCode;
+import org.opensaml.saml.saml2.core.StatusCode;
public class BindingNotSupportedException extends Pvp2Exception {
@@ -27,7 +27,7 @@ public class BindingNotSupportedException extends Pvp2Exception {
public BindingNotSupportedException(final String binding) {
super("pvp2.11", new Object[] { binding });
- this.statusCodeValue = StatusCode.UNSUPPORTED_BINDING_URI;
+ this.statusCodeValue = StatusCode.UNSUPPORTED_BINDING;
}
}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/InvalidDateFormatException.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/InvalidDateFormatException.java
index 538279b5..b71ab2c6 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/InvalidDateFormatException.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/InvalidDateFormatException.java
@@ -19,7 +19,7 @@
package at.gv.egiz.eaaf.modules.pvp2.exception;
-import org.opensaml.saml2.core.StatusCode;
+import org.opensaml.saml.saml2.core.StatusCode;
public class InvalidDateFormatException extends Pvp2Exception {
@@ -27,7 +27,7 @@ public class InvalidDateFormatException extends Pvp2Exception {
public InvalidDateFormatException() {
super("pvp2.02", null);
- this.statusCodeValue = StatusCode.REQUESTER_URI;
+ this.statusCodeValue = StatusCode.REQUESTER;
}
}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/NameIdFormatNotSupportedException.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/NameIdFormatNotSupportedException.java
index a5b5ed33..57f40e8f 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/NameIdFormatNotSupportedException.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/NameIdFormatNotSupportedException.java
@@ -19,10 +19,10 @@
package at.gv.egiz.eaaf.modules.pvp2.exception;
-import org.opensaml.saml2.core.StatusCode;
-
import at.gv.egiz.eaaf.core.exceptions.AuthnRequestValidatorException;
+import org.opensaml.saml.saml2.core.StatusCode;
+
public class NameIdFormatNotSupportedException extends AuthnRequestValidatorException {
private static final long serialVersionUID = -2270762519437873336L;
@@ -34,7 +34,7 @@ public class NameIdFormatNotSupportedException extends AuthnRequestValidatorExce
*/
public NameIdFormatNotSupportedException(final String nameIdFormat) {
super("pvp2.12", new Object[] { nameIdFormat });
- statusCodeValue = StatusCode.INVALID_NAMEID_POLICY_URI;
+ statusCodeValue = StatusCode.INVALID_NAMEID_POLICY;
}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/NoMetadataInformationException.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/NoMetadataInformationException.java
index 002a946c..16dfa09f 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/NoMetadataInformationException.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/NoMetadataInformationException.java
@@ -19,7 +19,7 @@
package at.gv.egiz.eaaf.modules.pvp2.exception;
-import org.opensaml.saml2.core.StatusCode;
+import org.opensaml.saml.saml2.core.StatusCode;
public class NoMetadataInformationException extends Pvp2Exception {
@@ -27,7 +27,7 @@ public class NoMetadataInformationException extends Pvp2Exception {
public NoMetadataInformationException() {
super("pvp2.15", null);
- this.statusCodeValue = StatusCode.UNKNOWN_PRINCIPAL_URI;
+ this.statusCodeValue = StatusCode.UNKNOWN_PRINCIPAL;
}
}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/Pvp2Exception.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/Pvp2Exception.java
index dcbda8b5..54d0c5ef 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/Pvp2Exception.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/Pvp2Exception.java
@@ -19,14 +19,14 @@
package at.gv.egiz.eaaf.modules.pvp2.exception;
-import org.opensaml.saml2.core.StatusCode;
-
import at.gv.egiz.eaaf.core.exceptions.EaafException;
+import org.opensaml.saml.saml2.core.StatusCode;
+
public abstract class Pvp2Exception extends EaafException {
private static final long serialVersionUID = 7669537952484421069L;
- protected String statusCodeValue = StatusCode.RESPONDER_URI;
+ protected String statusCodeValue = StatusCode.RESPONDER;
protected String statusMessageValue = null;
public Pvp2Exception(final String messageId, final Object[] parameters, final Throwable wrapped) {
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/QaaNotAllowedException.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/QaaNotAllowedException.java
index 9620a5ea..5f109b67 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/QaaNotAllowedException.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/QaaNotAllowedException.java
@@ -19,7 +19,7 @@
package at.gv.egiz.eaaf.modules.pvp2.exception;
-import org.opensaml.saml2.core.StatusCode;
+import org.opensaml.saml.saml2.core.StatusCode;
public class QaaNotAllowedException extends Pvp2Exception {
@@ -27,6 +27,6 @@ public class QaaNotAllowedException extends Pvp2Exception {
public QaaNotAllowedException(final String qaaAuth, final String qaaRequest, final String mode) {
super("pvp2.17", new Object[] { qaaAuth, qaaRequest, mode });
- this.statusCodeValue = StatusCode.REQUESTER_URI;
+ this.statusCodeValue = StatusCode.REQUESTER;
}
}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/QaaNotSupportedException.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/QaaNotSupportedException.java
index 8824ca63..fce44542 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/QaaNotSupportedException.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/QaaNotSupportedException.java
@@ -19,7 +19,7 @@
package at.gv.egiz.eaaf.modules.pvp2.exception;
-import org.opensaml.saml2.core.StatusCode;
+import org.opensaml.saml.saml2.core.StatusCode;
public class QaaNotSupportedException extends Pvp2Exception {
@@ -27,7 +27,7 @@ public class QaaNotSupportedException extends Pvp2Exception {
public QaaNotSupportedException(final String qaa) {
super("pvp2.05", new Object[] { qaa });
- this.statusCodeValue = StatusCode.REQUESTER_URI;
+ this.statusCodeValue = StatusCode.REQUESTER;
}
}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/SamlMetadataSignatureException.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/SamlMetadataSignatureException.java
index e27c5b1d..711fa41f 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/SamlMetadataSignatureException.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/SamlMetadataSignatureException.java
@@ -19,19 +19,19 @@
package at.gv.egiz.eaaf.modules.pvp2.exception;
-import org.opensaml.saml2.core.StatusCode;
+import org.opensaml.saml.saml2.core.StatusCode;
public class SamlMetadataSignatureException extends Pvp2Exception {
private static final long serialVersionUID = 1L;
public SamlMetadataSignatureException() {
super("pvp2.25", null);
- this.statusCodeValue = StatusCode.REQUESTER_URI;
+ this.statusCodeValue = StatusCode.REQUESTER;
}
public SamlMetadataSignatureException(final Throwable e) {
super("pvp2.25", null, e);
- this.statusCodeValue = StatusCode.REQUESTER_URI;
+ this.statusCodeValue = StatusCode.REQUESTER;
}
}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/SignatureValidationException.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/SignatureValidationException.java
index 0abfa5b2..6a39336c 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/SignatureValidationException.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/SignatureValidationException.java
@@ -19,7 +19,7 @@
package at.gv.egiz.eaaf.modules.pvp2.exception;
-import org.opensaml.saml2.metadata.provider.FilterException;
+import org.opensaml.saml.metadata.resolver.filter.FilterException;
public class SignatureValidationException extends FilterException {
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/PostBinding.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/PostBinding.java
index 4e642a8a..251f6081 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/PostBinding.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/PostBinding.java
@@ -22,34 +22,6 @@ package at.gv.egiz.eaaf.modules.pvp2.impl.binding;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
-import org.apache.commons.lang3.StringUtils;
-import org.opensaml.common.SAMLObject;
-import org.opensaml.common.binding.BasicSAMLMessageContext;
-import org.opensaml.common.binding.decoding.URIComparator;
-import org.opensaml.common.xml.SAMLConstants;
-import org.opensaml.saml2.binding.decoding.HTTPPostDecoder;
-import org.opensaml.saml2.core.RequestAbstractType;
-import org.opensaml.saml2.core.StatusResponseType;
-import org.opensaml.saml2.metadata.IDPSSODescriptor;
-import org.opensaml.saml2.metadata.SPSSODescriptor;
-import org.opensaml.saml2.metadata.SingleSignOnService;
-import org.opensaml.saml2.metadata.impl.SingleSignOnServiceBuilder;
-import org.opensaml.saml2.metadata.provider.MetadataProvider;
-import org.opensaml.ws.message.decoder.MessageDecodingException;
-import org.opensaml.ws.message.encoder.MessageEncodingException;
-import org.opensaml.ws.security.SecurityPolicyResolver;
-import org.opensaml.ws.security.provider.BasicSecurityPolicy;
-import org.opensaml.ws.security.provider.StaticSecurityPolicyResolver;
-import org.opensaml.ws.transport.http.HttpServletRequestAdapter;
-import org.opensaml.ws.transport.http.HttpServletResponseAdapter;
-import org.opensaml.xml.parse.BasicParserPool;
-import org.opensaml.xml.security.SecurityException;
-import org.opensaml.xml.security.credential.Credential;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.stereotype.Service;
-
import at.gv.egiz.eaaf.core.api.IRequest;
import at.gv.egiz.eaaf.core.api.gui.IGuiBuilderConfigurationFactory;
import at.gv.egiz.eaaf.core.api.gui.IVelocityGuiBuilderConfiguration;
@@ -68,6 +40,32 @@ import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafDefaultSaml2Boo
import at.gv.egiz.eaaf.modules.pvp2.impl.validation.TrustEngineFactory;
import at.gv.egiz.eaaf.modules.pvp2.impl.verification.PvpSignedRequestPolicyRule;
+import org.apache.commons.lang3.StringUtils;
+import org.opensaml.common.binding.BasicSAMLMessageContext;
+import org.opensaml.messaging.decoder.MessageDecodingException;
+import org.opensaml.messaging.encoder.MessageEncodingException;
+import org.opensaml.saml.common.SAMLObject;
+import org.opensaml.saml.common.xml.SAMLConstants;
+import org.opensaml.saml.saml2.binding.decoding.impl.HTTPPostDecoder;
+import org.opensaml.saml.saml2.core.StatusResponseType;
+import org.opensaml.saml.saml2.metadata.IDPSSODescriptor;
+import org.opensaml.saml.saml2.metadata.SPSSODescriptor;
+import org.opensaml.saml.saml2.metadata.SingleSignOnService;
+import org.opensaml.saml.saml2.metadata.impl.SingleSignOnServiceBuilder;
+import org.opensaml.saml2.metadata.provider.MetadataProvider;
+import org.opensaml.security.credential.Credential;
+import org.opensaml.ws.security.SecurityPolicyResolver;
+import org.opensaml.ws.security.provider.BasicSecurityPolicy;
+import org.opensaml.ws.security.provider.StaticSecurityPolicyResolver;
+import org.opensaml.ws.transport.http.HttpServletRequestAdapter;
+import org.opensaml.ws.transport.http.HttpServletResponseAdapter;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Service;
+
+import net.shibboleth.utilities.java.support.net.URIComparator;
+
@Service("PVPPOSTBinding")
public class PostBinding implements IDecoder, IEncoder {
private static final Logger log = LoggerFactory.getLogger(PostBinding.class);
@@ -168,7 +166,9 @@ public class PostBinding implements IDecoder, IEncoder {
final boolean isSpEndPoint, final URIComparator comparator)
throws MessageDecodingException, SecurityException {
- final HTTPPostDecoder decode = new HTTPPostDecoder(new BasicParserPool());
+ final HTTPPostDecoder decode = new HTTPPostDecoder();
+ decode.setHttpServletRequest(req);
+
final BasicSAMLMessageContext<SAMLObject, ?, ?> messageContext =
new BasicSAMLMessageContext<>();
messageContext.setInboundMessageTransport(new HttpServletRequestAdapter(req));
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/RedirectBinding.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/RedirectBinding.java
index eca1a072..559ee3b8 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/RedirectBinding.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/RedirectBinding.java
@@ -22,47 +22,47 @@ package at.gv.egiz.eaaf.modules.pvp2.impl.binding;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import at.gv.egiz.eaaf.core.api.IRequest;
+import at.gv.egiz.eaaf.modules.pvp2.PvpConstants;
+import at.gv.egiz.eaaf.modules.pvp2.api.binding.IDecoder;
+import at.gv.egiz.eaaf.modules.pvp2.api.binding.IEncoder;
+import at.gv.egiz.eaaf.modules.pvp2.api.message.InboundMessageInterface;
+import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IRefreshableMetadataProvider;
+import at.gv.egiz.eaaf.modules.pvp2.impl.message.InboundMessage;
+import at.gv.egiz.eaaf.modules.pvp2.impl.message.PvpSProfileRequest;
+import at.gv.egiz.eaaf.modules.pvp2.impl.message.PvpSProfileResponse;
+import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafDefaultSaml2Bootstrap;
+import at.gv.egiz.eaaf.modules.pvp2.impl.validation.TrustEngineFactory;
+import at.gv.egiz.eaaf.modules.pvp2.impl.verification.PvpAuthRequestSignedRole;
+
import org.apache.commons.lang3.StringUtils;
-import org.opensaml.common.SAMLObject;
import org.opensaml.common.binding.BasicSAMLMessageContext;
-import org.opensaml.common.binding.decoding.URIComparator;
-import org.opensaml.common.xml.SAMLConstants;
-import org.opensaml.saml2.binding.decoding.HTTPRedirectDeflateDecoder;
-import org.opensaml.saml2.binding.encoding.HTTPRedirectDeflateEncoder;
+import org.opensaml.messaging.decoder.MessageDecodingException;
+import org.opensaml.messaging.encoder.MessageEncodingException;
+import org.opensaml.saml.common.SAMLObject;
+import org.opensaml.saml.common.xml.SAMLConstants;
+import org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder;
+import org.opensaml.saml.saml2.binding.encoding.impl.HTTPRedirectDeflateEncoder;
+import org.opensaml.saml.saml2.core.RequestAbstractType;
+import org.opensaml.saml.saml2.core.StatusResponseType;
+import org.opensaml.saml.saml2.metadata.IDPSSODescriptor;
+import org.opensaml.saml.saml2.metadata.SPSSODescriptor;
+import org.opensaml.saml.saml2.metadata.SingleSignOnService;
+import org.opensaml.saml.saml2.metadata.impl.SingleSignOnServiceBuilder;
import org.opensaml.saml2.binding.security.SAML2HTTPRedirectDeflateSignatureRule;
-import org.opensaml.saml2.core.RequestAbstractType;
-import org.opensaml.saml2.core.StatusResponseType;
-import org.opensaml.saml2.metadata.IDPSSODescriptor;
-import org.opensaml.saml2.metadata.SPSSODescriptor;
-import org.opensaml.saml2.metadata.SingleSignOnService;
-import org.opensaml.saml2.metadata.impl.SingleSignOnServiceBuilder;
import org.opensaml.saml2.metadata.provider.MetadataProvider;
-import org.opensaml.ws.message.decoder.MessageDecodingException;
-import org.opensaml.ws.message.encoder.MessageEncodingException;
+import org.opensaml.security.credential.Credential;
import org.opensaml.ws.security.SecurityPolicyResolver;
import org.opensaml.ws.security.provider.BasicSecurityPolicy;
import org.opensaml.ws.security.provider.StaticSecurityPolicyResolver;
import org.opensaml.ws.transport.http.HttpServletRequestAdapter;
import org.opensaml.ws.transport.http.HttpServletResponseAdapter;
-import org.opensaml.xml.parse.BasicParserPool;
-import org.opensaml.xml.security.SecurityException;
-import org.opensaml.xml.security.credential.Credential;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Service;
-import at.gv.egiz.eaaf.core.api.IRequest;
-import at.gv.egiz.eaaf.modules.pvp2.PvpConstants;
-import at.gv.egiz.eaaf.modules.pvp2.api.binding.IDecoder;
-import at.gv.egiz.eaaf.modules.pvp2.api.binding.IEncoder;
-import at.gv.egiz.eaaf.modules.pvp2.api.message.InboundMessageInterface;
-import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IRefreshableMetadataProvider;
-import at.gv.egiz.eaaf.modules.pvp2.impl.message.InboundMessage;
-import at.gv.egiz.eaaf.modules.pvp2.impl.message.PvpSProfileRequest;
-import at.gv.egiz.eaaf.modules.pvp2.impl.message.PvpSProfileResponse;
-import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafDefaultSaml2Bootstrap;
-import at.gv.egiz.eaaf.modules.pvp2.impl.validation.TrustEngineFactory;
-import at.gv.egiz.eaaf.modules.pvp2.impl.verification.PvpAuthRequestSignedRole;
+import net.shibboleth.utilities.java.support.net.URIComparator;
+import net.shibboleth.utilities.java.support.xml.BasicParserPool;
@Service("PVPRedirectBinding")
public class RedirectBinding implements IDecoder, IEncoder {
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/SoapBinding.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/SoapBinding.java
index f56078e5..04266d37 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/SoapBinding.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/SoapBinding.java
@@ -24,31 +24,6 @@ import java.util.List;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
-import org.apache.commons.lang3.StringUtils;
-import org.opensaml.common.SAMLObject;
-import org.opensaml.common.binding.BasicSAMLMessageContext;
-import org.opensaml.common.binding.decoding.URIComparator;
-import org.opensaml.common.xml.SAMLConstants;
-import org.opensaml.saml2.binding.encoding.HTTPSOAP11Encoder;
-import org.opensaml.saml2.core.RequestAbstractType;
-import org.opensaml.saml2.core.StatusResponseType;
-import org.opensaml.saml2.metadata.SPSSODescriptor;
-import org.opensaml.saml2.metadata.provider.MetadataProvider;
-import org.opensaml.ws.message.decoder.MessageDecodingException;
-import org.opensaml.ws.message.encoder.MessageEncodingException;
-import org.opensaml.ws.soap.soap11.Envelope;
-import org.opensaml.ws.soap.soap11.decoder.http.HTTPSOAP11Decoder;
-import org.opensaml.ws.transport.http.HttpServletRequestAdapter;
-import org.opensaml.ws.transport.http.HttpServletResponseAdapter;
-import org.opensaml.xml.XMLObject;
-import org.opensaml.xml.parse.BasicParserPool;
-import org.opensaml.xml.security.SecurityException;
-import org.opensaml.xml.security.credential.Credential;
-import org.opensaml.xml.signature.SignableXMLObject;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.stereotype.Service;
-
import at.gv.egiz.eaaf.core.api.IRequest;
import at.gv.egiz.eaaf.modules.pvp2.PvpConstants;
import at.gv.egiz.eaaf.modules.pvp2.api.binding.IDecoder;
@@ -59,6 +34,29 @@ import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2Exception;
import at.gv.egiz.eaaf.modules.pvp2.impl.message.PvpSProfileRequest;
import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafDefaultSaml2Bootstrap;
+import org.apache.commons.lang3.StringUtils;
+import org.opensaml.common.binding.BasicSAMLMessageContext;
+import org.opensaml.messaging.decoder.MessageDecodingException;
+import org.opensaml.messaging.encoder.MessageEncodingException;
+import org.opensaml.saml.common.SAMLObject;
+import org.opensaml.saml.common.xml.SAMLConstants;
+import org.opensaml.saml.saml2.binding.decoding.impl.HTTPSOAP11Decoder;
+import org.opensaml.saml.saml2.core.RequestAbstractType;
+import org.opensaml.saml.saml2.core.StatusResponseType;
+import org.opensaml.saml.saml2.metadata.SPSSODescriptor;
+import org.opensaml.saml2.metadata.provider.MetadataProvider;
+import org.opensaml.security.credential.Credential;
+import org.opensaml.soap.soap11.Envelope;
+import org.opensaml.ws.transport.http.HttpServletRequestAdapter;
+import org.opensaml.ws.transport.http.HttpServletResponseAdapter;
+import org.opensaml.xmlsec.signature.SignableXMLObject;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.stereotype.Service;
+
+import net.shibboleth.utilities.java.support.net.URIComparator;
+import net.shibboleth.utilities.java.support.xml.BasicParserPool;
+
@Service("PVPSOAPBinding")
public class SoapBinding implements IDecoder, IEncoder {
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/CitizenTokenBuilder.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/CitizenTokenBuilder.java
index 8c7fa2fc..0bfd974e 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/CitizenTokenBuilder.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/CitizenTokenBuilder.java
@@ -19,17 +19,17 @@
package at.gv.egiz.eaaf.modules.pvp2.impl.builder;
-import org.opensaml.saml2.core.Attribute;
-import org.opensaml.saml2.core.AttributeValue;
-import org.opensaml.xml.Configuration;
-import org.opensaml.xml.XMLObject;
-import org.opensaml.xml.schema.XSInteger;
-import org.opensaml.xml.schema.XSString;
-import org.opensaml.xml.schema.impl.XSIntegerBuilder;
-import org.opensaml.xml.schema.impl.XSStringBuilder;
-
import at.gv.egiz.eaaf.modules.pvp2.impl.utils.Saml2Utils;
+import org.opensaml.core.config.Configuration;
+import org.opensaml.core.xml.XMLObject;
+import org.opensaml.core.xml.schema.XSInteger;
+import org.opensaml.core.xml.schema.XSString;
+import org.opensaml.core.xml.schema.impl.XSIntegerBuilder;
+import org.opensaml.core.xml.schema.impl.XSStringBuilder;
+import org.opensaml.saml.saml2.core.Attribute;
+import org.opensaml.saml.saml2.core.AttributeValue;
+
/**
* Build all attributes from PVP2 citizen-token.
*
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/PvpAttributeBuilder.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/PvpAttributeBuilder.java
index 39d2a493..92e75e17 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/PvpAttributeBuilder.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/PvpAttributeBuilder.java
@@ -26,11 +26,6 @@ import java.util.Iterator;
import java.util.List;
import java.util.ServiceLoader;
-import org.opensaml.saml2.core.Attribute;
-import org.opensaml.saml2.metadata.RequestedAttribute;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
import at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder;
import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator;
import at.gv.egiz.eaaf.core.api.idp.IAuthData;
@@ -43,6 +38,11 @@ import at.gv.egiz.eaaf.modules.pvp2.exception.InvalidDateFormatException;
import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2Exception;
import at.gv.egiz.eaaf.modules.pvp2.impl.utils.Saml2Utils;
+import org.opensaml.saml.saml2.core.Attribute;
+import org.opensaml.saml.saml2.metadata.RequestedAttribute;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
public class PvpAttributeBuilder {
private static final Logger log = LoggerFactory.getLogger(PvpAttributeBuilder.class);
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/PvpMetadataBuilder.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/PvpMetadataBuilder.java
index b543a5dc..9645c2c8 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/PvpMetadataBuilder.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/PvpMetadataBuilder.java
@@ -34,48 +34,47 @@ import javax.xml.transform.TransformerFactoryConfigurationError;
import javax.xml.transform.dom.DOMSource;
import javax.xml.transform.stream.StreamResult;
+import at.gv.egiz.eaaf.core.exceptions.EaafException;
+import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvpMetadataBuilderConfiguration;
+import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafDefaultSaml2Bootstrap;
+import at.gv.egiz.eaaf.modules.pvp2.impl.utils.AbstractCredentialProvider;
+import at.gv.egiz.eaaf.modules.pvp2.impl.utils.Saml2Utils;
+
import org.apache.commons.httpclient.auth.CredentialsNotAvailableException;
import org.apache.commons.lang3.StringUtils;
import org.joda.time.DateTime;
-import org.opensaml.common.xml.SAMLConstants;
-import org.opensaml.saml2.metadata.AssertionConsumerService;
-import org.opensaml.saml2.metadata.AttributeConsumingService;
-import org.opensaml.saml2.metadata.ContactPerson;
-import org.opensaml.saml2.metadata.EntitiesDescriptor;
-import org.opensaml.saml2.metadata.EntityDescriptor;
-import org.opensaml.saml2.metadata.IDPSSODescriptor;
-import org.opensaml.saml2.metadata.KeyDescriptor;
-import org.opensaml.saml2.metadata.LocalizedString;
-import org.opensaml.saml2.metadata.NameIDFormat;
-import org.opensaml.saml2.metadata.Organization;
-import org.opensaml.saml2.metadata.RequestedAttribute;
-import org.opensaml.saml2.metadata.RoleDescriptor;
-import org.opensaml.saml2.metadata.SPSSODescriptor;
-import org.opensaml.saml2.metadata.ServiceName;
-import org.opensaml.saml2.metadata.SingleLogoutService;
-import org.opensaml.saml2.metadata.SingleSignOnService;
-import org.opensaml.xml.io.Marshaller;
-import org.opensaml.xml.io.MarshallingException;
-import org.opensaml.xml.security.SecurityException;
+import org.opensaml.core.xml.io.Marshaller;
+import org.opensaml.core.xml.io.MarshallingException;
+import org.opensaml.saml.common.xml.SAMLConstants;
+import org.opensaml.saml.saml2.metadata.AssertionConsumerService;
+import org.opensaml.saml.saml2.metadata.AttributeConsumingService;
+import org.opensaml.saml.saml2.metadata.ContactPerson;
+import org.opensaml.saml.saml2.metadata.EntitiesDescriptor;
+import org.opensaml.saml.saml2.metadata.EntityDescriptor;
+import org.opensaml.saml.saml2.metadata.IDPSSODescriptor;
+import org.opensaml.saml.saml2.metadata.KeyDescriptor;
+import org.opensaml.saml.saml2.metadata.NameIDFormat;
+import org.opensaml.saml.saml2.metadata.Organization;
+import org.opensaml.saml.saml2.metadata.RequestedAttribute;
+import org.opensaml.saml.saml2.metadata.RoleDescriptor;
+import org.opensaml.saml.saml2.metadata.SPSSODescriptor;
+import org.opensaml.saml.saml2.metadata.ServiceName;
+import org.opensaml.saml.saml2.metadata.SingleLogoutService;
+import org.opensaml.saml.saml2.metadata.SingleSignOnService;
+import org.opensaml.security.SecurityException;
+import org.opensaml.security.credential.Credential;
+import org.opensaml.security.credential.UsageType;
import org.opensaml.xml.security.SecurityHelper;
-import org.opensaml.xml.security.credential.Credential;
-import org.opensaml.xml.security.credential.UsageType;
-import org.opensaml.xml.security.keyinfo.KeyInfoGenerator;
-import org.opensaml.xml.security.x509.X509KeyInfoGeneratorFactory;
-import org.opensaml.xml.signature.Signature;
-import org.opensaml.xml.signature.SignatureException;
-import org.opensaml.xml.signature.Signer;
+import org.opensaml.xmlsec.keyinfo.KeyInfoGenerator;
+import org.opensaml.xmlsec.keyinfo.impl.X509KeyInfoGeneratorFactory;
+import org.opensaml.xmlsec.signature.Signature;
+import org.opensaml.xmlsec.signature.support.SignatureException;
+import org.opensaml.xmlsec.signature.support.Signer;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Service;
import org.w3c.dom.Document;
-import at.gv.egiz.eaaf.core.exceptions.EaafException;
-import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvpMetadataBuilderConfiguration;
-import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafDefaultSaml2Bootstrap;
-import at.gv.egiz.eaaf.modules.pvp2.impl.utils.AbstractCredentialProvider;
-import at.gv.egiz.eaaf.modules.pvp2.impl.utils.Saml2Utils;
-
/**
* PVP metadata builder implementation.
*
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/SamlAttributeGenerator.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/SamlAttributeGenerator.java
index d697f3d4..0499cffa 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/SamlAttributeGenerator.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/SamlAttributeGenerator.java
@@ -19,18 +19,18 @@
package at.gv.egiz.eaaf.modules.pvp2.impl.builder;
-import org.opensaml.saml2.core.Attribute;
-import org.opensaml.saml2.core.AttributeValue;
-import org.opensaml.xml.Configuration;
-import org.opensaml.xml.XMLObject;
-import org.opensaml.xml.schema.XSInteger;
-import org.opensaml.xml.schema.XSString;
-import org.opensaml.xml.schema.impl.XSIntegerBuilder;
-import org.opensaml.xml.schema.impl.XSStringBuilder;
-
import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator;
import at.gv.egiz.eaaf.modules.pvp2.impl.utils.Saml2Utils;
+import org.opensaml.core.config.Configuration;
+import org.opensaml.core.xml.XMLObject;
+import org.opensaml.core.xml.schema.XSInteger;
+import org.opensaml.core.xml.schema.XSString;
+import org.opensaml.core.xml.schema.impl.XSIntegerBuilder;
+import org.opensaml.core.xml.schema.impl.XSStringBuilder;
+import org.opensaml.saml.saml2.core.Attribute;
+import org.opensaml.saml.saml2.core.AttributeValue;
+
public class SamlAttributeGenerator implements IAttributeGenerator<Attribute> {
private XMLObject buildAttributeStringValue(final String value) {
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/utils/AbstractCredentialProvider.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/utils/AbstractCredentialProvider.java
index 5c9bb6be..c0b015be 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/utils/AbstractCredentialProvider.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/utils/AbstractCredentialProvider.java
@@ -19,11 +19,22 @@
package at.gv.egiz.eaaf.modules.pvp2.impl.utils;
+import java.io.IOException;
+import java.io.InputStream;
import java.security.KeyStore;
+import java.security.KeyStoreException;
import java.security.PrivateKey;
import java.security.interfaces.ECPrivateKey;
import java.security.interfaces.RSAPrivateKey;
+import javax.annotation.PostConstruct;
+
+import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException;
+import at.gv.egiz.eaaf.core.exceptions.EaafException;
+import at.gv.egiz.eaaf.core.impl.utils.KeyStoreUtils;
+import at.gv.egiz.eaaf.modules.pvp2.exception.CredentialsNotAvailableException;
+import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.EaafKeyStoreX509CredentialAdapter;
+
import org.apache.commons.lang3.StringUtils;
import org.opensaml.xml.security.credential.Credential;
import org.opensaml.xml.security.credential.UsageType;
@@ -32,14 +43,15 @@ import org.opensaml.xml.signature.Signature;
import org.opensaml.xml.signature.SignatureConstants;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
-
-import at.gv.egiz.eaaf.core.exceptions.EaafException;
-import at.gv.egiz.eaaf.core.impl.utils.KeyStoreUtils;
-import at.gv.egiz.eaaf.modules.pvp2.exception.CredentialsNotAvailableException;
-import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.EaafKeyStoreX509CredentialAdapter;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Lazy;
+import org.springframework.core.io.Resource;
+import org.springframework.core.io.ResourceLoader;
public abstract class AbstractCredentialProvider {
+ @Autowired protected ResourceLoader resourceLoader;
+
private static final Logger log = LoggerFactory.getLogger(AbstractCredentialProvider.class);
private KeyStore keyStore = null;
@@ -117,11 +129,6 @@ public abstract class AbstractCredentialProvider {
*/
public X509Credential getIdpMetaDataSigningCredential() throws CredentialsNotAvailableException {
try {
-
- if (keyStore == null) {
- keyStore = KeyStoreUtils.loadKeyStore(getKeyStoreFilePath(), getKeyStorePassword());
- }
-
final EaafKeyStoreX509CredentialAdapter credentials = new EaafKeyStoreX509CredentialAdapter(keyStore,
getMetadataKeyAlias(), getMetadataKeyPassword().toCharArray());
@@ -136,8 +143,7 @@ public abstract class AbstractCredentialProvider {
}
return credentials;
} catch (final Exception e) {
- log.error("Failed to generate " + getFriendlyName() + " Metadata Signing credentials");
- e.printStackTrace();
+ log.error("Failed to generate " + getFriendlyName() + " Metadata Signing credentials", e);
throw new CredentialsNotAvailableException("config.27", new Object[] { e.getMessage() }, e);
}
}
@@ -150,10 +156,6 @@ public abstract class AbstractCredentialProvider {
*/
public X509Credential getIdpAssertionSigningCredential() throws CredentialsNotAvailableException {
try {
- if (keyStore == null) {
- keyStore = KeyStoreUtils.loadKeyStore(getKeyStoreFilePath(), getKeyStorePassword());
- }
-
final EaafKeyStoreX509CredentialAdapter credentials = new EaafKeyStoreX509CredentialAdapter(keyStore,
getSignatureKeyAlias(), getSignatureKeyPassword().toCharArray());
@@ -169,8 +171,7 @@ public abstract class AbstractCredentialProvider {
return credentials;
} catch (final Exception e) {
- log.error("Failed to generate " + getFriendlyName() + " Assertion Signing credentials");
- e.printStackTrace();
+ log.error("Failed to generate " + getFriendlyName() + " Assertion Signing credentials", e);
throw new CredentialsNotAvailableException("config.27", new Object[] { e.getMessage() }, e);
}
}
@@ -184,10 +185,6 @@ public abstract class AbstractCredentialProvider {
public X509Credential getIdpAssertionEncryptionCredential()
throws CredentialsNotAvailableException {
try {
- if (keyStore == null) {
- keyStore = KeyStoreUtils.loadKeyStore(getKeyStoreFilePath(), getKeyStorePassword());
- }
-
// if no encryption key is configured return null
if (StringUtils.isEmpty(getEncryptionKeyAlias())) {
return null;
@@ -210,8 +207,7 @@ public abstract class AbstractCredentialProvider {
return credentials;
} catch (final Exception e) {
- log.error("Failed to generate " + getFriendlyName() + " Assertion Encryption credentials");
- e.printStackTrace();
+ log.error("Failed to generate " + getFriendlyName() + " Assertion Encryption credentials", e);
throw new CredentialsNotAvailableException("config.27", new Object[] { e.getMessage() }, e);
}
}
@@ -243,4 +239,27 @@ public abstract class AbstractCredentialProvider {
return signer;
}
+
+ @Lazy
+ @PostConstruct
+ private void initialize() throws Exception {
+ try {
+ final Resource ressource = resourceLoader.getResource(getKeyStoreFilePath());
+ final InputStream is = ressource.getInputStream();
+ keyStore = KeyStoreUtils.loadKeyStore(is, getKeyStorePassword());
+
+ if (keyStore == null) {
+ throw new EaafConfigurationException("module.00",
+ new Object[] {getFriendlyName(), "KeyStore initialization failed. Maybe wrong password"});
+
+ }
+
+ } catch (IOException | KeyStoreException | EaafException e) {
+ log.error("Can not initialize KeyStore for eIDAS authentication client.", e);
+ throw e;
+
+ }
+
+ }
+
}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/metadata/PvpEntityCategoryFilter.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/metadata/PvpEntityCategoryFilter.java
index 797335d8..66c3fb9e 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/metadata/PvpEntityCategoryFilter.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/metadata/PvpEntityCategoryFilter.java
@@ -39,7 +39,7 @@ import org.opensaml.xml.XMLObject;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
-import at.gv.egiz.eaaf.core.impl.data.Trible;
+import at.gv.egiz.eaaf.core.impl.data.Triple;
import at.gv.egiz.eaaf.modules.pvp2.PvpConstants;
import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2MetadataException;
import at.gv.egiz.eaaf.modules.pvp2.impl.builder.PvpAttributeBuilder;
@@ -235,9 +235,9 @@ public class PvpEntityCategoryFilter implements MetadataFilter {
}
private List<RequestedAttribute> buildAttributeList(
- final List<Trible<String, String, Boolean>> attrSet) {
+ final List<Triple<String, String, Boolean>> attrSet) {
final List<RequestedAttribute> requestedAttributes = new ArrayList<>();
- for (final Trible<String, String, Boolean> el : attrSet) {
+ for (final Triple<String, String, Boolean> el : attrSet) {
requestedAttributes
.add(PvpAttributeBuilder.buildReqAttribute(el.getFirst(), el.getSecond(), el.getThird()));
}
diff --git a/pom.xml b/pom.xml
index 6ae0da6b..08498fd5 100644
--- a/pom.xml
+++ b/pom.xml
@@ -46,9 +46,12 @@
<!-- Other third-party libs -->
<org.springframework.version>5.1.5.RELEASE</org.springframework.version>
- <org.opensaml.version>2.6.6</org.opensaml.version>
+ <org.opensaml.version>3.4.3</org.opensaml.version>
+
+
<org.opensaml.xmltooling.version>1.4.6</org.opensaml.xmltooling.version>
<org.opensaml.openws.version>1.5.6</org.opensaml.openws.version>
+
<org.apache.santuario.xmlsec.version>2.1.3</org.apache.santuario.xmlsec.version>
<org.bouncycastle.bcprov-jdk15on.version>1.61</org.bouncycastle.bcprov-jdk15on.version>
<org.owasp.esapi.version>2.1.0.1</org.owasp.esapi.version>
@@ -355,18 +358,23 @@
</dependency>
<dependency>
<groupId>org.opensaml</groupId>
- <artifactId>opensaml</artifactId>
+ <artifactId>opensaml-core</artifactId>
<version>${org.opensaml.version}</version>
</dependency>
<dependency>
<groupId>org.opensaml</groupId>
- <artifactId>xmltooling</artifactId>
- <version>${org.opensaml.xmltooling.version}</version>
+ <artifactId>opensaml-xmlsec-api</artifactId>
+ <version>${org.opensaml.version}</version>
</dependency>
<dependency>
<groupId>org.opensaml</groupId>
- <artifactId>openws</artifactId>
- <version>${org.opensaml.openws.version}</version>
+ <artifactId>opensaml-xmlsec-impl</artifactId>
+ <version>${org.opensaml.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.opensaml</groupId>
+ <artifactId>opensaml-saml-impl</artifactId>
+ <version>${org.opensaml.version}</version>
</dependency>
<dependency>
<groupId>org.apache.santuario</groupId>