diff options
author | Thomas <thomas.lenz@egiz.gv.at> | 2019-12-05 09:52:48 +0100 |
---|---|---|
committer | Thomas <thomas.lenz@egiz.gv.at> | 2019-12-05 09:52:48 +0100 |
commit | 3fada6cef21c9b16467177d866df778203b51b4d (patch) | |
tree | 8fe8ed37b6ee9fe35a1e035ceba6c68808328415 | |
parent | 95b21a826e5d81fdeabcf4673a9e87047edaec9d (diff) | |
download | EAAF-Components-3fada6cef21c9b16467177d866df778203b51b4d.tar.gz EAAF-Components-3fada6cef21c9b16467177d866df778203b51b4d.tar.bz2 EAAF-Components-3fada6cef21c9b16467177d866df778203b51b4d.zip |
some code code-style modifications
active code-quality checks!
302 files changed, 6291 insertions, 5956 deletions
diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/api/gui/IVelocityGuiFormBuilder.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/api/gui/IVelocityGuiFormBuilder.java index 5a7ce49d..ff90e9cc 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/api/gui/IVelocityGuiFormBuilder.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/api/gui/IVelocityGuiFormBuilder.java @@ -1,16 +1,19 @@ package at.gv.egiz.eaaf.core.api.gui; import java.io.InputStream; + import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import at.gv.egiz.eaaf.core.exceptions.GuiBuildException; + import org.apache.velocity.VelocityContext; -public interface IVelocityGuiFormBuilder extends IGuiFormBuilder { +import at.gv.egiz.eaaf.core.exceptions.GuiBuildException; +public interface IVelocityGuiFormBuilder extends IGuiFormBuilder { /** - * Generate a new {@link VelocityContext} and populate it with MOA-ID GUI parameters. + * Generate a new {@link VelocityContext} and populate it with MOA-ID GUI + * parameters. * * @param config GUI builder configuration * @return @@ -18,28 +21,27 @@ public interface IVelocityGuiFormBuilder extends IGuiFormBuilder { VelocityContext generateVelocityContextFromConfiguration( IVelocityGuiBuilderConfiguration config); - /** * Load the template from different resources. * * @param config GUI builder configuration - * @return An {@link InputStream} but never null. The {@link InputStream} had to be closed be the - * invoking method + * @return An {@link InputStream} but never null. The {@link InputStream} had to + * be closed be the invoking method * @throws GuiBuildException In case of an error */ InputStream getTemplateInputStream(IVelocityGuiBuilderConfiguration config) throws GuiBuildException; - /** - * Parse a GUI template, with parameters into a http servlet-response and use the default - * http-response content-type. <br> + * Parse a GUI template, with parameters into a http servlet-response and use + * the default http-response content-type. <br> * <br> - * The parser use the <code>VelocityEngine</code> as internal template evaluator. + * The parser use the <code>VelocityEngine</code> as internal template + * evaluator. * - * @param httpReq http-request object - * @param httpResp http-response object - * @param config Configuration object + * @param httpReq http-request object + * @param httpResp http-response object + * @param config Configuration object * @param loggerName String, which should be used from logger * * @throws GuiBuildException in case of an error @@ -47,17 +49,17 @@ public interface IVelocityGuiFormBuilder extends IGuiFormBuilder { void build(HttpServletRequest httpReq, HttpServletResponse httpResp, IVelocityGuiBuilderConfiguration config, String loggerName) throws GuiBuildException; - /** * Parse a GUI template, with parameters into a http servlet-response. <br> * <br> - * The parser use the <code>VelocityEngine</code> as internal template evaluator. + * The parser use the <code>VelocityEngine</code> as internal template + * evaluator. * - * @param httpReq http-request object - * @param httpResp http-response object - * @param config Configuration object + * @param httpReq http-request object + * @param httpResp http-response object + * @param config Configuration object * @param contentType http-response content-type, which should be set - * @param loggerName String, which should be used from logger + * @param loggerName String, which should be used from logger * * @throws GuiBuildException In case of an error */ diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/api/idp/process/ExpressionEvaluationContext.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/api/idp/process/ExpressionEvaluationContext.java index 7315dbf1..8f66afff 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/api/idp/process/ExpressionEvaluationContext.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/api/idp/process/ExpressionEvaluationContext.java @@ -21,11 +21,12 @@ package at.gv.egiz.eaaf.core.api.idp.process; import java.io.Serializable; import java.util.Map; -import at.gv.egiz.eaaf.core.impl.idp.process.model.Transition; +import at.gv.egiz.eaaf.core.impl.idp.process.model.Transition; /** - * Context used for evaluation of condition expressions set for {@linkplain Transition Transitions}. + * Context used for evaluation of condition expressions set for + * {@linkplain Transition Transitions}. * * @author tknall * diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/api/idp/process/ExpressionEvaluator.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/api/idp/process/ExpressionEvaluator.java index 7fa67ae4..18e4533e 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/api/idp/process/ExpressionEvaluator.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/api/idp/process/ExpressionEvaluator.java @@ -29,11 +29,13 @@ public interface ExpressionEvaluator { /** * Evaluates a given {@code expression} returning a boolean value. * - * @param expressionContext The context which can be used for evaluation of the expression. - * @param expression The expression resulting in a boolean (must not be {@code null}). + * @param expressionContext The context which can be used for evaluation of the + * expression. + * @param expression The expression resulting in a boolean (must not be + * {@code null}). * @return A boolean value. * @throws IllegalArgumentException In case of an invalid {@code expression}. - * @throws NullPointerException In case of a {@code null} expression. + * @throws NullPointerException In case of a {@code null} expression. */ boolean evaluate(ExpressionEvaluationContext expressionContext, String expression); diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/api/idp/process/ProcessEngine.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/api/idp/process/ProcessEngine.java index d4c221e0..302deae4 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/api/idp/process/ProcessEngine.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/api/idp/process/ProcessEngine.java @@ -19,8 +19,8 @@ package at.gv.egiz.eaaf.core.api.idp.process; - import java.io.InputStream; + import at.gv.egiz.eaaf.core.api.IRequest; import at.gv.egiz.eaaf.core.exceptions.ProcessExecutionException; import at.gv.egiz.eaaf.core.impl.idp.process.ProcessDefinitionParserException; @@ -35,64 +35,71 @@ import at.gv.egiz.eaaf.core.impl.idp.process.model.ProcessDefinition; public interface ProcessEngine { /** - * Registers a new process definition. Note that existing definitions with the same identifier - * will be replaced. + * Registers a new process definition. Note that existing definitions with the + * same identifier will be replaced. * * @param processDefinition The process definition to be registered. */ void registerProcessDefinition(ProcessDefinition processDefinition); /** - * Registers a new process definition given as {@link InputStream}. Note that existing definitions - * with the same identifier will be replaced. + * Registers a new process definition given as {@link InputStream}. Note that + * existing definitions with the same identifier will be replaced. * - * @param processDefinitionInputStream The input stream to the definition to be registered. + * @param processDefinitionInputStream The input stream to the definition to be + * registered. * @return The process definition's identifier. - * @throws ProcessDefinitionParserException Thrown in case of an error parsing the process - * definition. + * @throws ProcessDefinitionParserException Thrown in case of an error parsing + * the process definition. */ String registerProcessDefinition(InputStream processDefinitionInputStream) throws ProcessDefinitionParserException; /** - * Creates a process instance according to the referenced process definition, persists it into the - * database and returns it identifier. + * Creates a process instance according to the referenced process definition, + * persists it into the database and returns it identifier. * <p/> - * Note that the method returns the identifier of a process instance which will be needed in order - * to start a process or to continue process execution after asynchronous task execution (refer to - * {@link #start(String)} and {@link #signal(String)} for further information). + * Note that the method returns the identifier of a process instance which will + * be needed in order to start a process or to continue process execution after + * asynchronous task execution (refer to {@link #start(String)} and + * {@link #signal(String)} for further information). * - * @param processDefinitionId The identifier of the respective process definition. - * @param executionContext The execution context (may be {@code null}). + * @param processDefinitionId The identifier of the respective process + * definition. + * @param executionContext The execution context (may be {@code null}). * @return The id of the newly created process instance (never {@code null}). * @throws ProcessExecutionException Thrown in case of error, e.g. when a - * {@code processDefinitionId} is referenced that does not exist. + * {@code processDefinitionId} is referenced + * that does not exist. */ String createProcessInstance(String processDefinitionId, ExecutionContext executionContext) throws ProcessExecutionException; /** - * Creates a process instance according to the referenced process definition, persists it into the - * database and returns it identifier. + * Creates a process instance according to the referenced process definition, + * persists it into the database and returns it identifier. * <p/> - * Note that the method returns the identifier of a process instance which will be needed in order - * to start a process or to continue process execution after asynchronous task execution (refer to - * {@link #start(String)} and {@link #signal(String)} for further information). + * Note that the method returns the identifier of a process instance which will + * be needed in order to start a process or to continue process execution after + * asynchronous task execution (refer to {@link #start(String)} and + * {@link #signal(String)} for further information). * - * @param processDefinitionId The identifier of the respective process definition. + * @param processDefinitionId The identifier of the respective process + * definition. * @return The id of the newly created process instance (never {@code null}). * @throws ProcessExecutionException Thrown in case of error, e.g. when a - * {@code processDefinitionId} is referenced that does not exist. + * {@code processDefinitionId} is referenced + * that does not exist. */ String createProcessInstance(String processDefinitionId) throws ProcessExecutionException; - /** * Delete a process instance. * * @param processInstanceId The identifier of the respective process. * @throws ProcessExecutionException Thrown in case of error, e.g. when a - * {@code processInstanceId} is referenced that does not exist. + * {@code processInstanceId} is referenced + * that does not exist. */ void deleteProcessInstance(String processInstanceId) throws ProcessExecutionException; @@ -101,8 +108,10 @@ public interface ProcessEngine { * * @param processInstanceId The process instance id. * @return The process instance (never {@code null}). - * @throws IllegalArgumentException In case the process instance does not/no longer exist. - * @throws RuntimeException In case the process instance could not be retrieved from persistence. + * @throws IllegalArgumentException In case the process instance does not/no + * longer exist. + * @throws RuntimeException In case the process instance could not be + * retrieved from persistence. */ ProcessInstance getProcessInstance(String processInstanceId); @@ -114,7 +123,6 @@ public interface ProcessEngine { */ void start(IRequest pendingReq) throws ProcessExecutionException; - /** * Resumes process execution after an asynchronous task has been executed. * diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/api/idp/process/ProcessInstanceStoreDao.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/api/idp/process/ProcessInstanceStoreDao.java index 641eeab8..6de53432 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/api/idp/process/ProcessInstanceStoreDao.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/api/idp/process/ProcessInstanceStoreDao.java @@ -30,25 +30,30 @@ public interface ProcessInstanceStoreDao { * Stores a {@link ProcessInstance} defined by {@code pIStore} in the database. * * @param piStore the {@link ProcessInstanceStore} to persist. - * @throws EaafStorageException is thrown if a problem occurs while accessing the database. + * @throws EaafStorageException is thrown if a problem occurs while accessing + * the database. */ void saveOrUpdate(ProcessInstanceStore piStore) throws EaafException; /** - * Returns a {@link ProcessInstanceStore}, defined by {@code processInstanceID} from the database, - * or {@code null} if the object could not be found. + * Returns a {@link ProcessInstanceStore}, defined by {@code processInstanceID} + * from the database, or {@code null} if the object could not be found. * - * @param processInstanceId the id of the {@code ProcessInstanceStore} to retrieve. + * @param processInstanceId the id of the {@code ProcessInstanceStore} to + * retrieve. * @return a ProcessInstanceStore, or {@code null}. - * @throws EaafStorageException is thrown if a problem occurs while accessing the database. + * @throws EaafStorageException is thrown if a problem occurs while accessing + * the database. */ ProcessInstanceStore load(String processInstanceId) throws EaafException; /** - * Deletes the {@link ProcessInstance} corresponding with the {@code processInstanceId}. + * Deletes the {@link ProcessInstance} corresponding with the + * {@code processInstanceId}. * * @param processInstanceId the id of the {@code ProcessInstance} to be deleted. - * @throws EaafStorageException is thrown if a problem occurs while accessing the database. + * @throws EaafStorageException is thrown if a problem occurs while accessing + * the database. */ void remove(String processInstanceId) throws EaafException; diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/api/idp/process/Task.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/api/idp/process/Task.java index 06573403..a1fd49e5 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/api/idp/process/Task.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/api/idp/process/Task.java @@ -22,7 +22,6 @@ package at.gv.egiz.eaaf.core.api.idp.process; import at.gv.egiz.eaaf.core.api.IRequest; import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException; - /** * Represents a single task to be performed upon process execution. * @@ -34,9 +33,10 @@ public interface Task { /** * Executes this task. * - * @param pendingReq Provides the current processed protocol request + * @param pendingReq Provides the current processed protocol request * @param executionContext Provides execution related information. - * @return The pending-request object, because Process-management works recursive + * @return The pending-request object, because Process-management works + * recursive * @throws Exception An exception upon task execution. */ IRequest execute(IRequest pendingReq, ExecutionContext executionContext) diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/api/utils/IJsonMapper.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/api/utils/IJsonMapper.java index dd7e69fd..a7e4f6fe 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/api/utils/IJsonMapper.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/api/utils/IJsonMapper.java @@ -9,38 +9,43 @@ public interface IJsonMapper { /** * Serialize an object to a JSON string. - * + * * @param value the object to serialize * @return a JSON string - * @throws JsonProcessingException thrown when an error occurs during serialization + * @throws JsonProcessingException thrown when an error occurs during + * serialization */ String serialize(Object value) throws EaafJsonMapperException; /** * Deserialize a JSON string. - * + * * @param value the JSON string to deserialize - * @param clazz optional parameter that determines the type of the returned object. If not set, an - * {@link Object} is returned. - * @return the deserialized JSON string as an object of type {@code clazz} or {@link Object} - * @throws JsonParseException if the JSON string contains invalid content. - * @throws JsonMappingException if the input JSON structure does not match structure expected for - * result type - * @throws IOException if an I/O problem occurs (e.g. unexpected end-of-input) + * @param clazz optional parameter that determines the type of the returned + * object. If not set, an {@link Object} is returned. + * @return the deserialized JSON string as an object of type {@code clazz} or + * {@link Object} + * @throws JsonParseException if the JSON string contains invalid content. + * @throws JsonMappingException if the input JSON structure does not match + * structure expected for result type + * @throws IOException if an I/O problem occurs (e.g. unexpected + * end-of-input) */ <T> Object deserialize(String value, Class<T> clazz) throws EaafJsonMapperException; /** * Deserialize a JSON string. - * - * @param is the JSON to deserialize as {@link InputStream} - * @param clazz optional parameter that determines the type of the returned object. If not set, an - * {@link Object} is returned. - * @return the deserialized JSON string as an object of type {@code clazz} or {@link Object} - * @throws JsonParseException if the JSON string contains invalid content. - * @throws JsonMappingException if the input JSON structure does not match structure expected for - * result type - * @throws IOException if an I/O problem occurs (e.g. unexpected end-of-input) + * + * @param is the JSON to deserialize as {@link InputStream} + * @param clazz optional parameter that determines the type of the returned + * object. If not set, an {@link Object} is returned. + * @return the deserialized JSON string as an object of type {@code clazz} or + * {@link Object} + * @throws JsonParseException if the JSON string contains invalid content. + * @throws JsonMappingException if the input JSON structure does not match + * structure expected for result type + * @throws IOException if an I/O problem occurs (e.g. unexpected + * end-of-input) */ <T> Object deserialize(InputStream is, Class<T> clazz) throws EaafJsonMapperException; diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/data/SLOInformationImpl.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/data/SloInformationImpl.java index c0980b0b..71a2c849 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/data/SLOInformationImpl.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/data/SloInformationImpl.java @@ -1,4 +1,4 @@ -/******************************************************************************* +/* * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology. * @@ -15,72 +15,91 @@ * This product combines work with different licenses. See the "NOTICE" text file for details on the * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative * works that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -/******************************************************************************* - *******************************************************************************/ -/******************************************************************************* - *******************************************************************************/ +*/ + package at.gv.egiz.eaaf.core.impl.data; import java.io.Serializable; -import at.gv.egiz.eaaf.core.api.idp.slo.SloInformationInterface; +import at.gv.egiz.eaaf.core.api.idp.slo.SloInformationInterface; /** + * Single Log-Out container DAO. + * * @author tlenz * */ -public class SLOInformationImpl implements SloInformationInterface, Serializable { +public class SloInformationImpl implements SloInformationInterface, Serializable { private static final long serialVersionUID = 295577931870512387L; private String sessionIndex = null; private String nameID = null; private String protocolType = null; - private String nameIDFormat = null; + private String nameIdFormat = null; private String binding = null; - private String serviceURL = null; - private String authURL = null; + private String serviceUrl = null; + private String authUrl = null; private String spEntityID = null; - public SLOInformationImpl(final String authURL, final String spEntityID, final String sessionID, - final String nameID, final String nameIDFormat, final String protocolType) { - this(authURL, spEntityID, sessionID, nameID, nameIDFormat, protocolType, null, + /** + * Create a SLO container. + * + * @param authUrl IDP EntityId + * @param spEntityId SP EntityId + * @param sessionId SessionId on protocol-level + * @param nameId User's nameId + * @param nameIdFormat NameId format + * @param protocolType Type of the Auth. protocol + */ + public SloInformationImpl(final String authUrl, final String spEntityId, final String sessionId, + final String nameId, final String nameIdFormat, final String protocolType) { + this(authUrl, spEntityId, sessionId, nameId, nameIdFormat, protocolType, null, null); } - public SLOInformationImpl(final String authURL, final String spEntityID, final String sessionID, - final String nameID, final String nameIDFormat, final String protocolType, - final String sloBinding, final String sloLocationURL) { - this.sessionIndex = sessionID; - this.nameID = nameID; - this.nameIDFormat = nameIDFormat; + /** + * Create a SLO container. + * + * @param authUrl IDP EntityId + * @param spEntityId SP EntityId + * @param sessionId SessionId on protocol-level + * @param nameId User's nameId + * @param nameIdFormat NameId format + * @param protocolType Type of the Auth. protocol + * @param sloBinding SLO protocol binding + * @param sloLocationUrl SLO end-point on SP + */ + public SloInformationImpl(final String authUrl, final String spEntityId, final String sessionId, + final String nameId, final String nameIdFormat, final String protocolType, + final String sloBinding, final String sloLocationUrl) { + this.sessionIndex = sessionId; + this.nameID = nameId; + this.nameIdFormat = nameIdFormat; this.protocolType = protocolType; - this.spEntityID = spEntityID; + this.spEntityID = spEntityId; - if (authURL.endsWith("/")) { - this.authURL = authURL.substring(0, authURL.length() - 1); + if (authUrl.endsWith("/")) { + this.authUrl = authUrl.substring(0, authUrl.length() - 1); } else { - this.authURL = authURL; + this.authUrl = authUrl; } - this.binding = sloBinding; - this.serviceURL = sloLocationURL; + this.serviceUrl = sloLocationUrl; } - /** - * + * Get empty SLOContainer DAO. */ - public SLOInformationImpl() { + public SloInformationImpl() { } - - /** + * Get Service-Provider Id. + * * @return the spEntityID */ @Override @@ -102,7 +121,8 @@ public class SLOInformationImpl implements SloInformationInterface, Serializable /* * (non-Javadoc) * - * @see at.gv.egovernment.moa.id.data.SLOInformationInterface#getUserNameIdentifier() + * @see + * at.gv.egovernment.moa.id.data.SLOInformationInterface#getUserNameIdentifier() */ @Override public String getUserNameIdentifier() { @@ -110,8 +130,9 @@ public class SLOInformationImpl implements SloInformationInterface, Serializable } - /** + * Get SessionId. + * * @param sessionIndex the sessionIndex to set */ @Override @@ -119,8 +140,9 @@ public class SLOInformationImpl implements SloInformationInterface, Serializable this.sessionIndex = sessionIndex; } - /** + * Get User's NameId. + * * @param nameID the nameID to set */ @Override @@ -128,16 +150,15 @@ public class SLOInformationImpl implements SloInformationInterface, Serializable this.nameID = nameID; } - - /** + * Get authentication protocol identifier. + * * @param protocolType the protocolType to set */ public void setProtocolType(final String protocolType) { this.protocolType = protocolType; } - /* * (non-Javadoc) * @@ -148,27 +169,30 @@ public class SLOInformationImpl implements SloInformationInterface, Serializable return protocolType; } - /* * (non-Javadoc) * - * @see at.gv.egovernment.moa.id.data.SLOInformationInterface#getUserNameIDFormat() + * @see + * at.gv.egovernment.moa.id.data.SLOInformationInterface#getUserNameIDFormat() */ @Override public String getUserNameIdFormat() { - return this.nameIDFormat; + return this.nameIdFormat; } - /** - * @param nameIDFormat the nameIDFormat to set + * Get Format of the NameId. + * + * @param nameIdFormat the nameIDFormat to set */ @Override - public void setNameIdFormat(final String nameIDFormat) { - this.nameIDFormat = nameIDFormat; + public void setNameIdFormat(final String nameIdFormat) { + this.nameIdFormat = nameIdFormat; } /** + * Get SLO protocol binding. + * * @return the binding */ @Override @@ -177,28 +201,32 @@ public class SLOInformationImpl implements SloInformationInterface, Serializable } /** + * Get SLO service URL. + * * @return the serviceURL */ @Override public String getServiceUrl() { - return serviceURL; + return serviceUrl; } /** + * Get the IDP EntityId. + * * @return the authURL from requested IDP without ending / */ @Override public String getAuthUrl() { - return authURL; + return authUrl; } /** + * Set the SP EntityId. + * * @param spEntityID the spEntityID to set */ public void setSpEntityID(final String spEntityID) { this.spEntityID = spEntityID; } - - } diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/gui/AbstractGuiFormBuilderConfiguration.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/gui/AbstractGuiFormBuilderConfiguration.java index efb8c713..b0718f85 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/gui/AbstractGuiFormBuilderConfiguration.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/gui/AbstractGuiFormBuilderConfiguration.java @@ -23,13 +23,15 @@ import java.util.ArrayList; import java.util.HashMap; import java.util.List; import java.util.Map; -import at.gv.egiz.eaaf.core.api.gui.GroupDefinition; -import at.gv.egiz.eaaf.core.api.gui.GroupDefinition.Type; -import at.gv.egiz.eaaf.core.api.gui.IGuiBuilderConfiguration; + import org.apache.commons.lang3.StringUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import at.gv.egiz.eaaf.core.api.gui.GroupDefinition; +import at.gv.egiz.eaaf.core.api.gui.GroupDefinition.Type; +import at.gv.egiz.eaaf.core.api.gui.IGuiBuilderConfiguration; + /** * Abstract Configuration implementation for GUI Builders. * @@ -51,7 +53,6 @@ public abstract class AbstractGuiFormBuilderConfiguration implements IGuiBuilder public static final GroupDefinition PARAM_GROUP_MSG = GroupDefinition.getInstance("msg", Type.MAP); - public static final String PARAM_VIEWNAME = "viewName"; public static final String PARAM_AUTHCONTEXT = "contextPath"; public static final String PARAM_FORMSUBMITENDPOINT = "submitEndpoint"; @@ -68,10 +69,11 @@ public abstract class AbstractGuiFormBuilderConfiguration implements IGuiBuilder /** * Abstract GUI Builder config. * - * @param authUrl IDP PublicURL-Prefix which should be used, but never null - * @param viewName Name of the template (with suffix) but never null - * @param formSubmitEndpoint EndPoint on which the form should be submitted, or null if the form - * must not submitted + * @param authUrl IDP PublicURL-Prefix which should be used, but + * never null + * @param viewName Name of the template (with suffix) but never null + * @param formSubmitEndpoint EndPoint on which the form should be submitted, or + * null if the form must not submitted * */ public AbstractGuiFormBuilderConfiguration(final String authUrl, final String viewName, @@ -100,7 +102,8 @@ public abstract class AbstractGuiFormBuilderConfiguration implements IGuiBuilder /* * (non-Javadoc) * - * @see at.gv.egovernment.moa.id.auth.frontend.builder.IGUIBuilderConfiguration#getViewName() + * @see at.gv.egovernment.moa.id.auth.frontend.builder.IGUIBuilderConfiguration# + * getViewName() */ @Override public final String getViewName() { @@ -108,12 +111,11 @@ public abstract class AbstractGuiFormBuilderConfiguration implements IGuiBuilder } - /* * (non-Javadoc) * - * @see - * at.gv.egovernment.moa.id.auth.frontend.builder.IGUIBuilderConfiguration#getViewParameters() + * @see at.gv.egovernment.moa.id.auth.frontend.builder.IGUIBuilderConfiguration# + * getViewParameters() */ @Override public final Map<String, Object> getViewParameters() { @@ -137,8 +139,8 @@ public abstract class AbstractGuiFormBuilderConfiguration implements IGuiBuilder /** * Define the parameters, which should be evaluated in the template. <br> - * <b>IMPORTANT:</b> external HTML escapetion is required, because it is NOT done internally - * during the building process + * <b>IMPORTANT:</b> external HTML escapetion is required, because it is NOT + * done internally during the building process * */ protected abstract void putSpecificViewParameters(); diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/gui/AbstractVelocityGuiFormBuilderImpl.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/gui/AbstractVelocityGuiFormBuilderImpl.java index 0ab5fa49..5e4af55e 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/gui/AbstractVelocityGuiFormBuilderImpl.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/gui/AbstractVelocityGuiFormBuilderImpl.java @@ -27,20 +27,23 @@ import java.io.StringWriter; import java.util.Iterator; import java.util.Map; import java.util.Map.Entry; + import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import at.gv.egiz.eaaf.core.api.data.EAAFConstants; -import at.gv.egiz.eaaf.core.api.gui.IGuiBuilderConfiguration; -import at.gv.egiz.eaaf.core.api.gui.IVelocityGuiBuilderConfiguration; -import at.gv.egiz.eaaf.core.api.gui.IVelocityGuiFormBuilder; -import at.gv.egiz.eaaf.core.exceptions.GuiBuildException; -import at.gv.egiz.eaaf.core.impl.gui.velocity.VelocityProvider; + import org.apache.commons.lang3.StringUtils; import org.apache.velocity.VelocityContext; import org.apache.velocity.app.VelocityEngine; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import at.gv.egiz.eaaf.core.api.data.EaafConstants; +import at.gv.egiz.eaaf.core.api.gui.IGuiBuilderConfiguration; +import at.gv.egiz.eaaf.core.api.gui.IVelocityGuiBuilderConfiguration; +import at.gv.egiz.eaaf.core.api.gui.IVelocityGuiFormBuilder; +import at.gv.egiz.eaaf.core.exceptions.GuiBuildException; +import at.gv.egiz.eaaf.core.impl.gui.velocity.VelocityProvider; + /** * Abstract VeloCity based GUI builder implementation. * @@ -50,7 +53,7 @@ import org.slf4j.LoggerFactory; public abstract class AbstractVelocityGuiFormBuilderImpl implements IVelocityGuiFormBuilder { private static final Logger log = LoggerFactory.getLogger(AbstractVelocityGuiFormBuilderImpl.class); - private static final String DEFAULT_CONTENT_TYPE = EAAFConstants.CONTENTTYPE_HTML_UTF8; + private static final String DEFAULT_CONTENT_TYPE = EaafConstants.CONTENTTYPE_HTML_UTF8; private VelocityEngine engine; @@ -82,7 +85,6 @@ public abstract class AbstractVelocityGuiFormBuilderImpl implements IVelocityGui + IVelocityGuiBuilderConfiguration.class.getName()); } - } @Override @@ -159,7 +161,8 @@ public abstract class AbstractVelocityGuiFormBuilderImpl implements IVelocityGui } /** - * Generate a new {@link VelocityContext} and populate it with MOA-ID GUI parameters. + * Generate a new {@link VelocityContext} and populate it with MOA-ID GUI + * parameters. * * @param config GUI builder config * @return Context of Velocity engine @@ -175,8 +178,8 @@ public abstract class AbstractVelocityGuiFormBuilderImpl implements IVelocityGui * Load the template from different resources. * * @param config GUI builder config - * @return An {@link InputStream} but never null. The {@link InputStream} had to be closed be the - * invoking method + * @return An {@link InputStream} but never null. The {@link InputStream} had to + * be closed be the invoking method * @throws GuiBuildException In case of an error */ @Override @@ -207,7 +210,6 @@ public abstract class AbstractVelocityGuiFormBuilderImpl implements IVelocityGui protected abstract InputStream getInternalTemplate(IVelocityGuiBuilderConfiguration config) throws GuiBuildException; - protected String getInternalClasspathTemplateDir(final IVelocityGuiBuilderConfiguration config, final String defaultClassPathDir) { String dir = config.getClasspathTemplateDir(); diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/gui/velocity/VelocityLogAdapter.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/gui/velocity/VelocityLogAdapter.java index 05cbaf58..bf8e75a9 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/gui/velocity/VelocityLogAdapter.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/gui/velocity/VelocityLogAdapter.java @@ -37,8 +37,8 @@ public class VelocityLogAdapter implements LogChute { public VelocityLogAdapter() { try { /* - * register this class as a logger with the Velocity singleton (NOTE: this would not work for - * the non-singleton method.) + * register this class as a logger with the Velocity singleton (NOTE: this would + * not work for the non-singleton method.) */ Velocity.setProperty(RuntimeConstants.RUNTIME_LOG_LOGSYSTEM, this); Velocity.init(); diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/AuthenticationData.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/AuthenticationData.java index 1c1de7c8..05ea08b2 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/AuthenticationData.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/AuthenticationData.java @@ -28,15 +28,17 @@ import java.util.Date; import java.util.List; import java.util.Map; import java.util.TimeZone; -import at.gv.egiz.eaaf.core.api.idp.IAuthData; -import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink; -import at.gv.egiz.eaaf.core.exceptions.EaafStorageException; -import at.gv.egiz.eaaf.core.impl.data.Pair; + import org.apache.commons.collections4.map.HashedMap; import org.apache.commons.lang3.StringUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import at.gv.egiz.eaaf.core.api.idp.IAuthData; +import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink; +import at.gv.egiz.eaaf.core.exceptions.EaafStorageException; +import at.gv.egiz.eaaf.core.impl.data.Pair; + /** * Service-Provider specific authentication data. * @@ -70,8 +72,6 @@ public class AuthenticationData implements IAuthData, Serializable { private String encSourceId; private String encSourceIdType; - - @Deprecated private String bpk; @Deprecated @@ -81,7 +81,6 @@ public class AuthenticationData implements IAuthData, Serializable { private String ccc = null; - private boolean foreigner = false; private String eidasLoa = null; @@ -112,14 +111,12 @@ public class AuthenticationData implements IAuthData, Serializable { } - @Override public Date getAuthenticationIssueInstant() { return getDateCopyOrNull(this.issueInstant); } - @Override public String getAuthenticationIssueInstantString() { final SimpleDateFormat f = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss'Z'"); @@ -142,7 +139,6 @@ public class AuthenticationData implements IAuthData, Serializable { return this.ccc; } - @Override @Deprecated public String getBpk() { @@ -159,15 +155,12 @@ public class AuthenticationData implements IAuthData, Serializable { this.bpk = bpk; } - @Override public Date getDateOfBirth() { return getDateCopyOrNull(this.dateOfBirth); } - - @Override public String getFormatedDateOfBirth() { final DateFormat pvpDateFormat = new SimpleDateFormat(IDENTITY_LINK_DATE_FORMAT); @@ -179,13 +172,11 @@ public class AuthenticationData implements IAuthData, Serializable { } - @Override public String getFamilyName() { return this.familyName; } - @Override public String getGivenName() { return this.givenName; @@ -207,7 +198,6 @@ public class AuthenticationData implements IAuthData, Serializable { return identificationValue; } - @Override @Deprecated public String getIdentificationType() { @@ -296,7 +286,6 @@ public class AuthenticationData implements IAuthData, Serializable { this.identificationType = identificationType; } - @Override @Deprecated public String getBpkType() { @@ -319,13 +308,11 @@ public class AuthenticationData implements IAuthData, Serializable { } - @Override public boolean isForeigner() { return this.foreigner; } - /** * Indicate the the user is a foreigner. * @@ -340,7 +327,6 @@ public class AuthenticationData implements IAuthData, Serializable { return ssoSession; } - /** * Indicate that the authentication was done by using an active SSO session. * @@ -350,7 +336,6 @@ public class AuthenticationData implements IAuthData, Serializable { this.ssoSession = ssoSession; } - /** * Country Code for the authenticated user. * @@ -374,7 +359,6 @@ public class AuthenticationData implements IAuthData, Serializable { this.sessionIndex = sessionIndex; } - @Override public String getNameID() { return this.nameID; @@ -427,7 +411,6 @@ public class AuthenticationData implements IAuthData, Serializable { this.ssoSessionValidTo = getDateCopyOrNull(ssoSessionValidTo); } - /* * (non-Javadoc) * @@ -450,7 +433,7 @@ public class AuthenticationData implements IAuthData, Serializable { /** * Returns a generic data-object with is stored with a specific identifier. * - * @param key The specific identifier of the data object + * @param key The specific identifier of the data object * @param clazz The class type which is stored with this key * @return The data object or null if no data is found with this key */ @@ -484,11 +467,11 @@ public class AuthenticationData implements IAuthData, Serializable { /** * Store a generic data-object to session with a specific identifier. * - * @param key Identifier for this data-object - * @param object Generic data-object which should be stored. This data-object had to be implement - * the 'java.io.Serializable' interface - * @throws SessionDataStorageException Error message if the data-object can not stored to generic - * session-data storage + * @param key Identifier for this data-object + * @param object Generic data-object which should be stored. This data-object + * had to be implement the 'java.io.Serializable' interface + * @throws SessionDataStorageException Error message if the data-object can not + * stored to generic session-data storage */ public void setGenericData(final String key, final Object object) throws EaafStorageException { if (StringUtils.isEmpty(key)) { @@ -499,7 +482,7 @@ public class AuthenticationData implements IAuthData, Serializable { if (object != null && !Serializable.class.isInstance(object)) { log.warn( - "Generic data can only store objects which implements the 'Seralizable' interface"); + "Generic data can only store objects which implements the 'Seralizable' interface"); throw new EaafStorageException( "Generic data can only store objects which implements the 'Seralizable' interface", null); @@ -524,7 +507,6 @@ public class AuthenticationData implements IAuthData, Serializable { return this.additionalBpks; } - /** * Set the encrypted SourceId for current authenticated user. * @@ -543,8 +525,6 @@ public class AuthenticationData implements IAuthData, Serializable { this.encSourceIdType = encSourceIdType; } - - /** * Add an additional bPK Pair bPK/bPKType into authdata. * diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/EaafCoreSpringResourceProvider.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/EaafCoreSpringResourceProvider.java index 74b6a0fb..3548684b 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/EaafCoreSpringResourceProvider.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/EaafCoreSpringResourceProvider.java @@ -19,10 +19,11 @@ package at.gv.egiz.eaaf.core.impl.idp; -import at.gv.egiz.components.spring.api.SpringResourceProvider; import org.springframework.core.io.ClassPathResource; import org.springframework.core.io.Resource; +import at.gv.egiz.components.spring.api.SpringResourceProvider; + public class EaafCoreSpringResourceProvider implements SpringResourceProvider { @Override @@ -41,7 +42,7 @@ public class EaafCoreSpringResourceProvider implements SpringResourceProvider { final ClassPathResource sl20AuthConfig = new ClassPathResource("/eaaf_core.beans.xml", EaafCoreSpringResourceProvider.class); - return new Resource[] {sl20AuthConfig}; + return new Resource[] { sl20AuthConfig }; } } diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/EidAuthenticationData.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/EidAuthenticationData.java index ea197478..5779f12b 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/EidAuthenticationData.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/EidAuthenticationData.java @@ -2,22 +2,23 @@ package at.gv.egiz.eaaf.core.impl.idp; import java.security.cert.CertificateEncodingException; import java.security.cert.X509Certificate; -import at.gv.egiz.eaaf.core.api.data.PVPAttributeDefinitions.EID_IDENTITY_STATUS_LEVEL_VALUES; -import at.gv.egiz.eaaf.core.api.idp.IEidAuthData; + import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.lang.NonNull; import org.springframework.util.Assert; +import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions.EidIdentityStatusLevelValues; +import at.gv.egiz.eaaf.core.api.idp.IEidAuthData; + public class EidAuthenticationData extends AuthenticationData implements IEidAuthData { private static final Logger log = LoggerFactory.getLogger(EidAuthenticationData.class); - private static final long serialVersionUID = -7106142572904327044L; private byte[] eidToken; private byte[] signerCertificate; - private EID_IDENTITY_STATUS_LEVEL_VALUES eidStatus; + private EidIdentityStatusLevelValues eidStatus; private String vdaEndpointUrl; private boolean useMandate = false; @@ -32,7 +33,7 @@ public class EidAuthenticationData extends AuthenticationData implements IEidAut } @Override - public EID_IDENTITY_STATUS_LEVEL_VALUES getEidStatus() { + public EidIdentityStatusLevelValues getEidStatus() { return this.eidStatus; } @@ -53,7 +54,7 @@ public class EidAuthenticationData extends AuthenticationData implements IEidAut * * @param eidStatus Status of the E-ID */ - public void setEidStatus(final EID_IDENTITY_STATUS_LEVEL_VALUES eidStatus) { + public void setEidStatus(final EidIdentityStatusLevelValues eidStatus) { this.eidStatus = eidStatus; } @@ -103,7 +104,6 @@ public class EidAuthenticationData extends AuthenticationData implements IEidAut this.useMandate = useMandate; } - /** * Set URL of the EndPoint that was used on VDA for authentication. * @@ -121,5 +121,4 @@ public class EidAuthenticationData extends AuthenticationData implements IEidAut } } - } diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/AbstractAuthenticationManager.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/AbstractAuthenticationManager.java index 241b43c9..d2365e4a 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/AbstractAuthenticationManager.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/AbstractAuthenticationManager.java @@ -24,14 +24,22 @@ import java.security.cert.X509Certificate; import java.util.ArrayList; import java.util.Enumeration; import java.util.List; + import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; + +import org.apache.commons.lang3.StringUtils; +import org.apache.commons.text.StringEscapeUtils; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.beans.factory.annotation.Autowired; + import at.gv.egiz.eaaf.core.api.IRequest; import at.gv.egiz.eaaf.core.api.IRequestStorage; -import at.gv.egiz.eaaf.core.api.data.EAAFConstants; +import at.gv.egiz.eaaf.core.api.data.EaafConstants; import at.gv.egiz.eaaf.core.api.idp.IConfiguration; -import at.gv.egiz.eaaf.core.api.idp.IspConfiguration; +import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration; import at.gv.egiz.eaaf.core.api.idp.auth.IAuthenticationManager; import at.gv.egiz.eaaf.core.api.idp.auth.ISsoManager; import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; @@ -46,11 +54,6 @@ import at.gv.egiz.eaaf.core.impl.idp.auth.modules.ModuleRegistration; import at.gv.egiz.eaaf.core.impl.idp.controller.protocols.RequestImpl; import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl; import at.gv.egiz.eaaf.core.impl.utils.TransactionIdUtils; -import org.apache.commons.lang3.StringUtils; -import org.apache.commons.text.StringEscapeUtils; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.springframework.beans.factory.annotation.Autowired; public abstract class AbstractAuthenticationManager implements IAuthenticationManager { private static final Logger log = LoggerFactory.getLogger(AbstractAuthenticationManager.class); @@ -73,14 +76,14 @@ public abstract class AbstractAuthenticationManager implements IAuthenticationMa protected IRevisionLogger revisionsLogger; @Autowired(required = false) protected ISsoManager ssoManager; - @Autowired ModuleRegistration moduleRegistration; + @Autowired + ModuleRegistration moduleRegistration; /* * (non-Javadoc) * - * @see - * at.gv.egiz.eaaf.core.impl.idp.auth.IAuthenticationManager#addParameterNameToWhiteList(java.lang - * .String) + * @see at.gv.egiz.eaaf.core.impl.idp.auth.IAuthenticationManager# + * addParameterNameToWhiteList(java.lang .String) */ @Override public final void addParameterNameToWhiteList(final String httpReqParam) { @@ -93,9 +96,8 @@ public abstract class AbstractAuthenticationManager implements IAuthenticationMa /* * (non-Javadoc) * - * @see - * at.gv.egiz.eaaf.core.impl.idp.auth.IAuthenticationManager#addHeaderNameToWhiteList(java.lang. - * String) + * @see at.gv.egiz.eaaf.core.impl.idp.auth.IAuthenticationManager# + * addHeaderNameToWhiteList(java.lang. String) */ @Override public final void addHeaderNameToWhiteList(final String httpReqParam) { @@ -108,9 +110,8 @@ public abstract class AbstractAuthenticationManager implements IAuthenticationMa /* * (non-Javadoc) * - * @see - * at.gv.egiz.eaaf.core.impl.idp.auth.IAuthenticationManager#addHeaderNameToWhiteList(java.lang. - * String) + * @see at.gv.egiz.eaaf.core.impl.idp.auth.IAuthenticationManager# + * addHeaderNameToWhiteList(java.lang. String) */ @Override public final boolean doAuthentication(final HttpServletRequest httpReq, @@ -124,7 +125,7 @@ public abstract class AbstractAuthenticationManager implements IAuthenticationMa } // load OA configuration from pending request - final IspConfiguration oaParam = pendingReq.getServiceProviderConfiguration(); + final ISpConfiguration oaParam = pendingReq.getServiceProviderConfiguration(); // set logging context and log unique OA identifier to revision log TransactionIdUtils.setServiceProviderId(oaParam.getUniqueIdentifier()); @@ -137,7 +138,6 @@ public abstract class AbstractAuthenticationManager implements IAuthenticationMa throw new NoPassivAuthenticationException(); } - // check Single Sign-On functionality if SSOManager is available boolean isValidSsoSession = false; if (ssoManager != null) { @@ -149,16 +149,15 @@ public abstract class AbstractAuthenticationManager implements IAuthenticationMa isValidSsoSession = ssoManager.checkAndValidateSsoSession(pendingReq, httpReq, httpResp) && pendingReq.needSingleSignOnFunctionality(); - } // check if session is already authenticated - // boolean isSessionAuthenticated = tryPerformAuthentication((RequestImpl) pendingReq, + // boolean isSessionAuthenticated = tryPerformAuthentication((RequestImpl) + // pendingReq, // isValidSSOSession); // boolean isSessionAuthenticated = isValidSSOSession && // StringUtils.isNotEmpty(pendingReq.getSSOSessionIdentifier()); - // force new authentication authentication process if (pendingReq.forceAuth()) { startAuthenticationProcess(httpReq, (RequestImpl) pendingReq); @@ -169,7 +168,6 @@ public abstract class AbstractAuthenticationManager implements IAuthenticationMa sendSingleSignOnConsentsEvaluation((RequestImpl) pendingReq); return false; - } else if (pendingReq.isPassiv()) { if (isValidSsoSession && StringUtils.isNotEmpty(pendingReq.getInternalSsoSessionIdentifier())) { @@ -207,7 +205,6 @@ public abstract class AbstractAuthenticationManager implements IAuthenticationMa log.debug("Close session. Remove pending request ... "); requestStoreage.removePendingRequest(pendingReq.getPendingRequestId()); - if (ssoManager != null) { try { log.trace("'SSOManager' active. Search for active SSO sessions ... "); @@ -229,11 +226,11 @@ public abstract class AbstractAuthenticationManager implements IAuthenticationMa /** * Populate process execution context and start process engine. * - * @param httpReq http request + * @param httpReq http request * @param pendingReq current pending request * @throws ServletException In case of a servlet error - * @throws IOException In case of an IO error - * @throws EaafException In case of EAAF processing error + * @throws IOException In case of an IO error + * @throws EaafException In case of EAAF processing error */ private void startAuthenticationProcess(final HttpServletRequest httpReq, final RequestImpl pendingReq) throws EaafException { @@ -245,15 +242,15 @@ public abstract class AbstractAuthenticationManager implements IAuthenticationMa final ExecutionContext executionContext = new ExecutionContextImpl(); // set oaIdentifeir - executionContext.put(EAAFConstants.PROCESS_ENGINE_SERVICE_PROVIDER_ENTITYID, + executionContext.put(EaafConstants.PROCESS_ENGINE_SERVICE_PROVIDER_ENTITYID, pendingReq.getServiceProviderConfiguration().getUniqueIdentifier()); // add X509 SSL client certificate if exist if (httpReq.getAttribute("javax.servlet.request.X509Certificate") != null) { log.debug("Find SSL-client-certificate on request --> Add it to context"); - executionContext.put(EAAFConstants.PROCESS_ENGINE_SSL_CLIENT_CERTIFICATE, + executionContext.put(EaafConstants.PROCESS_ENGINE_SSL_CLIENT_CERTIFICATE, (X509Certificate[]) httpReq.getAttribute("javax.servlet.request.X509Certificate")); - pendingReq.setRawDataToTransaction(EAAFConstants.PROCESS_ENGINE_SSL_CLIENT_CERTIFICATE, + pendingReq.setRawDataToTransaction(EaafConstants.PROCESS_ENGINE_SSL_CLIENT_CERTIFICATE, httpReq.getAttribute("javax.servlet.request.X509Certificate")); } @@ -287,8 +284,6 @@ public abstract class AbstractAuthenticationManager implements IAuthenticationMa } } - - // populate more IDP specific information to execution context populateExecutionContext(executionContext, pendingReq, httpReq); @@ -301,8 +296,8 @@ public abstract class AbstractAuthenticationManager implements IAuthenticationMa * Add additional parameters into context of process-engine. * * @param executionContext Process-engine context - * @param pendingReq Current pending request - * @param httpReq http request + * @param pendingReq Current pending request + * @param httpReq http request * * @throws EaafException In case of an error */ @@ -314,8 +309,8 @@ public abstract class AbstractAuthenticationManager implements IAuthenticationMa * * @param pendingReq current pending request * @throws ServletException In case of a servlet error - * @throws IOException In case of an IO error - * @throws EaafException In case of a EAAF processing error + * @throws IOException In case of an IO error + * @throws EaafException In case of a EAAF processing error */ private void sendSingleSignOnConsentsEvaluation(final RequestImpl pendingReq) throws EaafException { @@ -333,11 +328,10 @@ public abstract class AbstractAuthenticationManager implements IAuthenticationMa } - /** * Select a specific process and starting process engine. * - * @param pendingReq current pending request + * @param pendingReq current pending request * @param executionContext current context for process-engine * @throws EaafException In case of an process-engine error */ @@ -345,7 +339,7 @@ public abstract class AbstractAuthenticationManager implements IAuthenticationMa final ExecutionContext executionContext) throws EaafException { try { // put pending-request ID on execurtionContext - executionContext.put(EAAFConstants.PROCESS_ENGINE_PENDINGREQUESTID, + executionContext.put(EaafConstants.PROCESS_ENGINE_PENDINGREQUESTID, pendingReq.getPendingRequestId()); // create process instance @@ -354,7 +348,7 @@ public abstract class AbstractAuthenticationManager implements IAuthenticationMa if (processDefinitionId == null) { log.warn("No suitable process found for PendingReqId " + pendingReq.getPendingRequestId()); - throw new EaafException("process.02", new Object[] {pendingReq.getPendingRequestId()}); + throw new EaafException("process.02", new Object[] { pendingReq.getPendingRequestId() }); } @@ -383,7 +377,7 @@ public abstract class AbstractAuthenticationManager implements IAuthenticationMa } throw new EaafException("process.01", - new Object[] {pendingReq.getProcessInstanceId(), pendingReq.getPendingRequestId()}, e); + new Object[] { pendingReq.getProcessInstanceId(), pendingReq.getPendingRequestId() }, e); } } diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/RequestStorage.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/RequestStorage.java index 1afa879f..0834aa7c 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/RequestStorage.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/RequestStorage.java @@ -19,6 +19,12 @@ package at.gv.egiz.eaaf.core.impl.idp.auth; +import org.apache.commons.lang3.StringUtils; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Service; + import at.gv.egiz.eaaf.core.api.IRequest; import at.gv.egiz.eaaf.core.api.IRequestStorage; import at.gv.egiz.eaaf.core.api.idp.process.ProcessInstanceStoreDao; @@ -29,11 +35,6 @@ import at.gv.egiz.eaaf.core.exceptions.EaafStorageException; import at.gv.egiz.eaaf.core.exceptions.PendingReqIdValidationException; import at.gv.egiz.eaaf.core.impl.idp.controller.protocols.RequestImpl; import at.gv.egiz.eaaf.core.impl.utils.TransactionIdUtils; -import org.apache.commons.lang3.StringUtils; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.stereotype.Service; @Service("RequestStorage") public class RequestStorage implements IRequestStorage { @@ -155,8 +156,8 @@ public class RequestStorage implements IRequestStorage { * (non-Javadoc) * * @see - * at.gv.egovernment.moa.id.storage.IRequestStorage#changePendingRequestID(at.gv.egovernment.moa. - * id.moduls.IRequest) + * at.gv.egovernment.moa.id.storage.IRequestStorage#changePendingRequestID(at.gv + * .egovernment.moa. id.moduls.IRequest) */ @Override public String changePendingRequestID(final IRequest pendingRequest) throws EaafException { @@ -169,13 +170,13 @@ public class RequestStorage implements IRequestStorage { .getPendingRequestIdWithOutChecks(pendingRequest.getPendingRequestId()); } catch (final PendingReqIdValidationException e) { - // it's no problem, because it must be valid before when pending-request was loaded and we + // it's no problem, because it must be valid before when pending-request was + // loaded and we // change it now oldInternalRequestID = e.getInvalidInternalPendingReqId(); } - // generate new pendingReqId and get internalPendingReqId final String newRequestID = pendingReqIdGenerationStrategy.generateExternalPendingRequestId(); log.debug("Change pendingRequestID from " + pendingRequest.getPendingRequestId() + " to " @@ -189,11 +190,10 @@ public class RequestStorage implements IRequestStorage { } catch (final PendingReqIdValidationException e) { throw new EaafException("internal.99", - new Object[] {"Generate invalid pendingRequestId. Something looks WRONG"}, e); + new Object[] { "Generate invalid pendingRequestId. Something looks WRONG" }, e); } - // change Key in cache transactionStorage.changeKey(oldInternalRequestID, newInternalPendingRequestId, pendingRequest); diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/builder/AbstractAuthenticationDataBuilder.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/builder/AbstractAuthenticationDataBuilder.java index b12658f5..f5c687f1 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/builder/AbstractAuthenticationDataBuilder.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/builder/AbstractAuthenticationDataBuilder.java @@ -25,14 +25,26 @@ import java.io.InputStream; import java.util.ArrayList; import java.util.Collection; import java.util.Map.Entry; + +import org.apache.commons.lang3.StringUtils; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.lang.NonNull; +import org.springframework.util.Assert; +import org.springframework.util.Base64Utils; +import org.w3c.dom.DOMException; +import org.w3c.dom.Element; +import org.w3c.dom.Node; + import at.gv.egiz.eaaf.core.api.IRequest; -import at.gv.egiz.eaaf.core.api.data.EAAFConstants; -import at.gv.egiz.eaaf.core.api.data.ExtendedPVPAttributeDefinitions; -import at.gv.egiz.eaaf.core.api.data.PVPAttributeDefinitions; +import at.gv.egiz.eaaf.core.api.data.EaafConstants; +import at.gv.egiz.eaaf.core.api.data.ExtendedPvpAttributeDefinitions; +import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions; import at.gv.egiz.eaaf.core.api.idp.IAuthData; import at.gv.egiz.eaaf.core.api.idp.IAuthenticationDataBuilder; import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP; -import at.gv.egiz.eaaf.core.api.idp.IspConfiguration; +import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration; import at.gv.egiz.eaaf.core.api.idp.auth.data.IAuthProcessDataContainer; import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink; import at.gv.egiz.eaaf.core.exceptions.EaafAuthenticationException; @@ -47,17 +59,6 @@ import at.gv.egiz.eaaf.core.impl.idp.AuthenticationData; import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper; import at.gv.egiz.eaaf.core.impl.idp.auth.data.SimpleIdentityLinkAssertionParser; import at.gv.egiz.eaaf.core.impl.utils.XPathUtils; -import org.apache.commons.lang3.StringUtils; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.lang.NonNull; -import org.springframework.util.Assert; -import org.springframework.util.Base64Utils; -import org.w3c.dom.DOMException; -import org.w3c.dom.Element; -import org.w3c.dom.Node; - public abstract class AbstractAuthenticationDataBuilder implements IAuthenticationDataBuilder { private static final Logger log = @@ -83,7 +84,7 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati pendingReq.getSessionData(AuthProcessDataWrapper.class); try { - if (authProcessData.isEIDProcess()) { + if (authProcessData.isEidProcess()) { log.debug("Building AuthData from new E-ID information ... "); authData = getAuthDataInstance(pendingReq); Assert.notNull(authData, "AuthData is null"); @@ -107,7 +108,7 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati } catch (XPathException | DOMException | EaafException e) { log.warn("Can not build authentication data from auth. process information"); - throw new EaafAuthenticationException("builder.11", new Object[] {e.getMessage()}, e); + throw new EaafAuthenticationException("builder.11", new Object[] { e.getMessage() }, e); } @@ -127,8 +128,8 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati protected abstract IAuthData getAuthDataInstance(IRequest pendingReq) throws EaafException; /** - * Build service-specific AuthData by using information from E-ID This builder uses vSZ, MDS and - * Consent as input information. + * Build service-specific AuthData by using information from E-ID This builder + * uses vSZ, MDS and Consent as input information. * * @param pendingReq current pendingRequest * @return {@link IAuthData} but never <code>null</code> @@ -137,13 +138,13 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati protected abstract void buildServiceSpecificAuthenticationData(IAuthData authData, IRequest pendingReq) throws EaafException; - /** * Add generic E-ID information into already existing AuthData. * - * @param authData AuthData object - * @param authProcessData Authentication information holder from current pending request - * @param pendingReq current pending request + * @param authData AuthData object + * @param authProcessData Authentication information holder from current pending + * request + * @param pendingReq current pending request */ private void buildInternalAuthDataGeneric(@NonNull final IAuthData authData, @NonNull final IAuthProcessDataContainer authProcessData, @@ -164,7 +165,8 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati // TODO: check if it is needed // if (authProcessData.getGenericSessionDataStorage() != null && // !authProcessData.getGenericSessionDataStorage().isEmpty()) - // includedToGenericAuthData = authProcessData.getGenericSessionDataStorage().keySet(); + // includedToGenericAuthData = + // authProcessData.getGenericSessionDataStorage().keySet(); // else includedToGenericAuthData = new ArrayList<>(); @@ -178,31 +180,28 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati // #################################################### // set MDS and vSZ internalAuthData.setFamilyName(authProcessData - .getGenericDataFromSession(PVPAttributeDefinitions.PRINCIPAL_NAME_NAME, String.class)); + .getGenericDataFromSession(PvpAttributeDefinitions.PRINCIPAL_NAME_NAME, String.class)); internalAuthData.setGivenName(authProcessData - .getGenericDataFromSession(PVPAttributeDefinitions.GIVEN_NAME_NAME, String.class)); + .getGenericDataFromSession(PvpAttributeDefinitions.GIVEN_NAME_NAME, String.class)); internalAuthData.setDateOfBirth(authProcessData - .getGenericDataFromSession(PVPAttributeDefinitions.BIRTHDATE_NAME, String.class)); + .getGenericDataFromSession(PvpAttributeDefinitions.BIRTHDATE_NAME, String.class)); internalAuthData.setEncSourceId(authProcessData.getGenericDataFromSession( - ExtendedPVPAttributeDefinitions.EID_ENCRYPTED_SOURCEID_NAME, String.class)); + ExtendedPvpAttributeDefinitions.EID_ENCRYPTED_SOURCEID_NAME, String.class)); internalAuthData.setEncSourceIdType(authProcessData.getGenericDataFromSession( - ExtendedPVPAttributeDefinitions.EID_ENCRYPTED_SOURCEID_TYPE_NAME, String.class)); + ExtendedPvpAttributeDefinitions.EID_ENCRYPTED_SOURCEID_TYPE_NAME, String.class)); // #################################################### // set QAA level setQaaLevel(internalAuthData, authProcessData); - // #################################################### // set isForeigner flag setFlagForeigner(internalAuthData, authProcessData); - // #################################################### // set citizen country-code setCitizenCountryCode(internalAuthData, authProcessData); - // set generic authProcessData to authdata for (final Entry<String, Object> el : authProcessData.getGenericSessionDataStorage() .entrySet()) { @@ -220,33 +219,33 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati } - } /** * Parse citzen country-code into AuthData. * - * @param authData Current authentication data - * @param authProcessData Authentication information holder from current pending request + * @param authData Current authentication data + * @param authProcessData Authentication information holder from current pending + * request */ private void setCitizenCountryCode(final AuthenticationData authData, final IAuthProcessDataContainer authProcessData) { - includedToGenericAuthData.remove(PVPAttributeDefinitions.EID_ISSUING_NATION_NAME); + includedToGenericAuthData.remove(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME); final String pvpCccAttr = authProcessData - .getGenericDataFromSession(PVPAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class); + .getGenericDataFromSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class); if (StringUtils.isNotEmpty(pvpCccAttr)) { authData.setCiticenCountryCode(pvpCccAttr); - log.debug("Find PVP-Attr: " + PVPAttributeDefinitions.EID_ISSUING_NATION_FRIENDLY_NAME); + log.debug("Find PVP-Attr: " + PvpAttributeDefinitions.EID_ISSUING_NATION_FRIENDLY_NAME); } else { if (authData.isForeigner()) { - //TODO: + // TODO: log.warn("Foreign citizen country NOT set yet!"); } else { authData.setCiticenCountryCode(basicConfig.getBasicConfiguration( IConfigurationWithSP.CONFIG_PROPS_AUTH_DEFAULT_COUNTRYCODE, - EAAFConstants.COUNTRYCODE_AUSTRIA)); + EaafConstants.COUNTRYCODE_AUSTRIA)); } } @@ -256,28 +255,29 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati /** * parse QAA Level into AuthData. * - * @param authData current authentication data - * @param authProcessData Authentication information holder from current pending request - * @param pendingReq current pending request + * @param authData current authentication data + * @param authProcessData Authentication information holder from current pending + * request + * @param pendingReq current pending request */ private void setQaaLevel(@NonNull final AuthenticationData authData, @NonNull final IAuthProcessDataContainer authProcessData) { - includedToGenericAuthData.remove(PVPAttributeDefinitions.EID_CITIZEN_EIDAS_QAA_LEVEL_NAME); + includedToGenericAuthData.remove(PvpAttributeDefinitions.EID_CITIZEN_EIDAS_QAA_LEVEL_NAME); String currentLoA = null; - if (StringUtils.isNotEmpty(authProcessData.getQAALevel())) { - currentLoA = authProcessData.getQAALevel(); + if (StringUtils.isNotEmpty(authProcessData.getQaaLevel())) { + currentLoA = authProcessData.getQaaLevel(); } else { currentLoA = authProcessData.getGenericDataFromSession( - PVPAttributeDefinitions.EID_CITIZEN_EIDAS_QAA_LEVEL_NAME, String.class); + PvpAttributeDefinitions.EID_CITIZEN_EIDAS_QAA_LEVEL_NAME, String.class); if (StringUtils.isNotEmpty(currentLoA)) { log.debug( - "Find PVP-Attr '" + PVPAttributeDefinitions.EID_CITIZEN_EIDAS_QAA_LEVEL_FRIENDLY_NAME + "Find PVP-Attr '" + PvpAttributeDefinitions.EID_CITIZEN_EIDAS_QAA_LEVEL_FRIENDLY_NAME + "':" + currentLoA + " --> Parse QAA-Level from that attribute."); } } if (StringUtils.isNotEmpty(currentLoA)) { - if (currentLoA.startsWith(EAAFConstants.EIDAS_LOA_PREFIX)) { + if (currentLoA.startsWith(EaafConstants.EIDAS_LOA_PREFIX)) { authData.setEidasLoa(currentLoA); } else { @@ -285,20 +285,19 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati } } else { - log.info("No QAA level found. Set to default level " + EAAFConstants.EIDAS_LOA_LOW); - authData.setEidasLoa(EAAFConstants.EIDAS_LOA_LOW); + log.info("No QAA level found. Set to default level " + EaafConstants.EIDAS_LOA_LOW); + authData.setEidasLoa(EaafConstants.EIDAS_LOA_LOW); } } - private void setFlagForeigner(final AuthenticationData authData, final IAuthProcessDataContainer authProcessData) { // TODO: change to new eIDAS-token attribute identifier if (authProcessData - .getGenericDataFromSession(PVPAttributeDefinitions.EID_STORK_TOKEN_NAME) != null) { - log.debug("Find PVP-Attr: " + PVPAttributeDefinitions.EID_STORK_TOKEN_FRIENDLY_NAME + .getGenericDataFromSession(PvpAttributeDefinitions.EID_STORK_TOKEN_NAME) != null) { + log.debug("Find PVP-Attr: " + PvpAttributeDefinitions.EID_STORK_TOKEN_FRIENDLY_NAME + " --> Set 'isForeigner' flag to TRUE"); authData.setForeigner(true); @@ -309,8 +308,9 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati } /** - * Build authentication data by using information from citizen-card or mobile-phone signature This - * builder uses IdentityLink, AuthBlock, full MIS mandate as input information. + * Build authentication data by using information from citizen-card or + * mobile-phone signature This builder uses IdentityLink, AuthBlock, full MIS + * mandate as input information. * * @param pendingReq current pendingRequest * @return {@link IAuthData} but never <code>null</code> @@ -340,7 +340,6 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati authData.setBaseIdTransferRestrication( pendingReq.getServiceProviderConfiguration().hasBaseIdTransferRestriction()); - // #################################################### // parse user info's from identityLink IIdentityLink idlFromPvpAttr = null; @@ -351,10 +350,10 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati } else { // identityLink is not direct in MOASession final String pvpAttrIdl = authProcessData - .getGenericDataFromSession(PVPAttributeDefinitions.EID_IDENTITY_LINK_NAME, String.class); + .getGenericDataFromSession(PvpAttributeDefinitions.EID_IDENTITY_LINK_NAME, String.class); // find PVP-Attr. which contains the IdentityLink if (StringUtils.isNotEmpty(pvpAttrIdl)) { - log.debug("Find PVP-Attr: " + PVPAttributeDefinitions.EID_IDENTITY_LINK_FRIENDLY_NAME + log.debug("Find PVP-Attr: " + PvpAttributeDefinitions.EID_IDENTITY_LINK_FRIENDLY_NAME + " --> Parse basic user info's from that attribute."); InputStream idlStream = null; try { @@ -373,7 +372,7 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati } finally { try { - includedToGenericAuthData.remove(PVPAttributeDefinitions.EID_IDENTITY_LINK_NAME); + includedToGenericAuthData.remove(PvpAttributeDefinitions.EID_IDENTITY_LINK_NAME); if (idlStream != null) { idlStream.close(); } @@ -390,28 +389,28 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati log.debug( "No IdentityLink found or not parseable --> Parse basic user info's from single PVP-Attributes."); authData.setFamilyName(authProcessData - .getGenericDataFromSession(PVPAttributeDefinitions.PRINCIPAL_NAME_NAME, String.class)); + .getGenericDataFromSession(PvpAttributeDefinitions.PRINCIPAL_NAME_NAME, String.class)); authData.setGivenName(authProcessData - .getGenericDataFromSession(PVPAttributeDefinitions.GIVEN_NAME_NAME, String.class)); + .getGenericDataFromSession(PvpAttributeDefinitions.GIVEN_NAME_NAME, String.class)); authData.setDateOfBirth(authProcessData - .getGenericDataFromSession(PVPAttributeDefinitions.BIRTHDATE_NAME, String.class)); + .getGenericDataFromSession(PvpAttributeDefinitions.BIRTHDATE_NAME, String.class)); authData.setIdentificationValue(authProcessData - .getGenericDataFromSession(PVPAttributeDefinitions.EID_SOURCE_PIN_NAME, String.class)); + .getGenericDataFromSession(PvpAttributeDefinitions.EID_SOURCE_PIN_NAME, String.class)); authData.setIdentificationType(authProcessData.getGenericDataFromSession( - PVPAttributeDefinitions.EID_SOURCE_PIN_TYPE_NAME, String.class)); + PvpAttributeDefinitions.EID_SOURCE_PIN_TYPE_NAME, String.class)); // remove corresponding keys from genericSessionData if exists - includedToGenericAuthData.remove(PVPAttributeDefinitions.PRINCIPAL_NAME_NAME); - includedToGenericAuthData.remove(PVPAttributeDefinitions.GIVEN_NAME_NAME); - includedToGenericAuthData.remove(PVPAttributeDefinitions.BIRTHDATE_NAME); - includedToGenericAuthData.remove(PVPAttributeDefinitions.EID_SOURCE_PIN_NAME); - includedToGenericAuthData.remove(PVPAttributeDefinitions.EID_SOURCE_PIN_TYPE_NAME); + includedToGenericAuthData.remove(PvpAttributeDefinitions.PRINCIPAL_NAME_NAME); + includedToGenericAuthData.remove(PvpAttributeDefinitions.GIVEN_NAME_NAME); + includedToGenericAuthData.remove(PvpAttributeDefinitions.BIRTHDATE_NAME); + includedToGenericAuthData.remove(PvpAttributeDefinitions.EID_SOURCE_PIN_NAME); + includedToGenericAuthData.remove(PvpAttributeDefinitions.EID_SOURCE_PIN_TYPE_NAME); } } if (authData.getIdentificationType() != null - && !authData.getIdentificationType().equals(EAAFConstants.URN_PREFIX_BASEID)) { + && !authData.getIdentificationType().equals(EaafConstants.URN_PREFIX_BASEID)) { log.trace("IdentificationType is not a baseID --> clear it. "); authData.setBpk(authData.getIdentificationValue()); authData.setBpkType(authData.getIdentificationType()); @@ -420,22 +419,18 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati authData.setIdentificationType(null); } - // #################################################### // set QAA level setQaaLevel(authData, authProcessData); - // #################################################### // set isForeigner flag setFlagForeigner(authData, authProcessData); - // #################################################### // set citizen country-code setCitizenCountryCode(authData, authProcessData); - // #################################################### // set bPK and IdentityLink final String pvpBpkValue = getBpkValueFromPvpAttribute(authProcessData); @@ -449,12 +444,12 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati log.info( "Can not build authData, because moaSession include no bPK, encrypted bPK or baseID"); throw new EaafBuilderException("builder.08", - new Object[] {"No " + PVPAttributeDefinitions.BPK_FRIENDLY_NAME + " or " - + PVPAttributeDefinitions.EID_SOURCE_PIN_FRIENDLY_NAME + " or " - + PVPAttributeDefinitions.ENC_BPK_LIST_FRIENDLY_NAME}, - "No " + PVPAttributeDefinitions.BPK_FRIENDLY_NAME + " or " - + PVPAttributeDefinitions.EID_SOURCE_PIN_FRIENDLY_NAME + " or " - + PVPAttributeDefinitions.ENC_BPK_LIST_FRIENDLY_NAME); + new Object[] { "No " + PvpAttributeDefinitions.BPK_FRIENDLY_NAME + " or " + + PvpAttributeDefinitions.EID_SOURCE_PIN_FRIENDLY_NAME + " or " + + PvpAttributeDefinitions.ENC_BPK_LIST_FRIENDLY_NAME }, + "No " + PvpAttributeDefinitions.BPK_FRIENDLY_NAME + " or " + + PvpAttributeDefinitions.EID_SOURCE_PIN_FRIENDLY_NAME + " or " + + PvpAttributeDefinitions.ENC_BPK_LIST_FRIENDLY_NAME); } @@ -513,10 +508,10 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati "Can not build authData, because moaSession include no valid bPK, encrypted bPK or sourceID"); throw new EaafBuilderException("builder.13", new Object[] { - pendingReq.getServiceProviderConfiguration().getAreaSpecificTargetIdentifier()}, - "No valid " + PVPAttributeDefinitions.BPK_FRIENDLY_NAME + " or " - + PVPAttributeDefinitions.EID_SOURCE_PIN_FRIENDLY_NAME + " or " - + PVPAttributeDefinitions.ENC_BPK_LIST_FRIENDLY_NAME); + pendingReq.getServiceProviderConfiguration().getAreaSpecificTargetIdentifier() }, + "No valid " + PvpAttributeDefinitions.BPK_FRIENDLY_NAME + " or " + + PvpAttributeDefinitions.EID_SOURCE_PIN_FRIENDLY_NAME + " or " + + PvpAttributeDefinitions.ENC_BPK_LIST_FRIENDLY_NAME); } } @@ -536,7 +531,7 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati @Deprecated protected abstract Pair<String, String> getEncryptedBpkFromPvpAttribute( IAuthProcessDataContainer authProcessDataContainer, AuthenticationData authData, - IspConfiguration spConfig) throws EaafBuilderException; + ISpConfiguration spConfig) throws EaafBuilderException; // request baseId from SRZ @Deprecated @@ -546,13 +541,13 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati @Deprecated protected Pair<String, String> buildOAspecificbPK(final IRequest pendingReq, final AuthenticationData authData) throws EaafBuilderException { - final IspConfiguration oaParam = pendingReq.getServiceProviderConfiguration(); + final ISpConfiguration oaParam = pendingReq.getServiceProviderConfiguration(); final String baseID = authData.getIdentificationValue(); final String baseIdType = authData.getIdentificationType(); Pair<String, String> sectorSpecId = null; - if (EAAFConstants.URN_PREFIX_BASEID.equals(baseIdType)) { + if (EaafConstants.URN_PREFIX_BASEID.equals(baseIdType)) { // SAML1 legacy target parameter work-around final String spTargetId = oaParam.getAreaSpecificTargetIdentifier(); log.debug("Use OA target identifier '" + spTargetId + "' from configuration"); @@ -575,7 +570,7 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati } @Deprecated - protected IIdentityLink buildOAspecificIdentityLink(final IspConfiguration spConfig, + protected IIdentityLink buildOAspecificIdentityLink(final ISpConfiguration spConfig, final IIdentityLink idl, final String bpk, final String bpkType) throws EaafConfigurationException, XPathException, DOMException, EaafParserException { if (spConfig.hasBaseIdTransferRestriction()) { @@ -607,10 +602,11 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati * * @param oaParam Service-Provider configuration, never null * @param bpkType bPK-Type to check - * @return true, if bPK-Type matchs to Service-Provider configuration, otherwise false + * @return true, if bPK-Type matchs to Service-Provider configuration, otherwise + * false */ @Deprecated - protected boolean matchsReceivedBpkToOnlineApplication(final IspConfiguration oaParam, + protected boolean matchsReceivedBpkToOnlineApplication(final ISpConfiguration oaParam, final String bpkType) { return oaParam.getAreaSpecificTargetIdentifier().equals(bpkType); @@ -619,9 +615,10 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati /** * Parse information from an IdentityLink into AuthData object. * - * @param authData current authentication data - * @param identityLink User's identityLink - * @param includedGenericSessionData Generic AuthSession Data from PVP attributes + * @param authData current authentication data + * @param identityLink User's identityLink + * @param includedGenericSessionData Generic AuthSession Data from PVP + * attributes */ @Deprecated private void parseBasicUserInfosFromIdl(final AuthenticationData authData, @@ -631,10 +628,11 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati /* * GivenNames and FamilyNames with simple Apostrophe were escaped with ' in - * IdentityLinkParser since 5 years. This feature was bug-fix for an SL1.0 AuthBlock problem. - * However, the authentication attributes (SAML2, eIDAS, OpenID-Connect) also includes this - * escaped values, but there it is not neccesary. We fix this problem in 3.4.3, but the fix can - * be deactivated for dependency reasons. + * IdentityLinkParser since 5 years. This feature was bug-fix for an SL1.0 + * AuthBlock problem. However, the authentication attributes (SAML2, eIDAS, + * OpenID-Connect) also includes this escaped values, but there it is not + * neccesary. We fix this problem in 3.4.3, but the fix can be deactivated for + * dependency reasons. */ if (basicConfig.getBasicConfigurationBoolean(CONFIG_PROP_ENABLE_IDL_ATTRIBUTE_ESCAPEING, false)) { @@ -649,35 +647,37 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati authData.setDateOfBirth(identityLink.getDateOfBirth()); - // remove corresponding keys from genericSessionData if exists - includedGenericSessionData.remove(PVPAttributeDefinitions.PRINCIPAL_NAME_NAME); - includedGenericSessionData.remove(PVPAttributeDefinitions.GIVEN_NAME_NAME); - includedGenericSessionData.remove(PVPAttributeDefinitions.BIRTHDATE_NAME); - includedGenericSessionData.remove(PVPAttributeDefinitions.EID_SOURCE_PIN_NAME); - includedGenericSessionData.remove(PVPAttributeDefinitions.EID_SOURCE_PIN_TYPE_NAME); + includedGenericSessionData.remove(PvpAttributeDefinitions.PRINCIPAL_NAME_NAME); + includedGenericSessionData.remove(PvpAttributeDefinitions.GIVEN_NAME_NAME); + includedGenericSessionData.remove(PvpAttributeDefinitions.BIRTHDATE_NAME); + includedGenericSessionData.remove(PvpAttributeDefinitions.EID_SOURCE_PIN_NAME); + includedGenericSessionData.remove(PvpAttributeDefinitions.EID_SOURCE_PIN_TYPE_NAME); } /** - * Get bPK from PVP Attribute 'BPK_NAME', which could be exist in MOASession as 'GenericData'. <br> + * Get bPK from PVP Attribute 'BPK_NAME', which could be exist in MOASession as + * 'GenericData'. <br> * * <pre> * <code>session.getGenericDataFromSession(PVPConstants.BPK_NAME, String.class)</code> * </pre> * * @param session MOASession, but never null - * @return bPK, which was received by PVP-Attribute, or <code>null</code> if no attribute exists + * @return bPK, which was received by PVP-Attribute, or <code>null</code> if no + * attribute exists */ @Deprecated private String getBpkValueFromPvpAttribute(final IAuthProcessDataContainer session) { String pvpBpkValueAttr = - session.getGenericDataFromSession(PVPAttributeDefinitions.BPK_NAME, String.class); + session.getGenericDataFromSession(PvpAttributeDefinitions.BPK_NAME, String.class); if (StringUtils.isNotEmpty(pvpBpkValueAttr)) { - // fix a wrong bPK-value prefix, which was used in some PVP Standardportal implementations + // fix a wrong bPK-value prefix, which was used in some PVP Standardportal + // implementations if (pvpBpkValueAttr.startsWith("bPK:")) { - log.warn("Attribute " + PVPAttributeDefinitions.BPK_NAME + log.warn("Attribute " + PvpAttributeDefinitions.BPK_NAME + " contains a not standardize prefix! Staring attribute value correction process ..."); pvpBpkValueAttr = pvpBpkValueAttr.substring("bPK:".length()); @@ -685,18 +685,16 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati final String[] spitted = pvpBpkValueAttr.split(":"); if (spitted.length == 2) { - log.debug("Find PVP-Attr: " + PVPAttributeDefinitions.BPK_FRIENDLY_NAME); + log.debug("Find PVP-Attr: " + PvpAttributeDefinitions.BPK_FRIENDLY_NAME); return spitted[1]; - - } else if (spitted.length > 2) { - log.warn("Attribute " + PVPAttributeDefinitions.BPK_NAME + log.warn("Attribute " + PvpAttributeDefinitions.BPK_NAME + " has a wrong encoding and can NOT be USED!" + " Value:" + pvpBpkValueAttr); return null; } else { - log.debug("Find PVP-Attr: " + PVPAttributeDefinitions.BPK_FRIENDLY_NAME + log.debug("Find PVP-Attr: " + PvpAttributeDefinitions.BPK_FRIENDLY_NAME + " without prefix. Use it as it is"); return spitted[0]; @@ -708,49 +706,52 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati } /** - * Get bPK-Type from PVP Attribute 'EID_SECTOR_FOR_IDENTIFIER_NAME', which could be exist in - * MOASession as 'GenericData'. <br> + * Get bPK-Type from PVP Attribute 'EID_SECTOR_FOR_IDENTIFIER_NAME', which could + * be exist in MOASession as 'GenericData'. <br> * * <pre> * <code>session.getGenericDataFromSession(PVPConstants.EID_SECTOR_FOR_IDENTIFIER_NAME, String.class)</code> * </pre> * * @param session MOASession, but never null - * @return bPKType, which was received by PVP-Attribute, or <code>null</code> if no attribute - * exists + * @return bPKType, which was received by PVP-Attribute, or <code>null</code> if + * no attribute exists */ @Deprecated private String getBpkTypeFromPvpAttribute(final IAuthProcessDataContainer session) { final String pvpBpkTypeAttr = session.getGenericDataFromSession( - PVPAttributeDefinitions.EID_SECTOR_FOR_IDENTIFIER_NAME, String.class); + PvpAttributeDefinitions.EID_SECTOR_FOR_IDENTIFIER_NAME, String.class); if (StringUtils.isNotEmpty(pvpBpkTypeAttr)) { - // //fix a wrong bPK-Type encoding, which was used in some PVP Standardportal implementations + // //fix a wrong bPK-Type encoding, which was used in some PVP Standardportal + // implementations // if (pvpbPKTypeAttr.startsWith(EAAFConstants.URN_PREFIX_CDID) && // !pvpbPKTypeAttr.substring(EAAFConstants.URN_PREFIX_CDID.length(), // EAAFConstants.URN_PREFIX_CDID.length() + 1).equals("+")) { - // log.warn("Receive uncorrect encoded bBKType attribute " + pvpbPKTypeAttr + " Starting + // log.warn("Receive uncorrect encoded bBKType attribute " + pvpbPKTypeAttr + " + // Starting // attribute value correction ... "); // pvpbPKTypeAttr = EAAFConstants.URN_PREFIX_CDID + "+" + // pvpbPKTypeAttr.substring(EAAFConstants.URN_PREFIX_CDID.length() + 1); // // } log.debug( - "Find PVP-Attr: " + PVPAttributeDefinitions.EID_SECTOR_FOR_IDENTIFIER_FRIENDLY_NAME); + "Find PVP-Attr: " + PvpAttributeDefinitions.EID_SECTOR_FOR_IDENTIFIER_FRIENDLY_NAME); return pvpBpkTypeAttr; } return null; - /* - * INFO: This code could be used to extract the bPKType from 'PVPConstants.BPK_NAME', because - * the prefix of BPK_NAME attribute contains the postfix of the bPKType + * INFO: This code could be used to extract the bPKType from + * 'PVPConstants.BPK_NAME', because the prefix of BPK_NAME attribute contains + * the postfix of the bPKType * - * Now, all PVP Standardportals should be able to send 'EID_SECTOR_FOR_IDENTIFIER' PVP - * attributes + * Now, all PVP Standardportals should be able to send + * 'EID_SECTOR_FOR_IDENTIFIER' PVP attributes */ - // String pvpbPKValueAttr = session.getGenericDataFromSession(PVPConstants.BPK_NAME, + // String pvpbPKValueAttr = + // session.getGenericDataFromSession(PVPConstants.BPK_NAME, // String.class); // String[] spitted = pvpbPKValueAttr.split(":"); // if (MiscUtil.isEmpty(authData.getBPKType())) { diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/builder/BpkBuilder.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/builder/BpkBuilder.java index 60c08253..a613bd56 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/builder/BpkBuilder.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/builder/BpkBuilder.java @@ -16,8 +16,6 @@ * works that you distribute must include a readable copy of the "NOTICE" text file. */ - - package at.gv.egiz.eaaf.core.impl.idp.auth.builder; import java.security.InvalidKeyException; @@ -27,22 +25,26 @@ import java.security.PrivateKey; import java.security.PublicKey; import java.text.SimpleDateFormat; import java.util.Date; + import javax.crypto.BadPaddingException; import javax.crypto.Cipher; import javax.crypto.IllegalBlockSizeException; import javax.crypto.NoSuchPaddingException; -import at.gv.egiz.eaaf.core.api.data.EAAFConstants; -import at.gv.egiz.eaaf.core.exceptions.EaafBuilderException; -import at.gv.egiz.eaaf.core.impl.data.Pair; + import org.apache.commons.lang3.StringUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.util.Base64Utils; +import at.gv.egiz.eaaf.core.api.data.EaafConstants; +import at.gv.egiz.eaaf.core.exceptions.EaafBuilderException; +import at.gv.egiz.eaaf.core.impl.data.Pair; + /** * Builder for the bPK, as defined in - * <code>"Ableitung f¨r die bereichsspezifische Personenkennzeichnung"</code> version - * <code>1.0.1</code> from <code>"reference.e-government.gv.at"</code>. + * <code>"Ableitung f¨r die bereichsspezifische Personenkennzeichnung"</code> + * version <code>1.0.1</code> from + * <code>"reference.e-government.gv.at"</code>. * */ public class BpkBuilder { @@ -51,58 +53,60 @@ public class BpkBuilder { /** * Calculates an area specific unique person-identifier from a baseID. * - * @param baseID baseId from user but never null - * @param targetIdentifier target identifier for area specific identifier calculation but never - * null - * @return Pair consists of (unique person identifier for this target, targetArea) but never null + * @param baseID baseId from user but never null + * @param targetIdentifier target identifier for area specific identifier + * calculation but never null + * @return Pair consists of (unique person identifier for this target, + * targetArea) but never null * @throws EaafBuilderException if some input data are not valid */ public static Pair<String, String> generateAreaSpecificPersonIdentifier(final String baseID, final String targetIdentifier) throws EaafBuilderException { - return generateAreaSpecificPersonIdentifier(baseID, EAAFConstants.URN_PREFIX_BASEID, + return generateAreaSpecificPersonIdentifier(baseID, EaafConstants.URN_PREFIX_BASEID, targetIdentifier); } /** - * Calculates an area specific unique person-identifier from an unique identifier with a specific - * type. + * Calculates an area specific unique person-identifier from an unique + * identifier with a specific type. * - * @param baseID baseId from user but never null - * @param baseIdType Type of the baseID but never null - * @param targetIdentifier target identifier for area specific identifier calculation but never - * null - * @return Pair consists of (unique person identifier for this target, targetArea) but never null + * @param baseID baseId from user but never null + * @param baseIdType Type of the baseID but never null + * @param targetIdentifier target identifier for area specific identifier + * calculation but never null + * @return Pair consists of (unique person identifier for this target, + * targetArea) but never null * @throws EaafBuilderException if some input data are not valid */ public static Pair<String, String> generateAreaSpecificPersonIdentifier(final String baseID, final String baseIdType, final String targetIdentifier) throws EaafBuilderException { if (StringUtils.isEmpty(baseID)) { - throw new EaafBuilderException("builder.00", new Object[] {"baseID is empty or null"}, + throw new EaafBuilderException("builder.00", new Object[] { "baseID is empty or null" }, "BaseId is empty or null"); } if (StringUtils.isEmpty(baseIdType)) { throw new EaafBuilderException("builder.00", - new Object[] {"the type of baseID is empty or null"}, "Type of baseId is empty or null"); + new Object[] { "the type of baseID is empty or null" }, "Type of baseId is empty or null"); } if (StringUtils.isEmpty(targetIdentifier)) { throw new EaafBuilderException("builder.00", - new Object[] {"SP specific target identifier is empty or null"}, + new Object[] { "SP specific target identifier is empty or null" }, "SP specific target identifier is empty or null"); } - if (baseIdType.equals(EAAFConstants.URN_PREFIX_BASEID)) { + if (baseIdType.equals(EaafConstants.URN_PREFIX_BASEID)) { log.trace("Find baseID. Starting unique identifier caluclation for this target"); - if (targetIdentifier.startsWith(EAAFConstants.URN_PREFIX_CDID) - || targetIdentifier.startsWith(EAAFConstants.URN_PREFIX_WBPK)) { + if (targetIdentifier.startsWith(EaafConstants.URN_PREFIX_CDID) + || targetIdentifier.startsWith(EaafConstants.URN_PREFIX_WBPK)) { log.trace("Calculate bPK, wbPK, or STORK identifier for target: " + targetIdentifier); return Pair.newInstance(calculatebPKwbPK(baseID + "+" + targetIdentifier), targetIdentifier); - } else if (targetIdentifier.startsWith(EAAFConstants.URN_PREFIX_EIDAS)) { + } else if (targetIdentifier.startsWith(EaafConstants.URN_PREFIX_EIDAS)) { log.trace("Calculate eIDAS identifier for target: " + targetIdentifier); final String[] splittedTarget = targetIdentifier.split("\\+"); final String cititzenCountryCode = splittedTarget[1]; @@ -114,15 +118,14 @@ public class BpkBuilder { } return buildEidasIdentifer(baseID, baseIdType, cititzenCountryCode, eidasOutboundCountry); - } else { throw new EaafBuilderException("builder.00", - new Object[] {"Target identifier: " + targetIdentifier + " is NOT allowed or unknown"}, + new Object[] { "Target identifier: " + targetIdentifier + " is NOT allowed or unknown" }, "Target identifier: " + targetIdentifier + " is NOT allowed or unknown"); } } else { - log.trace("BaseID is not of type " + EAAFConstants.URN_PREFIX_BASEID + log.trace("BaseID is not of type " + EaafConstants.URN_PREFIX_BASEID + ". Check type against requested target ..."); if (baseIdType.equals(targetIdentifier)) { log.debug("Unique identifier is already area specific. Is nothing todo"); @@ -132,8 +135,8 @@ public class BpkBuilder { log.warn("Get unique identifier for target: " + baseIdType + " but target: " + targetIdentifier + " is required!"); throw new EaafBuilderException("builder.00", - new Object[] {"Get unique identifier for target: " + baseIdType + " but target: " - + targetIdentifier + " is required"}, + new Object[] { "Get unique identifier for target: " + baseIdType + " but target: " + + targetIdentifier + " is required" }, "Get unique identifier for target: " + baseIdType + " but target: " + targetIdentifier + " is required"); @@ -141,14 +144,15 @@ public class BpkBuilder { } } - /** * Builds the eIDAS from the given parameters. * - * @param baseId baseID of the citizen - * @param baseIdType Type of the baseID - * @param sourceCountry CountryCode of that country, which build the eIDAs ID - * @param destinationCountry CountryCode of that country, which receives the eIDAs ID + * @param baseId baseID of the citizen + * @param baseIdType Type of the baseID + * @param sourceCountry CountryCode of that country, which build the eIDAs + * ID + * @param destinationCountry CountryCode of that country, which receives the + * eIDAs ID * * @return Pair eIDAs/bPKType in a BASE64 encoding * @throws EaafBuilderException if some input data are not valid @@ -160,8 +164,8 @@ public class BpkBuilder { String bpkType = null; // check if we have been called by public sector application - if (baseIdType.startsWith(EAAFConstants.URN_PREFIX_BASEID)) { - bpkType = EAAFConstants.URN_PREFIX_EIDAS + sourceCountry + "+" + destinationCountry; + if (baseIdType.startsWith(EaafConstants.URN_PREFIX_BASEID)) { + bpkType = EaafConstants.URN_PREFIX_EIDAS + sourceCountry + "+" + destinationCountry; log.debug("Building eIDAS identification from: [identValue]+" + bpkType); bpk = calculatebPKwbPK(baseId + "+" + bpkType); @@ -173,9 +177,9 @@ public class BpkBuilder { if (StringUtils.isEmpty(bpk) || StringUtils.isEmpty(sourceCountry) || StringUtils.isEmpty(destinationCountry)) { throw new EaafBuilderException("builder.00", - new Object[] {"eIDAS-ID", + new Object[] { "eIDAS-ID", "Unvollständige Parameterangaben: identificationValue=" + bpk + ", Zielland=" - + destinationCountry + ", Ursprungsland=" + sourceCountry}, + + destinationCountry + ", Ursprungsland=" + sourceCountry }, "eIDAS-ID: Unvollständige Parameterangaben: identificationValue=" + bpk + ", Zielland=" + destinationCountry + ", Ursprungsland=" + sourceCountry); } @@ -189,8 +193,8 @@ public class BpkBuilder { /** * Create an encrypted bPK. * - * @param bpk unencrypted bPK - * @param target bPK target + * @param bpk unencrypted bPK + * @param target bPK target * @param publicKey Public-Key used for encryption * @return encrypted bPK * @throws EaafBuilderException In case of an error @@ -198,8 +202,8 @@ public class BpkBuilder { public static String encryptBpk(final String bpk, String target, final PublicKey publicKey) throws EaafBuilderException { final SimpleDateFormat sdf = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss"); - if (target.startsWith(EAAFConstants.URN_PREFIX_CDID)) { - target = target.substring(EAAFConstants.URN_PREFIX_CDID.length()); + if (target.startsWith(EaafConstants.URN_PREFIX_CDID)) { + target = target.substring(EaafConstants.URN_PREFIX_CDID.length()); } final String input = @@ -210,8 +214,8 @@ public class BpkBuilder { final byte[] inputBytes = input.getBytes("ISO-8859-1"); result = encrypt(inputBytes, publicKey); return new String(Base64Utils.encode(result), "ISO-8859-1").replaceAll("\r\n", ""); - // return new String(Base64Utils.encode(result, "ISO-8859-1")).replaceAll("\r\n", ""); - + // return new String(Base64Utils.encode(result, + // "ISO-8859-1")).replaceAll("\r\n", ""); } catch (final Exception e) { throw new EaafBuilderException("bPK encryption FAILED", null, e.getMessage(), e); @@ -223,8 +227,8 @@ public class BpkBuilder { * Decrypt an encrypted bPK. * * @param encryptedBpk encrypted bPK - * @param target bPK target - * @param privateKey private-key for decryption + * @param target bPK target + * @param privateKey private-key for decryption * @return bPK * @throws EaafBuilderException In case of an error */ @@ -232,7 +236,8 @@ public class BpkBuilder { final PrivateKey privateKey) throws EaafBuilderException { String decryptedString; try { - // byte[] encryptedBytes = Base64Utils.decode(encryptedBpk, false, "ISO-8859-1"); + // byte[] encryptedBytes = Base64Utils.decode(encryptedBpk, false, + // "ISO-8859-1"); final byte[] encryptedBytes = Base64Utils.decode(encryptedBpk.getBytes("ISO-8859-1")); final byte[] decryptedBytes = decrypt(encryptedBytes, privateKey); decryptedString = new String(decryptedBytes, "ISO-8859-1"); @@ -247,8 +252,8 @@ public class BpkBuilder { tmp = tmp.substring(tmp.indexOf("::") + 2); final String bPK = tmp.substring(0, tmp.indexOf("::")); - if (target.startsWith(EAAFConstants.URN_PREFIX_CDID + "+")) { - target = target.substring((EAAFConstants.URN_PREFIX_CDID + "+").length()); + if (target.startsWith(EaafConstants.URN_PREFIX_CDID + "+")) { + target = target.substring((EaafConstants.URN_PREFIX_CDID + "+").length()); } if (target.equals(sector)) { @@ -268,7 +273,7 @@ public class BpkBuilder { return hashBase64; } catch (final Exception ex) { - throw new EaafBuilderException("builder.00", new Object[] {"bPK/wbPK", ex.toString()}, + throw new EaafBuilderException("builder.00", new Object[] { "bPK/wbPK", ex.toString() }, ex.getMessage(), ex); } diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/data/AuthProcessDataWrapper.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/data/AuthProcessDataWrapper.java index 7c143ca2..a6017789 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/data/AuthProcessDataWrapper.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/data/AuthProcessDataWrapper.java @@ -1,4 +1,4 @@ -/******************************************************************************* +/* * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology. * @@ -15,24 +15,23 @@ * This product combines work with different licenses. See the "NOTICE" text file for details on the * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative * works that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -/******************************************************************************* - *******************************************************************************/ -/******************************************************************************* - *******************************************************************************/ +*/ + package at.gv.egiz.eaaf.core.impl.idp.auth.data; import java.util.Date; import java.util.HashMap; import java.util.Map; -import at.gv.egiz.eaaf.core.api.data.EAAFConstants; + +import org.apache.commons.lang3.StringUtils; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import at.gv.egiz.eaaf.core.api.data.EaafConstants; import at.gv.egiz.eaaf.core.api.idp.EaafAuthProcessDataConstants; import at.gv.egiz.eaaf.core.api.idp.auth.data.IAuthProcessDataContainer; import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink; import at.gv.egiz.eaaf.core.exceptions.EaafStorageException; -import org.apache.commons.lang3.StringUtils; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; public class AuthProcessDataWrapper implements IAuthProcessDataContainer, EaafAuthProcessDataConstants { @@ -48,7 +47,8 @@ public class AuthProcessDataWrapper /* * (non-Javadoc) * - * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getIssueInstant() + * @see + * at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getIssueInstant() */ @Override public String getIssueInstant() { @@ -59,7 +59,8 @@ public class AuthProcessDataWrapper * (non-Javadoc) * * @see - * at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setIssueInstant(java.lang.String) + * at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setIssueInstant( + * java.lang.String) */ @Override public void setIssueInstant(final String issueInstant) { @@ -70,7 +71,8 @@ public class AuthProcessDataWrapper /* * (non-Javadoc) * - * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#isAuthenticated() + * @see + * at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#isAuthenticated() */ @Override public boolean isAuthenticated() { @@ -78,11 +80,12 @@ public class AuthProcessDataWrapper } - /* * (non-Javadoc) * - * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setAuthenticated(boolean) + * @see + * at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setAuthenticated( + * boolean) */ @Override public void setAuthenticated(final boolean authenticated) { @@ -93,7 +96,8 @@ public class AuthProcessDataWrapper /* * (non-Javadoc) * - * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getIdentityLink() + * @see + * at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getIdentityLink() */ @Override public IIdentityLink getIdentityLink() { @@ -101,13 +105,12 @@ public class AuthProcessDataWrapper } - /* * (non-Javadoc) * * @see - * at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setIdentityLink(at.gv.egovernment.moa - * .id.auth.data.IdentityLink) + * at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setIdentityLink(at. + * gv.egovernment.moa .id.auth.data.IdentityLink) */ @Override public void setIdentityLink(final IIdentityLink identityLink) { @@ -118,7 +121,8 @@ public class AuthProcessDataWrapper /* * (non-Javadoc) * - * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#isMandateUsed() + * @see + * at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#isMandateUsed() */ @Override public boolean isMandateUsed() { @@ -128,7 +132,9 @@ public class AuthProcessDataWrapper /* * (non-Javadoc) * - * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setUseMandates(boolean) + * @see + * at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setUseMandates( + * boolean) */ @Override public void setUseMandates(final boolean useMandates) { @@ -142,18 +148,20 @@ public class AuthProcessDataWrapper * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getQAALevel() */ @Override - public String getQAALevel() { + public String getQaaLevel() { return wrapStringObject(VALUE_QAALEVEL, null, String.class); } /* * (non-Javadoc) * - * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setQAALevel(java.lang.String) + * @see + * at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setQAALevel(java. + * lang.String) */ @Override - public void setQAALevel(final String qAALevel) { - authProcessData.put(VALUE_QAALEVEL, qAALevel); + public void setQaaLevel(final String qaaLevel) { + authProcessData.put(VALUE_QAALEVEL, qaaLevel); } @@ -170,7 +178,8 @@ public class AuthProcessDataWrapper /* * (non-Javadoc) * - * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setForeigner(boolean) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setForeigner( + * boolean) */ @Override public void setForeigner(final boolean isForeigner) { @@ -200,12 +209,12 @@ public class AuthProcessDataWrapper } @Override - public boolean isEIDProcess() { + public boolean isEidProcess() { return wrapStringObject(FLAG_IS_NEW_EID_PROCESS, false, Boolean.class); } @Override - public void setEIDProcess(final boolean value) { + public void setEidProcess(final boolean value) { authProcessData.put(FLAG_IS_NEW_EID_PROCESS, value); } @@ -213,22 +222,24 @@ public class AuthProcessDataWrapper /* * (non-Javadoc) * - * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getSessionCreated() + * @see + * at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getSessionCreated() */ @Override public Date getSessionCreated() { - return wrapStringObject(EAAFConstants.AUTH_DATA_CREATED, null, Date.class); + return wrapStringObject(EaafConstants.AUTH_DATA_CREATED, null, Date.class); } /* * (non-Javadoc) * - * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getGenericSessionDataStorage() + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession# + * getGenericSessionDataStorage() */ @Override public Map<String, Object> getGenericSessionDataStorage() { final Map<String, Object> result = new HashMap<>(); - for (final Map.Entry<String,Object> el : authProcessData.entrySet()) { + for (final Map.Entry<String, Object> el : authProcessData.entrySet()) { if (el.getKey().startsWith(GENERIC_PREFIX)) { result.put(el.getKey().substring(GENERIC_PREFIX.length()), el.getValue()); } @@ -241,9 +252,8 @@ public class AuthProcessDataWrapper /* * (non-Javadoc) * - * @see - * at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getGenericDataFromSession(java.lang. - * String) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession# + * getGenericDataFromSession(java.lang. String) */ @Override public Object getGenericDataFromSession(final String key) { @@ -253,9 +263,8 @@ public class AuthProcessDataWrapper /* * (non-Javadoc) * - * @see - * at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getGenericDataFromSession(java.lang. - * String, java.lang.Class) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession# + * getGenericDataFromSession(java.lang. String, java.lang.Class) */ @Override public <T> T getGenericDataFromSession(final String key, final Class<T> clazz) { @@ -265,9 +274,8 @@ public class AuthProcessDataWrapper /* * (non-Javadoc) * - * @see - * at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setGenericDataToSession(java.lang. - * String, java.lang.Object) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession# + * setGenericDataToSession(java.lang. String, java.lang.Object) */ @Override public void setGenericDataToSession(final String key, final Object object) diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/data/IdentityLink.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/data/IdentityLink.java index a1faa0a4..ee1037a1 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/data/IdentityLink.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/data/IdentityLink.java @@ -1,22 +1,5 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria MOA-ID has been developed in a cooperation between - * BRZ, the Federal Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by the European - * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in - * compliance with the Licence. You may obtain a copy of the Licence at: http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software distributed under the Licence - * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express - * or implied. See the Licence for the specific language governing permissions and limitations under - * the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text file for details on the - * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative - * works that you distribute must include a readable copy of the "NOTICE" text file. - ******************************************************************************/ /* - * Copyright 2003 Federal Chancellery Austria MOA-ID has been developed in a cooperation between + * Copyright 2014 Federal Chancellery Austria MOA-ID has been developed in a cooperation between * BRZ, the Federal Chancellery Austria - ICT staff unit, and Graz University of Technology. * * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by the European @@ -31,7 +14,7 @@ * This product combines work with different licenses. See the "NOTICE" text file for details on the * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative * works that you distribute must include a readable copy of the "NOTICE" text file. - */ +*/ package at.gv.egiz.eaaf.core.impl.idp.auth.data; @@ -40,16 +23,20 @@ import java.io.ByteArrayInputStream; import java.io.IOException; import java.io.Serializable; import java.security.PublicKey; + import javax.xml.transform.TransformerException; + +import org.w3c.dom.Element; + import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink; import at.gv.egiz.eaaf.core.impl.utils.DomUtils; import at.gv.egiz.eaaf.core.impl.utils.XPathUtils; -import org.w3c.dom.Element; - /** - * Data contained in an identity link issued by BMI, relevant to the MOA ID component. <br> - * <code>"IdentityLink"</code> is the translation of <code>"Personenbindung"</code>. + * Data contained in an identity link issued by BMI, relevant to the MOA ID + * component. <br> + * <code>"IdentityLink"</code> is the translation of + * <code>"Personenbindung"</code>. * * @author Paul Ivancsics * @version $Id$ @@ -59,41 +46,44 @@ public class IdentityLink implements Serializable, IIdentityLink { private static final long serialVersionUID = 1L; /** - * <code>"identificationValue"</code> is the translation of <code>"Stammzahl"</code>. + * <code>"identificationValue"</code> is the translation of + * <code>"Stammzahl"</code>. */ private String identificationValue; /** - * <code>"identificationType"</code> type of the identificationValue in the IdentityLink. + * <code>"identificationType"</code> type of the identificationValue in the + * IdentityLink. */ private String identificationType; /** - * first name + * first name. */ private String givenName; /** - * family name + * family name. */ private String familyName; /** - * date of birth + * date of birth. */ private String dateOfBirth; /** - * the original saml:Assertion-Element + * the original saml:Assertion-Element. */ private transient Element samlAssertion; /** - * the serializes saml:Assertion + * the serializes saml:Assertion. */ private String serializedSamlAssertion; /** * Element - * /saml:Assertion/saml:AttributeStatement/saml:Subject/saml:SubjectConfirmation/saml:SubjectConfirmationData/pr:Person + * /saml:Assertion/saml:AttributeStatement/saml:Subject + * /saml:SubjectConfirmation/saml:SubjectConfirmationData/pr:Person. */ private transient Element prPerson = null; /** - * we need for each dsig:Reference Element all transformation elements + * we need for each dsig:Reference Element all transformation elements. */ private transient Element[] dsigReferenceTransforms = null; @@ -103,14 +93,15 @@ public class IdentityLink implements Serializable, IIdentityLink { private String issueInstant; /** - * we need all public keys stored in the identity link + * we need all public keys stored in the identity link. */ private PublicKey[] publicKey; /** - * Constructor for IdentityLink + * Constructor for IdentityLink. */ - public IdentityLink() {} + public IdentityLink() { + } /* * (non-Javadoc) @@ -157,7 +148,8 @@ public class IdentityLink implements Serializable, IIdentityLink { /* * (non-Javadoc) * - * @see at.gv.egovernment.moa.id.auth.data.IIdentityLink#getIdentificationValue() + * @see + * at.gv.egovernment.moa.id.auth.data.IIdentityLink#getIdentificationValue() */ @Override public String getIdentificationValue() { @@ -177,7 +169,9 @@ public class IdentityLink implements Serializable, IIdentityLink { /* * (non-Javadoc) * - * @see at.gv.egovernment.moa.id.auth.data.IIdentityLink#setDateOfBirth(java.lang.String) + * @see + * at.gv.egovernment.moa.id.auth.data.IIdentityLink#setDateOfBirth(java.lang. + * String) */ @Override public void setDateOfBirth(final String dateOfBirth) { @@ -187,7 +181,9 @@ public class IdentityLink implements Serializable, IIdentityLink { /* * (non-Javadoc) * - * @see at.gv.egovernment.moa.id.auth.data.IIdentityLink#setFamilyName(java.lang.String) + * @see + * at.gv.egovernment.moa.id.auth.data.IIdentityLink#setFamilyName(java.lang. + * String) */ @Override public void setFamilyName(final String familyName) { @@ -197,7 +193,8 @@ public class IdentityLink implements Serializable, IIdentityLink { /* * (non-Javadoc) * - * @see at.gv.egovernment.moa.id.auth.data.IIdentityLink#setGivenName(java.lang.String) + * @see at.gv.egovernment.moa.id.auth.data.IIdentityLink#setGivenName(java.lang. + * String) */ @Override public void setGivenName(final String givenName) { @@ -207,7 +204,9 @@ public class IdentityLink implements Serializable, IIdentityLink { /* * (non-Javadoc) * - * @see at.gv.egovernment.moa.id.auth.data.IIdentityLink#setIdentificationValue(java.lang.String) + * @see + * at.gv.egovernment.moa.id.auth.data.IIdentityLink#setIdentificationValue(java. + * lang.String) */ @Override public void setIdentificationValue(final String identificationValue) { @@ -217,7 +216,9 @@ public class IdentityLink implements Serializable, IIdentityLink { /* * (non-Javadoc) * - * @see at.gv.egovernment.moa.id.auth.data.IIdentityLink#setIdentificationType(java.lang.String) + * @see + * at.gv.egovernment.moa.id.auth.data.IIdentityLink#setIdentificationType(java. + * lang.String) */ @Override public void setIdentificationType(final String identificationType) { @@ -248,7 +249,8 @@ public class IdentityLink implements Serializable, IIdentityLink { /* * (non-Javadoc) * - * @see at.gv.egovernment.moa.id.auth.data.IIdentityLink#getSerializedSamlAssertion() + * @see + * at.gv.egovernment.moa.id.auth.data.IIdentityLink#getSerializedSamlAssertion() */ @Override public String getSerializedSamlAssertion() { @@ -258,7 +260,9 @@ public class IdentityLink implements Serializable, IIdentityLink { /* * (non-Javadoc) * - * @see at.gv.egovernment.moa.id.auth.data.IIdentityLink#setSamlAssertion(org.w3c.dom.Element) + * @see + * at.gv.egovernment.moa.id.auth.data.IIdentityLink#setSamlAssertion(org.w3c.dom + * .Element) */ @Override public void setSamlAssertion(final Element samlAssertion) @@ -270,7 +274,8 @@ public class IdentityLink implements Serializable, IIdentityLink { /* * (non-Javadoc) * - * @see at.gv.egovernment.moa.id.auth.data.IIdentityLink#getDsigReferenceTransforms() + * @see + * at.gv.egovernment.moa.id.auth.data.IIdentityLink#getDsigReferenceTransforms() */ @Override public Element[] getDsigReferenceTransforms() { @@ -287,8 +292,8 @@ public class IdentityLink implements Serializable, IIdentityLink { * (non-Javadoc) * * @see - * at.gv.egovernment.moa.id.auth.data.IIdentityLink#setDsigReferenceTransforms(org.w3c.dom.Element - * []) + * at.gv.egovernment.moa.id.auth.data.IIdentityLink#setDsigReferenceTransforms( + * org.w3c.dom.Element []) */ @Override public void setDsigReferenceTransforms(final Element[] dsigReferenceTransforms) { @@ -317,7 +322,9 @@ public class IdentityLink implements Serializable, IIdentityLink { /* * (non-Javadoc) * - * @see at.gv.egovernment.moa.id.auth.data.IIdentityLink#setPublicKey(java.security.PublicKey[]) + * @see + * at.gv.egovernment.moa.id.auth.data.IIdentityLink#setPublicKey(java.security. + * PublicKey[]) */ @Override public void setPublicKey(final PublicKey[] publicKey) { @@ -346,7 +353,9 @@ public class IdentityLink implements Serializable, IIdentityLink { /* * (non-Javadoc) * - * @see at.gv.egovernment.moa.id.auth.data.IIdentityLink#setPrPerson(org.w3c.dom.Element) + * @see + * at.gv.egovernment.moa.id.auth.data.IIdentityLink#setPrPerson(org.w3c.dom. + * Element) */ @Override public void setPrPerson(final Element prPerson) { @@ -366,7 +375,9 @@ public class IdentityLink implements Serializable, IIdentityLink { /* * (non-Javadoc) * - * @see at.gv.egovernment.moa.id.auth.data.IIdentityLink#setIssueInstant(java.lang.String) + * @see + * at.gv.egovernment.moa.id.auth.data.IIdentityLink#setIssueInstant(java.lang. + * String) */ @Override public void setIssueInstant(final String issueInstant) { diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/data/SimpleIdentityLinkAssertionParser.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/data/SimpleIdentityLinkAssertionParser.java index 220469d3..acb877c2 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/data/SimpleIdentityLinkAssertionParser.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/data/SimpleIdentityLinkAssertionParser.java @@ -1,22 +1,5 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria MOA-ID has been developed in a cooperation between - * BRZ, the Federal Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by the European - * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in - * compliance with the Licence. You may obtain a copy of the Licence at: http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software distributed under the Licence - * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express - * or implied. See the Licence for the specific language governing permissions and limitations under - * the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text file for details on the - * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative - * works that you distribute must include a readable copy of the "NOTICE" text file. - ******************************************************************************/ /* - * Copyright 2003 Federal Chancellery Austria MOA-ID has been developed in a cooperation between + * Copyright 2014 Federal Chancellery Austria MOA-ID has been developed in a cooperation between * BRZ, the Federal Chancellery Austria - ICT staff unit, and Graz University of Technology. * * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by the European @@ -31,7 +14,7 @@ * This product combines work with different licenses. See the "NOTICE" text file for details on the * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative * works that you distribute must include a readable copy of the "NOTICE" text file. - */ +*/ package at.gv.egiz.eaaf.core.impl.idp.auth.data; @@ -40,17 +23,19 @@ import java.io.ByteArrayInputStream; import java.io.InputStream; import java.util.ArrayList; import java.util.List; -import at.gv.egiz.eaaf.core.api.data.XMLNamespaceConstants; + +import org.springframework.util.Base64Utils; +import org.w3c.dom.Element; +import org.w3c.dom.traversal.NodeIterator; + +import at.gv.egiz.eaaf.core.api.data.XmlNamespaceConstants; import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink; import at.gv.egiz.eaaf.core.exceptions.EaafParserException; import at.gv.egiz.eaaf.core.impl.utils.DomUtils; import at.gv.egiz.eaaf.core.impl.utils.XPathUtils; -import org.springframework.util.Base64Utils; -import org.w3c.dom.Element; -import org.w3c.dom.traversal.NodeIterator; /** - * Parses MDS from an identity link <code><saml:Assertion></code> <br> + * Parses MDS from an identity link. <code><saml:Assertion></code> <br> * <b>This IDL parser extract NO key information!</b> * */ @@ -60,56 +45,59 @@ public class SimpleIdentityLinkAssertionParser { // XPath namespace prefix shortcuts // - /** Xpath prefix for reaching PersonData Namespaces */ - private static final String PDATA = XMLNamespaceConstants.PD_PREFIX + ":"; - /** Xpath prefix for reaching SAML Namespaces */ - private static final String SAML = XMLNamespaceConstants.SAML_PREFIX + ":"; - /** Xpath prefix for reaching XML-DSIG Namespaces */ - private static final String DSIG = XMLNamespaceConstants.DSIG_PREFIX + ":"; - /** Xpath expression to the root element */ + /** Xpath prefix for reaching PersonData Namespaces. */ + private static final String PDATA = XmlNamespaceConstants.PD_PREFIX + ":"; + /** Xpath prefix for reaching SAML Namespaces. */ + private static final String SAML = XmlNamespaceConstants.SAML_PREFIX + ":"; + /** Xpath prefix for reaching XML-DSIG Namespaces. */ + private static final String DSIG = XmlNamespaceConstants.DSIG_PREFIX + ":"; + /** Xpath expression to the root element. */ private static final String ROOT = ""; - /** Xpath expression to the SAMLSubjectConfirmationData element */ + /** Xpath expression to the SAMLSubjectConfirmationData element. */ private static final String SAML_SUBJECT_CONFIRMATION_DATA_XPATH = ROOT + SAML + "AttributeStatement/" + SAML + "Subject/" + SAML + "SubjectConfirmation/" + SAML + "SubjectConfirmationData"; - /** Xpath expression to the PersonData element */ + /** Xpath expression to the PersonData element. */ public static final String PERSON_XPATH = SAML_SUBJECT_CONFIRMATION_DATA_XPATH + "/" + PDATA + "Person"; - /** Xpath expression to the PersonData GivenName element */ + /** Xpath expression to the PersonData GivenName element. */ public static final String PERSON_GIVEN_NAME_XPATH = PERSON_XPATH + "/" + PDATA + "Name/" + PDATA + "GivenName"; - /** Xpath expression to the PersonData FamilyName element */ + /** Xpath expression to the PersonData FamilyName element. */ public static final String PERSON_FAMILY_NAME_XPATH = PERSON_XPATH + "/" + PDATA + "Name/" + PDATA + "FamilyName"; - /** Xpath expression to the PersonData DateOfBirth element */ + /** Xpath expression to the PersonData DateOfBirth element. */ public static final String PERSON_DATE_OF_BIRTH_XPATH = PERSON_XPATH + "/" + PDATA + "DateOfBirth"; - /** Xpath expression to the Identification Value element */ + /** Xpath expression to the Identification Value element. */ public static final String PERSON_IDENT_VALUE_XPATH = PERSON_XPATH + "/" + PDATA + "Identification/" + PDATA + "Value"; - /** Xpath expression to the Identification Value element */ + /** Xpath expression to the Identification Value element. */ public static final String PERSON_IDENT_TYPE_XPATH = PERSON_XPATH + "/" + PDATA + "Identification/" + PDATA + "Type"; - /** Xpath expression to the DSIG X509Certificate element */ + /** Xpath expression to the DSIG X509Certificate element. */ private static final String DSIG_CERTIFICATES_XPATH = ROOT + DSIG + "Signature/" + DSIG + "KeyInfo/" + DSIG + "X509Data/" + DSIG + "X509Certificate"; - /** Xpath expression to the DSIG Transforms element */ + /** Xpath expression to the DSIG Transforms element. */ private static final String DSIG_REFERENCE_TRANSFORMATION_XPATH = ROOT + DSIG + "Signature/" + DSIG + "SignedInfo/" + DSIG + "Reference/" + DSIG + "Transforms"; - /** The IssueInstant attribute of the SAML assertion */ + /** The IssueInstant attribute of the SAML assertion. */ private static final String ISSUE_INSTANT_ATTR = "IssueInstant"; public static final String ASSERTIONID = "AssertionID"; - /** This is the root element of the XML-Document provided by the Security Layer Card */ + /** + * This is the root element of the XML-Document provided by the Security Layer + * Card. + */ private Element assertionElem; /** - * Constructor for <code>IdentityLinkAssertionParser</code>. A DOM-representation of the incoming - * String will be created + * Constructor for <code>IdentityLinkAssertionParser</code>. A + * DOM-representation of the incoming String will be created * * @param xmlAssertion <code><saml:Assertion></code> as String * @throws EaafParserException on any parsing error @@ -120,7 +108,7 @@ public class SimpleIdentityLinkAssertionParser { assertionElem = DomUtils.parseXmlValidating(s); } catch (final Throwable t) { - throw new EaafParserException("parser.01", new Object[] {t.toString()}, t); + throw new EaafParserException("parser.01", new Object[] { t.toString() }, t); } } @@ -136,8 +124,8 @@ public class SimpleIdentityLinkAssertionParser { } /** - * Constructor for <code>IdentityLinkAssertionParser</code>. A DOM-representation of the incoming - * Inputstream will be created + * Constructor for <code>IdentityLinkAssertionParser</code>. A + * DOM-representation of the incoming Inputstream will be created * * @param xmlAssertion <code><saml:Assertion></code> as InputStream * @throws EaafParserException on any parsing error @@ -148,13 +136,13 @@ public class SimpleIdentityLinkAssertionParser { assertionElem = DomUtils.parseXmlValidating(xmlAssertion); } catch (final Throwable t) { - throw new EaafParserException("parser.01", new Object[] {t.toString()}, t); + throw new EaafParserException("parser.01", new Object[] { t.toString() }, t); } } /** - * Parses the identity link from the <code><saml:Assertion></code> + * Parses the identity link from the <code><saml:Assertion></code>. * * @return Identity link * @throws EaafParserException on any parsing error @@ -199,7 +187,7 @@ public class SimpleIdentityLinkAssertionParser { // identityLink.setPublicKey(getPublicKeys()); } catch (final Throwable t) { - throw new EaafParserException("parser.01", new Object[] {t.toString()}, t); + throw new EaafParserException("parser.01", new Object[] { t.toString() }, t); } return identityLink; @@ -207,10 +195,10 @@ public class SimpleIdentityLinkAssertionParser { /** * Parses a string array of decoded base64 certificates from the - * <code><InfoboxReadResponse></code> found in the dsig-signature + * <code><InfoboxReadResponse></code> found in the dsig-signature. * * @return String[] with raw-certificates from the dsig-signature keyinfo - * @throws Exception + * @throws Exception In case of an error */ public String[] getCertificates() throws Exception { final List certs = new ArrayList(); diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/modules/AbstractAuthServletTask.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/modules/AbstractAuthServletTask.java index c785e1cb..3d093a9f 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/modules/AbstractAuthServletTask.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/modules/AbstractAuthServletTask.java @@ -27,11 +27,24 @@ import java.util.Iterator; import java.util.List; import java.util.Map; import java.util.Map.Entry; + import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; + +import org.apache.commons.fileupload.FileItem; +import org.apache.commons.fileupload.FileItemFactory; +import org.apache.commons.fileupload.FileUploadException; +import org.apache.commons.fileupload.disk.DiskFileItemFactory; +import org.apache.commons.fileupload.servlet.ServletFileUpload; +import org.apache.commons.lang3.ArrayUtils; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.core.io.ResourceLoader; + import at.gv.egiz.eaaf.core.api.IRequest; import at.gv.egiz.eaaf.core.api.IRequestStorage; -import at.gv.egiz.eaaf.core.api.data.EAAFConstants; +import at.gv.egiz.eaaf.core.api.data.EaafConstants; import at.gv.egiz.eaaf.core.api.idp.IConfiguration; import at.gv.egiz.eaaf.core.api.idp.auth.services.IProtocolAuthenticationService; import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; @@ -41,20 +54,10 @@ import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException; import at.gv.egiz.eaaf.core.impl.idp.controller.ProtocolFinalizationController; import at.gv.egiz.eaaf.core.impl.idp.process.springweb.AbstractTask; import at.gv.egiz.eaaf.core.impl.utils.DataUrlBuilder; -import org.apache.commons.fileupload.FileItem; -import org.apache.commons.fileupload.FileItemFactory; -import org.apache.commons.fileupload.FileUploadException; -import org.apache.commons.fileupload.disk.DiskFileItemFactory; -import org.apache.commons.fileupload.servlet.ServletFileUpload; -import org.apache.commons.lang3.ArrayUtils; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.core.io.ResourceLoader; /** - * Task based counterpart to {@link AuthServlet}, providing the same utility methods (error - * handling, parameter parsing etc.). + * Task based counterpart to {@link AuthServlet}, providing the same utility + * methods (error handling, parameter parsing etc.). * </p> * The code has been taken from {@link AuthServlet}. */ @@ -81,7 +84,6 @@ public abstract class AbstractAuthServletTask extends AbstractTask { public abstract void execute(ExecutionContext executionContext, HttpServletRequest request, HttpServletResponse response) throws TaskExecutionException; - @Override protected final IRequest internalExecute(final IRequest pendingReq, final ExecutionContext executionContext, final HttpServletRequest request, @@ -90,7 +92,7 @@ public abstract class AbstractAuthServletTask extends AbstractTask { this.pendingReq = pendingReq; // add latest pendingRequestId on execution context - executionContext.put(EAAFConstants.PROCESS_ENGINE_PENDINGREQUESTID, + executionContext.put(EaafConstants.PROCESS_ENGINE_PENDINGREQUESTID, pendingReq.getPendingRequestId()); // execute task specific action @@ -101,20 +103,22 @@ public abstract class AbstractAuthServletTask extends AbstractTask { } /** - * Redirect the authentication process to protocol specific finalization endpoint. + * Redirect the authentication process to protocol specific finalization + * endpoint. * * @param executionContext * - * @param pendingReq Actually processed protocol specific authentication request - * @param httpResp http response object - * @throws IOException In case of a general error + * @param pendingReq Actually processed protocol specific authentication + * request + * @param httpResp http response object + * @throws IOException In case of a general error * @throws EaafException In case of an application error */ protected void performRedirectToProtocolFinialization(final ExecutionContext executionContext, final IRequest pendingReq, final HttpServletRequest httpReq, final HttpServletResponse httpResp) throws EaafException, IOException { final Object frontChannelRedirectFlagObj = - executionContext.get(EAAFConstants.PROCESS_ENGINE_REQUIRES_NO_POSTAUTH_REDIRECT); + executionContext.get(EaafConstants.PROCESS_ENGINE_REQUIRES_NO_POSTAUTH_REDIRECT); if (frontChannelRedirectFlagObj != null && frontChannelRedirectFlagObj instanceof Boolean && (Boolean) frontChannelRedirectFlagObj) { log.info("AuthProcess finished. Forward to Protocol finalization."); @@ -128,15 +132,14 @@ public abstract class AbstractAuthServletTask extends AbstractTask { } - - } /** * Redirect the authentication process to IDP itself. * - * @param pendingReq Actually processed protocol specific authentication request - * @param httpResp http response + * @param pendingReq Actually processed protocol specific authentication + * request + * @param httpResp http response * @param idpEndPoint Servlet EndPoint that should receive the redirect */ protected void performRedirectToItself(final IRequest pendingReq, @@ -151,16 +154,15 @@ public abstract class AbstractAuthServletTask extends AbstractTask { } - /** - * Parses the request input stream for parameters, assuming parameters are encoded UTF-8 (no - * standard exists how browsers should encode them). + * Parses the request input stream for parameters, assuming parameters are + * encoded UTF-8 (no standard exists how browsers should encode them). * * @param req servlet request * * @return mapping parameter name -> value * - * @throws IOException if parsing request parameters fails. + * @throws IOException if parsing request parameters fails. * * @throws FileUploadException if parsing request parameters fails. */ @@ -215,7 +217,8 @@ public abstract class AbstractAuthServletTask extends AbstractTask { final Entry<String, String[]> entry = requestParamIt.next(); final String key = entry.getKey(); final String[] values = entry.getValue(); - // take the last value from the value array since the legacy code above also does it this + // take the last value from the value array since the legacy code above also + // does it this // way parameters.put(key, ArrayUtils.isEmpty(values) ? null : values[values.length - 1]); } @@ -228,7 +231,7 @@ public abstract class AbstractAuthServletTask extends AbstractTask { /** * Reads bytes up to a delimiter, consuming the delimiter. * - * @param in input stream + * @param in input stream * @param delimiter delimiter character * @return String constructed from the read bytes * @throws IOException In case of a general error @@ -251,8 +254,8 @@ public abstract class AbstractAuthServletTask extends AbstractTask { /** * Adds a parameter to a URL. * - * @param url the URL - * @param paramname parameter name + * @param url the URL + * @param paramname parameter name * @param paramvalue parameter value * @return the URL with parameter added */ diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/modules/ModuleRegistration.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/modules/ModuleRegistration.java index 27aeab03..c4f1b505 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/modules/ModuleRegistration.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/modules/ModuleRegistration.java @@ -27,12 +27,9 @@ import java.util.Iterator; import java.util.List; import java.util.Map; import java.util.ServiceLoader; + import javax.annotation.PostConstruct; -import at.gv.egiz.eaaf.core.api.IRequest; -import at.gv.egiz.eaaf.core.api.idp.auth.modules.AuthModule; -import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; -import at.gv.egiz.eaaf.core.api.idp.process.ProcessEngine; -import at.gv.egiz.eaaf.core.impl.idp.process.ProcessDefinitionParserException; + import org.apache.commons.lang3.StringUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -40,13 +37,20 @@ import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.ApplicationContext; import org.springframework.core.io.Resource; +import at.gv.egiz.eaaf.core.api.IRequest; +import at.gv.egiz.eaaf.core.api.idp.auth.modules.AuthModule; +import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; +import at.gv.egiz.eaaf.core.api.idp.process.ProcessEngine; +import at.gv.egiz.eaaf.core.impl.idp.process.ProcessDefinitionParserException; + /** - * This class handles registering modules. The modules are detected either with the ServiceLoader - * mechanism or via Spring. All detected modules are ranked according to their priority. + * This class handles registering modules. The modules are detected either with + * the ServiceLoader mechanism or via Spring. All detected modules are ranked + * according to their priority. */ public class ModuleRegistration { - //private static ModuleRegistration instance = new ModuleRegistration(); + // private static ModuleRegistration instance = new ModuleRegistration(); private final List<AuthModule> priorizedModules = new ArrayList<>(); @@ -58,10 +62,6 @@ public class ModuleRegistration { private final Logger log = LoggerFactory.getLogger(getClass()); -// public static ModuleRegistration getInstance() { -// return ctx.; -// } - private ModuleRegistration() { } @@ -77,7 +77,7 @@ public class ModuleRegistration { // order modules according to their priority sortModules(); - //instance = this; + // instance = this; } /** @@ -142,10 +142,10 @@ public class ModuleRegistration { } /** - * Returns the process description id of the first process, in the highest ranked module, which is - * able to work with the given execution context. + * Returns the process description id of the first process, in the highest + * ranked module, which is able to work with the given execution context. * - * @param context the {@link ExecutionContext}. + * @param context the {@link ExecutionContext}. * @param pendingReq the current processed {@link IRequest} * @return the process id or {@code null} */ diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java index a5030851..817c7aa2 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java @@ -24,14 +24,27 @@ import java.io.PrintWriter; import java.io.StringWriter; import java.util.Arrays; import java.util.List; + import javax.naming.ConfigurationException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; + +import org.apache.commons.lang3.ArrayUtils; +import org.apache.commons.lang3.StringUtils; +import org.apache.commons.text.StringEscapeUtils; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.context.ApplicationContext; +import org.springframework.lang.NonNull; +import org.springframework.lang.Nullable; +import org.springframework.stereotype.Service; + import at.gv.egiz.components.eventlog.api.EventConstants; import at.gv.egiz.eaaf.core.api.IRequest; import at.gv.egiz.eaaf.core.api.IRequestStorage; import at.gv.egiz.eaaf.core.api.IStatusMessenger; -import at.gv.egiz.eaaf.core.api.data.EAAFConstants; +import at.gv.egiz.eaaf.core.api.data.EaafConstants; import at.gv.egiz.eaaf.core.api.gui.IGuiBuilderConfiguration; import at.gv.egiz.eaaf.core.api.gui.IGuiBuilderConfigurationFactory; import at.gv.egiz.eaaf.core.api.gui.IGuiFormBuilder; @@ -40,7 +53,7 @@ import at.gv.egiz.eaaf.core.api.idp.IAction; import at.gv.egiz.eaaf.core.api.idp.IAuthData; import at.gv.egiz.eaaf.core.api.idp.IAuthenticationDataBuilder; import at.gv.egiz.eaaf.core.api.idp.IModulInfo; -import at.gv.egiz.eaaf.core.api.idp.IspConfiguration; +import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration; import at.gv.egiz.eaaf.core.api.idp.auth.IAuthenticationManager; import at.gv.egiz.eaaf.core.api.idp.auth.ISsoManager; import at.gv.egiz.eaaf.core.api.idp.auth.services.IProtocolAuthenticationService; @@ -59,16 +72,6 @@ import at.gv.egiz.eaaf.core.exceptions.ProtocolNotActiveException; import at.gv.egiz.eaaf.core.impl.gui.AbstractGuiFormBuilderConfiguration; import at.gv.egiz.eaaf.core.impl.idp.controller.protocols.RequestImpl; import at.gv.egiz.eaaf.core.impl.utils.HttpUtils; -import org.apache.commons.lang3.ArrayUtils; -import org.apache.commons.lang3.StringUtils; -import org.apache.commons.text.StringEscapeUtils; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.context.ApplicationContext; -import org.springframework.lang.NonNull; -import org.springframework.lang.Nullable; -import org.springframework.stereotype.Service; @Service public class ProtocolAuthenticationService implements IProtocolAuthenticationService { @@ -99,13 +102,13 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer @Autowired private IRevisionLogger revisionsLogger; - private IGuiFormBuilder guiBuilder; /* * (non-Javadoc) * - * @see at.gv.egiz.eaaf.core.impl.idp.auth.services.IProtocolAuthenticationService# + * @see + * at.gv.egiz.eaaf.core.impl.idp.auth.services.IProtocolAuthenticationService# * performAuthentication(javax.servlet.http.HttpServletRequest, * javax.servlet.http.HttpServletResponse, at.gv.egiz.eaaf.core.api.IRequest) */ @@ -121,16 +124,17 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer .setPendingRequestId(pendingReqIdGenerationStrategy.generateExternalPendingRequestId()); // load Parameters from OnlineApplicationConfiguration - final IspConfiguration oaParam = pendingReq.getServiceProviderConfiguration(); + final ISpConfiguration oaParam = pendingReq.getServiceProviderConfiguration(); if (oaParam == null) { throw new EaafAuthenticationException( IStatusMessenger.CODES_INTERNAL_ERROR_AUTH_NOSPCONFIG, - new Object[] {pendingReq.getSpEntityId()}); + new Object[] { pendingReq.getSpEntityId() }); } if (authmanager.doAuthentication(req, resp, pendingReq)) { - // pending request is already authenticated --> protocol-specific postProcessing can start + // pending request is already authenticated --> protocol-specific postProcessing + // can start // directly finalizeAuthentication(req, resp, pendingReq); @@ -155,7 +159,8 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer /* * (non-Javadoc) * - * @see at.gv.egiz.eaaf.core.impl.idp.auth.services.IProtocolAuthenticationService# + * @see + * at.gv.egiz.eaaf.core.impl.idp.auth.services.IProtocolAuthenticationService# * finalizeAuthentication(javax.servlet.http.HttpServletRequest, * javax.servlet.http.HttpServletResponse, at.gv.egiz.eaaf.core.api.IRequest) */ @@ -210,11 +215,10 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer // remove pending-request requestStorage.removePendingRequest(pendingReq.getPendingRequestId()); revisionsLogger.logEvent(EventConstants.TRANSACTION_DESTROYED, - pendingReq.getUniqueTransactionIdentifier()); + pendingReq.getUniqueTransactionIdentifier()); } - @Override public void buildProtocolSpecificErrorResponse(final Throwable throwable, final HttpServletRequest req, final HttpServletResponse resp, final IRequest protocolRequest) @@ -285,7 +289,6 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer } - public void setGuiBuilder(final IGuiFormBuilder guiBuilder) { this.guiBuilder = guiBuilder; } @@ -293,11 +296,11 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer /** * Finalize the requested protocol operation. * - * @param httpReq HttpServletRequest - * @param httpResp HttpServletResponse + * @param httpReq HttpServletRequest + * @param httpResp HttpServletResponse * @param protocolRequest Authentication request which is actually in process - * @param moaSession MOASession object, which is used to generate the protocol specific - * authentication information + * @param moaSession MOASession object, which is used to generate the + * protocol specific authentication information * @throws Exception In case of an error */ protected void internalFinalizeAuthenticationProcess(final HttpServletRequest req, @@ -352,10 +355,10 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer /** * Executes the requested protocol action. * - * @param httpReq HttpServletRequest - * @param httpResp HttpServletResponse + * @param httpReq HttpServletRequest + * @param httpResp HttpServletResponse * @param protocolRequest Authentication request which is actually in process - * @param authData Service-provider specific authentication data + * @param authData Service-provider specific authentication data * * @return Return Single LogOut information or null if protocol supports no SSO * @@ -430,7 +433,6 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer final IGuiBuilderConfiguration config = guiConfigFactory.getDefaultErrorGui(HttpUtils.extractAuthUrlFromRequest(httpReq)); - String[] errorCodeParams = null; if (params == null) { errorCodeParams = new String[] {}; @@ -446,8 +448,6 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer } } - - // add errorcode and errormessage if (config instanceof ModifyableGuiBuilderConfiguration) { ((ModifyableGuiBuilderConfiguration) config).putCustomParameter( @@ -471,15 +471,12 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer "Can not ADD error message, because 'GUIBuilderConfiguration' is not modifieable "); } - - guiBuilder.build(httpReq, httpResp, config, "Error-Message"); } catch (final GuiBuildException e) { log.warn("Can not build error-message GUI.", e); throw new EaafException("9199", null, e); - } } @@ -496,7 +493,7 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer throws IOException, EaafException { if (e instanceof ProtocolNotActiveException) { resp.getWriter().write(e.getMessage()); - resp.setContentType(EAAFConstants.CONTENTTYPE_HTML_UTF8); + resp.setContentType(EaafConstants.CONTENTTYPE_HTML_UTF8); resp.sendError(HttpServletResponse.SC_FORBIDDEN, StringEscapeUtils.escapeHtml4(StringEscapeUtils.escapeEcmaScript(e.getMessage()))); @@ -537,5 +534,4 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer } - } diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/SimpleStringAttributeGenerator.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/SimpleStringAttributeGenerator.java index fc36f492..df4e97fc 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/SimpleStringAttributeGenerator.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/SimpleStringAttributeGenerator.java @@ -21,7 +21,8 @@ package at.gv.egiz.eaaf.core.impl.idp.builder; import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator; /** - * Simple String attribute generator that only generates attribute values as String. + * Simple String attribute generator that only generates attribute values as + * String. * * @author tlenz * @@ -32,8 +33,8 @@ public class SimpleStringAttributeGenerator implements IAttributeGenerator<Strin * (non-Javadoc) * * @see - * at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeGenerator#buildStringAttribute( - * java.lang.String, java.lang.String, java.lang.String) + * at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeGenerator# + * buildStringAttribute( java.lang.String, java.lang.String, java.lang.String) */ @Override public String buildStringAttribute(final String friendlyName, final String name, final String value) { @@ -45,8 +46,8 @@ public class SimpleStringAttributeGenerator implements IAttributeGenerator<Strin * (non-Javadoc) * * @see - * at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeGenerator#buildIntegerAttribute - * (java.lang.String, java.lang.String, int) + * at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeGenerator# + * buildIntegerAttribute (java.lang.String, java.lang.String, int) */ @Override public String buildIntegerAttribute(final String friendlyName, final String name, final int value) { @@ -58,8 +59,8 @@ public class SimpleStringAttributeGenerator implements IAttributeGenerator<Strin * (non-Javadoc) * * @see - * at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeGenerator#buildLongAttribute( - * java.lang.String, java.lang.String, long) + * at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeGenerator# + * buildLongAttribute( java.lang.String, java.lang.String, long) */ @Override public String buildLongAttribute(final String friendlyName, final String name, final long value) { @@ -71,8 +72,8 @@ public class SimpleStringAttributeGenerator implements IAttributeGenerator<Strin * (non-Javadoc) * * @see - * at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeGenerator#buildEmptyAttribute( - * java.lang.String, java.lang.String) + * at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeGenerator# + * buildEmptyAttribute( java.lang.String, java.lang.String) */ @Override public String buildEmptyAttribute(final String friendlyName, final String name) { diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/BirthdateAttributeBuilder.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/BirthdateAttributeBuilder.java index 505ba137..19500cb3 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/BirthdateAttributeBuilder.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/BirthdateAttributeBuilder.java @@ -21,10 +21,11 @@ package at.gv.egiz.eaaf.core.impl.idp.builder.attributes; import java.text.DateFormat; import java.text.SimpleDateFormat; + import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator; import at.gv.egiz.eaaf.core.api.idp.IAuthData; import at.gv.egiz.eaaf.core.api.idp.IPvpAttributeBuilder; -import at.gv.egiz.eaaf.core.api.idp.IspConfiguration; +import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration; import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException; import at.gv.egiz.eaaf.core.exceptions.UnavailableAttributeException; @@ -37,7 +38,7 @@ public class BirthdateAttributeBuilder implements IPvpAttributeBuilder { } @Override - public <ATT> ATT build(final IspConfiguration oaParam, final IAuthData authData, + public <ATT> ATT build(final ISpConfiguration oaParam, final IAuthData authData, final IAttributeGenerator<ATT> g) throws AttributeBuilderException { if (authData.getDateOfBirth() != null) { diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/BpkAttributeBuilder.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/BpkAttributeBuilder.java index 56eb5634..172d74a7 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/BpkAttributeBuilder.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/BpkAttributeBuilder.java @@ -20,17 +20,19 @@ package at.gv.egiz.eaaf.core.impl.idp.builder.attributes; import javax.annotation.Nonnull; -import at.gv.egiz.eaaf.core.api.data.EAAFConstants; + +import org.apache.commons.lang3.StringUtils; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.util.Assert; + +import at.gv.egiz.eaaf.core.api.data.EaafConstants; import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator; import at.gv.egiz.eaaf.core.api.idp.IAuthData; import at.gv.egiz.eaaf.core.api.idp.IPvpAttributeBuilder; -import at.gv.egiz.eaaf.core.api.idp.IspConfiguration; +import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration; import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException; import at.gv.egiz.eaaf.core.exceptions.UnavailableAttributeException; -import org.apache.commons.lang3.StringUtils; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.springframework.util.Assert; @PvpMetadata public class BpkAttributeBuilder implements IPvpAttributeBuilder { @@ -44,7 +46,7 @@ public class BpkAttributeBuilder implements IPvpAttributeBuilder { } @Override - public <ATT> ATT build(final IspConfiguration oaParam, final IAuthData authData, + public <ATT> ATT build(final ISpConfiguration oaParam, final IAuthData authData, final IAttributeGenerator<ATT> g) throws AttributeBuilderException { final String result = getBpkForSP(authData); log.trace("Authenticate user with bPK/wbPK: " + result); @@ -80,12 +82,12 @@ public class BpkAttributeBuilder implements IPvpAttributeBuilder { @Nonnull protected String removeBpkTypePrefix(@Nonnull final String type) { Assert.isTrue(type != null, "bPKType is 'NULL'"); - if (type.startsWith(EAAFConstants.URN_PREFIX_WBPK)) { - return type.substring(EAAFConstants.URN_PREFIX_WBPK.length()); - } else if (type.startsWith(EAAFConstants.URN_PREFIX_CDID)) { - return type.substring(EAAFConstants.URN_PREFIX_CDID.length()); - } else if (type.startsWith(EAAFConstants.URN_PREFIX_EIDAS)) { - return type.substring(EAAFConstants.URN_PREFIX_EIDAS.length()); + if (type.startsWith(EaafConstants.URN_PREFIX_WBPK)) { + return type.substring(EaafConstants.URN_PREFIX_WBPK.length()); + } else if (type.startsWith(EaafConstants.URN_PREFIX_CDID)) { + return type.substring(EaafConstants.URN_PREFIX_CDID.length()); + } else if (type.startsWith(EaafConstants.URN_PREFIX_EIDAS)) { + return type.substring(EaafConstants.URN_PREFIX_EIDAS.length()); } else { return type; } diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/EidCcsUrl.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/EidCcsUrl.java index 8029d769..27b78059 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/EidCcsUrl.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/EidCcsUrl.java @@ -8,7 +8,7 @@ import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator; import at.gv.egiz.eaaf.core.api.idp.IAuthData; import at.gv.egiz.eaaf.core.api.idp.IEidAuthData; import at.gv.egiz.eaaf.core.api.idp.IPvpAttributeBuilder; -import at.gv.egiz.eaaf.core.api.idp.IspConfiguration; +import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration; import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException; import at.gv.egiz.eaaf.core.exceptions.UnavailableAttributeException; @@ -22,7 +22,7 @@ public class EidCcsUrl implements IPvpAttributeBuilder { } @Override - public <ATT> ATT build(final IspConfiguration oaParam, final IAuthData authData, + public <ATT> ATT build(final ISpConfiguration oaParam, final IAuthData authData, final IAttributeGenerator<ATT> g) throws AttributeBuilderException { if (authData instanceof IEidAuthData) { final String bkuurl = ((IEidAuthData) authData).getVdaEndPointUrl(); @@ -30,7 +30,6 @@ public class EidCcsUrl implements IPvpAttributeBuilder { return g.buildStringAttribute(EID_CCS_URL_FRIENDLY_NAME, EID_CCS_URL_NAME, bkuurl); } - } else { log.info(EID_CCS_URL_FRIENDLY_NAME + " is only available in MOA-ID context"); } diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/EidEidTokenBuilder.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/EidEidTokenBuilder.java index ccc2b4e8..be208e8e 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/EidEidTokenBuilder.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/EidEidTokenBuilder.java @@ -19,29 +19,29 @@ package at.gv.egiz.eaaf.core.impl.idp.builder.attributes; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.util.Base64Utils; + import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator; import at.gv.egiz.eaaf.core.api.idp.IAuthData; import at.gv.egiz.eaaf.core.api.idp.IEidAuthData; import at.gv.egiz.eaaf.core.api.idp.IPvpAttributeBuilder; -import at.gv.egiz.eaaf.core.api.idp.IspConfiguration; +import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration; import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException; import at.gv.egiz.eaaf.core.exceptions.UnavailableAttributeException; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.springframework.util.Base64Utils; @PvpMetadata public class EidEidTokenBuilder implements IPvpAttributeBuilder { private static final Logger log = LoggerFactory.getLogger(EidEidTokenBuilder.class); - @Override public String getName() { return EID_E_ID_TOKEN_NAME; } @Override - public <ATT> ATT build(final IspConfiguration oaParam, final IAuthData authData, + public <ATT> ATT build(final ISpConfiguration oaParam, final IAuthData authData, final IAttributeGenerator<ATT> g) throws AttributeBuilderException { if (authData instanceof IEidAuthData) { diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/EidEidasQaaLevelAttributeBuilder.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/EidEidasQaaLevelAttributeBuilder.java index 858baf40..7d0d6a95 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/EidEidasQaaLevelAttributeBuilder.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/EidEidasQaaLevelAttributeBuilder.java @@ -19,11 +19,10 @@ package at.gv.egiz.eaaf.core.impl.idp.builder.attributes; - import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator; import at.gv.egiz.eaaf.core.api.idp.IAuthData; import at.gv.egiz.eaaf.core.api.idp.IPvpAttributeBuilder; -import at.gv.egiz.eaaf.core.api.idp.IspConfiguration; +import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration; import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException; @PvpMetadata @@ -35,14 +34,13 @@ public class EidEidasQaaLevelAttributeBuilder implements IPvpAttributeBuilder { } @Override - public <ATT> ATT build(final IspConfiguration oaParam, final IAuthData authData, + public <ATT> ATT build(final ISpConfiguration oaParam, final IAuthData authData, final IAttributeGenerator<ATT> g) throws AttributeBuilderException { return g.buildStringAttribute(EID_CITIZEN_EIDAS_QAA_LEVEL_FRIENDLY_NAME, EID_CITIZEN_EIDAS_QAA_LEVEL_NAME, authData.getEidasQaaLevel()); } - @Override public <ATT> ATT buildEmpty(final IAttributeGenerator<ATT> g) { return g.buildEmptyAttribute(EID_CITIZEN_EIDAS_QAA_LEVEL_FRIENDLY_NAME, diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/EidEncryptedSourceIdAttributeBuilder.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/EidEncryptedSourceIdAttributeBuilder.java index e828d11c..246f585c 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/EidEncryptedSourceIdAttributeBuilder.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/EidEncryptedSourceIdAttributeBuilder.java @@ -19,18 +19,19 @@ package at.gv.egiz.eaaf.core.impl.idp.builder.attributes; -import at.gv.egiz.eaaf.core.api.data.ExtendedPVPAttributeDefinitions; +import at.gv.egiz.eaaf.core.api.data.ExtendedPvpAttributeDefinitions; import at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder; import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator; import at.gv.egiz.eaaf.core.api.idp.IAuthData; -import at.gv.egiz.eaaf.core.api.idp.IspConfiguration; +import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration; import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException; public class EidEncryptedSourceIdAttributeBuilder - implements IAttributeBuilder, ExtendedPVPAttributeDefinitions { + implements IAttributeBuilder, ExtendedPvpAttributeDefinitions { @Override - public <ATT> ATT build(final IspConfiguration oaParam, final IAuthData authData, final IAttributeGenerator<ATT> g) + public <ATT> ATT build(final ISpConfiguration oaParam, final IAuthData authData, + final IAttributeGenerator<ATT> g) throws AttributeBuilderException { return g.buildStringAttribute(getFriendlyName(), getName(), authData.getEncryptedSourceId()); diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/EidEncryptedSourceIdTypeAttributeBuilder.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/EidEncryptedSourceIdTypeAttributeBuilder.java index a1a245d1..3ffa6a14 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/EidEncryptedSourceIdTypeAttributeBuilder.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/EidEncryptedSourceIdTypeAttributeBuilder.java @@ -19,18 +19,19 @@ package at.gv.egiz.eaaf.core.impl.idp.builder.attributes; -import at.gv.egiz.eaaf.core.api.data.ExtendedPVPAttributeDefinitions; +import at.gv.egiz.eaaf.core.api.data.ExtendedPvpAttributeDefinitions; import at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder; import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator; import at.gv.egiz.eaaf.core.api.idp.IAuthData; -import at.gv.egiz.eaaf.core.api.idp.IspConfiguration; +import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration; import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException; public class EidEncryptedSourceIdTypeAttributeBuilder - implements IAttributeBuilder, ExtendedPVPAttributeDefinitions { + implements IAttributeBuilder, ExtendedPvpAttributeDefinitions { @Override - public <ATT> ATT build(final IspConfiguration oaParam, final IAuthData authData, final IAttributeGenerator<ATT> g) + public <ATT> ATT build(final ISpConfiguration oaParam, final IAuthData authData, + final IAttributeGenerator<ATT> g) throws AttributeBuilderException { return g.buildStringAttribute(getFriendlyName(), getName(), authData.getEncryptedSourceIdType()); diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/EidIdentityLinkBuilder.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/EidIdentityLinkBuilder.java index 8f629795..b7249786 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/EidIdentityLinkBuilder.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/EidIdentityLinkBuilder.java @@ -20,29 +20,30 @@ package at.gv.egiz.eaaf.core.impl.idp.builder.attributes; import java.io.IOException; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.util.Base64Utils; + import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator; import at.gv.egiz.eaaf.core.api.idp.IAuthData; import at.gv.egiz.eaaf.core.api.idp.IPvpAttributeBuilder; -import at.gv.egiz.eaaf.core.api.idp.IspConfiguration; +import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration; import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException; import at.gv.egiz.eaaf.core.exceptions.UnavailableAttributeException; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.springframework.util.Base64Utils; @Deprecated @PvpMetadata public class EidIdentityLinkBuilder implements IPvpAttributeBuilder { private static final Logger log = LoggerFactory.getLogger(EidIdentityLinkBuilder.class); - @Override public String getName() { return EID_IDENTITY_LINK_NAME; } @Override - public <ATT> ATT build(final IspConfiguration oaParam, final IAuthData authData, + public <ATT> ATT build(final ISpConfiguration oaParam, final IAuthData authData, final IAttributeGenerator<ATT> g) throws AttributeBuilderException { try { String ilAssertion = null; @@ -55,7 +56,6 @@ public class EidIdentityLinkBuilder implements IPvpAttributeBuilder { return g.buildStringAttribute(EID_IDENTITY_LINK_FRIENDLY_NAME, EID_IDENTITY_LINK_NAME, Base64Utils.encodeToString(ilAssertion.getBytes("UTF-8"))); - } catch (final IOException e) { log.warn("IdentityLink serialization error.", e); return g.buildEmptyAttribute(EID_IDENTITY_LINK_FRIENDLY_NAME, EID_IDENTITY_LINK_NAME); diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/EidIdentityStatusLevelAttributeBuiler.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/EidIdentityStatusLevelAttributeBuiler.java index 2f70e3e0..ee51564e 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/EidIdentityStatusLevelAttributeBuiler.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/EidIdentityStatusLevelAttributeBuiler.java @@ -7,7 +7,7 @@ import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator; import at.gv.egiz.eaaf.core.api.idp.IAuthData; import at.gv.egiz.eaaf.core.api.idp.IEidAuthData; import at.gv.egiz.eaaf.core.api.idp.IPvpAttributeBuilder; -import at.gv.egiz.eaaf.core.api.idp.IspConfiguration; +import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration; import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException; import at.gv.egiz.eaaf.core.exceptions.UnavailableAttributeException; @@ -22,7 +22,7 @@ public class EidIdentityStatusLevelAttributeBuiler implements IPvpAttributeBuild } @Override - public <ATT> ATT build(final IspConfiguration oaParam, final IAuthData authData, + public <ATT> ATT build(final ISpConfiguration oaParam, final IAuthData authData, final IAttributeGenerator<ATT> g) throws AttributeBuilderException { if (authData instanceof IEidAuthData) { @@ -31,7 +31,7 @@ public class EidIdentityStatusLevelAttributeBuiler implements IPvpAttributeBuild } return g.buildStringAttribute(getFriendlyName(), getName(), - ((IEidAuthData) authData).getEidStatus().getURI()); + ((IEidAuthData) authData).getEidStatus().getUri()); } else { log.info(getFriendlyName() + " is only available in EAAF context"); } diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/EidIssuingNationAttributeBuilder.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/EidIssuingNationAttributeBuilder.java index 04c2b379..fd85871c 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/EidIssuingNationAttributeBuilder.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/EidIssuingNationAttributeBuilder.java @@ -19,12 +19,13 @@ package at.gv.egiz.eaaf.core.impl.idp.builder.attributes; +import org.apache.commons.lang3.StringUtils; + import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator; import at.gv.egiz.eaaf.core.api.idp.IAuthData; import at.gv.egiz.eaaf.core.api.idp.IPvpAttributeBuilder; -import at.gv.egiz.eaaf.core.api.idp.IspConfiguration; +import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration; import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException; -import org.apache.commons.lang3.StringUtils; @PvpMetadata public class EidIssuingNationAttributeBuilder implements IPvpAttributeBuilder { @@ -35,7 +36,7 @@ public class EidIssuingNationAttributeBuilder implements IPvpAttributeBuilder { } @Override - public <ATT> ATT build(final IspConfiguration oaParam, final IAuthData authData, + public <ATT> ATT build(final ISpConfiguration oaParam, final IAuthData authData, final IAttributeGenerator<ATT> g) throws AttributeBuilderException { final String countryCode = authData.getCiticenCountryCode(); if (StringUtils.isNotEmpty(countryCode)) { diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/EidSectorForIdAttributeBuilder.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/EidSectorForIdAttributeBuilder.java index f5e37792..3aedf9ab 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/EidSectorForIdAttributeBuilder.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/EidSectorForIdAttributeBuilder.java @@ -19,13 +19,14 @@ package at.gv.egiz.eaaf.core.impl.idp.builder.attributes; +import org.apache.commons.lang3.StringUtils; + import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator; import at.gv.egiz.eaaf.core.api.idp.IAuthData; import at.gv.egiz.eaaf.core.api.idp.IPvpAttributeBuilder; -import at.gv.egiz.eaaf.core.api.idp.IspConfiguration; +import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration; import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException; import at.gv.egiz.eaaf.core.exceptions.UnavailableAttributeException; -import org.apache.commons.lang3.StringUtils; @PvpMetadata public class EidSectorForIdAttributeBuilder implements IPvpAttributeBuilder { @@ -36,7 +37,7 @@ public class EidSectorForIdAttributeBuilder implements IPvpAttributeBuilder { } @Override - public <ATT> ATT build(final IspConfiguration oaParam, final IAuthData authData, + public <ATT> ATT build(final ISpConfiguration oaParam, final IAuthData authData, final IAttributeGenerator<ATT> g) throws AttributeBuilderException { final String bpktype = authData.getBpkType(); diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/EidSignerCertificate.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/EidSignerCertificate.java index 8ba7f255..6f857779 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/EidSignerCertificate.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/EidSignerCertificate.java @@ -19,17 +19,17 @@ package at.gv.egiz.eaaf.core.impl.idp.builder.attributes; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.util.Base64Utils; import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator; import at.gv.egiz.eaaf.core.api.idp.IAuthData; import at.gv.egiz.eaaf.core.api.idp.IEidAuthData; import at.gv.egiz.eaaf.core.api.idp.IPvpAttributeBuilder; -import at.gv.egiz.eaaf.core.api.idp.IspConfiguration; +import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration; import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException; import at.gv.egiz.eaaf.core.exceptions.UnavailableAttributeException; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.springframework.util.Base64Utils; @PvpMetadata public class EidSignerCertificate implements IPvpAttributeBuilder { @@ -41,7 +41,7 @@ public class EidSignerCertificate implements IPvpAttributeBuilder { } @Override - public <ATT> ATT build(final IspConfiguration oaParam, final IAuthData authData, + public <ATT> ATT build(final ISpConfiguration oaParam, final IAuthData authData, final IAttributeGenerator<ATT> g) throws AttributeBuilderException { if (authData instanceof IEidAuthData) { @@ -65,7 +65,6 @@ public class EidSignerCertificate implements IPvpAttributeBuilder { log.info(EID_SIGNER_CERTIFICATE_FRIENDLY_NAME + " is only available in AuthHandler context"); } - throw new UnavailableAttributeException(EID_SIGNER_CERTIFICATE_NAME); } diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/EidSourcePin.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/EidSourcePin.java index fd2d51bb..591c176e 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/EidSourcePin.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/EidSourcePin.java @@ -19,14 +19,15 @@ package at.gv.egiz.eaaf.core.impl.idp.builder.attributes; +import org.apache.commons.lang3.StringUtils; + import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator; import at.gv.egiz.eaaf.core.api.idp.IAuthData; import at.gv.egiz.eaaf.core.api.idp.IPvpAttributeBuilder; -import at.gv.egiz.eaaf.core.api.idp.IspConfiguration; +import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration; import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException; import at.gv.egiz.eaaf.core.exceptions.AttributePolicyException; import at.gv.egiz.eaaf.core.exceptions.UnavailableAttributeException; -import org.apache.commons.lang3.StringUtils; @Deprecated @PvpMetadata @@ -38,7 +39,7 @@ public class EidSourcePin implements IPvpAttributeBuilder { } @Override - public <ATT> ATT build(final IspConfiguration oaParam, final IAuthData authData, + public <ATT> ATT build(final ISpConfiguration oaParam, final IAuthData authData, final IAttributeGenerator<ATT> g) throws AttributeBuilderException { if (authData.isBaseIdTransferRestrication()) { diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/EidSourcePinType.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/EidSourcePinType.java index 2a02fb05..4fba8d0a 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/EidSourcePinType.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/EidSourcePinType.java @@ -22,7 +22,7 @@ package at.gv.egiz.eaaf.core.impl.idp.builder.attributes; import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator; import at.gv.egiz.eaaf.core.api.idp.IAuthData; import at.gv.egiz.eaaf.core.api.idp.IPvpAttributeBuilder; -import at.gv.egiz.eaaf.core.api.idp.IspConfiguration; +import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration; import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException; import at.gv.egiz.eaaf.core.exceptions.UnavailableAttributeException; @@ -36,7 +36,7 @@ public class EidSourcePinType implements IPvpAttributeBuilder { } @Override - public <ATT> ATT build(final IspConfiguration oaParam, final IAuthData authData, + public <ATT> ATT build(final ISpConfiguration oaParam, final IAuthData authData, final IAttributeGenerator<ATT> g) throws AttributeBuilderException { if (authData.isBaseIdTransferRestrication()) { diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/GivenNameAttributeBuilder.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/GivenNameAttributeBuilder.java index bbd7a06c..46e22468 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/GivenNameAttributeBuilder.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/GivenNameAttributeBuilder.java @@ -19,13 +19,14 @@ package at.gv.egiz.eaaf.core.impl.idp.builder.attributes; +import org.apache.commons.lang3.StringUtils; + import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator; import at.gv.egiz.eaaf.core.api.idp.IAuthData; import at.gv.egiz.eaaf.core.api.idp.IPvpAttributeBuilder; -import at.gv.egiz.eaaf.core.api.idp.IspConfiguration; +import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration; import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException; import at.gv.egiz.eaaf.core.exceptions.UnavailableAttributeException; -import org.apache.commons.lang3.StringUtils; @PvpMetadata public class GivenNameAttributeBuilder implements IPvpAttributeBuilder { @@ -36,7 +37,7 @@ public class GivenNameAttributeBuilder implements IPvpAttributeBuilder { } @Override - public <ATT> ATT build(final IspConfiguration oaParam, final IAuthData authData, + public <ATT> ATT build(final ISpConfiguration oaParam, final IAuthData authData, final IAttributeGenerator<ATT> g) throws AttributeBuilderException { if (StringUtils.isNotEmpty(authData.getGivenName())) { return g.buildStringAttribute(GIVEN_NAME_FRIENDLY_NAME, GIVEN_NAME_NAME, diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/PrincipalNameAttributeBuilder.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/PrincipalNameAttributeBuilder.java index bbe9b741..67451a07 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/PrincipalNameAttributeBuilder.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/PrincipalNameAttributeBuilder.java @@ -19,13 +19,14 @@ package at.gv.egiz.eaaf.core.impl.idp.builder.attributes; +import org.apache.commons.lang3.StringUtils; + import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator; import at.gv.egiz.eaaf.core.api.idp.IAuthData; import at.gv.egiz.eaaf.core.api.idp.IPvpAttributeBuilder; -import at.gv.egiz.eaaf.core.api.idp.IspConfiguration; +import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration; import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException; import at.gv.egiz.eaaf.core.exceptions.UnavailableAttributeException; -import org.apache.commons.lang3.StringUtils; @PvpMetadata public class PrincipalNameAttributeBuilder implements IPvpAttributeBuilder { @@ -36,7 +37,7 @@ public class PrincipalNameAttributeBuilder implements IPvpAttributeBuilder { } @Override - public <ATT> ATT build(final IspConfiguration oaParam, final IAuthData authData, + public <ATT> ATT build(final ISpConfiguration oaParam, final IAuthData authData, final IAttributeGenerator<ATT> g) throws AttributeBuilderException { if (StringUtils.isNotEmpty(authData.getFamilyName())) { return g.buildStringAttribute(PRINCIPAL_NAME_FRIENDLY_NAME, PRINCIPAL_NAME_NAME, diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/PvpVersionAttributeBuilder.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/PvpVersionAttributeBuilder.java index 5ff68721..204f1c45 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/PvpVersionAttributeBuilder.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/PvpVersionAttributeBuilder.java @@ -22,7 +22,7 @@ package at.gv.egiz.eaaf.core.impl.idp.builder.attributes; import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator; import at.gv.egiz.eaaf.core.api.idp.IAuthData; import at.gv.egiz.eaaf.core.api.idp.IPvpAttributeBuilder; -import at.gv.egiz.eaaf.core.api.idp.IspConfiguration; +import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration; import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException; @PvpMetadata @@ -34,7 +34,7 @@ public class PvpVersionAttributeBuilder implements IPvpAttributeBuilder { } @Override - public <ATT> ATT build(final IspConfiguration oaParam, final IAuthData authData, + public <ATT> ATT build(final ISpConfiguration oaParam, final IAuthData authData, final IAttributeGenerator<ATT> g) throws AttributeBuilderException { return g.buildStringAttribute(PVP_VERSION_FRIENDLY_NAME, PVP_VERSION_NAME, PVP_VERSION_2_1); } diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/SpCountryCodeAttributeBuilder.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/SpCountryCodeAttributeBuilder.java index 86cb1dcc..fe05b28d 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/SpCountryCodeAttributeBuilder.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/SpCountryCodeAttributeBuilder.java @@ -19,15 +19,15 @@ package at.gv.egiz.eaaf.core.impl.idp.builder.attributes; -import at.gv.egiz.eaaf.core.api.data.ExtendedPVPAttributeDefinitions; +import at.gv.egiz.eaaf.core.api.data.ExtendedPvpAttributeDefinitions; import at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder; import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator; import at.gv.egiz.eaaf.core.api.idp.IAuthData; -import at.gv.egiz.eaaf.core.api.idp.IspConfiguration; +import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration; import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException; public class SpCountryCodeAttributeBuilder - implements IAttributeBuilder, ExtendedPVPAttributeDefinitions { + implements IAttributeBuilder, ExtendedPvpAttributeDefinitions { @Override public String getName() { @@ -35,7 +35,8 @@ public class SpCountryCodeAttributeBuilder } @Override - public <ATT> ATT build(final IspConfiguration oaParam, final IAuthData authData, final IAttributeGenerator<ATT> g) + public <ATT> ATT build(final ISpConfiguration oaParam, final IAuthData authData, + final IAttributeGenerator<ATT> g) throws AttributeBuilderException { // this attribute can not generated yet return null; diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/SpFriendlyNameAttributeBuilder.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/SpFriendlyNameAttributeBuilder.java index 4b905690..37102fc5 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/SpFriendlyNameAttributeBuilder.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/SpFriendlyNameAttributeBuilder.java @@ -19,15 +19,15 @@ package at.gv.egiz.eaaf.core.impl.idp.builder.attributes; -import at.gv.egiz.eaaf.core.api.data.ExtendedPVPAttributeDefinitions; +import at.gv.egiz.eaaf.core.api.data.ExtendedPvpAttributeDefinitions; import at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder; import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator; import at.gv.egiz.eaaf.core.api.idp.IAuthData; -import at.gv.egiz.eaaf.core.api.idp.IspConfiguration; +import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration; import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException; public class SpFriendlyNameAttributeBuilder - implements IAttributeBuilder, ExtendedPVPAttributeDefinitions { + implements IAttributeBuilder, ExtendedPvpAttributeDefinitions { @Override public String getName() { @@ -35,7 +35,8 @@ public class SpFriendlyNameAttributeBuilder } @Override - public <ATT> ATT build(final IspConfiguration oaParam, final IAuthData authData, final IAttributeGenerator<ATT> g) + public <ATT> ATT build(final ISpConfiguration oaParam, final IAuthData authData, + final IAttributeGenerator<ATT> g) throws AttributeBuilderException { return g.buildStringAttribute(SP_FRIENDLYNAME_FRIENDLY_NAME, SP_FRIENDLYNAME_NAME, oaParam.getFriendlyName()); diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/SpUniqueIdAttributeBuilder.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/SpUniqueIdAttributeBuilder.java index 47e5e8ce..760dbbe5 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/SpUniqueIdAttributeBuilder.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/SpUniqueIdAttributeBuilder.java @@ -19,15 +19,15 @@ package at.gv.egiz.eaaf.core.impl.idp.builder.attributes; -import at.gv.egiz.eaaf.core.api.data.ExtendedPVPAttributeDefinitions; +import at.gv.egiz.eaaf.core.api.data.ExtendedPvpAttributeDefinitions; import at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder; import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator; import at.gv.egiz.eaaf.core.api.idp.IAuthData; -import at.gv.egiz.eaaf.core.api.idp.IspConfiguration; +import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration; import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException; public class SpUniqueIdAttributeBuilder - implements IAttributeBuilder, ExtendedPVPAttributeDefinitions { + implements IAttributeBuilder, ExtendedPvpAttributeDefinitions { @Override public String getName() { @@ -35,7 +35,8 @@ public class SpUniqueIdAttributeBuilder } @Override - public <ATT> ATT build(final IspConfiguration oaParam, final IAuthData authData, final IAttributeGenerator<ATT> g) + public <ATT> ATT build(final ISpConfiguration oaParam, final IAuthData authData, + final IAttributeGenerator<ATT> g) throws AttributeBuilderException { return g.buildStringAttribute(SP_UNIQUEID_FRIENDLY_NAME, SP_UNIQUEID_NAME, oaParam.getUniqueIdentifier()); diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/SpUsesMandates.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/SpUsesMandates.java index ce717862..44ff4e50 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/SpUsesMandates.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/SpUsesMandates.java @@ -19,14 +19,14 @@ package at.gv.egiz.eaaf.core.impl.idp.builder.attributes; -import at.gv.egiz.eaaf.core.api.data.ExtendedPVPAttributeDefinitions; +import at.gv.egiz.eaaf.core.api.data.ExtendedPvpAttributeDefinitions; import at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder; import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator; import at.gv.egiz.eaaf.core.api.idp.IAuthData; -import at.gv.egiz.eaaf.core.api.idp.IspConfiguration; +import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration; import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException; -public class SpUsesMandates implements IAttributeBuilder, ExtendedPVPAttributeDefinitions { +public class SpUsesMandates implements IAttributeBuilder, ExtendedPvpAttributeDefinitions { @Override public String getName() { @@ -34,7 +34,8 @@ public class SpUsesMandates implements IAttributeBuilder, ExtendedPVPAttributeDe } @Override - public <ATT> ATT build(final IspConfiguration oaParam, final IAuthData authData, final IAttributeGenerator<ATT> g) + public <ATT> ATT build(final ISpConfiguration oaParam, final IAuthData authData, + final IAttributeGenerator<ATT> g) throws AttributeBuilderException { // this attribute can not generated yet return null; diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/conf/AbstractConfigurationImpl.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/conf/AbstractConfigurationImpl.java index e661a2a8..d279446b 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/conf/AbstractConfigurationImpl.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/conf/AbstractConfigurationImpl.java @@ -27,13 +27,15 @@ import java.net.URI; import java.net.URISyntaxException; import java.util.Map; import java.util.Properties; -import at.gv.egiz.eaaf.core.api.idp.IExtendedConfiguration; -import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException; -import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils; + import org.apache.commons.lang3.StringUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import at.gv.egiz.eaaf.core.api.idp.IExtendedConfiguration; +import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException; +import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils; + public abstract class AbstractConfigurationImpl implements IExtendedConfiguration { private static final Logger log = LoggerFactory.getLogger(AbstractConfigurationImpl.class); @@ -72,7 +74,6 @@ public abstract class AbstractConfigurationImpl implements IExtendedConfiguratio log.info("Load EAAFCore configuration from " + internalConfigPath); - // extract configuration root directory // TODO: check if it works with classpath final File propertiesFile = new File(internalConfigPath); @@ -86,7 +87,6 @@ public abstract class AbstractConfigurationImpl implements IExtendedConfiguratio configRootDirectory = new File(configDir).toURI(); log.debug("Set EAAFCore configuration root directory to " + configRootDirectory.toString()); - // get input stream from configuration path if (internalConfigPath.getScheme().equals(URI_SCHEME_FILESYSTEM)) { log.trace("Load config from filesystem"); @@ -99,19 +99,16 @@ public abstract class AbstractConfigurationImpl implements IExtendedConfiguratio } else { log.error( "Can not load EAAFCore configuration. Unsupported prefix! (Only 'file:' and 'classpath:') "); - throw new EaafConfigurationException("config.24", - new Object[] {internalConfigPath, "'file:'"}); + throw new EaafConfigurationException("config.24", new Object[] { internalConfigPath, "'file:'" }); } if (is == null) { log.error("Can NOT load EAAFCore configuration from file " + internalConfigPath.toString()); - throw new EaafConfigurationException("config.03", - new Object[] {internalConfigPath.toString()}); + throw new EaafConfigurationException("config.03", new Object[] { internalConfigPath.toString() }); } - // load EAAF core configuration into properties object properties = new Properties(); properties.load(is); @@ -120,8 +117,9 @@ public abstract class AbstractConfigurationImpl implements IExtendedConfiguratio } catch (URISyntaxException | IOException e) { log.error("Can not parse configuration path " + configPath + " or " + getBackupConfigPath()); - throw new EaafConfigurationException("config.03", - new Object[] {configPath + " or " + getBackupConfigPath()}, e); + throw new EaafConfigurationException("config.03", new Object[] { configPath + " or " + + getBackupConfigPath() }, + e); } finally { if (is != null) { @@ -161,24 +159,17 @@ public abstract class AbstractConfigurationImpl implements IExtendedConfiguratio return defaultValue; } - @Override public boolean getBasicConfigurationBoolean(final String key) { - final String value = getBasicConfiguration(key); - if (value != null) { - return Boolean.parseBoolean(value); - } else { - return false; - } + return getBasicConfigurationBoolean(key, false); } - @Override public boolean getBasicConfigurationBoolean(final String key, final boolean defaultValue) { - final Boolean result = getBasicConfigurationBoolean(key); - if (result != null) { - return result; + final String value = getBasicConfiguration(key); + if (value != null) { + return Boolean.parseBoolean(value); } else { return defaultValue; } @@ -187,8 +178,8 @@ public abstract class AbstractConfigurationImpl implements IExtendedConfiguratio @Override public Map<String, String> getBasicConfigurationWithPrefix(final String prefix) { - return KeyValueUtils.getSubSetWithPrefix(KeyValueUtils.convertPropertiesToMap(properties), - addPrefixToKey(prefix)); + return KeyValueUtils.getSubSetWithPrefix(KeyValueUtils.convertPropertiesToMap(properties), addPrefixToKey( + prefix)); } @@ -224,7 +215,6 @@ public abstract class AbstractConfigurationImpl implements IExtendedConfiguratio */ public abstract String getApplicationSpecificKeyPrefix(); - private String addPrefixToKey(final String key) { if (StringUtils.isNotEmpty(getApplicationSpecificKeyPrefix())) { if (getApplicationSpecificKeyPrefix().endsWith(KeyValueUtils.KEY_DELIMITER)) { diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/conf/AbstractSpringBootConfigurationImpl.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/conf/AbstractSpringBootConfigurationImpl.java index 3a6cc67d..1c7806ef 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/conf/AbstractSpringBootConfigurationImpl.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/conf/AbstractSpringBootConfigurationImpl.java @@ -25,10 +25,9 @@ import java.util.Arrays; import java.util.HashMap; import java.util.Map; import java.util.Map.Entry; + import javax.annotation.PostConstruct; -import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP; -import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException; -import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils; + import org.apache.commons.lang3.StringUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -39,9 +38,12 @@ import org.springframework.core.env.EnumerablePropertySource; import org.springframework.core.env.Environment; import org.springframework.core.env.PropertySource; +import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP; +import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException; +import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils; + public abstract class AbstractSpringBootConfigurationImpl implements IConfigurationWithSP { - private static final Logger log = - LoggerFactory.getLogger(AbstractSpringBootConfigurationImpl.class); + private static final Logger log = LoggerFactory.getLogger(AbstractSpringBootConfigurationImpl.class); @Autowired private Environment env; @@ -51,8 +53,8 @@ public abstract class AbstractSpringBootConfigurationImpl implements IConfigurat @PostConstruct private void initialize() throws EaafConfigurationException { if (getConfigurationRootDirectory() == null) { - throw new EaafConfigurationException("config.08", - new Object[] {addPrefixToKey(PROP_CONFIG_ROOT_DIR)}); + throw new EaafConfigurationException("config.08", new Object[] { addPrefixToKey( + PROP_CONFIG_ROOT_DIR) }); } @@ -84,28 +86,23 @@ public abstract class AbstractSpringBootConfigurationImpl implements IConfigurat @Override public Map<String, String> getBasicConfigurationWithPrefix(final String prefix) { - final Map<String, String> configProps = - getPropertiesStartingWith((ConfigurableEnvironment) env, addPrefixToKey(prefix)); + final Map<String, String> configProps = getPropertiesStartingWith((ConfigurableEnvironment) env, + addPrefixToKey(prefix)); return KeyValueUtils.removePrefixFromKeys(configProps, addPrefixToKey(prefix) + "."); - } @Override public boolean getBasicConfigurationBoolean(final String key) { - final String value = getBasicConfiguration(key); - if (StringUtils.isNotEmpty(value)) { - return Boolean.valueOf(value.trim()); - } else { - return false; - } + return getBasicConfigurationBoolean(key, false); + } @Override public boolean getBasicConfigurationBoolean(final String key, final boolean defaultValue) { - final Boolean value = getBasicConfigurationBoolean(key); - if (value != null) { - return value; + final String value = getBasicConfiguration(key); + if (StringUtils.isNotEmpty(value)) { + return Boolean.valueOf(value.trim()); } else { return defaultValue; } @@ -124,7 +121,6 @@ public abstract class AbstractSpringBootConfigurationImpl implements IConfigurat } - /** * Get the path to backup configuration. * @@ -139,7 +135,6 @@ public abstract class AbstractSpringBootConfigurationImpl implements IConfigurat */ public abstract String getApplicationSpecificKeyPrefix(); - private String addPrefixToKey(final String key) { if (StringUtils.isNotEmpty(getApplicationSpecificKeyPrefix())) { if (getApplicationSpecificKeyPrefix().endsWith(KeyValueUtils.KEY_DELIMITER)) { @@ -192,7 +187,8 @@ public abstract class AbstractSpringBootConfigurationImpl implements IConfigurat return result; } - // note: Most descendants of PropertySource are EnumerablePropertySource. There are some + // note: Most descendants of PropertySource are EnumerablePropertySource. There + // are some // few others like JndiPropertySource or StubPropertySource log.debug("Given PropertySource is instanceof " + apropSource.getClass().getName() + " and cannot be iterated"); @@ -201,8 +197,7 @@ public abstract class AbstractSpringBootConfigurationImpl implements IConfigurat } - private static void addAll(final Map<String, Object> abase, - final Map<String, Object> atoBeAdded) { + private static void addAll(final Map<String, Object> abase, final Map<String, Object> atoBeAdded) { for (final Entry<String, Object> entry : atoBeAdded.entrySet()) { if (abase.containsKey(entry.getKey())) { continue; diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/conf/SpConfigurationImpl.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/conf/SpConfigurationImpl.java index 07284cd3..de54d103 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/conf/SpConfigurationImpl.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/conf/SpConfigurationImpl.java @@ -22,15 +22,17 @@ package at.gv.egiz.eaaf.core.impl.idp.conf; import java.util.Collections; import java.util.List; import java.util.Map; -import at.gv.egiz.eaaf.core.api.data.EAAFConfigConstants; -import at.gv.egiz.eaaf.core.api.data.EAAFConstants; -import at.gv.egiz.eaaf.core.api.idp.IConfiguration; -import at.gv.egiz.eaaf.core.api.idp.IspConfiguration; -import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils; + import org.slf4j.Logger; import org.slf4j.LoggerFactory; -public class SpConfigurationImpl implements IspConfiguration { +import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants; +import at.gv.egiz.eaaf.core.api.data.EaafConstants; +import at.gv.egiz.eaaf.core.api.idp.IConfiguration; +import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration; +import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils; + +public class SpConfigurationImpl implements ISpConfiguration { private static final long serialVersionUID = 688541755446463453L; private static final Logger log = LoggerFactory.getLogger(SpConfigurationImpl.class); @@ -42,7 +44,7 @@ public class SpConfigurationImpl implements IspConfiguration { /** * Service-provider configuration holder. * - * @param spConfig Key/value based configuration + * @param spConfig Key/value based configuration * @param authConfig Basic application configuration */ public SpConfigurationImpl(final Map<String, String> spConfig, final IConfiguration authConfig) { @@ -51,11 +53,11 @@ public class SpConfigurationImpl implements IspConfiguration { // set oa specific restrictions targetAreasWithNoInteralBaseIdRestriction = Collections .unmodifiableList(KeyValueUtils.getListOfCsvValues(authConfig.getBasicConfiguration( - CONFIG_KEY_RESTRICTIONS_BASEID_INTERNAL, EAAFConstants.URN_PREFIX_CDID))); + CONFIG_KEY_RESTRICTIONS_BASEID_INTERNAL, EaafConstants.URN_PREFIX_CDID))); targetAreasWithNoBaseIdTransmissionRestriction = Collections .unmodifiableList(KeyValueUtils.getListOfCsvValues(authConfig.getBasicConfiguration( - CONFIG_KEY_RESTRICTIONS_BASEID_TRANSMISSION, EAAFConstants.URN_PREFIX_CDID))); + CONFIG_KEY_RESTRICTIONS_BASEID_TRANSMISSION, EaafConstants.URN_PREFIX_CDID))); if (log.isTraceEnabled()) { log.trace("Internal policy for OA: " + getUniqueIdentifier()); @@ -69,7 +71,6 @@ public class SpConfigurationImpl implements IspConfiguration { } } - @Override public final Map<String, String> getFullConfiguration() { return this.spConfiguration; @@ -96,19 +97,12 @@ public class SpConfigurationImpl implements IspConfiguration { } } - @Override public final boolean isConfigurationValue(final String key) { - final String value = getConfigurationValue(key); - if (value != null) { - return Boolean.parseBoolean(value); - - } + return isConfigurationValue(key, false); - return false; } - @Override public final boolean isConfigurationValue(final String key, final boolean defaultValue) { final String value = getConfigurationValue(key); @@ -132,7 +126,7 @@ public class SpConfigurationImpl implements IspConfiguration { @Override public String getUniqueIdentifier() { - return getConfigurationValue(EAAFConfigConstants.SERVICE_UNIQUEIDENTIFIER); + return getConfigurationValue(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER); } @@ -148,19 +142,16 @@ public class SpConfigurationImpl implements IspConfiguration { } - @Override public final List<String> getTargetsWithNoBaseIdInternalProcessingRestriction() { return this.targetAreasWithNoInteralBaseIdRestriction; } - @Override public final List<String> getTargetsWithNoBaseIdTransferRestriction() { return this.targetAreasWithNoBaseIdTransmissionRestriction; } - @Override public List<String> getRequiredLoA() { log.warn( @@ -182,7 +173,6 @@ public class SpConfigurationImpl implements IspConfiguration { return null; } - @Override public String getFriendlyName() { log.warn( diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/AbstractController.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/AbstractController.java index b15dfeba..c09efc37 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/AbstractController.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/AbstractController.java @@ -20,12 +20,21 @@ package at.gv.egiz.eaaf.core.impl.idp.controller; import java.io.IOException; + import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; + +import org.apache.commons.text.StringEscapeUtils; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.context.ApplicationContext; +import org.springframework.web.bind.annotation.ExceptionHandler; + import at.gv.egiz.components.eventlog.api.EventConstants; import at.gv.egiz.eaaf.core.api.IRequest; import at.gv.egiz.eaaf.core.api.IStatusMessenger; -import at.gv.egiz.eaaf.core.api.data.EAAFConstants; +import at.gv.egiz.eaaf.core.api.data.EaafConstants; import at.gv.egiz.eaaf.core.api.data.ExceptionContainer; import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP; import at.gv.egiz.eaaf.core.api.idp.auth.services.IProtocolAuthenticationService; @@ -37,13 +46,6 @@ import at.gv.egiz.eaaf.core.exceptions.ProcessExecutionException; import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException; import at.gv.egiz.eaaf.core.impl.utils.Random; import at.gv.egiz.eaaf.core.impl.utils.ServletUtils; -import org.apache.commons.text.StringEscapeUtils; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.context.ApplicationContext; -import org.springframework.web.bind.annotation.ExceptionHandler; - /** * Basic application controller that implements core error-handling. @@ -72,16 +74,16 @@ public abstract class AbstractController { /** * EAAF framework exception handler. * - *<p> - *This handler start a protocol-specific error handling. - *</p> + * <p> + * This handler start a protocol-specific error handling. + * </p> * - * @param req http request + * @param req http request * @param resp http response - * @param e exception + * @param e exception * @throws IOException in case of an exception handling error */ - @ExceptionHandler({EaafException.class}) + @ExceptionHandler({ EaafException.class }) public void eaafExceptionHandler(final HttpServletRequest req, final HttpServletResponse resp, final Exception e) throws IOException { try { @@ -102,15 +104,15 @@ public abstract class AbstractController { * This handler wrote an internal server error into http response * </p> * - * @param resp http response + * @param resp http response * @param exception exception * @throws IOException In case of an internal error. */ - @ExceptionHandler({Exception.class}) + @ExceptionHandler({ Exception.class }) public void genericExceptionHandler(final HttpServletResponse resp, final Exception exception) throws IOException { log.error("Internel Server Error.", exception); - resp.setContentType(EAAFConstants.CONTENTTYPE_HTML_UTF8); + resp.setContentType(EaafConstants.CONTENTTYPE_HTML_UTF8); resp.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, "Internal Server Error!" + "(Errorcode=9199" + " | Description=" + StringEscapeUtils.escapeHtml4(StringEscapeUtils.escapeEcmaScript(exception.getMessage())) @@ -125,13 +127,13 @@ public abstract class AbstractController { * This handler wrote an internal server error into http response * </p> * - * @param resp http response + * @param resp http response * @param exception exception */ - @ExceptionHandler({IOException.class}) + @ExceptionHandler({ IOException.class }) public void ioExceptionHandler(final HttpServletResponse resp, final Throwable exception) { log.error("Internel Server Error.", exception); - resp.setContentType(EAAFConstants.CONTENTTYPE_HTML_UTF8); + resp.setContentType(EaafConstants.CONTENTTYPE_HTML_UTF8); resp.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); } @@ -144,7 +146,8 @@ public abstract class AbstractController { final Throwable extractedException = extractOriginalExceptionFromProcessException(exceptionThrown); - // extract pendingRequestID and originalException if it was a TaskExecutionException + // extract pendingRequestID and originalException if it was a + // TaskExecutionException if (extractedException instanceof TaskExecutionException) { // set original exception loggedException = ((TaskExecutionException) extractedException).getOriginalException(); @@ -164,14 +167,14 @@ public abstract class AbstractController { } try { - // switch to protocol-finalize method to generate a protocol-specific error message + // switch to protocol-finalize method to generate a protocol-specific error + // message // log error directly in debug mode if (log.isDebugEnabled()) { log.warn(loggedException.getMessage(), loggedException); } - // put exception into transaction store for redirect final String key = Random.nextLongRandom(); if (pendingReq != null) { @@ -187,7 +190,7 @@ public abstract class AbstractController { String redirectUrl = null; redirectUrl = ServletUtils.getBaseUrl(req); redirectUrl += "/" + ProtocolFinalizationController.ENDPOINT_ERRORHANDLING + "?" - + EAAFConstants.PARAM_HTTP_ERROR_CODE + "=" + key; + + EaafConstants.PARAM_HTTP_ERROR_CODE + "=" + key; resp.setContentType("text/html"); resp.setStatus(302); @@ -206,14 +209,12 @@ public abstract class AbstractController { } - - /** * Extracts a TaskExecutionException of a ProcessExecutionExeception Stacktrace. * * @param exception error - * @return Return the latest TaskExecutionExecption if exists, otherwise the latest - * ProcessExecutionException + * @return Return the latest TaskExecutionExecption if exists, otherwise the + * latest ProcessExecutionException */ private Throwable extractOriginalExceptionFromProcessException(final Throwable exception) { Throwable exholder = exception; @@ -238,6 +239,4 @@ public abstract class AbstractController { } } - - } diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/AbstractProcessEngineSignalController.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/AbstractProcessEngineSignalController.java index 9ff468d3..098bca4c 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/AbstractProcessEngineSignalController.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/AbstractProcessEngineSignalController.java @@ -20,20 +20,23 @@ package at.gv.egiz.eaaf.core.impl.idp.controller; import java.io.IOException; + import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; + +import org.apache.commons.text.StringEscapeUtils; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.beans.factory.annotation.Autowired; + import at.gv.egiz.eaaf.core.api.IRequest; import at.gv.egiz.eaaf.core.api.IRequestStorage; import at.gv.egiz.eaaf.core.api.IStatusMessenger; -import at.gv.egiz.eaaf.core.api.data.EAAFConstants; +import at.gv.egiz.eaaf.core.api.data.EaafConstants; import at.gv.egiz.eaaf.core.api.idp.process.ProcessEngine; import at.gv.egiz.eaaf.core.exceptions.EaafException; import at.gv.egiz.eaaf.core.exceptions.EaafIllegalStateException; import at.gv.egiz.eaaf.core.impl.utils.TransactionIdUtils; -import org.apache.commons.text.StringEscapeUtils; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.springframework.beans.factory.annotation.Autowired; /** * Servlet that resumes a suspended process (in case of asynchronous tasks). @@ -65,7 +68,7 @@ public abstract class AbstractProcessEngineSignalController extends AbstractCont log.info("No PendingRequest with Id: " + pendingRequestID + " Maybe, a transaction timeout occure."); throw new EaafException(IStatusMessenger.CODES_INTERNAL_ERROR_AUTH_TIMEOUT, - new Object[] {pendingRequestID}); + new Object[] { pendingRequestID }); } @@ -75,7 +78,7 @@ public abstract class AbstractProcessEngineSignalController extends AbstractCont // process instance is mandatory if (pendingReq.getProcessInstanceId() == null) { throw new EaafIllegalStateException( - new Object[] {"MOA session does not provide process instance id."}); + new Object[] { "MOA session does not provide process instance id." }); } @@ -91,22 +94,22 @@ public abstract class AbstractProcessEngineSignalController extends AbstractCont } - } /** - * Retrieves the current pending-request id from the HttpServletRequest parameter + * Retrieves the current pending-request id from the HttpServletRequest + * parameter * * <p/> - * Note that this class/method can be overwritten by modules providing their own strategy of - * retrieving the respective pending-request id. + * Note that this class/method can be overwritten by modules providing their own + * strategy of retrieving the respective pending-request id. * * @param request The unterlying HttpServletRequest. * @return The current pending-request id. */ public String getPendingRequestId(final HttpServletRequest request) { return StringEscapeUtils - .escapeHtml4(request.getParameter(EAAFConstants.PARAM_HTTP_TARGET_PENDINGREQUESTID)); + .escapeHtml4(request.getParameter(EaafConstants.PARAM_HTTP_TARGET_PENDINGREQUESTID)); } diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/ProtocolFinalizationController.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/ProtocolFinalizationController.java index 7b350c3b..51a8aefd 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/ProtocolFinalizationController.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/ProtocolFinalizationController.java @@ -20,15 +20,10 @@ package at.gv.egiz.eaaf.core.impl.idp.controller; import java.io.IOException; + import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import at.gv.egiz.components.eventlog.api.EventConstants; -import at.gv.egiz.eaaf.core.api.IRequest; -import at.gv.egiz.eaaf.core.api.IRequestStorage; -import at.gv.egiz.eaaf.core.api.IStatusMessenger; -import at.gv.egiz.eaaf.core.api.data.EAAFConstants; -import at.gv.egiz.eaaf.core.api.data.ExceptionContainer; -import at.gv.egiz.eaaf.core.exceptions.EaafException; + import org.apache.commons.text.StringEscapeUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -37,6 +32,14 @@ import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; +import at.gv.egiz.components.eventlog.api.EventConstants; +import at.gv.egiz.eaaf.core.api.IRequest; +import at.gv.egiz.eaaf.core.api.IRequestStorage; +import at.gv.egiz.eaaf.core.api.IStatusMessenger; +import at.gv.egiz.eaaf.core.api.data.EaafConstants; +import at.gv.egiz.eaaf.core.api.data.ExceptionContainer; +import at.gv.egiz.eaaf.core.exceptions.EaafException; + /** * Protocol finialization end-point. * @@ -55,17 +58,17 @@ public class ProtocolFinalizationController extends AbstractController { /** * End-Point to handle errors. * - * @param req http request + * @param req http request * @param resp http response * @throws EaafException In case of an internal error - * @throws IOException In case of a servlet error + * @throws IOException In case of a servlet error */ - @RequestMapping(value = ENDPOINT_ERRORHANDLING, method = {RequestMethod.GET}) + @RequestMapping(value = ENDPOINT_ERRORHANDLING, method = { RequestMethod.GET }) public void errorHandling(final HttpServletRequest req, final HttpServletResponse resp) throws EaafException, IOException { // receive an authentication error final String errorid = - StringEscapeUtils.escapeHtml4(req.getParameter(EAAFConstants.PARAM_HTTP_ERROR_CODE)); + StringEscapeUtils.escapeHtml4(req.getParameter(EaafConstants.PARAM_HTTP_ERROR_CODE)); if (errorid != null) { IRequest pendingReq = null; try { @@ -127,25 +130,25 @@ public class ProtocolFinalizationController extends AbstractController { /** * End-Point to finalize authentication protocol. * - * @param req http request + * @param req http request * @param resp http response * @throws EaafException In case of an internal error - * @throws IOException In case of a servlet error + * @throws IOException In case of a servlet error */ - @RequestMapping(value = ENDPOINT_FINALIZEPROTOCOL, method = {RequestMethod.GET}) + @RequestMapping(value = ENDPOINT_FINALIZEPROTOCOL, method = { RequestMethod.GET }) public void finalizeAuthProtocol(final HttpServletRequest req, final HttpServletResponse resp) throws EaafException, IOException { // read pendingRequest from http request final String pendingRequestID = StringEscapeUtils - .escapeHtml4(req.getParameter(EAAFConstants.PARAM_HTTP_TARGET_PENDINGREQUESTID)); + .escapeHtml4(req.getParameter(EaafConstants.PARAM_HTTP_TARGET_PENDINGREQUESTID)); final IRequest pendingReq = requestStorage.getPendingRequest(pendingRequestID); if (pendingReq == null) { log.error("No PendingRequest with ID " + pendingRequestID + " found.!"); protAuthService.handleErrorNoRedirect( new EaafException(IStatusMessenger.CODES_INTERNAL_ERROR_AUTH_TIMEOUT, - new Object[] {pendingRequestID,}), + new Object[] { pendingRequestID, }), req, resp, false); } else { diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/protocols/RequestImpl.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/protocols/RequestImpl.java index 88dae874..07fc652a 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/protocols/RequestImpl.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/protocols/RequestImpl.java @@ -28,13 +28,22 @@ import java.util.HashMap; import java.util.Map; import java.util.Map.Entry; import java.util.UUID; + import javax.annotation.Nonnull; import javax.servlet.http.HttpServletRequest; + +import org.apache.commons.lang3.StringUtils; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.lang.NonNull; +import org.springframework.lang.Nullable; +import org.springframework.util.Assert; + import at.gv.egiz.eaaf.core.api.IRequest; -import at.gv.egiz.eaaf.core.api.data.EAAFConstants; +import at.gv.egiz.eaaf.core.api.data.EaafConstants; import at.gv.egiz.eaaf.core.api.idp.IConfiguration; import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP; -import at.gv.egiz.eaaf.core.api.idp.IspConfiguration; +import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration; import at.gv.egiz.eaaf.core.exceptions.EaafAuthenticationException; import at.gv.egiz.eaaf.core.exceptions.EaafException; import at.gv.egiz.eaaf.core.exceptions.EaafStorageException; @@ -42,12 +51,6 @@ import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper; import at.gv.egiz.eaaf.core.impl.utils.HttpUtils; import at.gv.egiz.eaaf.core.impl.utils.Random; import at.gv.egiz.eaaf.core.impl.utils.TransactionIdUtils; -import org.apache.commons.lang3.StringUtils; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.springframework.lang.NonNull; -import org.springframework.lang.Nullable; -import org.springframework.util.Assert; public abstract class RequestImpl implements IRequest, Serializable { @@ -70,7 +73,7 @@ public abstract class RequestImpl implements IRequest, Serializable { private String requestedServiceProviderIdentifer; private String idpAuthUrl = null; - private IspConfiguration spConfiguration = null; + private ISpConfiguration spConfiguration = null; private boolean passiv = false; private boolean force = false; @@ -89,11 +92,10 @@ public abstract class RequestImpl implements IRequest, Serializable { private final Map<String, Object> genericDataStorage = new HashMap<>(); - /** * Initialize this pendingRequest object. * - * @param req {@link HttpServletRequest} + * @param req {@link HttpServletRequest} * @param authConfig {@link IConfiguration} * @throws EaafException * @@ -107,10 +109,10 @@ public abstract class RequestImpl implements IRequest, Serializable { /** * Initialize this pendingRequest object. * - * @param req {@link HttpServletRequest} - * @param authConfig {@link IConfiguration} - * @param transactionId transactionId that should be used in this pendingRequest for logging. If - * 'null' a new one will be generated + * @param req {@link HttpServletRequest} + * @param authConfig {@link IConfiguration} + * @param transactionId transactionId that should be used in this pendingRequest + * for logging. If 'null' a new one will be generated * * @throws EaafException * @@ -129,8 +131,9 @@ public abstract class RequestImpl implements IRequest, Serializable { TransactionIdUtils.setTransactionId(uniqueTransactionIdentifer); // initialize session object - genericDataStorage.put(EAAFConstants.AUTH_DATA_CREATED, new Date()); - // genericDataStorage.put(EAAFConstants.VALUE_SESSIONID, Random.nextLongRandom()); + genericDataStorage.put(EaafConstants.AUTH_DATA_CREATED, new Date()); + // genericDataStorage.put(EAAFConstants.VALUE_SESSIONID, + // Random.nextLongRandom()); // check if End-Point is valid final String authUrlString = HttpUtils.extractAuthUrlFromRequest(req); @@ -140,19 +143,19 @@ public abstract class RequestImpl implements IRequest, Serializable { } catch (final MalformedURLException e) { log.error("IDP AuthenticationServiceURL Prefix is not a valid URL." + authUrlString, e); - throw new EaafAuthenticationException("errorId", new Object[] {authUrlString}, e); + throw new EaafAuthenticationException("errorId", new Object[] { authUrlString }, e); } this.idpAuthUrl = authConfig.validateIdpUrl(authReqUrl); if (this.idpAuthUrl == null) { log.warn( "Extract AuthenticationServiceURL: " + authReqUrl + " is NOT found in configuration."); - throw new EaafAuthenticationException("errorId", new Object[] {authUrlString}); + throw new EaafAuthenticationException("errorId", new Object[] { authUrlString }); } // set unique session identifier - final String uniqueID = (String) req.getAttribute(EAAFConstants.UNIQUESESSIONIDENTIFIER); + final String uniqueID = (String) req.getAttribute(EaafConstants.UNIQUESESSIONIDENTIFIER); if (StringUtils.isNotEmpty(uniqueID)) { this.uniqueSessionIdentifer = uniqueID; } else { @@ -267,10 +270,9 @@ public abstract class RequestImpl implements IRequest, Serializable { } @Override - public final IspConfiguration getServiceProviderConfiguration() { + public final ISpConfiguration getServiceProviderConfiguration() { return this.spConfiguration; - } @Override @@ -291,7 +293,7 @@ public abstract class RequestImpl implements IRequest, Serializable { } - public void setOnlineApplicationConfiguration(final IspConfiguration spConfig) { + public void setOnlineApplicationConfiguration(final ISpConfiguration spConfig) { this.spConfiguration = spConfig; } diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/tasks/AbstractLocaleAuthServletTask.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/tasks/AbstractLocaleAuthServletTask.java index 3c8fd604..dcd5a1d1 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/tasks/AbstractLocaleAuthServletTask.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/tasks/AbstractLocaleAuthServletTask.java @@ -10,8 +10,8 @@ import org.apache.commons.text.StringEscapeUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import at.gv.egiz.eaaf.core.api.data.EAAFConstants; -import at.gv.egiz.eaaf.core.api.data.EAAFEventCodes; +import at.gv.egiz.eaaf.core.api.data.EaafConstants; +import at.gv.egiz.eaaf.core.api.data.EaafEventCodes; import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; import at.gv.egiz.eaaf.core.exceptions.EaafException; import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException; @@ -28,22 +28,20 @@ public abstract class AbstractLocaleAuthServletTask extends AbstractAuthServletT throws TaskExecutionException { final Serializable changeLangFlag = - executionContext.get(EAAFConstants.PROCESSCONTEXT_SWITCH_LANGUAGE); + executionContext.get(EaafConstants.PROCESSCONTEXT_SWITCH_LANGUAGE); final String localeParam = StringEscapeUtils.escapeHtml4(request.getParameter(PROP_REQ_PARAM_LOCALE)); if (StringUtils.isNotEmpty(localeParam) && (changeLangFlag == null || !((Boolean) changeLangFlag))) { log.debug("Find {} parameter. Reload last task with new locale: {}", PROP_REQ_PARAM_LOCALE, localeParam); - executionContext.put(EAAFConstants.PROCESSCONTEXT_SWITCH_LANGUAGE, true); - - + executionContext.put(EaafConstants.PROCESSCONTEXT_SWITCH_LANGUAGE, true); } else { log.trace("Find {} parameter. Processing this task ... ", PROP_REQ_PARAM_LOCALE); - executionContext.put(EAAFConstants.PROCESSCONTEXT_SWITCH_LANGUAGE, false); + executionContext.put(EaafConstants.PROCESSCONTEXT_SWITCH_LANGUAGE, false); - if (parseFlagFromHttpRequest(request, EAAFConstants.PARAM_HTTP_STOP_PROCESS, false)) { + if (parseFlagFromHttpRequest(request, EaafConstants.PARAM_HTTP_STOP_PROCESS, false)) { log.info("Authentication process WAS stopped by entity. Stopping auth. process ... "); stopProcessFromUserDecision(executionContext, request, response); @@ -59,7 +57,7 @@ public abstract class AbstractLocaleAuthServletTask extends AbstractAuthServletT final HttpServletRequest request, final HttpServletResponse response) throws TaskExecutionException { try { - revisionsLogger.logEvent(pendingReq, EAAFEventCodes.PROCESS_STOPPED_BY_USER); + revisionsLogger.logEvent(pendingReq, EaafEventCodes.PROCESS_STOPPED_BY_USER); pendingReq.setAbortedByUser(true); pendingReq.setAuthenticated(false); performRedirectToProtocolFinialization(executionContext, pendingReq, request, response); diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/tasks/FinalizeAuthenticationTask.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/tasks/FinalizeAuthenticationTask.java index 7991c093..892121c0 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/tasks/FinalizeAuthenticationTask.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/tasks/FinalizeAuthenticationTask.java @@ -21,15 +21,17 @@ package at.gv.egiz.eaaf.core.impl.idp.controller.tasks; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import at.gv.egiz.eaaf.core.api.data.EAAFConstants; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.stereotype.Component; + +import at.gv.egiz.eaaf.core.api.data.EaafConstants; import at.gv.egiz.eaaf.core.api.idp.auth.IAuthenticationManager; import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; import at.gv.egiz.eaaf.core.exceptions.EaafException; import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException; import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.springframework.stereotype.Component; /** * Finalize the authentication process-flow. @@ -45,9 +47,9 @@ public class FinalizeAuthenticationTask extends AbstractAuthServletTask { /* * (non-Javadoc) * - * @see - * at.gv.egovernment.moa.id.process.springweb.MoaIdTask#execute(at.gv.egovernment.moa.id.process. - * api.ExecutionContext, javax.servlet.http.HttpServletRequest, + * @see at.gv.egovernment.moa.id.process.springweb.MoaIdTask#execute(at.gv. + * egovernment.moa.id.process. api.ExecutionContext, + * javax.servlet.http.HttpServletRequest, * javax.servlet.http.HttpServletResponse) */ @Override @@ -61,7 +63,6 @@ public class FinalizeAuthenticationTask extends AbstractAuthServletTask { IAuthenticationManager.EVENT_AUTHENTICATION_PROCESS_FINISHED); performRedirectToProtocolFinialization(executionContext, pendingReq, request, response); - } catch (final EaafException e) { throw new TaskExecutionException(pendingReq, e.getMessage(), e); @@ -70,7 +71,7 @@ public class FinalizeAuthenticationTask extends AbstractAuthServletTask { throw new TaskExecutionException(pendingReq, e.getMessage(), e); } finally { - executionContext.remove(EAAFConstants.PROCESS_ENGINE_PENDINGREQUESTID); + executionContext.remove(EaafConstants.PROCESS_ENGINE_PENDINGREQUESTID); } diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/tasks/RestartAuthProzessManagement.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/tasks/RestartAuthProzessManagement.java index 7a2c5f08..328a25c5 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/tasks/RestartAuthProzessManagement.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/tasks/RestartAuthProzessManagement.java @@ -20,8 +20,15 @@ package at.gv.egiz.eaaf.core.impl.idp.controller.tasks; import java.util.Set; + import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Component; + import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; import at.gv.egiz.eaaf.core.api.idp.process.ProcessEngine; import at.gv.egiz.eaaf.core.exceptions.EaafException; @@ -30,10 +37,6 @@ import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask; import at.gv.egiz.eaaf.core.impl.idp.auth.modules.ModuleRegistration; import at.gv.egiz.eaaf.core.impl.idp.controller.protocols.RequestImpl; import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.stereotype.Component; /** * Restart the authentication process-flow. @@ -45,15 +48,17 @@ import org.springframework.stereotype.Component; public class RestartAuthProzessManagement extends AbstractAuthServletTask { private static final Logger log = LoggerFactory.getLogger(RestartAuthProzessManagement.class); - @Autowired ProcessEngine processEngine; - @Autowired ModuleRegistration moduleRegistration; + @Autowired + ProcessEngine processEngine; + @Autowired + ModuleRegistration moduleRegistration; /* * (non-Javadoc) * - * @see - * at.gv.egovernment.moa.id.process.springweb.MoaIdTask#execute(at.gv.egovernment.moa.id.process. - * api.ExecutionContext, javax.servlet.http.HttpServletRequest, + * @see at.gv.egovernment.moa.id.process.springweb.MoaIdTask#execute(at.gv. + * egovernment.moa.id.process. api.ExecutionContext, + * javax.servlet.http.HttpServletRequest, * javax.servlet.http.HttpServletResponse) */ @Override @@ -82,7 +87,7 @@ public class RestartAuthProzessManagement extends AbstractAuthServletTask { if (processDefinitionId == null) { log.warn("No suitable authentication process found for SessionID " + pendingReq.getPendingRequestId()); - throw new EaafException("process.02", new Object[] {pendingReq.getPendingRequestId()}); + throw new EaafException("process.02", new Object[] { pendingReq.getPendingRequestId() }); } final String processInstanceId = diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/ExecutionContextImpl.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/ExecutionContextImpl.java index 619911c1..27bc829d 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/ExecutionContextImpl.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/ExecutionContextImpl.java @@ -24,6 +24,7 @@ import java.util.Collections; import java.util.HashMap; import java.util.Map; import java.util.Set; + import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; /** diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/ExpressionEvaluationContextImpl.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/ExpressionEvaluationContextImpl.java index 72ad456f..67604a03 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/ExpressionEvaluationContextImpl.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/ExpressionEvaluationContextImpl.java @@ -24,6 +24,7 @@ import java.util.Collections; import java.util.HashMap; import java.util.Map; import java.util.Set; + import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; import at.gv.egiz.eaaf.core.api.idp.process.ExpressionEvaluationContext; @@ -40,7 +41,8 @@ public class ExpressionEvaluationContextImpl implements ExpressionEvaluationCont private final Map<String, Serializable> ctxData; /** - * Creates a new instance and initializes it with data from a given process instance. + * Creates a new instance and initializes it with data from a given process + * instance. * * @param processInstance The process instance. */ diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/ProcessDefinitionParser.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/ProcessDefinitionParser.java index 63ae66d5..c693b87e 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/ProcessDefinitionParser.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/ProcessDefinitionParser.java @@ -25,6 +25,7 @@ import java.util.ArrayList; import java.util.Iterator; import java.util.List; import java.util.Objects; + import javax.xml.XMLConstants; import javax.xml.namespace.QName; import javax.xml.stream.XMLEventReader; @@ -40,19 +41,21 @@ import javax.xml.transform.stream.StreamSource; import javax.xml.validation.Schema; import javax.xml.validation.SchemaFactory; import javax.xml.validation.Validator; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.xml.sax.SAXException; + import at.gv.egiz.eaaf.core.impl.idp.process.model.EndEvent; import at.gv.egiz.eaaf.core.impl.idp.process.model.ProcessDefinition; import at.gv.egiz.eaaf.core.impl.idp.process.model.ProcessNode; import at.gv.egiz.eaaf.core.impl.idp.process.model.StartEvent; import at.gv.egiz.eaaf.core.impl.idp.process.model.TaskInfo; import at.gv.egiz.eaaf.core.impl.idp.process.model.Transition; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.xml.sax.SAXException; /** - * Parses an XML representation of a process definition as defined by the respective XML schema. - * The parser is thread-safe. + * Parses an XML representation of a process definition as defined by the + * respective XML schema. The parser is thread-safe. * * @author tknall * @@ -81,13 +84,13 @@ public class ProcessDefinitionParser { } /** - * Parses an XML representation of a process definition. The representation is being validated in - * order to suffice the related XML schema. + * Parses an XML representation of a process definition. The representation is + * being validated in order to suffice the related XML schema. * * @param processDefinitionInputStream The process definition. * @return A new process definition. - * @throws ProcessDefinitionParserException Thrown in case of error parsing the process - * definition. + * @throws ProcessDefinitionParserException Thrown in case of error parsing the + * process definition. */ public ProcessDefinition parse(final InputStream processDefinitionInputStream) throws ProcessDefinitionParserException { @@ -232,7 +235,7 @@ public class ProcessDefinitionParser { && Objects.equals(transition.getFrom(), transition.getTo())) { throw new ProcessDefinitionParserException( "Transition's 'from' equals its 'to'. Since no 'conditionExpression' " - + "has been set this will cause a loop."); + + "has been set this will cause a loop."); } } log.debug("Process definition '{}' successfully parsed.", pd.getId()); diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/ProcessDefinitionParserException.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/ProcessDefinitionParserException.java index 472d6469..d7d4928c 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/ProcessDefinitionParserException.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/ProcessDefinitionParserException.java @@ -30,18 +30,19 @@ public class ProcessDefinitionParserException extends Exception { private static final long serialVersionUID = 1L; /** - * Creates a new parser exception providing a {@code message} describing the reason and the - * {@code cause}. + * Creates a new parser exception providing a {@code message} describing the + * reason and the {@code cause}. * * @param message The message. - * @param cause The cause. + * @param cause The cause. */ public ProcessDefinitionParserException(final String message, final Throwable cause) { super(message, cause); } /** - * Creates a new parser exception providing a {@code message} describing the reason. + * Creates a new parser exception providing a {@code message} describing the + * reason. * * @param message The message. */ diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/ProcessEngineImpl.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/ProcessEngineImpl.java index fefcf331..9274ea81 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/ProcessEngineImpl.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/ProcessEngineImpl.java @@ -25,8 +25,17 @@ import java.util.HashMap; import java.util.Map; import java.util.Map.Entry; import java.util.concurrent.ConcurrentHashMap; + +import org.apache.commons.collections4.IterableUtils; +import org.apache.commons.lang3.StringUtils; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.slf4j.MDC; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.context.ApplicationContext; + import at.gv.egiz.eaaf.core.api.IRequest; -import at.gv.egiz.eaaf.core.api.data.EAAFConstants; +import at.gv.egiz.eaaf.core.api.data.EaafConstants; import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; import at.gv.egiz.eaaf.core.api.idp.process.ExpressionEvaluationContext; import at.gv.egiz.eaaf.core.api.idp.process.ExpressionEvaluator; @@ -42,17 +51,10 @@ import at.gv.egiz.eaaf.core.impl.idp.process.model.ProcessNode; import at.gv.egiz.eaaf.core.impl.idp.process.model.StartEvent; import at.gv.egiz.eaaf.core.impl.idp.process.model.TaskInfo; import at.gv.egiz.eaaf.core.impl.idp.process.model.Transition; -import org.apache.commons.collections4.IterableUtils; -import org.apache.commons.lang3.StringUtils; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.slf4j.MDC; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.context.ApplicationContext; /** - * Process engine implementation allowing starting and continuing processes as well as providing - * means for cleanup actions. + * Process engine implementation allowing starting and continuing processes as + * well as providing means for cleanup actions. */ public class ProcessEngineImpl implements ProcessEngine { @@ -93,8 +95,8 @@ public class ProcessEngineImpl implements ProcessEngine { * Sets the process definitions. * * @param processDefinitions The process definitions. - * @throws IllegalArgumentException In case the process definitions contain definitions with the - * same identifier. + * @throws IllegalArgumentException In case the process definitions contain + * definitions with the same identifier. */ public void setProcessDefinitions(final Iterable<ProcessDefinition> processDefinitions) { this.processDefinitions.clear(); @@ -108,7 +110,8 @@ public class ProcessEngineImpl implements ProcessEngine { } /** - * Sets an expression evaluator that should be used to process transition condition expressions. + * Sets an expression evaluator that should be used to process transition + * condition expressions. * * @param transitionConditionExpressionEvaluator The expression evaluator. */ @@ -117,7 +120,6 @@ public class ProcessEngineImpl implements ProcessEngine { this.transitionConditionExpressionEvaluator = transitionConditionExpressionEvaluator; } - @Override public String createProcessInstance(final String processDefinitionId, final ExecutionContext executionContext) throws ProcessExecutionException { @@ -220,7 +222,7 @@ public class ProcessEngineImpl implements ProcessEngine { pi.setState(ProcessInstanceState.STARTED); // put pending-request ID on execution-context because it could be changed - pi.getExecutionContext().put(EAAFConstants.PARAM_HTTP_TARGET_PENDINGREQUESTID, + pi.getExecutionContext().put(EaafConstants.PARAM_HTTP_TARGET_PENDINGREQUESTID, pendingReq.getPendingRequestId()); execute(pi, pendingReq); @@ -238,15 +240,15 @@ public class ProcessEngineImpl implements ProcessEngine { } } - /** * Instantiates a task implementation given by a {@link TaskInfo}. * * @param ti The task info. - * @return A Task implementation or {@code null} if the task info does not reference any task - * implementing classes. - * @throws ProcessExecutionException Thrown in case of error (when the referenced class does not - * implement {@link Task} for instance). + * @return A Task implementation or {@code null} if the task info does not + * reference any task implementing classes. + * @throws ProcessExecutionException Thrown in case of error (when the + * referenced class does not implement + * {@link Task} for instance). */ private Task createTaskInstance(final TaskInfo ti) throws ProcessExecutionException { final String clazz = StringUtils.trimToNull(ti.getTaskImplementingClass()); @@ -283,7 +285,7 @@ public class ProcessEngineImpl implements ProcessEngine { /** * Starts/executes a given process instance. * - * @param pi The process instance. + * @param pi The process instance. * @param pendingReq current pending request * @throws ProcessExecutionException Thrown in case of error. */ @@ -404,7 +406,8 @@ public class ProcessEngineImpl implements ProcessEngine { * Persists a {@link ProcessInstance} to the database. * * @param processInstance The object to persist. - * @throws MOADatabaseException Thrown if an error occurs while accessing the database. + * @throws MOADatabaseException Thrown if an error occurs while accessing the + * database. */ private void saveOrUpdateProcessInstance(final ProcessInstance processInstance) throws EaafException { @@ -431,9 +434,10 @@ public class ProcessEngineImpl implements ProcessEngine { * Load a {@link ProcessInstance} with a certain id from the database. * * @param processInstanceId The process instance id - * @return The process instance corresponding to the id or {@code null} if no such object is - * found. - * @throws MOADatabaseException Thrown if an error occurs while accessing the database. + * @return The process instance corresponding to the id or {@code null} if no + * such object is found. + * @throws MOADatabaseException Thrown if an error occurs while accessing the + * database. */ private ProcessInstance loadProcessInstance(final String processInstanceId) throws EaafException { @@ -462,7 +466,9 @@ public class ProcessEngineImpl implements ProcessEngine { /* * (non-Javadoc) * - * @see at.gv.egovernment.moa.id.process.ProcessEngine#deleteProcessInstance(java.lang.String) + * @see + * at.gv.egovernment.moa.id.process.ProcessEngine#deleteProcessInstance(java. + * lang.String) */ @Override public void deleteProcessInstance(final String processInstanceId) diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/ProcessInstance.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/ProcessInstance.java index 69683529..f3ec6b2d 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/ProcessInstance.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/ProcessInstance.java @@ -21,17 +21,19 @@ package at.gv.egiz.eaaf.core.impl.idp.process; import java.io.Serializable; import java.util.Date; -import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; -import at.gv.egiz.eaaf.core.impl.idp.process.model.ProcessDefinition; -import at.gv.egiz.eaaf.core.impl.idp.process.support.SecureRandomHolder; + import org.apache.commons.lang3.RandomStringUtils; import org.apache.commons.lang3.time.DurationFormatUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; +import at.gv.egiz.eaaf.core.impl.idp.process.model.ProcessDefinition; +import at.gv.egiz.eaaf.core.impl.idp.process.support.SecureRandomHolder; + /** - * Represents a process being executed. The process instance provides information about the process - * and its state. + * Represents a process being executed. The process instance provides + * information about the process and its state. * * @author tknall * @@ -47,19 +49,18 @@ public class ProcessInstance implements Serializable { private final ExecutionContext executionContext; private ProcessInstanceState state = ProcessInstanceState.NOT_STARTED; - - /** - * Creates a new process instance, based on a given process definition and a given execution - * context. If the given execution context is {@code null} a new execution context will be - * created. + * Creates a new process instance, based on a given process definition and a + * given execution context. If the given execution context is {@code null} a new + * execution context will be created. * <p/> - * The process instance id of the execution context will be newly generated if it is {@code null} - * in the execution context. + * The process instance id of the execution context will be newly generated if + * it is {@code null} in the execution context. * * @param processDefinition The process definition. - * @param executionContext The execution context (may be {@code null}). If {@code null} a new - * execution context will be created internally. + * @param executionContext The execution context (may be {@code null}). If + * {@code null} a new execution context will be created + * internally. */ ProcessInstance(final ProcessDefinition processDefinition, ExecutionContext executionContext) { final Logger log = LoggerFactory.getLogger(getClass()); @@ -94,7 +95,8 @@ public class ProcessInstance implements Serializable { /** * Returns the id of the process node to be executed next. * - * @return The process node pointer indicating the process node to be executed next. + * @return The process node pointer indicating the process node to be executed + * next. */ public String getNextId() { touch(); diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/ProcessInstanceState.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/ProcessInstanceState.java index e6bfa480..f2353869 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/ProcessInstanceState.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/ProcessInstanceState.java @@ -28,7 +28,8 @@ package at.gv.egiz.eaaf.core.impl.idp.process; public enum ProcessInstanceState { /** - * Indicates that the process with this process instance has not yet been started. + * Indicates that the process with this process instance has not yet been + * started. */ NOT_STARTED, @@ -38,8 +39,8 @@ public enum ProcessInstanceState { STARTED, /** - * Indicates that the process has been suspended until being waken up by someonce calling - * {@code signal}. + * Indicates that the process has been suspended until being waken up by + * someonce calling {@code signal}. */ SUSPENDED, diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/dao/ProcessInstanceStore.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/dao/ProcessInstanceStore.java index f1abaef3..07d44f36 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/dao/ProcessInstanceStore.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/dao/ProcessInstanceStore.java @@ -21,6 +21,7 @@ package at.gv.egiz.eaaf.core.impl.idp.process.dao; import java.io.Serializable; import java.util.Map; + import at.gv.egiz.eaaf.core.impl.idp.process.ProcessInstanceState; public class ProcessInstanceStore implements Serializable { @@ -28,8 +29,8 @@ public class ProcessInstanceStore implements Serializable { private static final long serialVersionUID = -6147519767313903808L; /** - * A process instance identifier qualifies as natural primary key by satisfying these requirements. - * ("unique, constant, required"): + * A process instance identifier qualifies as natural primary key by satisfying + * these requirements. ("unique, constant, required"): * <ul> * <li>unique value</li> * <li>never changes (immutable)</li> diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/dao/ProcessInstanceStoreDaoImpl.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/dao/ProcessInstanceStoreDaoImpl.java index 06c8cc1a..cca8872f 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/dao/ProcessInstanceStoreDaoImpl.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/dao/ProcessInstanceStoreDaoImpl.java @@ -19,16 +19,18 @@ package at.gv.egiz.eaaf.core.impl.idp.process.dao; -import at.gv.egiz.eaaf.core.api.idp.process.ProcessInstanceStoreDao; -import at.gv.egiz.eaaf.core.api.storage.ITransactionStorage; -import at.gv.egiz.eaaf.core.exceptions.EaafException; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; +import at.gv.egiz.eaaf.core.api.idp.process.ProcessInstanceStoreDao; +import at.gv.egiz.eaaf.core.api.storage.ITransactionStorage; +import at.gv.egiz.eaaf.core.exceptions.EaafException; + /** - * Database backed implementation of the {@link ProcessInstanceStoreDao} interface. + * Database backed implementation of the {@link ProcessInstanceStoreDao} + * interface. */ @Service("ProcessInstanceStoreage") public class ProcessInstanceStoreDaoImpl implements ProcessInstanceStoreDao { diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/model/EndEvent.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/model/EndEvent.java index 48919ded..ac7406ae 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/model/EndEvent.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/model/EndEvent.java @@ -20,10 +20,12 @@ package at.gv.egiz.eaaf.core.impl.idp.process.model; import java.io.Serializable; + import org.apache.commons.collections4.CollectionUtils; /** - * Represents an end event. Process execution terminates when an end event is reached. + * Represents an end event. Process execution terminates when an end event is + * reached. * * @author tknall */ diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/model/ProcessDefinition.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/model/ProcessDefinition.java index 3ab68266..39adda69 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/model/ProcessDefinition.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/model/ProcessDefinition.java @@ -23,6 +23,7 @@ import java.io.Serializable; import java.util.LinkedHashMap; import java.util.Map; import java.util.Objects; + import at.gv.egiz.eaaf.core.impl.idp.process.ProcessDefinitionParser; /** @@ -31,7 +32,8 @@ import at.gv.egiz.eaaf.core.impl.idp.process.ProcessDefinitionParser; * <li>a {@link StartEvent},</li> * <li>one or more {@linkplain TaskInfo Tasks},</li> * <li>one or more {@linkplain EndEvent EndEvents} and</li> - * <li>some {@linkplain Transition Transitions} linking StartEvents, Tasks and EndEvents. + * <li>some {@linkplain Transition Transitions} linking StartEvents, Tasks and + * EndEvents. * </ul> * * @author tknall @@ -49,8 +51,8 @@ public class ProcessDefinition implements Serializable { /** * Returns the unique identifier of the process definition. * - * @return The unique identifier (never {@code null} if process definition comes from - * {@link ProcessDefinitionParser}). + * @return The unique identifier (never {@code null} if process definition comes + * from {@link ProcessDefinitionParser}). */ public String getId() { return id; @@ -106,8 +108,8 @@ public class ProcessDefinition implements Serializable { /** * Returns a map containing the end events of the process description. * - * @return The map containing the end events (map is never {@code null} if process definition - * comes from {@link ProcessDefinitionParser}). + * @return The map containing the end events (map is never {@code null} if + * process definition comes from {@link ProcessDefinitionParser}). */ public Map<String, EndEvent> getEndEvents() { return endEvents; @@ -126,8 +128,8 @@ public class ProcessDefinition implements Serializable { * Returns the process node associated with the given {@code id}. * * @param id The identifier of the process node. - * @return The process node (may be {code null} when no process node with the given {@code id} - * exists). + * @return The process node (may be {code null} when no process node with the + * given {@code id} exists). */ public ProcessNode getProcessNode(final String id) { Objects.requireNonNull(id, "Identifier must not be null."); diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/model/ProcessNode.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/model/ProcessNode.java index 92858edf..46f086f9 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/model/ProcessNode.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/model/ProcessNode.java @@ -21,10 +21,12 @@ package at.gv.egiz.eaaf.core.impl.idp.process.model; import java.util.ArrayList; import java.util.List; + import at.gv.egiz.eaaf.core.impl.idp.process.ProcessDefinitionParser; /** - * Represents a {@link StartEvent}, an {@link EndEvent} or a {@linkplain TaskInfo Task}. + * Represents a {@link StartEvent}, an {@link EndEvent} or a + * {@linkplain TaskInfo Task}. * * @author tknall * @@ -38,8 +40,8 @@ public abstract class ProcessNode { /** * Returns the unique identifier of the process node. * - * @return The unique identifier (never {@code null} if process node comes from a process - * definition from {@link ProcessDefinitionParser}). + * @return The unique identifier (never {@code null} if process node comes from + * a process definition from {@link ProcessDefinitionParser}). */ public String getId() { return id; @@ -57,8 +59,8 @@ public abstract class ProcessNode { /** * Returns a list of transitions pointing from this process node to another one. * - * @return A list of transitions (never {@code null} if process node comes from a process - * definition from {@link ProcessDefinitionParser}). + * @return A list of transitions (never {@code null} if process node comes from + * a process definition from {@link ProcessDefinitionParser}). */ public List<Transition> getOutgoingTransitions() { return outgoingTransitions; @@ -67,7 +69,8 @@ public abstract class ProcessNode { /** * Sets the list of transitions pointing from this process node to another one. * - * @param outgoingTransitions The list of transitions originating from this process node. + * @param outgoingTransitions The list of transitions originating from this + * process node. */ public void setOutgoingTransitions(final List<Transition> outgoingTransitions) { this.outgoingTransitions = outgoingTransitions; @@ -76,8 +79,8 @@ public abstract class ProcessNode { /** * Returns a list of transitions pointing from another process node to this one. * - * @return A list of transitions (never {@code null} if process node comes from a process - * definition from {@link ProcessDefinitionParser}). + * @return A list of transitions (never {@code null} if process node comes from + * a process definition from {@link ProcessDefinitionParser}). */ public List<Transition> getIncomingTransitions() { return incomingTransitions; @@ -86,7 +89,8 @@ public abstract class ProcessNode { /** * Sets the list of transitions pointing from another process node to this one. * - * @param incomingTransitions A list of transitions pointing to this process node. + * @param incomingTransitions A list of transitions pointing to this process + * node. */ public void setIncomingTransitions(final List<Transition> incomingTransitions) { this.incomingTransitions = incomingTransitions; diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/model/StartEvent.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/model/StartEvent.java index 698312c7..ef6bc7ef 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/model/StartEvent.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/model/StartEvent.java @@ -20,11 +20,12 @@ package at.gv.egiz.eaaf.core.impl.idp.process.model; import java.io.Serializable; + import org.apache.commons.collections4.CollectionUtils; /** - * Represents a start event. Each process description contains a single start event. Process - * execution starts with a start event. + * Represents a start event. Each process description contains a single start + * event. Process execution starts with a start event. * * @author tknall * diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/model/TaskInfo.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/model/TaskInfo.java index 9e384b4c..c8eea1bb 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/model/TaskInfo.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/model/TaskInfo.java @@ -20,11 +20,14 @@ package at.gv.egiz.eaaf.core.impl.idp.process.model; import java.io.Serializable; -import at.gv.egiz.eaaf.core.api.idp.process.Task; + import org.apache.commons.collections4.CollectionUtils; +import at.gv.egiz.eaaf.core.api.idp.process.Task; + /** - * Represents information about a single task to be performed upon process execution. + * Represents information about a single task to be performed upon process + * execution. * * @author tknall * @@ -38,17 +41,19 @@ public class TaskInfo extends ProcessNode implements Serializable { private boolean async = DEFAULT_ASYNC; /** - * Determines if the task is marked asynchronous ({@code true}) or synchronous ({@code false}). + * Determines if the task is marked asynchronous ({@code true}) or synchronous + * ({@code false}). * - * @return A flag indicating if the task should be executed asynchronously or synchronously. - * (Default: {@code false}) + * @return A flag indicating if the task should be executed asynchronously or + * synchronously. (Default: {@code false}) */ public boolean isAsync() { return async; } /** - * Marks a task to executed asynchronously ({@code true}) or synchronously ({@code false}). + * Marks a task to executed asynchronously ({@code true}) or synchronously + * ({@code false}). * * @param async The flag. */ @@ -57,7 +62,8 @@ public class TaskInfo extends ProcessNode implements Serializable { } /** - * Returns the class that implements the actual task (must implement {@link Task}). + * Returns the class that implements the actual task (must implement + * {@link Task}). * * @return The task implementing class. */ diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/model/Transition.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/model/Transition.java index 4c7b70f0..39c5f437 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/model/Transition.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/model/Transition.java @@ -20,11 +20,13 @@ package at.gv.egiz.eaaf.core.impl.idp.process.model; import java.io.Serializable; + import at.gv.egiz.eaaf.core.impl.idp.process.ProcessDefinitionParser; /** - * Represents a single transition from a {@link StartEvent} or {@linkplain TaskInfo Task} to another - * {@linkplain TaskInfo Task} or {@link EndEvent}. + * Represents a single transition from a {@link StartEvent} or + * {@linkplain TaskInfo Task} to another {@linkplain TaskInfo Task} or + * {@link EndEvent}. * * @author tknall * @@ -39,11 +41,12 @@ public class Transition implements Serializable { private ProcessNode to; /** - * Returns the process node (effectively a {@link StartEvent} or {@linkplain TaskInfo Task}) the - * transition is pointing from. + * Returns the process node (effectively a {@link StartEvent} or + * {@linkplain TaskInfo Task}) the transition is pointing from. * - * @return The transition's source process node (never {@code null} if transition comes from a - * process definition from {@link ProcessDefinitionParser}). + * @return The transition's source process node (never {@code null} if + * transition comes from a process definition from + * {@link ProcessDefinitionParser}). */ public ProcessNode getFrom() { return from; @@ -59,11 +62,12 @@ public class Transition implements Serializable { } /** - * Returns the process node (effectively a {@linkplain TaskInfo Task} or {@link EndEvent}) the - * transition is pointing to. + * Returns the process node (effectively a {@linkplain TaskInfo Task} or + * {@link EndEvent}) the transition is pointing to. * - * @return The transition's destination process node (never {@code null} if transition comes from - * a process definition from {@link ProcessDefinitionParser}). + * @return The transition's destination process node (never {@code null} if + * transition comes from a process definition from + * {@link ProcessDefinitionParser}). */ public ProcessNode getTo() { return to; diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/spring/SpringExpressionEvaluator.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/spring/SpringExpressionEvaluator.java index fc01463e..588a3bde 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/spring/SpringExpressionEvaluator.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/spring/SpringExpressionEvaluator.java @@ -20,10 +20,9 @@ package at.gv.egiz.eaaf.core.impl.idp.process.spring; import java.util.Objects; + import javax.annotation.PostConstruct; -import at.gv.egiz.eaaf.core.api.idp.process.ExpressionEvaluationContext; -import at.gv.egiz.eaaf.core.api.idp.process.ExpressionEvaluator; -import at.gv.egiz.eaaf.core.impl.idp.process.model.Transition; + import org.apache.commons.lang3.BooleanUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -35,9 +34,13 @@ import org.springframework.expression.ExpressionParser; import org.springframework.expression.spel.standard.SpelExpressionParser; import org.springframework.expression.spel.support.StandardEvaluationContext; +import at.gv.egiz.eaaf.core.api.idp.process.ExpressionEvaluationContext; +import at.gv.egiz.eaaf.core.api.idp.process.ExpressionEvaluator; +import at.gv.egiz.eaaf.core.impl.idp.process.model.Transition; + /** - * Expression evaluator for processing {@link Transition} conditions allowing to reference Spring - * beans from the application context. + * Expression evaluator for processing {@link Transition} conditions allowing to + * reference Spring beans from the application context. * * @author tknall * diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/springweb/AbstractAuthSourceServlet.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/springweb/AbstractAuthSourceServlet.java index cc899641..bd352bef 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/springweb/AbstractAuthSourceServlet.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/springweb/AbstractAuthSourceServlet.java @@ -21,9 +21,7 @@ package at.gv.egiz.eaaf.core.impl.idp.process.springweb; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; -import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; -import at.gv.egiz.eaaf.core.api.idp.process.ProcessEngine; -import at.gv.egiz.eaaf.core.impl.idp.process.ProcessInstance; + import org.apache.commons.lang3.StringUtils; import org.springframework.beans.BeansException; import org.springframework.beans.factory.NoSuchBeanDefinitionException; @@ -31,10 +29,14 @@ import org.springframework.beans.factory.NoUniqueBeanDefinitionException; import org.springframework.web.context.WebApplicationContext; import org.springframework.web.context.support.WebApplicationContextUtils; +import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; +import at.gv.egiz.eaaf.core.api.idp.process.ProcessEngine; +import at.gv.egiz.eaaf.core.impl.idp.process.ProcessInstance; + /** - * Abstract HttpServlet that provides means for retrieving the process engine (Spring Web required) - * as well as retrieving the underlying process instance and execution context evaluating a certain - * request parameter. + * Abstract HttpServlet that provides means for retrieving the process engine + * (Spring Web required) as well as retrieving the underlying process instance + * and execution context evaluating a certain request parameter. * * @author tknall * @@ -46,7 +48,8 @@ public abstract class AbstractAuthSourceServlet extends HttpServlet { private ProcessEngine processEngine; /** - * Returns the name of the request parameter representing the respective instance id. + * Returns the name of the request parameter representing the respective + * instance id. * <p/> * Default is {@code processInstanceId}. * @@ -60,11 +63,16 @@ public abstract class AbstractAuthSourceServlet extends HttpServlet { * Returns the underlying process engine instance. * * @return The process engine (never {@code null}). - * @throws NoSuchBeanDefinitionException if no {@link ProcessEngine} bean was found. - * @throws NoUniqueBeanDefinitionException if more than one {@link ProcessEngine} bean was found. - * @throws BeansException if a problem getting the {@link ProcessEngine} bean occurred. - * @throws IllegalStateException if the Spring WebApplicationContext was not found, which means - * that the servlet is used outside a Spring web environment. + * @throws NoSuchBeanDefinitionException if no {@link ProcessEngine} bean was + * found. + * @throws NoUniqueBeanDefinitionException if more than one + * {@link ProcessEngine} bean was found. + * @throws BeansException if a problem getting the + * {@link ProcessEngine} bean occurred. + * @throws IllegalStateException if the Spring WebApplicationContext + * was not found, which means that the + * servlet is used outside a Spring web + * environment. */ public synchronized ProcessEngine getProcessEngine() { if (processEngine == null) { @@ -73,7 +81,7 @@ public abstract class AbstractAuthSourceServlet extends HttpServlet { if (ctx == null) { throw new IllegalStateException( "Unable to find Spring WebApplicationContext. " - + "Servlet needs to be executed within a Spring web environment."); + + "Servlet needs to be executed within a Spring web environment."); } processEngine = ctx.getBean(ProcessEngine.class); } @@ -86,13 +94,20 @@ public abstract class AbstractAuthSourceServlet extends HttpServlet { * * @param request The HttpServletRequest. * @return The process instance (never {@code null}). - * @throws NoSuchBeanDefinitionException if no {@link ProcessEngine} bean was found. - * @throws NoUniqueBeanDefinitionException if more than one {@link ProcessEngine} bean was found. - * @throws BeansException if a problem getting the {@link ProcessEngine} bean occurred. - * @throws IllegalStateException if the Spring WebApplicationContext was not found, which means - * that the servlet is used outside a Spring web environment. - * @throws IllegalArgumentException in case the process instance id referenced by the request - * parameter {@link #getProcessInstanceIdParameterName()} does not exist. + * @throws NoSuchBeanDefinitionException if no {@link ProcessEngine} bean was + * found. + * @throws NoUniqueBeanDefinitionException if more than one + * {@link ProcessEngine} bean was found. + * @throws BeansException if a problem getting the + * {@link ProcessEngine} bean occurred. + * @throws IllegalStateException if the Spring WebApplicationContext + * was not found, which means that the + * servlet is used outside a Spring web + * environment. + * @throws IllegalArgumentException in case the process instance id + * referenced by the request parameter + * {@link #getProcessInstanceIdParameterName()} + * does not exist. */ public ProcessInstance getProcessInstance(final HttpServletRequest request) { final String processInstanceId = @@ -105,18 +120,26 @@ public abstract class AbstractAuthSourceServlet extends HttpServlet { } /** - * Retrieves the execution context for the respective process instance referenced by the request - * parameter {@link #getProcessInstanceIdParameterName()}. + * Retrieves the execution context for the respective process instance + * referenced by the request parameter + * {@link #getProcessInstanceIdParameterName()}. * * @param request The HttpServletRequest. * @return The execution context (never {@code null}). - * @throws NoSuchBeanDefinitionException if no {@link ProcessEngine} bean was found. - * @throws NoUniqueBeanDefinitionException if more than one {@link ProcessEngine} bean was found. - * @throws BeansException if a problem getting the {@link ProcessEngine} bean occurred. - * @throws IllegalStateException if the Spring WebApplicationContext was not found, which means - * that the servlet is used outside a Spring web environment. - * @throws IllegalArgumentException in case the process instance id referenced by the request - * parameter {@link #getProcessInstanceIdParameterName()} does not exist. + * @throws NoSuchBeanDefinitionException if no {@link ProcessEngine} bean was + * found. + * @throws NoUniqueBeanDefinitionException if more than one + * {@link ProcessEngine} bean was found. + * @throws BeansException if a problem getting the + * {@link ProcessEngine} bean occurred. + * @throws IllegalStateException if the Spring WebApplicationContext + * was not found, which means that the + * servlet is used outside a Spring web + * environment. + * @throws IllegalArgumentException in case the process instance id + * referenced by the request parameter + * {@link #getProcessInstanceIdParameterName()} + * does not exist. */ public ExecutionContext getExecutionContext(final HttpServletRequest request) { return getProcessInstance(request).getExecutionContext(); diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/springweb/AbstractTask.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/springweb/AbstractTask.java index 02db6686..2cdb84c5 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/springweb/AbstractTask.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/springweb/AbstractTask.java @@ -21,15 +21,17 @@ package at.gv.egiz.eaaf.core.impl.idp.process.springweb; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import at.gv.egiz.eaaf.core.api.IRequest; -import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; -import at.gv.egiz.eaaf.core.api.idp.process.Task; -import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException; + import org.springframework.web.context.request.RequestAttributes; import org.springframework.web.context.request.RequestContextHolder; import org.springframework.web.context.request.ServletRequestAttributes; import org.springframework.web.filter.RequestContextFilter; +import at.gv.egiz.eaaf.core.api.IRequest; +import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; +import at.gv.egiz.eaaf.core.api.idp.process.Task; +import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException; + /** * Abstract task implementation providing {@link HttpServletRequest} and * {@link HttpServletResponse}. @@ -68,8 +70,8 @@ public abstract class AbstractTask implements Task { if (request == null || response == null) { throw new IllegalStateException( "Spring's RequestContextHolder did not provide HttpServletResponse. " - + "Did you forget to set the required " - + "org.springframework.web.filter.RequestContextFilter in your web.xml."); + + "Did you forget to set the required " + + "org.springframework.web.filter.RequestContextFilter in your web.xml."); } return internalExecute(pendingReq, executionContext, request, response); } else { @@ -78,43 +80,45 @@ public abstract class AbstractTask implements Task { } /** - * Executes the task providing the underlying {@link ExecutionContext} {@code executionContext} as - * well as the respective {@link HttpServletRequest} and {@link HttpServletResponse}. + * Executes the task providing the underlying {@link ExecutionContext} + * {@code executionContext} as well as the respective {@link HttpServletRequest} + * and {@link HttpServletResponse}. * * @param executionContext The execution context (never {@code null}). - * @param request The HttpServletRequest (never {@code null}). - * @param response The HttpServletResponse (never {@code null}). - * @throws IllegalStateException Thrown in case the task is nur being run within the required - * environment. Refer to javadoc for further information. - * @throws Exception Thrown in case of error executing the task. + * @param request The HttpServletRequest (never {@code null}). + * @param response The HttpServletResponse (never {@code null}). + * @throws IllegalStateException Thrown in case the task is nur being run within + * the required environment. Refer to javadoc for + * further information. + * @throws Exception Thrown in case of error executing the task. */ public abstract void execute(ExecutionContext executionContext, HttpServletRequest request, HttpServletResponse response) throws TaskExecutionException; /** - * Executes the task providing the underlying {@link ExecutionContext} {@code executionContext} - * and the {@link IRequest} {@code pendingReq }as well as the respective - * {@link HttpServletRequest} and {@link HttpServletResponse}. + * Executes the task providing the underlying {@link ExecutionContext} + * {@code executionContext} and the {@link IRequest} {@code pendingReq }as well + * as the respective {@link HttpServletRequest} and {@link HttpServletResponse}. * * <p> - * This method sets the pending-request object of the task implementation and starts the - * {@code execute} method of the task + * This method sets the pending-request object of the task implementation and + * starts the {@code execute} method of the task * </p> * - * @param pendingReq The pending-request object (never {@code null}). + * @param pendingReq The pending-request object (never {@code null}). * @param executionContext The execution context (never {@code null}). - * @param request The HttpServletRequest (never {@code null}). - * @param response The HttpServletResponse (never {@code null}). - * @return The pending-request object, because Process-management works recursive + * @param request The HttpServletRequest (never {@code null}). + * @param response The HttpServletResponse (never {@code null}). + * @return The pending-request object, because Process-management works + * recursive * - * @throws IllegalStateException Thrown in case the task is being run within the required - * environment. Refer to javadoc for further information. - * @throws Exception Thrown in case of error executing the task. + * @throws IllegalStateException Thrown in case the task is being run within the + * required environment. Refer to javadoc for + * further information. + * @throws Exception Thrown in case of error executing the task. */ protected abstract IRequest internalExecute(IRequest pendingReq, ExecutionContext executionContext, HttpServletRequest request, HttpServletResponse response) throws TaskExecutionException; - - } diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/springweb/SpringWebExpressionEvaluator.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/springweb/SpringWebExpressionEvaluator.java index c723a728..afcc0a58 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/springweb/SpringWebExpressionEvaluator.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/springweb/SpringWebExpressionEvaluator.java @@ -22,12 +22,10 @@ package at.gv.egiz.eaaf.core.impl.idp.process.springweb; import java.io.Serializable; import java.util.Map; import java.util.Objects; + import javax.annotation.PostConstruct; import javax.servlet.http.HttpServletRequest; -import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; -import at.gv.egiz.eaaf.core.api.idp.process.ExpressionEvaluationContext; -import at.gv.egiz.eaaf.core.api.idp.process.ExpressionEvaluator; -import at.gv.egiz.eaaf.core.impl.idp.process.model.Transition; + import org.apache.commons.lang3.BooleanUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -39,13 +37,21 @@ import org.springframework.expression.ExpressionParser; import org.springframework.expression.spel.standard.SpelExpressionParser; import org.springframework.expression.spel.support.StandardEvaluationContext; +import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; +import at.gv.egiz.eaaf.core.api.idp.process.ExpressionEvaluationContext; +import at.gv.egiz.eaaf.core.api.idp.process.ExpressionEvaluator; +import at.gv.egiz.eaaf.core.impl.idp.process.model.Transition; + /** - * Expression evaluator for processing {@link Transition} conditions allowing to. + * Expression evaluator for processing {@link Transition} conditions allowing + * to. * <ul> - * <li>reference Spring beans from the application context using {@code @myBeanName...},</li> + * <li>reference Spring beans from the application context using + * {@code @myBeanName...},</li> * <li>{@link ExecutionContext} properties using {@code ctx['property']},</li> - * <li>Multi valued {@link HttpServletRequest} parameters using {@code requestParameters['foo']} - * (keep in mind that this expression returns an array of String values) and</li> + * <li>Multi valued {@link HttpServletRequest} parameters using + * {@code requestParameters['foo']} (keep in mind that this expression returns + * an array of String values) and</li> * <li>Single valued {@link HttpServletRequest} parameters using * {@code requestParameter['foo']}</li> * </ul> @@ -70,9 +76,10 @@ public class SpringWebExpressionEvaluator implements ExpressionEvaluator { } /** - * Evaluation context that provides access to {@link HttpServletRequest} parameters using - * {@code requestParameter['foo']} for single value parameters or {@code requestParameters['foo']} - * for multi value parameters. Basic calls to {@code ctx} will be delegated. + * Evaluation context that provides access to {@link HttpServletRequest} + * parameters using {@code requestParameter['foo']} for single value parameters + * or {@code requestParameters['foo']} for multi value parameters. Basic calls + * to {@code ctx} will be delegated. * * @author tknall * @@ -82,11 +89,11 @@ public class SpringWebExpressionEvaluator implements ExpressionEvaluator { private static final long serialVersionUID = 1L; /** - * Creates a new expression evaluation context, providing access to HttpServletRequest - * parameter(s). + * Creates a new expression evaluation context, providing access to + * HttpServletRequest parameter(s). * - * @param delegate The original {@link ExpressionEvaluationContext} to be delegated to for - * {@code ctx['foo']} expressions. + * @param delegate The original {@link ExpressionEvaluationContext} to be + * delegated to for {@code ctx['foo']} expressions. */ public SpringWebExpressionEvaluationContext(final ExpressionEvaluationContext delegate) { this.delegate = delegate; diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/logging/DummyRevisionsLogger.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/logging/DummyRevisionsLogger.java index 0c5129bc..4438181f 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/logging/DummyRevisionsLogger.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/logging/DummyRevisionsLogger.java @@ -19,18 +19,18 @@ package at.gv.egiz.eaaf.core.impl.logging; -import at.gv.egiz.eaaf.core.api.IRequest; -import at.gv.egiz.eaaf.core.api.idp.IspConfiguration; -import at.gv.egiz.eaaf.core.api.logging.IRevisionLogger; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import at.gv.egiz.eaaf.core.api.IRequest; +import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration; +import at.gv.egiz.eaaf.core.api.logging.IRevisionLogger; + public class DummyRevisionsLogger implements IRevisionLogger { private static final Logger log = LoggerFactory.getLogger(DummyStatisticLogger.class); - @Override - public void logEvent(final IspConfiguration oaConfig, final int eventCode, final String message) { + public void logEvent(final ISpConfiguration oaConfig, final int eventCode, final String message) { log.trace("Dummy-logEventOperation"); } @@ -42,7 +42,8 @@ public class DummyRevisionsLogger implements IRevisionLogger { } @Override - public void logEvent(final String sessionID, final String transactionID, final int eventCode, final String message) { + public void logEvent(final String sessionID, final String transactionID, final int eventCode, + final String message) { log.trace("Dummy-logEventOperation"); } diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/logging/DummyStatisticLogger.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/logging/DummyStatisticLogger.java index 3d4a2e5e..411ab1f5 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/logging/DummyStatisticLogger.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/logging/DummyStatisticLogger.java @@ -19,14 +19,13 @@ package at.gv.egiz.eaaf.core.impl.logging; - +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.stereotype.Service; import at.gv.egiz.eaaf.core.api.IRequest; import at.gv.egiz.eaaf.core.api.idp.IAuthData; import at.gv.egiz.eaaf.core.api.logging.IStatisticLogger; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.springframework.stereotype.Service; @Service("DummyStatisticLogger") public class DummyStatisticLogger implements IStatisticLogger { @@ -51,7 +50,8 @@ public class DummyStatisticLogger implements IStatisticLogger { /* * (non-Javadoc) * - * @see at.gv.egovernment.moa.id.advancedlogging.IStatisticLogger#testConnection() + * @see + * at.gv.egovernment.moa.id.advancedlogging.IStatisticLogger#testConnection() */ @Override public void internalTesting() throws Exception { diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/utils/DomUtils.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/utils/DomUtils.java index aafea776..e1a02c64 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/utils/DomUtils.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/utils/DomUtils.java @@ -17,8 +17,6 @@ * works that you distribute must include a readable copy of the "NOTICE" text file. */ - - package at.gv.egiz.eaaf.core.impl.utils; import java.io.ByteArrayInputStream; @@ -34,6 +32,7 @@ import java.util.Map; import java.util.Map.Entry; import java.util.Set; import java.util.Vector; + import javax.xml.parsers.DocumentBuilder; import javax.xml.parsers.DocumentBuilderFactory; import javax.xml.parsers.ParserConfigurationException; @@ -45,7 +44,7 @@ import javax.xml.transform.TransformerException; import javax.xml.transform.TransformerFactory; import javax.xml.transform.dom.DOMSource; import javax.xml.transform.stream.StreamResult; -import at.gv.egiz.eaaf.core.api.data.XMLNamespaceConstants; + import org.apache.commons.io.IOUtils; import org.apache.commons.lang3.StringUtils; import org.apache.xerces.parsers.DOMParser; @@ -70,14 +69,17 @@ import org.xml.sax.ErrorHandler; import org.xml.sax.InputSource; import org.xml.sax.SAXException; +import at.gv.egiz.eaaf.core.api.data.XmlNamespaceConstants; + /** * Various utility functions for handling XML DOM trees. * - *<p> - * The parsing methods in this class make use of some features internal to the Xerces DOM parser, - * mainly for performance reasons. As soon as JAXP (currently at version 1.2) is better at schema - * handling, it should be used as the parser interface. - *</p> + * <p> + * The parsing methods in this class make use of some features internal to the + * Xerces DOM parser, mainly for performance reasons. As soon as JAXP (currently + * at version 1.2) is better at schema handling, it should be used as the parser + * interface. + * </p> * */ public class DomUtils { @@ -103,7 +105,8 @@ public class DomUtils { private static final String EXTERNAL_SCHEMA_LOCATION_PROPERTY = "http://apache.org/xml/properties/schema/external-schemaLocation"; /** - * Property URI for providing the external schema location for elements without a namespace. + * Property URI for providing the external schema location for elements without + * a namespace. */ private static final String EXTERNAL_NO_NAMESPACE_SCHEMA_LOCATION_PROPERTY = "http://apache.org/xml/properties/schema/external-noNamespaceSchemaLocation"; @@ -117,8 +120,6 @@ public class DomUtils { public static final String DISALLOW_DOCTYPE_FEATURE = "http://apache.org/xml/features/disallow-doctype-decl"; - - /** Property URI for the Xerces grammar pool. */ private static final String GRAMMAR_POOL = org.apache.xerces.impl.Constants.XERCES_PROPERTY_PREFIX + org.apache.xerces.impl.Constants.XMLGRAMMAR_POOL_PROPERTY; @@ -129,8 +130,8 @@ public class DomUtils { /** Xerces schema grammar pool. */ private static XMLGrammarPool grammarPool = new XMLGrammarPoolImpl(); /** - * Set holding the NamespaceURIs of the grammarPool, to prevent multiple entries of same grammars - * to the pool. + * Set holding the NamespaceURIs of the grammarPool, to prevent multiple entries + * of same grammars to the pool. */ private static Set grammarNamespaces; @@ -140,12 +141,13 @@ public class DomUtils { } /** - * Preparse a schema and add it to the schema pool. The method only adds the schema to the pool if - * a schema having the same <code>systemId</code> (namespace URI) is not already present in the - * pool. + * Preparse a schema and add it to the schema pool. The method only adds the + * schema to the pool if a schema having the same <code>systemId</code> + * (namespace URI) is not already present in the pool. * - * @param inputStream An <code>InputStream</code> providing the contents of the schema. - * @param systemId The systemId (namespace URI) to use for the schema. + * @param inputStream An <code>InputStream</code> providing the contents of the + * schema. + * @param systemId The systemId (namespace URI) to use for the schema. * @throws IOException An error occurred reading the schema. */ public static void addSchemaToPool(final InputStream inputStream, final String systemId) @@ -178,24 +180,32 @@ public class DomUtils { /** * Parse an XML document from an <code>InputStream</code>. * - *<p> - * It uses a <code>MOAEntityResolver</code> as the <code>EntityResolver</code> and a - * <code>MOAErrorHandler</code> as the <code>ErrorHandler</code>. - *</p> + * <p> + * It uses a <code>MOAEntityResolver</code> as the <code>EntityResolver</code> + * and a <code>MOAErrorHandler</code> as the <code>ErrorHandler</code>. + * </p> * - * @param inputStream The <code>InputStream</code> containing the XML document. - * @param validating If <code>true</code>, parse validating. - * @param externalSchemaLocations A <code>String</code> containing namespace URI to schema - * location pairs, the same way it is accepted by the <code>xsi: - * schemaLocation</code> attribute. - * @param externalNoNamespaceSchemaLocation The schema location of the schema for elements without - * a namespace, the same way it is accepted by the - * <code>xsi:noNamespaceSchemaLocation</code> attribute. - * @param parserFeatures Map of features that should be set into XML parser + * @param inputStream The <code>InputStream</code> + * containing the XML document. + * @param validating If <code>true</code>, parse + * validating. + * @param externalSchemaLocations A <code>String</code> containing + * namespace URI to schema location + * pairs, the same way it is accepted + * by the <code>xsi: + * schemaLocation</code> attribute. + * @param externalNoNamespaceSchemaLocation The schema location of the schema + * for elements without a namespace, + * the same way it is accepted by the + * <code>xsi:noNamespaceSchemaLocation</code> + * attribute. + * @param parserFeatures Map of features that should be set + * into XML parser * @return The parsed XML document as a DOM tree. - * @throws SAXException An error occurred parsing the document. - * @throws IOException An error occurred reading the document. - * @throws ParserConfigurationException An error occurred configuring the XML parser. + * @throws SAXException An error occurred parsing the document. + * @throws IOException An error occurred reading the document. + * @throws ParserConfigurationException An error occurred configuring the XML + * parser. */ public static Document parseDocument(final InputStream inputStream, final boolean validating, final String externalSchemaLocations, final String externalNoNamespaceSchemaLocation, @@ -209,24 +219,31 @@ public class DomUtils { /** * Parse an XML document from a <code>String</code>. * - *<p> - * It uses a <code>MOAEntityResolver</code> as the <code>EntityResolver</code> and a - * <code>MOAErrorHandler</code> as the <code>ErrorHandler</code>. - *</p> + * <p> + * It uses a <code>MOAEntityResolver</code> as the <code>EntityResolver</code> + * and a <code>MOAErrorHandler</code> as the <code>ErrorHandler</code>. + * </p> * - * @param xmlString The <code>String</code> containing the XML document. - * @param encoding The encoding of the XML document. - * @param validating If <code>true</code>, parse validating. - * @param externalSchemaLocations A <code>String</code> containing namespace URI to schema - * location pairs, the same way it is accepted by the <code>xsi: - * schemaLocation</code> attribute. - * @param externalNoNamespaceSchemaLocation The schema location of the schema for elements without - * a namespace, the same way it is accepted by the - * <code>xsi:noNamespaceSchemaLocation</code> attribute. + * @param xmlString The <code>String</code> containing + * the XML document. + * @param encoding The encoding of the XML document. + * @param validating If <code>true</code>, parse + * validating. + * @param externalSchemaLocations A <code>String</code> containing + * namespace URI to schema location + * pairs, the same way it is accepted + * by the <code>xsi: + * schemaLocation</code> attribute. + * @param externalNoNamespaceSchemaLocation The schema location of the schema + * for elements without a namespace, + * the same way it is accepted by the + * <code>xsi:noNamespaceSchemaLocation</code> + * attribute. * @return The parsed XML document as a DOM tree. - * @throws SAXException An error occurred parsing the document. - * @throws IOException An error occurred reading the document. - * @throws ParserConfigurationException An error occurred configuring the XML parser. + * @throws SAXException An error occurred parsing the document. + * @throws IOException An error occurred reading the document. + * @throws ParserConfigurationException An error occurred configuring the XML + * parser. */ public static Document parseDocument(final String xmlString, final String encoding, final boolean validating, final String externalSchemaLocations, @@ -241,24 +258,31 @@ public class DomUtils { /** * Parse an XML document from a <code>String</code>. * - *<p> - * It uses a <code>MOAEntityResolver</code> as the <code>EntityResolver</code> and a - * <code>MOAErrorHandler</code> as the <code>ErrorHandler</code>. - *</p> + * <p> + * It uses a <code>MOAEntityResolver</code> as the <code>EntityResolver</code> + * and a <code>MOAErrorHandler</code> as the <code>ErrorHandler</code>. + * </p> * - * @param xmlString The <code>String</code> containing the XML document. - * @param encoding The encoding of the XML document. - * @param validating If <code>true</code>, parse validating. - * @param externalSchemaLocations A <code>String</code> containing namespace URI to schema - * location pairs, the same way it is accepted by the <code>xsi: - * schemaLocation</code> attribute. - * @param externalNoNamespaceSchemaLocation The schema location of the schema for elements without - * a namespace, the same way it is accepted by the - * <code>xsi:noNamespaceSchemaLocation</code> attribute. + * @param xmlString The <code>String</code> containing + * the XML document. + * @param encoding The encoding of the XML document. + * @param validating If <code>true</code>, parse + * validating. + * @param externalSchemaLocations A <code>String</code> containing + * namespace URI to schema location + * pairs, the same way it is accepted + * by the <code>xsi: + * schemaLocation</code> attribute. + * @param externalNoNamespaceSchemaLocation The schema location of the schema + * for elements without a namespace, + * the same way it is accepted by the + * <code>xsi:noNamespaceSchemaLocation</code> + * attribute. * @return The parsed XML document as a DOM tree. - * @throws SAXException An error occurred parsing the document. - * @throws IOException An error occurred reading the document. - * @throws ParserConfigurationException An error occurred configuring the XML parser. + * @throws SAXException An error occurred parsing the document. + * @throws IOException An error occurred reading the document. + * @throws ParserConfigurationException An error occurred configuring the XML + * parser. */ public static Document parseDocument(final String xmlString, final String encoding, final boolean validating, final String externalSchemaLocations, @@ -273,18 +297,25 @@ public class DomUtils { /** * Parse an UTF-8 encoded XML document from a <code>String</code>. * - * @param xmlString The <code>String</code> containing the XML document. - * @param validating If <code>true</code>, parse validating. - * @param externalSchemaLocations A <code>String</code> containing namespace URI to schema - * location pairs, the same way it is accepted by the <code>xsi: - * schemaLocation</code> attribute. - * @param externalNoNamespaceSchemaLocation The schema location of the schema for elements without - * a namespace, the same way it is accepted by the - * <code>xsi:noNamespaceSchemaLocation</code> attribute. + * @param xmlString The <code>String</code> containing + * the XML document. + * @param validating If <code>true</code>, parse + * validating. + * @param externalSchemaLocations A <code>String</code> containing + * namespace URI to schema location + * pairs, the same way it is accepted + * by the <code>xsi: + * schemaLocation</code> attribute. + * @param externalNoNamespaceSchemaLocation The schema location of the schema + * for elements without a namespace, + * the same way it is accepted by the + * <code>xsi:noNamespaceSchemaLocation</code> + * attribute. * @return The parsed XML document as a DOM tree. - * @throws SAXException An error occurred parsing the document. - * @throws IOException An error occurred reading the document. - * @throws ParserConfigurationException An error occurred configuring the XML parser. + * @throws SAXException An error occurred parsing the document. + * @throws IOException An error occurred reading the document. + * @throws ParserConfigurationException An error occurred configuring the XML + * parser. */ public static Document parseDocument(final String xmlString, final boolean validating, final String externalSchemaLocations, final String externalNoNamespaceSchemaLocation) @@ -297,22 +328,33 @@ public class DomUtils { /** * Parse an XML document from an <code>InputStream</code>. * - * @param inputStream The <code>InputStream</code> containing the XML document. - * @param validating If <code>true</code>, parse validating. - * @param externalSchemaLocations A <code>String</code> containing namespace URI to schema - * location pairs, the same way it is accepted by the <code>xsi: - * schemaLocation</code> attribute. - * @param externalNoNamespaceSchemaLocation The schema location of the schema for elements without - * a namespace, the same way it is accepted by the - * <code>xsi:noNamespaceSchemaLocation</code> attribute. - * @param entityResolver An <code>EntityResolver</code> to resolve external entities (schemas and - * DTDs). If <code>null</code>, it will not be set. - * @param errorHandler An <code>ErrorHandler</code> to decide what to do with parsing errors. If - * <code>null</code>, it will not be set. + * @param inputStream The <code>InputStream</code> + * containing the XML document. + * @param validating If <code>true</code>, parse + * validating. + * @param externalSchemaLocations A <code>String</code> containing + * namespace URI to schema location + * pairs, the same way it is accepted + * by the <code>xsi: + * schemaLocation</code> attribute. + * @param externalNoNamespaceSchemaLocation The schema location of the schema + * for elements without a namespace, + * the same way it is accepted by the + * <code>xsi:noNamespaceSchemaLocation</code> + * attribute. + * @param entityResolver An <code>EntityResolver</code> to + * resolve external entities (schemas + * and DTDs). If <code>null</code>, it + * will not be set. + * @param errorHandler An <code>ErrorHandler</code> to + * decide what to do with parsing + * errors. If <code>null</code>, it + * will not be set. * @return The parsed XML document as a DOM tree. - * @throws SAXException An error occurred parsing the document. - * @throws IOException An error occurred reading the document. - * @throws ParserConfigurationException An error occurred configuring the XML parser. + * @throws SAXException An error occurred parsing the document. + * @throws IOException An error occurred reading the document. + * @throws ParserConfigurationException An error occurred configuring the XML + * parser. */ public static Document parseDocument(final InputStream inputStream, final boolean validating, final String externalSchemaLocations, final String externalNoNamespaceSchemaLocation, @@ -330,8 +372,8 @@ public class DomUtils { // } // } - - // if Debug is enabled make a copy of inputStream to enable debug output in case of SAXException + // if Debug is enabled make a copy of inputStream to enable debug output in case + // of SAXException byte[] buffer = null; ByteArrayInputStream baStream = null; if (true == log.isDebugEnabled()) { @@ -340,8 +382,6 @@ public class DomUtils { } - - // create the DOM parser if (symbolTable != null) { parser = new DOMParser(symbolTable, grammarPool); @@ -379,8 +419,8 @@ public class DomUtils { } // fix XXE problem - // parser.setFeature("http://apache.org/xml/features/disallow-doctype-decl", true); - + // parser.setFeature("http://apache.org/xml/features/disallow-doctype-decl", + // true); if (validating) { if (externalSchemaLocations != null) { @@ -423,9 +463,9 @@ public class DomUtils { * * @param inputStream data to parse * @return Element - * @throws SAXException In case of an error - * @throws IOException In case of an error - * @throws ParserConfigurationException In case of an error + * @throws SAXException In case of an error + * @throws IOException In case of an error + * @throws ParserConfigurationException In case of an error */ public static Document parseDocumentSimple(final InputStream inputStream) throws SAXException, IOException, ParserConfigurationException { @@ -446,62 +486,56 @@ public class DomUtils { return parser.getDocument(); } - - - - - - - - - - /** * A convenience method to parse an XML document validating. * * @param inputStream The <code>InputStream</code> containing the XML document. * @return The root element of the parsed XML document. - * @throws SAXException An error occurred parsing the document. - * @throws IOException An error occurred reading the document. - * @throws ParserConfigurationException An error occurred configuring the XML parser. + * @throws SAXException An error occurred parsing the document. + * @throws IOException An error occurred reading the document. + * @throws ParserConfigurationException An error occurred configuring the XML + * parser. */ public static Element parseXmlValidating(final InputStream inputStream) throws ParserConfigurationException, SAXException, IOException { return DomUtils - .parseDocument(inputStream, true, XMLNamespaceConstants.ALL_SCHEMA_LOCATIONS, null, null) + .parseDocument(inputStream, true, XmlNamespaceConstants.ALL_SCHEMA_LOCATIONS, null, null) .getDocumentElement(); } /** * A convenience method to parse an XML document validating. * - * @param inputStream The <code>InputStream</code> containing the XML document. + * @param inputStream The <code>InputStream</code> containing the XML + * document. * @param parserFeatures Set additional features to XML parser * @return The root element of the parsed XML document. - * @throws SAXException An error occurred parsing the document. - * @throws IOException An error occurred reading the document. - * @throws ParserConfigurationException An error occurred configuring the XML parser. + * @throws SAXException An error occurred parsing the document. + * @throws IOException An error occurred reading the document. + * @throws ParserConfigurationException An error occurred configuring the XML + * parser. */ public static Element parseXmlValidating(final InputStream inputStream, final Map<String, Object> parserFeatures) throws ParserConfigurationException, SAXException, IOException { - return DomUtils.parseDocument(inputStream, true, XMLNamespaceConstants.ALL_SCHEMA_LOCATIONS, + return DomUtils.parseDocument(inputStream, true, XmlNamespaceConstants.ALL_SCHEMA_LOCATIONS, null, parserFeatures).getDocumentElement(); } /** - * A convenience method to parse an XML document non validating. This method disallow DocType - * declarations + * A convenience method to parse an XML document non validating. This method + * disallow DocType declarations * * @param inputStream The <code>InputStream</code> containing the XML document. * @return The root element of the parsed XML document. - * @throws SAXException An error occurred parsing the document. - * @throws IOException An error occurred reading the document. - * @throws ParserConfigurationException An error occurred configuring the XML parser. + * @throws SAXException An error occurred parsing the document. + * @throws IOException An error occurred reading the document. + * @throws ParserConfigurationException An error occurred configuring the XML + * parser. */ public static Element parseXmlNonValidating(final InputStream inputStream) throws ParserConfigurationException, SAXException, IOException { - return DomUtils.parseDocument(inputStream, false, XMLNamespaceConstants.ALL_SCHEMA_LOCATIONS, + return DomUtils.parseDocument(inputStream, false, XmlNamespaceConstants.ALL_SCHEMA_LOCATIONS, null, Collections.unmodifiableMap(new HashMap<String, Object>() { private static final long serialVersionUID = 1L; { @@ -514,19 +548,25 @@ public class DomUtils { /** * Schema validate a given DOM element. * - * @param element The element to validate. - * @param externalSchemaLocations A <code>String</code> containing namespace URI to schema - * location pairs, the same way it is accepted by the <code>xsi: - * schemaLocation</code> attribute. - * @param externalNoNamespaceSchemaLocation The schema location of the schema for elements without - * a namespace, the same way it is accepted by the - * <code>xsi:noNamespaceSchemaLocation</code> attribute. - * @return <code>true</code>, if the <code>element</code> validates against the schemas declared - * in it. - * @throws SAXException An error occurred parsing the document. - * @throws IOException An error occurred reading the document from its serialized representation. + * @param element The element to validate. + * @param externalSchemaLocations A <code>String</code> containing + * namespace URI to schema location + * pairs, the same way it is accepted + * by the <code>xsi: + * schemaLocation</code> attribute. + * @param externalNoNamespaceSchemaLocation The schema location of the schema + * for elements without a namespace, + * the same way it is accepted by the + * <code>xsi:noNamespaceSchemaLocation</code> + * attribute. + * @return <code>true</code>, if the <code>element</code> validates against the + * schemas declared in it. + * @throws SAXException An error occurred parsing the document. + * @throws IOException An error occurred reading the document + * from its serialized representation. * @throws ParserConfigurationException An error occurred configuring the XML - * @throws TransformerException An error occurred serializing the element. + * @throws TransformerException An error occurred serializing the + * element. */ public static boolean validateElement(final Element element, final String externalSchemaLocations, final String externalNoNamespaceSchemaLocation) @@ -552,7 +592,6 @@ public class DomUtils { parser.setFeature(EXTERNAL_GENERAL_ENTITIES_FEATURE, false); parser.setFeature(DISALLOW_DOCTYPE_FEATURE, true); - if (externalSchemaLocations != null) { parser.setProperty(EXTERNAL_SCHEMA_LOCATION_PROPERTY, externalSchemaLocations); } @@ -569,23 +608,28 @@ public class DomUtils { return true; } - /** * Schema validate a given DOM element. * - * @param element The element to validate. - * @param externalSchemaLocations A <code>String</code> containing namespace URI to schema - * location pairs, the same way it is accepted by the <code>xsi: - * schemaLocation</code> attribute. - * @param externalNoNamespaceSchemaLocation The schema location of the schema for elements without - * a namespace, the same way it is accepted by the - * <code>xsi:noNamespaceSchemaLocation</code> attribute. - * @return <code>true</code>, if the <code>element</code> validates against the schemas declared - * in it. - * @throws SAXException An error occurred parsing the document. - * @throws IOException An error occurred reading the document from its serialized representation. + * @param element The element to validate. + * @param externalSchemaLocations A <code>String</code> containing + * namespace URI to schema location + * pairs, the same way it is accepted + * by the <code>xsi: + * schemaLocation</code> attribute. + * @param externalNoNamespaceSchemaLocation The schema location of the schema + * for elements without a namespace, + * the same way it is accepted by the + * <code>xsi:noNamespaceSchemaLocation</code> + * attribute. + * @return <code>true</code>, if the <code>element</code> validates against the + * schemas declared in it. + * @throws SAXException An error occurred parsing the document. + * @throws IOException An error occurred reading the document + * from its serialized representation. * @throws ParserConfigurationException An error occurred configuring the XML - * @throws TransformerException An error occurred serializing the element. + * @throws TransformerException An error occurred serializing the + * element. */ public static boolean validateElement(final Element element, final String externalSchemaLocations, final String externalNoNamespaceSchemaLocation, final EntityResolver entityResolver) @@ -628,32 +672,35 @@ public class DomUtils { /** * Serialize the given DOM node. * - *<p> + * <p> * The node will be serialized using the UTF-8 encoding. - *</p> + * </p> * * @param node The node to serialize. * @return String The <code>String</code> representation of the given DOM node. - * @throws TransformerException An error occurred transforming the node to a <code>String</code>. - * @throws IOException An IO error occurred writing the node to a byte array. + * @throws TransformerException An error occurred transforming the node to a + * <code>String</code>. + * @throws IOException An IO error occurred writing the node to a byte + * array. */ public static String serializeNode(final Node node) throws TransformerException, IOException { return new String(serializeNode(node, "UTF-8", false), "UTF-8"); } - /** * Serialize the given DOM node. * - *<p> + * <p> * The node will be serialized using the UTF-8 encoding. - *</p> + * </p> * - * @param node The node to serialize. + * @param node The node to serialize. * @param omitXmlDeclaration The boolean value for omitting the XML Declaration. * @return String The <code>String</code> representation of the given DOM node. - * @throws TransformerException An error occurred transforming the node to a <code>String</code>. - * @throws IOException An IO error occurred writing the node to a byte array. + * @throws TransformerException An error occurred transforming the node to a + * <code>String</code>. + * @throws IOException An IO error occurred writing the node to a byte + * array. */ public static String serializeNode(final Node node, final boolean omitXmlDeclaration) throws TransformerException, IOException { @@ -663,16 +710,18 @@ public class DomUtils { /** * Serialize the given DOM node. * - *<p> + * <p> * The node will be serialized using the UTF-8 encoding. - *</p> + * </p> * - * @param node The node to serialize. + * @param node The node to serialize. * @param omitXmlDeclaration The boolean value for omitting the XML Declaration. - * @param lineSeperator Sets the line seperator String of the parser + * @param lineSeperator Sets the line seperator String of the parser * @return String The <code>String</code> representation of the given DOM node. - * @throws TransformerException An error occurred transforming the node to a <code>String</code>. - * @throws IOException An IO error occurred writing the node to a byte array. + * @throws TransformerException An error occurred transforming the node to a + * <code>String</code>. + * @throws IOException An IO error occurred writing the node to a byte + * array. */ public static String serializeNode(final Node node, final boolean omitXmlDeclaration, final String lineSeperator) throws TransformerException, IOException { @@ -682,12 +731,14 @@ public class DomUtils { /** * Serialize the given DOM node to a byte array. * - * @param node The node to serialize. + * @param node The node to serialize. * @param xmlEncoding The XML encoding to use. - * @return The serialized node, as a byte array. Using a compatible encoding this can easily be - * converted into a <code>String</code>. - * @throws TransformerException An error occurred transforming the node to a byte array. - * @throws IOException An IO error occurred writing the node to a byte array. + * @return The serialized node, as a byte array. Using a compatible encoding + * this can easily be converted into a <code>String</code>. + * @throws TransformerException An error occurred transforming the node to a + * byte array. + * @throws IOException An IO error occurred writing the node to a byte + * array. */ public static byte[] serializeNode(final Node node, final String xmlEncoding) throws TransformerException, IOException { @@ -697,31 +748,34 @@ public class DomUtils { /** * Serialize the given DOM node to a byte array. * - * @param node The node to serialize. - * @param xmlEncoding The XML encoding to use. + * @param node The node to serialize. + * @param xmlEncoding The XML encoding to use. * @param omitDeclaration The boolean value for omitting the XML Declaration. - * @return The serialized node, as a byte array. Using a compatible encoding this can easily be - * converted into a <code>String</code>. - * @throws TransformerException An error occurred transforming the node to a byte array. - * @throws IOException An IO error occurred writing the node to a byte array. + * @return The serialized node, as a byte array. Using a compatible encoding + * this can easily be converted into a <code>String</code>. + * @throws TransformerException An error occurred transforming the node to a + * byte array. + * @throws IOException An IO error occurred writing the node to a byte + * array. */ public static byte[] serializeNode(final Node node, final String xmlEncoding, final boolean omitDeclaration) throws TransformerException, IOException { return serializeNode(node, xmlEncoding, omitDeclaration, null); } - /** * Serialize the given DOM node to a byte array. * - * @param node The node to serialize. - * @param xmlEncoding The XML encoding to use. + * @param node The node to serialize. + * @param xmlEncoding The XML encoding to use. * @param omitDeclaration The boolean value for omitting the XML Declaration. - * @param lineSeperator Sets the line seperator String of the parser - * @return The serialized node, as a byte array. Using a compatible encoding this can easily be - * converted into a <code>String</code>. - * @throws TransformerException An error occurred transforming the node to a byte array. - * @throws IOException An IO error occurred writing the node to a byte array. + * @param lineSeperator Sets the line seperator String of the parser + * @return The serialized node, as a byte array. Using a compatible encoding + * this can easily be converted into a <code>String</code>. + * @throws TransformerException An error occurred transforming the node to a + * byte array. + * @throws IOException An IO error occurred writing the node to a byte + * array. */ public static byte[] serializeNode(final Node node, final String xmlEncoding, final boolean omitDeclaration, final String lineSeperator) @@ -737,7 +791,7 @@ public class DomUtils { transformer.setOutputProperty(OutputKeys.OMIT_XML_DECLARATION, omit); if (null != lineSeperator) { transformer.setOutputProperty("{http://xml.apache.org/xalan}line-separator", lineSeperator); - // does not work for xalan <= 2.5.1 + // does not work for xalan <= 2.5.1 } transformer.transform(new DOMSource(node), new StreamResult(bos)); @@ -750,15 +804,15 @@ public class DomUtils { /** * Return the text that a node contains. * - *<p> + * <p> * This routine: * </p> * <ul> * <li>Ignores comments and processing instructions.</li> - * <li>Concatenates TEXT nodes, CDATA nodes, and the results recursively processing EntityRef - * nodes.</li> - * <li>Ignores any element nodes in the sublist. (Other possible options are to recurse into - * element sublists or throw an exception.)</li> + * <li>Concatenates TEXT nodes, CDATA nodes, and the results recursively + * processing EntityRef nodes.</li> + * <li>Ignores any element nodes in the sublist. (Other possible options are to + * recurse into element sublists or throw an exception.)</li> * </ul> * * @param node A DOM node from which to extract text. @@ -788,11 +842,12 @@ public class DomUtils { } /** - * Build the namespace prefix to namespace URL mapping in effect for a given node. + * Build the namespace prefix to namespace URL mapping in effect for a given + * node. * * @param node The context node for which build the map. - * @return The namespace prefix to namespace URL mapping ( a <code>String</code> value to - * <code>String</code> value mapping). + * @return The namespace prefix to namespace URL mapping ( a <code>String</code> + * value to <code>String</code> value mapping). */ public static Map getNamespaceDeclarations(Node node) { final Map nsDecls = new HashMap(); @@ -822,8 +877,8 @@ public class DomUtils { } /** - * Add all namespace declarations declared in the parent(s) of a given element and used in the - * subtree of the given element to the given element. + * Add all namespace declarations declared in the parent(s) of a given element + * and used in the subtree of the given element to the given element. * * @param context The element to which to add the namespaces. */ @@ -843,7 +898,7 @@ public class DomUtils { final String nsUri = (String) e.getValue(); final String nsAttrName = "".equals(prefix) ? "xmlns" : "xmlns:" + prefix; - context.setAttributeNS(XMLNamespaceConstants.XMLNS_NS_URI, nsAttrName, nsUri); + context.setAttributeNS(XmlNamespaceConstants.XMLNS_NS_URI, nsAttrName, nsUri); } } } @@ -853,8 +908,8 @@ public class DomUtils { * Collect all the namespace URIs used in the subtree of a given element. * * @param context The element that should be searched for namespace URIs. - * @return All namespace URIs used in the subtree of <code>context</code>, including the ones used - * in <code>context</code> itself. + * @return All namespace URIs used in the subtree of <code>context</code>, + * including the ones used in <code>context</code> itself. */ public static Set collectNamespaceUris(final Element context) { final Set result = new HashSet(); @@ -867,8 +922,8 @@ public class DomUtils { * A recursive method to do the work of <code>collectNamespaceURIs</code>. * * @param context The context element to evaluate. - * @param result The result, passed as a parameter to avoid unnecessary instantiations of - * <code>Set</code>. + * @param result The result, passed as a parameter to avoid unnecessary + * instantiations of <code>Set</code>. */ private static void collectNamespaceUrisImpl(final Element context, final Set result) { final NamedNodeMap attrs = context.getAttributes(); @@ -878,14 +933,14 @@ public class DomUtils { // add the namespace of the context element nsUri = context.getNamespaceURI(); - if (nsUri != null && nsUri != XMLNamespaceConstants.XMLNS_NS_URI) { + if (nsUri != null && nsUri != XmlNamespaceConstants.XMLNS_NS_URI) { result.add(nsUri); } // add all namespace URIs from attributes for (i = 0; i < attrs.getLength(); i++) { nsUri = attrs.item(i).getNamespaceURI(); - if (nsUri != null && nsUri != XMLNamespaceConstants.XMLNS_NS_URI) { + if (nsUri != null && nsUri != XmlNamespaceConstants.XMLNS_NS_URI) { result.add(nsUri); } } @@ -901,12 +956,12 @@ public class DomUtils { } /** - * Check, that each attribute node in the given <code>NodeList</code> has its parent in the - * <code>NodeList</code> as well. + * Check, that each attribute node in the given <code>NodeList</code> has its + * parent in the <code>NodeList</code> as well. * * @param nodes The <code>NodeList</code> to check. - * @return <code>true</code>, if each attribute node in <code>nodes</code> has its parent in - * <code>nodes</code> as well. + * @return <code>true</code>, if each attribute node in <code>nodes</code> has + * its parent in <code>nodes</code> as well. */ public static boolean checkAttributeParentsInNodeList(final NodeList nodes) { final Set nodeSet = new HashSet(); @@ -939,15 +994,19 @@ public class DomUtils { } /** - * Convert an unstructured <code>NodeList</code> into a <code>DocumentFragment</code>. + * Convert an unstructured <code>NodeList</code> into a + * <code>DocumentFragment</code>. * - * @param nodeList Contains the node list to be converted into a DOM DocumentFragment. - * @return the resulting DocumentFragment. The DocumentFragment will be backed by a new DOM - * Document, i.e. all noded of the node list will be cloned. - * @throws ParserConfigurationException An error occurred creating the DocumentFragment. + * @param nodeList Contains the node list to be converted into a DOM + * DocumentFragment. + * @return the resulting DocumentFragment. The DocumentFragment will be backed + * by a new DOM Document, i.e. all noded of the node list will be + * cloned. + * @throws ParserConfigurationException An error occurred creating the + * DocumentFragment. * @precondition The nodes in the node list appear in document order - * @precondition for each Attr node in the node list, the owning Element is in the node list as - * well. + * @precondition for each Attr node in the node list, the owning Element is in + * the node list as well. * @precondition each Element or Attr node in the node list is namespace aware. */ public static DocumentFragment nodeList2DocumentFragment(final NodeList nodeList) @@ -973,10 +1032,10 @@ public class DomUtils { /** * Helper method for the <code>nodeList2DocumentFragment</code>. * - * @param nodeList The <code>NodeList</code> to convert. - * @param currPos The current position in the <code>nodeList</code>. - * @param result The resulting <code>DocumentFragment</code>. - * @param currOrgElem The current original element. + * @param nodeList The <code>NodeList</code> to convert. + * @param currPos The current position in the <code>nodeList</code>. + * @param result The resulting <code>DocumentFragment</code>. + * @param currOrgElem The current original element. * @param currClonedElem The current cloned element. * @return The current position. */ @@ -1052,7 +1111,7 @@ public class DomUtils { } default: { - log.trace("Node type: {} not supported", currentNode.getNodeType()); + log.trace("Node type: {} not supported", currentNode.getNodeType()); // All other nodes will be ignored } } @@ -1067,20 +1126,20 @@ public class DomUtils { * Check, if the given attribute is a namespace declaration. * * @param attr The attribute to check. - * @return <code>true</code>, if the attribute is a namespace declaration, <code>false</code> - * otherwise. + * @return <code>true</code>, if the attribute is a namespace declaration, + * <code>false</code> otherwise. */ private static boolean isNamespaceDeclaration(final Attr attr) { - return XMLNamespaceConstants.XMLNS_NS_URI.equals(attr.getNamespaceURI()); + return XmlNamespaceConstants.XMLNS_NS_URI.equals(attr.getNamespaceURI()); } /** * Check, if a given DOM element is an ancestor of a given node. * * @param candAnc The DOM element to check for being the ancestor. - * @param cand The node to check for being the child. - * @return <code>true</code>, if <code>candAnc</code> is an (indirect) ancestor of - * <code>cand</code>; <code>false</code> otherwise. + * @param cand The node to check for being the child. + * @return <code>true</code>, if <code>candAnc</code> is an (indirect) ancestor + * of <code>cand</code>; <code>false</code> otherwise. */ public static boolean isAncestor(final Element candAnc, final Node cand) { Node currPar = cand.getParentNode(); @@ -1098,8 +1157,9 @@ public class DomUtils { * Selects the (first) element from a node list and returns it. * * @param nl The NodeList to get the element from. - * @return The (first) element included in the node list or <code>null</code> if the node list is - * <code>null</code> or empty or no element is included in the list. + * @return The (first) element included in the node list or <code>null</code> if + * the node list is <code>null</code> or empty or no element is included + * in the list. */ public static Element getElementFromNodeList(final NodeList nl) { if (nl == null || nl.getLength() == 0) { @@ -1119,8 +1179,8 @@ public class DomUtils { * * @param parent The element to get the child elements from. * - * @return A list including all child elements of the given element. Maybe empty if the parent - * element has no child elements. + * @return A list including all child elements of the given element. Maybe empty + * if the parent element has no child elements. */ public static List getChildElements(final Element parent) { final Vector v = new Vector(); @@ -1153,5 +1213,4 @@ public class DomUtils { return out.toByteArray(); } - } diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/utils/EaafDomEntityResolver.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/utils/EaafDomEntityResolver.java index 6139e914..5a7dadc7 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/utils/EaafDomEntityResolver.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/utils/EaafDomEntityResolver.java @@ -17,19 +17,20 @@ * works that you distribute must include a readable copy of the "NOTICE" text file. */ - - package at.gv.egiz.eaaf.core.impl.utils; import java.io.InputStream; -import at.gv.egiz.eaaf.core.api.data.XMLNamespaceConstants; + import org.apache.xerces.util.URI; import org.apache.xerces.util.URI.MalformedURIException; import org.xml.sax.EntityResolver; import org.xml.sax.InputSource; +import at.gv.egiz.eaaf.core.api.data.XmlNamespaceConstants; + /** - * An <code>EntityResolver</code> that looks up entities stored as local resources. + * An <code>EntityResolver</code> that looks up entities stored as local + * resources. * * <p> * The following DTDs are mapped to local resources: @@ -39,25 +40,27 @@ import org.xml.sax.InputSource; * </ul> * </p> * </p> - * For all other resources, an attempt is made to resolve them as resources, either absolute or - * relative to <code>Constants.SCHEMA_ROOT</code>. + * For all other resources, an attempt is made to resolve them as resources, + * either absolute or relative to <code>Constants.SCHEMA_ROOT</code>. * */ public class EaafDomEntityResolver implements EntityResolver { /** * Resolve an entity. - *<p> - * The <code>systemId</code> parameter is used to perform the lookup of the entity as a resource, - * either by interpreting the <code>systemId</code> as an absolute resource path, or by appending - * the last path component of <code>systemId</code> to <code>Constants.SCHEMA_ROOT</code>. - *</p> + * <p> + * The <code>systemId</code> parameter is used to perform the lookup of the + * entity as a resource, either by interpreting the <code>systemId</code> as an + * absolute resource path, or by appending the last path component of + * <code>systemId</code> to <code>Constants.SCHEMA_ROOT</code>. + * </p> * * @param publicId The public ID of the resource. * @param systemId The system ID of the resource. - * @return An <code>InputSource</code> from which the entity can be read, or <code>null</code>, if - * the entity could not be found. - * @see org.xml.sax.EntityResolver#resolveEntity(java.lang.String, java.lang.String) + * @return An <code>InputSource</code> from which the entity can be read, or + * <code>null</code>, if the entity could not be found. + * @see org.xml.sax.EntityResolver#resolveEntity(java.lang.String, + * java.lang.String) */ @Override public InputSource resolveEntity(final String publicId, String systemId) { @@ -68,10 +71,10 @@ public class EaafDomEntityResolver implements EntityResolver { // check if we can resolve some standard dtd's if (publicId.equalsIgnoreCase("-//W3C//DTD XMLSchema 200102//EN")) { return new InputSource( - getClass().getResourceAsStream(XMLNamespaceConstants.SCHEMA_ROOT + "XMLSchema.dtd")); + getClass().getResourceAsStream(XmlNamespaceConstants.SCHEMA_ROOT + "XMLSchema.dtd")); } else if (publicId.equalsIgnoreCase("datatypes")) { return new InputSource( - getClass().getResourceAsStream(XMLNamespaceConstants.SCHEMA_ROOT + "datatypes.dtd")); + getClass().getResourceAsStream(XmlNamespaceConstants.SCHEMA_ROOT + "datatypes.dtd")); } } else if (systemId != null) { // get the URI path @@ -100,7 +103,7 @@ public class EaafDomEntityResolver implements EntityResolver { slashPos = systemId.lastIndexOf('/'); if (slashPos >= 0 && systemId.length() > slashPos) { systemId = systemId.substring(slashPos + 1, systemId.length()); - stream = getClass().getResourceAsStream(XMLNamespaceConstants.SCHEMA_ROOT + systemId); + stream = getClass().getResourceAsStream(XmlNamespaceConstants.SCHEMA_ROOT + systemId); if (stream != null) { final InputSource source = new InputSource(stream); diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/utils/XPathUtils.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/utils/XPathUtils.java index d6745c78..3adbe3f5 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/utils/XPathUtils.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/utils/XPathUtils.java @@ -17,14 +17,11 @@ * works that you distribute must include a readable copy of the "NOTICE" text file. */ - - package at.gv.egiz.eaaf.core.impl.utils; import java.util.List; import java.util.Map; -import at.gv.egiz.eaaf.core.api.data.XMLNamespaceConstants; -import at.gv.egiz.eaaf.core.exceptions.XPathException; + import org.jaxen.JaxenException; import org.jaxen.NamespaceContext; import org.jaxen.Navigator; @@ -37,6 +34,9 @@ import org.w3c.dom.Node; import org.w3c.dom.NodeList; import org.w3c.dom.traversal.NodeIterator; +import at.gv.egiz.eaaf.core.api.data.XmlNamespaceConstants; +import at.gv.egiz.eaaf.core.exceptions.XPathException; + /** * Utility methods to evaluate XPath expressions on DOM nodes. * @@ -46,7 +46,8 @@ import org.w3c.dom.traversal.NodeIterator; public class XPathUtils { /** - * The XPath expression selecting all nodes under a given root (including the root node itself). + * The XPath expression selecting all nodes under a given root (including the + * root node itself). */ public static final String ALL_NODES_XPATH = "(.//. | .//@* | .//namespace::*)"; @@ -57,49 +58,50 @@ public class XPathUtils { static { final SimpleNamespaceContext ctx = new SimpleNamespaceContext(); - ctx.addNamespace(XMLNamespaceConstants.MOA_PREFIX, XMLNamespaceConstants.MOA_NS_URI); - ctx.addNamespace(XMLNamespaceConstants.MOA_CONFIG_PREFIX, - XMLNamespaceConstants.MOA_CONFIG_NS_URI); - ctx.addNamespace(XMLNamespaceConstants.MOA_ID_CONFIG_PREFIX, - XMLNamespaceConstants.MOA_ID_CONFIG_NS_URI); - ctx.addNamespace(XMLNamespaceConstants.SL10_PREFIX, XMLNamespaceConstants.SL10_NS_URI); - ctx.addNamespace(XMLNamespaceConstants.SL11_PREFIX, XMLNamespaceConstants.SL11_NS_URI); - ctx.addNamespace(XMLNamespaceConstants.SL12_PREFIX, XMLNamespaceConstants.SL12_NS_URI); - ctx.addNamespace(XMLNamespaceConstants.ECDSA_PREFIX, XMLNamespaceConstants.ECDSA_NS_URI); - ctx.addNamespace(XMLNamespaceConstants.PD_PREFIX, XMLNamespaceConstants.PD_NS_URI); - ctx.addNamespace(XMLNamespaceConstants.SAML_PREFIX, XMLNamespaceConstants.SAML_NS_URI); - ctx.addNamespace(XMLNamespaceConstants.SAMLP_PREFIX, XMLNamespaceConstants.SAMLP_NS_URI); - ctx.addNamespace(XMLNamespaceConstants.DSIG_PREFIX, XMLNamespaceConstants.DSIG_NS_URI); - ctx.addNamespace(XMLNamespaceConstants.XSLT_PREFIX, XMLNamespaceConstants.XSLT_NS_URI); - ctx.addNamespace(XMLNamespaceConstants.XSI_PREFIX, XMLNamespaceConstants.XSI_NS_URI); - ctx.addNamespace(XMLNamespaceConstants.DSIG_FILTER2_PREFIX, - XMLNamespaceConstants.DSIG_FILTER2_NS_URI); - ctx.addNamespace(XMLNamespaceConstants.DSIG_EC_PREFIX, XMLNamespaceConstants.DSIG_EC_NS_URI); - ctx.addNamespace(XMLNamespaceConstants.MD_PREFIX, XMLNamespaceConstants.MD_NS_URI); - ctx.addNamespace(XMLNamespaceConstants.MDP_PREFIX, XMLNamespaceConstants.MDP_NS_URI); - ctx.addNamespace(XMLNamespaceConstants.MVV_PREFIX, XMLNamespaceConstants.MVV_NS_URI); - ctx.addNamespace(XMLNamespaceConstants.STB_PREFIX, XMLNamespaceConstants.STB_NS_URI); - ctx.addNamespace(XMLNamespaceConstants.WRR_PREFIX, XMLNamespaceConstants.WRR_NS_URI); - ctx.addNamespace(XMLNamespaceConstants.STORK_PREFIX, XMLNamespaceConstants.STORK_NS_URI); - ctx.addNamespace(XMLNamespaceConstants.STORKP_PREFIX, XMLNamespaceConstants.STORKP_NS_URI); - ctx.addNamespace(XMLNamespaceConstants.SAML2_PREFIX, XMLNamespaceConstants.SAML2_NS_URI); - ctx.addNamespace(XMLNamespaceConstants.SAML2P_PREFIX, XMLNamespaceConstants.SAML2P_NS_URI); - ctx.addNamespace(XMLNamespaceConstants.XENC_PREFIX, XMLNamespaceConstants.XENC_NS_URI); - ctx.addNamespace(XMLNamespaceConstants.XADES_1_1_1_NS_PREFIX, - XMLNamespaceConstants.XADES_1_1_1_NS_URI); + ctx.addNamespace(XmlNamespaceConstants.MOA_PREFIX, XmlNamespaceConstants.MOA_NS_URI); + ctx.addNamespace(XmlNamespaceConstants.MOA_CONFIG_PREFIX, + XmlNamespaceConstants.MOA_CONFIG_NS_URI); + ctx.addNamespace(XmlNamespaceConstants.MOA_ID_CONFIG_PREFIX, + XmlNamespaceConstants.MOA_ID_CONFIG_NS_URI); + ctx.addNamespace(XmlNamespaceConstants.SL10_PREFIX, XmlNamespaceConstants.SL10_NS_URI); + ctx.addNamespace(XmlNamespaceConstants.SL11_PREFIX, XmlNamespaceConstants.SL11_NS_URI); + ctx.addNamespace(XmlNamespaceConstants.SL12_PREFIX, XmlNamespaceConstants.SL12_NS_URI); + ctx.addNamespace(XmlNamespaceConstants.ECDSA_PREFIX, XmlNamespaceConstants.ECDSA_NS_URI); + ctx.addNamespace(XmlNamespaceConstants.PD_PREFIX, XmlNamespaceConstants.PD_NS_URI); + ctx.addNamespace(XmlNamespaceConstants.SAML_PREFIX, XmlNamespaceConstants.SAML_NS_URI); + ctx.addNamespace(XmlNamespaceConstants.SAMLP_PREFIX, XmlNamespaceConstants.SAMLP_NS_URI); + ctx.addNamespace(XmlNamespaceConstants.DSIG_PREFIX, XmlNamespaceConstants.DSIG_NS_URI); + ctx.addNamespace(XmlNamespaceConstants.XSLT_PREFIX, XmlNamespaceConstants.XSLT_NS_URI); + ctx.addNamespace(XmlNamespaceConstants.XSI_PREFIX, XmlNamespaceConstants.XSI_NS_URI); + ctx.addNamespace(XmlNamespaceConstants.DSIG_FILTER2_PREFIX, + XmlNamespaceConstants.DSIG_FILTER2_NS_URI); + ctx.addNamespace(XmlNamespaceConstants.DSIG_EC_PREFIX, XmlNamespaceConstants.DSIG_EC_NS_URI); + ctx.addNamespace(XmlNamespaceConstants.MD_PREFIX, XmlNamespaceConstants.MD_NS_URI); + ctx.addNamespace(XmlNamespaceConstants.MDP_PREFIX, XmlNamespaceConstants.MDP_NS_URI); + ctx.addNamespace(XmlNamespaceConstants.MVV_PREFIX, XmlNamespaceConstants.MVV_NS_URI); + ctx.addNamespace(XmlNamespaceConstants.STB_PREFIX, XmlNamespaceConstants.STB_NS_URI); + ctx.addNamespace(XmlNamespaceConstants.WRR_PREFIX, XmlNamespaceConstants.WRR_NS_URI); + ctx.addNamespace(XmlNamespaceConstants.STORK_PREFIX, XmlNamespaceConstants.STORK_NS_URI); + ctx.addNamespace(XmlNamespaceConstants.STORKP_PREFIX, XmlNamespaceConstants.STORKP_NS_URI); + ctx.addNamespace(XmlNamespaceConstants.SAML2_PREFIX, XmlNamespaceConstants.SAML2_NS_URI); + ctx.addNamespace(XmlNamespaceConstants.SAML2P_PREFIX, XmlNamespaceConstants.SAML2P_NS_URI); + ctx.addNamespace(XmlNamespaceConstants.XENC_PREFIX, XmlNamespaceConstants.XENC_NS_URI); + ctx.addNamespace(XmlNamespaceConstants.XADES_1_1_1_NS_PREFIX, + XmlNamespaceConstants.XADES_1_1_1_NS_URI); NS_CONTEXT = ctx; } /** - * Return a <code>NodeIterator</code> over the nodes matching the XPath expression. + * Return a <code>NodeIterator</code> over the nodes matching the XPath + * expression. * - *<p> - * All namespace URIs and prefixes declared in the <code>Constants</code> interface are used for - * resolving namespaces. - *</p> + * <p> + * All namespace URIs and prefixes declared in the <code>Constants</code> + * interface are used for resolving namespaces. + * </p> * * @param contextNode The root node from which to evaluate the XPath expression. - * @param exp The XPath expression to evaluate. + * @param exp The XPath expression to evaluate. * @return An iterator over the resulting nodes. * @throws XPathException An error occurred evaluating the XPath expression. */ @@ -110,12 +112,14 @@ public class XPathUtils { } /** - * Return a <code>NodeIterator</code> over the nodes matching the XPath expression. + * Return a <code>NodeIterator</code> over the nodes matching the XPath + * expression. * - * @param contextNode The root node from which to evaluate the XPath expression. - * @param namespaceElement An element from which to build the namespace mapping for evaluating the - * XPath expression - * @param exp The XPath expression to evaluate. + * @param contextNode The root node from which to evaluate the XPath + * expression. + * @param namespaceElement An element from which to build the namespace mapping + * for evaluating the XPath expression + * @param exp The XPath expression to evaluate. * @return An iterator over the resulting nodes. * @throws XPathException An error occurred evaluating the XPath expression. */ @@ -134,12 +138,15 @@ public class XPathUtils { } /** - * Return a <code>NodeIterator</code> over the nodes matching the XPath expression. + * Return a <code>NodeIterator</code> over the nodes matching the XPath + * expression. * - * @param contextNode The root node from which to evaluate the XPath expression. - * @param namespaceMapping A namespace prefix to namespace URI mapping (<code>String</code> to - * <code>String</code>) for evaluating the XPath expression. - * @param exp The XPath expression to evaluate. + * @param contextNode The root node from which to evaluate the XPath + * expression. + * @param namespaceMapping A namespace prefix to namespace URI mapping + * (<code>String</code> to <code>String</code>) for + * evaluating the XPath expression. + * @param exp The XPath expression to evaluate. * @return An iterator over the resulting nodes. * @throws XPathException An error occurred evaluating the XPath expression. */ @@ -152,12 +159,14 @@ public class XPathUtils { } /** - * Return a <code>NodeIterator</code> over the nodes matching the XPath expression. + * Return a <code>NodeIterator</code> over the nodes matching the XPath + * expression. * * @param contextNode The root node from which to evaluate the XPath expression. - * @param nsContext The <code>NamespaceContext</code> for resolving namespace prefixes to - * namespace URIs for evaluating the XPath expression. - * @param exp The XPath expression to evaluate. + * @param nsContext The <code>NamespaceContext</code> for resolving namespace + * prefixes to namespace URIs for evaluating the XPath + * expression. + * @param exp The XPath expression to evaluate. * @return An iterator over the resulting nodes. * @throws XPathException An error occurred evaluating the XPath expression. */ @@ -179,13 +188,15 @@ public class XPathUtils { } /** - * Return a <code>NodeList</code> of all the nodes matching the XPath expression. - *<p> - * All namespace URIs and prefixes declared in the <code>Constants</code> interface are used for - * resolving namespaces. - *</p> + * Return a <code>NodeList</code> of all the nodes matching the XPath + * expression. + * <p> + * All namespace URIs and prefixes declared in the <code>Constants</code> + * interface are used for resolving namespaces. + * </p> + * * @param contextNode The root node from which to evaluate the XPath expression. - * @param exp The XPath expression to evaluate. + * @param exp The XPath expression to evaluate. * @return A <code>NodeList</code> containing the matching nodes. * @throws XPathException An error occurred evaluating the XPath expression. */ @@ -196,12 +207,14 @@ public class XPathUtils { } /** - * Return a <code>NodeList</code> of all the nodes matching the XPath expression. + * Return a <code>NodeList</code> of all the nodes matching the XPath + * expression. * - * @param contextNode The root node from which to evaluate the XPath expression. - * @param namespaceElement An element from which to build the namespace mapping for evaluating the - * XPath expression - * @param exp The XPath expression to evaluate. + * @param contextNode The root node from which to evaluate the XPath + * expression. + * @param namespaceElement An element from which to build the namespace mapping + * for evaluating the XPath expression + * @param exp The XPath expression to evaluate. * @return A <code>NodeList</code> containing the matching nodes. * @throws XPathException An error occurred evaluating the XPath expression. */ @@ -221,12 +234,15 @@ public class XPathUtils { } /** - * Return a <code>NodeList</code> of all the nodes matching the XPath expression. + * Return a <code>NodeList</code> of all the nodes matching the XPath + * expression. * - * @param contextNode The root node from which to evaluate the XPath expression. - * @param namespaceMapping A namespace prefix to namespace URI mapping (<code>String</code> to - * <code>String</code>) for evaluating the XPath expression. - * @param exp The XPath expression to evaluate. + * @param contextNode The root node from which to evaluate the XPath + * expression. + * @param namespaceMapping A namespace prefix to namespace URI mapping + * (<code>String</code> to <code>String</code>) for + * evaluating the XPath expression. + * @param exp The XPath expression to evaluate. * @return A <code>NodeList</code> containing the matching nodes. * @throws XPathException An error occurred evaluating the XPath expression. */ @@ -239,12 +255,14 @@ public class XPathUtils { } /** - * Return a <code>NodeList</code> of all the nodes matching the XPath expression. + * Return a <code>NodeList</code> of all the nodes matching the XPath + * expression. * * @param contextNode The root node from which to evaluate the XPath expression. - * @param nsContext The <code>NamespaceContext</code> for resolving namespace prefixes to - * namespace URIs for evaluating the XPath expression. - * @param exp The XPath expression to evaluate. + * @param nsContext The <code>NamespaceContext</code> for resolving namespace + * prefixes to namespace URIs for evaluating the XPath + * expression. + * @param exp The XPath expression to evaluate. * @return A <code>NodeList</code> containing the matching nodes. * @throws XPathException An error occurred evaluating the XPath expression. */ @@ -265,14 +283,15 @@ public class XPathUtils { /** * Select the first node matching an XPath expression. - *<p> - * All namespace URIs and prefixes declared in the <code>Constants</code> interface are used for - * resolving namespaces. - *</p> + * <p> + * All namespace URIs and prefixes declared in the <code>Constants</code> + * interface are used for resolving namespaces. + * </p> + * * @param contextNode The root node from which to evaluate the XPath expression. - * @param exp The XPath expression to evaluate. - * @return Node The first node matching the XPath expression, or <code>null</code>, if no node - * matched. + * @param exp The XPath expression to evaluate. + * @return Node The first node matching the XPath expression, or + * <code>null</code>, if no node matched. * @throws XPathException An error occurred evaluating the XPath expression. */ public static Node selectSingleNode(final Node contextNode, final String exp) @@ -284,12 +303,13 @@ public class XPathUtils { /** * Select the first node matching an XPath expression. * - * @param contextNode The root node from which to evaluate the XPath expression. - * @param namespaceElement An element from which to build the namespace mapping for evaluating the - * XPath expression - * @param exp The XPath expression to evaluate. - * @return Node The first node matching the XPath expression, or <code>null</code>, if no node - * matched. + * @param contextNode The root node from which to evaluate the XPath + * expression. + * @param namespaceElement An element from which to build the namespace mapping + * for evaluating the XPath expression + * @param exp The XPath expression to evaluate. + * @return Node The first node matching the XPath expression, or + * <code>null</code>, if no node matched. * @throws XPathException An error occurred evaluating the XPath expression. */ public static Node selectSingleNode(final Node contextNode, final Element namespaceElement, @@ -309,12 +329,14 @@ public class XPathUtils { /** * Select the first node matching an XPath expression. * - * @param contextNode The root node from which to evaluate the XPath expression. - * @param namespaceMapping A namespace prefix to namespace URI mapping (<code>String</code> to - * <code>String</code>) for evaluating the XPath expression. - * @param exp The XPath expression to evaluate. - * @return Node The first node matching the XPath expression, or <code>null</code>, if no node - * matched. + * @param contextNode The root node from which to evaluate the XPath + * expression. + * @param namespaceMapping A namespace prefix to namespace URI mapping + * (<code>String</code> to <code>String</code>) for + * evaluating the XPath expression. + * @param exp The XPath expression to evaluate. + * @return Node The first node matching the XPath expression, or + * <code>null</code>, if no node matched. * @throws XPathException An error occurred evaluating the XPath expression. */ public static Node selectSingleNode(final Node contextNode, final Map namespaceMapping, @@ -329,11 +351,12 @@ public class XPathUtils { * Select the first node matching an XPath expression. * * @param contextNode The root node from which to evaluate the XPath expression. - * @param nsContext The <code>NamespaceContext</code> for resolving namespace prefixes to - * namespace URIs for evaluating the XPath expression. - * @param exp The XPath expression to evaluate. - * @return Node The first node matching the XPath expression, or <code>null</code>, if no node - * matched. + * @param nsContext The <code>NamespaceContext</code> for resolving namespace + * prefixes to namespace URIs for evaluating the XPath + * expression. + * @param exp The XPath expression to evaluate. + * @return Node The first node matching the XPath expression, or + * <code>null</code>, if no node matched. * @throws XPathException An error occurred evaluating the XPath expression. */ public static Node selectSingleNode(final Node contextNode, final NamespaceContext nsContext, @@ -351,14 +374,16 @@ public class XPathUtils { } /** - * Return the value of a DOM element whose location is given by an XPath expression. + * Return the value of a DOM element whose location is given by an XPath + * expression. * - * @param root The root element from which to evaluate the XPath. - * @param xpath The XPath expression pointing to the element whose value to return. - * @param def The default value to return, if no element can be found using the given - * <code>xpath</code>. - * @return The element value, if it can be located using the <code>xpath</code>. Otherwise, - * <code>def</code> is returned. + * @param root The root element from which to evaluate the XPath. + * @param xpath The XPath expression pointing to the element whose value to + * return. + * @param def The default value to return, if no element can be found using + * the given <code>xpath</code>. + * @return The element value, if it can be located using the <code>xpath</code>. + * Otherwise, <code>def</code> is returned. */ public static String getElementValue(final Element root, final String xpath, final String def) { @@ -367,14 +392,16 @@ public class XPathUtils { } /** - * Return the value of a DOM attribute whose location is given by an XPath expression. + * Return the value of a DOM attribute whose location is given by an XPath + * expression. * - * @param root The root element from which to evaluate the XPath. - * @param xpath The XPath expression pointing to the attribute whose value to return. - * @param def The default value to return, if no attribute can be found using the given - * <code>xpath</code>. - * @return The element value, if it can be located using the <code>xpath</code>. Otherwise, - * <code>def</code> is returned. + * @param root The root element from which to evaluate the XPath. + * @param xpath The XPath expression pointing to the attribute whose value to + * return. + * @param def The default value to return, if no attribute can be found using + * the given <code>xpath</code>. + * @return The element value, if it can be located using the <code>xpath</code>. + * Otherwise, <code>def</code> is returned. */ public static String getAttributeValue(final Element root, final String xpath, final String def) { @@ -383,31 +410,36 @@ public class XPathUtils { } /** - * Returns the namespace prefix used within <code>XPathUtils</code> for referring to the namespace - * of the specified (Security Layer command) element. - *<p> - * This namespace prefix can be used in various XPath expression evaluation methods within - * <code> XPathUtils</code> without explicitely binding it to the particular namespace. - *</p> + * Returns the namespace prefix used within <code>XPathUtils</code> for + * referring to the namespace of the specified (Security Layer command) element. + * <p> + * This namespace prefix can be used in various XPath expression evaluation + * methods within <code> XPathUtils</code> without explicitely binding it to the + * particular namespace. + * </p> + * * @param contextElement The (Security Layer command) element. * - * @return the namespace prefix used within <code>XPathUtils</code> for referring to the namespace - * of the specified (Security Layer command) element. + * @return the namespace prefix used within <code>XPathUtils</code> for + * referring to the namespace of the specified (Security Layer command) + * element. * - * throws XpathException If the specified element has a namespace other than the ones - * known by this implementation as valid Security Layer namespaces (cf. - * @link Constants#SL10_NS_URI, @link Constants#SL11_NS_URI, @link Constants#SL12_NS_URI). + * throws XpathException If the specified element has a namespace other + * than the ones known by this implementation as valid Security Layer + * namespaces (cf. + * @link Constants#SL10_NS_URI, @link Constants#SL11_NS_URI, @link + * Constants#SL12_NS_URI). */ public static String getSlPrefix(final Element contextElement) throws XPathException { final String sLNamespace = contextElement.getNamespaceURI(); String slPrefix = null; - if (sLNamespace.equals(XMLNamespaceConstants.SL10_NS_URI)) { - slPrefix = XMLNamespaceConstants.SL10_PREFIX; - } else if (sLNamespace.equals(XMLNamespaceConstants.SL12_NS_URI)) { - slPrefix = XMLNamespaceConstants.SL12_PREFIX; - } else if (sLNamespace.equals(XMLNamespaceConstants.SL11_NS_URI)) { - slPrefix = XMLNamespaceConstants.SL11_PREFIX; + if (sLNamespace.equals(XmlNamespaceConstants.SL10_NS_URI)) { + slPrefix = XmlNamespaceConstants.SL10_PREFIX; + } else if (sLNamespace.equals(XmlNamespaceConstants.SL12_NS_URI)) { + slPrefix = XmlNamespaceConstants.SL12_PREFIX; + } else if (sLNamespace.equals(XmlNamespaceConstants.SL11_NS_URI)) { + slPrefix = XmlNamespaceConstants.SL11_PREFIX; } else { throw new XPathException("XPath operation FAILED. Reason: "); } @@ -415,36 +447,38 @@ public class XPathUtils { return slPrefix; } - /** - * Return the SecurityLayer namespace prefix of the context element. If the context element is not - * the element that lies within the SecurityLayer namespace. The Securitylayer namespace is - * derived from the <code>xmlns:sl10</code>, <code>sl11</code> or <code>sl</code> attribute of the - * context element. - *<p> + * Return the SecurityLayer namespace prefix of the context element. If the + * context element is not the element that lies within the SecurityLayer + * namespace. The Securitylayer namespace is derived from the + * <code>xmlns:sl10</code>, <code>sl11</code> or <code>sl</code> attribute of + * the context element. + * <p> * The returned prefix is needed for evaluating XPATH expressions. - *</p> - * @param contextElement The element to get a prefix for the Securitylayer namespace, that is used - * within the corresponding document. + * </p> + * + * @param contextElement The element to get a prefix for the Securitylayer + * namespace, that is used within the corresponding + * document. * - * @return The string <code>sl10</code>, <code>sl11</code> or <code>sl</code>, depending on the - * SecurityLayer namespace of the contextElement. + * @return The string <code>sl10</code>, <code>sl11</code> or <code>sl</code>, + * depending on the SecurityLayer namespace of the contextElement. * - * throws XPathException If no (vlalid) SecurityLayer namespace prefix or namespace is - * defined. + * throws XPathException If no (vlalid) SecurityLayer namespace prefix + * or namespace is defined. */ public static String getSlPrefixFromNoRoot(final Element contextElement) throws XPathException { - String slPrefix = checkSLnsDeclaration(contextElement, XMLNamespaceConstants.SL10_PREFIX, - XMLNamespaceConstants.SL10_NS_URI); + String slPrefix = checkSLnsDeclaration(contextElement, XmlNamespaceConstants.SL10_PREFIX, + XmlNamespaceConstants.SL10_NS_URI); if (slPrefix == null) { - slPrefix = checkSLnsDeclaration(contextElement, XMLNamespaceConstants.SL11_PREFIX, - XMLNamespaceConstants.SL11_NS_URI); + slPrefix = checkSLnsDeclaration(contextElement, XmlNamespaceConstants.SL11_PREFIX, + XmlNamespaceConstants.SL11_NS_URI); } if (slPrefix == null) { - slPrefix = checkSLnsDeclaration(contextElement, XMLNamespaceConstants.SL12_PREFIX, - XMLNamespaceConstants.SL12_NS_URI); + slPrefix = checkSLnsDeclaration(contextElement, XmlNamespaceConstants.SL12_PREFIX, + XmlNamespaceConstants.SL12_NS_URI); } return slPrefix; @@ -452,15 +486,18 @@ public class XPathUtils { } /** - * Checks if the context element has an attribute <code>xmlns:slPrefix</code> and if the prefix of - * that attribute corresponds with a valid SecurityLayer namespace. + * Checks if the context element has an attribute <code>xmlns:slPrefix</code> + * and if the prefix of that attribute corresponds with a valid SecurityLayer + * namespace. * * @param contextElement The element to be checked. - * @param slPrefix The prefix which should be checked. Must be a valid SecurityLayer namespace - * prefix. - * @param slNameSpace The SecurityLayer namespace that corresponds to the specified prefix. + * @param slPrefix The prefix which should be checked. Must be a valid + * SecurityLayer namespace prefix. + * @param slNameSpace The SecurityLayer namespace that corresponds to the + * specified prefix. * - * @return The valid SecurityLayer prefix or <code>null</code> if this prefix is not used. + * @return The valid SecurityLayer prefix or <code>null</code> if this prefix is + * not used. * @throws XPathException In case of an error */ private static String checkSLnsDeclaration(final Element contextElement, final String slPrefix, diff --git a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/auth/AuthenticationDataBuilderTest.java b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/auth/AuthenticationDataBuilderTest.java index b91eaf21..072dbb95 100644 --- a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/auth/AuthenticationDataBuilderTest.java +++ b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/auth/AuthenticationDataBuilderTest.java @@ -3,12 +3,7 @@ package at.gv.egiz.eaaf.core.impl.idp.auth; import java.io.ByteArrayInputStream; import java.util.HashMap; import java.util.Map; -import at.gv.egiz.eaaf.core.api.idp.IAuthData; -import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper; -import at.gv.egiz.eaaf.core.impl.idp.auth.data.SimpleIdentityLinkAssertionParser; -import at.gv.egiz.eaaf.core.impl.idp.module.test.DummyConfiguration; -import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySpConfiguration; -import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl; + import org.junit.Test; import org.junit.runner.RunWith; import org.springframework.beans.factory.annotation.Autowired; @@ -16,6 +11,13 @@ import org.springframework.test.context.ContextConfiguration; import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; import org.springframework.util.Base64Utils; +import at.gv.egiz.eaaf.core.api.idp.IAuthData; +import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper; +import at.gv.egiz.eaaf.core.impl.idp.auth.data.SimpleIdentityLinkAssertionParser; +import at.gv.egiz.eaaf.core.impl.idp.module.test.DummyConfiguration; +import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySpConfiguration; +import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl; + @RunWith(SpringJUnit4ClassRunner.class) @ContextConfiguration("/SpringTest-context_eaaf_core.xml") public class AuthenticationDataBuilderTest { @@ -27,115 +29,112 @@ public class AuthenticationDataBuilderTest { public static final String DUMMY_IDL_2 = "PHNhbWw6QXNzZXJ0aW9uIEFzc2VydGlvbklEPSJlbGdhdGVzdC5lZ2l6Lmd2LmF0LUFzc2VydGlvbklEWFhYxZB6Z8O8" - + "cl9YWFhUw7x6ZWvDp2kiIElzc3VlSW5zdGFudD0iMjAxOS0wMy0wNFQxNTo1MzowNCswMTowMCIgSXNzdWVyPSJodH" - + "RwOi8vcG9ydGFsLmJtaS5ndi5hdC9yZWYvc3pyL2lzc3VlciIgTWFqb3JWZXJzaW9uPSIxIiBNaW5vclZlcnNpb249" - + "IjAiIHhtbG5zOmRzaWc9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyMiIHhtbG5zOmVjZHNhPSJodH" - + "RwOi8vd3d3LnczLm9yZy8yMDAxLzA0L3htbGRzaWctbW9yZSMiIHhtbG5zOnByPSJodHRwOi8vcmVmZXJlbmNlLmUt" - + "Z292ZXJubWVudC5ndi5hdC9uYW1lc3BhY2UvcGVyc29uZGF0YS8yMDAyMDIyOCMiIHhtbG5zOnNhbWw9InVybjpvYX" - + "NpczpuYW1lczp0YzpTQU1MOjEuMDphc3NlcnRpb24iIHhtbG5zOnNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hN" - + "TFNjaGVtYS1pbnN0YW5jZSI+Cgk8c2FtbDpBdHRyaWJ1dGVTdGF0ZW1lbnQ+CgkJPHNhbWw6U3ViamVjdD4KCQkJPH" - + "NhbWw6U3ViamVjdENvbmZpcm1hdGlvbj4KCQkJCTxzYW1sOkNvbmZpcm1hdGlvbk1ldGhvZD51cm46b2FzaXM6bmFt" - + "ZXM6dGM6U0FNTDoxLjA6Y206c2VuZGVyLXZvdWNoZXM8L3NhbWw6Q29uZmlybWF0aW9uTWV0aG9kPgoJCQkJPHNhbW" - + "w6U3ViamVjdENvbmZpcm1hdGlvbkRhdGE+CgkJCQkJPHByOlBlcnNvbiBzaTp0eXBlPSJwcjpQaHlzaWNhbFBlcnNv" - + "blR5cGUiPjxwcjpJZGVudGlmaWNhdGlvbj48cHI6VmFsdWU+UlV4SFFWUmxjM1JRUWpCWVdGakZrSHBudzd4eVgxaF" - + "lXRlREdkhwbGE4T25hUT09PC9wcjpWYWx1ZT48cHI6VHlwZT51cm46cHVibGljaWQ6Z3YuYXQ6YmFzZWlkPC9wcjpU" - + "eXBlPjwvcHI6SWRlbnRpZmljYXRpb24+PHByOk5hbWU+PHByOkdpdmVuTmFtZT5YWFjFkHonZ8O8cjwvcHI6R2l2ZW" - + "5OYW1lPjxwcjpGYW1pbHlOYW1lIHByaW1hcnk9InVuZGVmaW5lZCI+WFhYVMO8emVrw6dpPC9wcjpGYW1pbHlOYW1l" - + "PjwvcHI6TmFtZT48cHI6RGF0ZU9mQmlydGg+MTk3My0wNi0wNDwvcHI6RGF0ZU9mQmlydGg+PC9wcjpQZXJzb24+Cg" - + "kJCQk8L3NhbWw6U3ViamVjdENvbmZpcm1hdGlvbkRhdGE+CgkJCTwvc2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uPgoJ" - + "CTwvc2FtbDpTdWJqZWN0PgoJCTxzYW1sOkF0dHJpYnV0ZSBBdHRyaWJ1dGVOYW1lPSJDaXRpemVuUHVibGljS2V5Ii" - + "BBdHRyaWJ1dGVOYW1lc3BhY2U9InVybjpwdWJsaWNpZDpndi5hdDpuYW1lc3BhY2VzOmlkZW50aXR5bGluazoxLjIi" - + "PjxzYW1sOkF0dHJpYnV0ZVZhbHVlPjxkc2lnOlJTQUtleVZhbHVlPjxkc2lnOk1vZHVsdXM+L1VLUkZIYkFhRWtnVm" - + "RnTTFTRE9KaldIcUszN3JKWVN0UHF0VVh6bzlWTm9yTzgzWW95emE5YjBkcDdtdVM4b2paMjRZRVBMUUZ3WQpCSVpk" - + "bTROSHJBNXZsVlZrRGV1Qng2bVRwRXBldTdkMkUzd3VZbVFXTjQxUXhWajZPcFhvSHRzek9jajd1Rm9mem1SR09PVU" - + "IzNUxDCkg2QzBMTFpJNTU5a3BPbmFxa2RLbU83dnduYVE0eTEwcHpCdjJ3U3BTZnY0djlIV3NCYUYxUWtYNmlmQ3lB" - + "bklLS3FKczR6S1RuK2EKR0kvS0FKOXdoam9GQk9yd1MzTlFpK1ZSVGxPYTdKdHdxeHBJZUYrT3c0R2wzaWdVb2szaG" - + "tsYlUyeElYcG5VeXNQYWhqUTBMNm5ORApZVHVmUC9jRmxrNWkvR1BZdmtONjJHd0Z4Rko1bDBoL1A3QWtJaCtWZmRC" - + "L0Q3SFVYaC9PV2dmek9MK2ZFRGdiL1dHM1BNenlObVFNCm5QQkdQb21hdGFOREtla0hhNUYwOUxFUHR5L0ZwMDUxLz" - + "FEUTZUMXhzamZ5ZG11aVZsWDZIRUZqZjFkYmQ4cUtGRm5TQ3NxRHBQdUQKR0hNcStKS0lmN25HQWtYSWxraTA1Nzd1" - + "bzM0MmxaeHBUVlRGVkFGdkJHS0Z6azNlQzMyT0NwOUo8L2RzaWc6TW9kdWx1cz48ZHNpZzpFeHBvbmVudD5BUUFCPC" - + "9kc2lnOkV4cG9uZW50PjwvZHNpZzpSU0FLZXlWYWx1ZT48L3NhbWw6QXR0cmlidXRlVmFsdWU+PC9zYW1sOkF0dHJp" - + "YnV0ZT48c2FtbDpBdHRyaWJ1dGUgQXR0cmlidXRlTmFtZT0iQ2l0aXplblB1YmxpY0tleSIgQXR0cmlidXRlTmFtZX" - + "NwYWNlPSJ1cm46cHVibGljaWQ6Z3YuYXQ6bmFtZXNwYWNlczppZGVudGl0eWxpbms6MS4yIj48c2FtbDpBdHRyaWJ1" - + "dGVWYWx1ZT48ZHNpZzpSU0FLZXlWYWx1ZT48ZHNpZzpNb2R1bHVzPnlQWGJhcEZhYXBycWlmVXVJaUxzR0FMaVdTTG" - + "RsUGNRN0VGZGZ5UzM0RVNJNGEyQnMwbUxTbm5FY1djeHJjWlgzcmxJUXBKaklwb1UKQStSRG9sNVBrU3BoSENMNkl2" - + "SVFNZmtreEg1Z0s2akN6VFNWOVJFVm1xUlRFMXNxUmNCUUduRFlwMjZwSFFoYzBHSG13NnVqeCtQTwp1dlE2Mm9hUU" - + "lxUXZ0T2ZLWFBReXlXTDE5clhXOTcrRUcweTBLd2VpOHRWY01uamJ5ZEtNL3Z5d01Fb3FFcU1mMEYrR0tjd3A3ZW50" - + "ClpzcnVEVEgrY0tJYnBXdUpLZzAwVUhraG45QWZkYlBXdzZWOWUrQmhxU0lYcTBoaEhmSkNBdzZwWXVYaVY2dE9ESl" - + "BGdnUxN1diQnQKV3B1ejJOR1RMU3Y3NXJlaklCa09TMk5MS0FmV3JhVmhUaDY3Vnc9PTwvZHNpZzpNb2R1bHVzPjxk" - + "c2lnOkV4cG9uZW50PkFRQUI8L2RzaWc6RXhwb25lbnQ+PC9kc2lnOlJTQUtleVZhbHVlPjwvc2FtbDpBdHRyaWJ1dG" - + "VWYWx1ZT48L3NhbWw6QXR0cmlidXRlPgoJPC9zYW1sOkF0dHJpYnV0ZVN0YXRlbWVudD4KPGRzaWc6U2lnbmF0dXJl" - + "IHhtbG5zOmRzaWc9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyMiPjxkc2lnOlNpZ25lZEluZm8+PG" - + "RzaWc6Q2Fub25pY2FsaXphdGlvbk1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMTAveG1s" - + "LWV4Yy1jMTRuIyIvPjxkc2lnOlNpZ25hdHVyZU1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMD" - + "AvMDkveG1sZHNpZyNyc2Etc2hhMSIvPjxkc2lnOlJlZmVyZW5jZSBVUkk9IiI+PGRzaWc6VHJhbnNmb3Jtcz48ZHNp" - + "ZzpUcmFuc2Zvcm0gQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy9UUi8xOTk5L1JFQy14cGF0aC0xOTk5MTExNi" - + "I+PGRzaWc6WFBhdGg+bm90KGFuY2VzdG9yLW9yLXNlbGY6OnByOklkZW50aWZpY2F0aW9uKTwvZHNpZzpYUGF0aD48" - + "L2RzaWc6VHJhbnNmb3JtPjxkc2lnOlRyYW5zZm9ybSBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMD" - + "kveG1sZHNpZyNlbnZlbG9wZWQtc2lnbmF0dXJlIi8+PC9kc2lnOlRyYW5zZm9ybXM+PGRzaWc6RGlnZXN0TWV0aG9k" - + "IEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnI3NoYTEiLz48ZHNpZzpEaWdlc3RWYW" - + "x1ZT43TmZyRUJKZGw4NTRyZG1BaDFjdFEyWDdXTWM9PC9kc2lnOkRpZ2VzdFZhbHVlPjwvZHNpZzpSZWZlcmVuY2U+" - + "PGRzaWc6UmVmZXJlbmNlIFR5cGU9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNNYW5pZmVzdCIgVV" - + "JJPSIjbWFuaWZlc3QiPjxkc2lnOkRpZ2VzdE1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAv" - + "MDkveG1sZHNpZyNzaGExIi8+PGRzaWc6RGlnZXN0VmFsdWU+aGZnOHphM21ZcXU1UVNiVXpYSHhEZTUvU05FPTwvZH" - + "NpZzpEaWdlc3RWYWx1ZT48L2RzaWc6UmVmZXJlbmNlPjwvZHNpZzpTaWduZWRJbmZvPjxkc2lnOlNpZ25hdHVyZVZh" - + "bHVlPm11V2IzOVRhZ0NkM053V2N1NWlrRUp1SnBaZG5lZFJEY2RtMTdJWnYrT0VWRXRxeWxSdXIvd1g2QUdVQ1UvUF" - + "UKWm5DdWROR1ZwQ0hMWXpIaXBONWM4b2JtbmhsbElOb1NFTk81b3Y1amlNb05Lb2RBZXhKSU42bVpPREJkL1RtVApt" - + "NzBWaVd5ckdVTGJJWWwvd2hsdjFsZ2EzSjhjeDhLU29QejhTd05MMnF3VWoydG8vQWhnNGtjSmxxT3MyNVlNCk5YL3" - + "dhSW53NkRSN05HQ0pvRStaWlNwcEh3d1FtNnYrOUhZOUU4NnNlQkFBUHhJOU0xako0WldiMzI5akZ0aUEKcXZiOHM2" - + "anhyMmxsOHVWYWdxWENZaFg5K1dOUXdheXFZTCtPdzhPcGxVem9OMVRpS2hSbVFLWkl3S1lDMVo4eQpLK3ZqQWxRTz" - + "JhT05zNEhVaG9SNmQyNmUvTVUxZmJlWEhxVHpyZmI5R1hXSHl0dFRkanhiemtaQTFGODJsUUZvCjUrVnpjTUhRUmc3" - + "c0RKODY1Wk1zM3BwY2VoLzlaU2ZvT2Y1SFlEUFl1V2VjT0RpZ1pRWVh0TVlwdVBRVGsrQ20KczlaSkd6QlYybGVtZk" - + "5DOVFVNzh0Zm42cDFVWnJTTG5zWGFYbVVjOEVjNTNQaUhBT3Z6blh0QjVjRW5hV2daMgp1TGVGOEtTUmw2SjBlTlE5" - + "SkRQZ1NOMHNmYWxiVkNkaENUTlFtclJ0T2pVZjNlN3UzeElNelJ1Zm4wb2o2SHRwCnQzaEVESFhuSS9kTk1scHBSSX" - + "l4cGQxbFo5bXJYZklLcnJMZVdxdGd3cFB1OTRoVUhRL2VKejFrMy9IM0h6M2QKWkR4dkFFYzNTRERkb1FXeS9HUGZp" - + "cXNwRWZjbGd0SkNKQ2E4L2t2dTdSVT08L2RzaWc6U2lnbmF0dXJlVmFsdWU+PGRzaWc6S2V5SW5mbz48ZHNpZzpYNT" - + "A5RGF0YT48ZHNpZzpYNTA5Q2VydGlmaWNhdGU+TUlJRlpEQ0NBMHlnQXdJQkFnSUpBSmF2K3plcVUvRE1NQTBHQ1Nx" - + "R1NJYjNEUUVCQ3dVQU1Gd3hDekFKQmdOVgpCQVlUQWtGVU1RMHdDd1lEVlFRS0V3UkZSMGxhTVJZd0ZBWURWUVFMRX" - + "cxVGIyWjBkMkZ5WlVOaGNtUnpNU1l3CkpBWURWUVFERkIxVVpYTjBYMU52Wm5SM1lYSmxZMkZ5WkhOZlNVUk1YMU5w" - + "WjI1bGNqQWVGdzB4TmpFd01UZ3gKTURNNU1EZGFGdzB4T1RBM01UUXhNRE01TURkYU1Gd3hDekFKQmdOVkJBWVRBa0" - + "ZVTVEwd0N3WURWUVFLRXdSRgpSMGxhTVJZd0ZBWURWUVFMRXcxVGIyWjBkMkZ5WlVOaGNtUnpNU1l3SkFZRFZRUURG" - + "QjFVWlhOMFgxTnZablIzCllYSmxZMkZ5WkhOZlNVUk1YMU5wWjI1bGNqQ0NBaUl3RFFZSktvWklodmNOQVFFQkJRQU" - + "RnZ0lQQURDQ0Fnb0MKZ2dJQkFMa0xndCtNRlR4TGZSemNFSVowYnljSUZnN2cvSFBON1FXSVo2N2JIenJiNmVoZWJ6" - + "RjlWaW56RFpYQwprZktXZFVKYmtOU3VXS1dycDJYNjJmN29HaGRxSzB5RmMrRGxvK09wSURnUWlXQ3BCZktKbzhjUF" - + "dzaUFtTnVUCnhXVmFnVTVmYUkxaDd4dnZPVk15YldlOTJuaXZmcUxPdUV4Nld2WC9Vb0lhd1JIVjJWbVBHRmdab2NN" - + "NUcwWDYKYlVWRXBxeEFhM3FPSWxScjBwb0IrUkEwUEE4NmhScFJZYWwvT3I5M0Q4QmZRSDVsOHpWOVFjdlBlL0tlSl" - + "NwSgpIZ0dXbUVzNTkzTHROdUExUnYxaURwdXUxMHk3QzJGZU1CdmNVcFJrUjdXQWo3dklZVnRRSUxYQ2gxRmhmTjFi" - + "CkhnNnhMVlR5c2hsZ1VuN0FSUUpZb0ozdG9nZEdhbURSbG5LVTJyWE45ajg4VHc2ZkFkY0N2V2JXVnRqeThwTmoKV0" - + "xrVkpNbEZXZGZPNi81TEF2YTFIeFJPTWhGeDdRT1BoT3plbWV0Q3RUMmZJNEZUQWs5VnlmOXdUVVFPTDhzcQpLNzN0" - + "MUE0MTlsWVM4V3VVQ3pIRHhMdWpMaVR1d29JVWd6TU4vYnFNRVpyb2dQTFkyS2o0dm1aTVo0Z1UyUFU3Cll3K1hmYW" - + "5nMysveUsxZ1lORWVicGR2UGk4U1ZVQW51cy9DZm1kd2RuOU8vbmFXaUJwamMwNkdKdk1iZWdqeHcKb1BCTTVjMFNr" - + "Q1I1eENheWdaTDJPQnBSTUtnZGZyazRrMHBqNVpVbSttdHJPR29qdFJaSkVaUUNCcFZQazF5RAozTDQvWjRBWm9mT2" - + "84ZFNrVVIreEpOMG9LbklkZm5kdkJ4TkY0c3hZNEl3T3ZGUnJBZ01CQUFHaktUQW5NQWtHCkExVWRFd1FDTUFBd0N3" - + "WURWUjBQQkFRREFnV2dNQTBHQnlvb0FBb0JCd0VFQWdVQU1BMEdDU3FHU0liM0RRRUIKQ3dVQUE0SUNBUUJjRUQ3dE" - + "U4cW1Bd0ZCZGh5b3oxRDh5b2RFWm1tZFhad2tzQS9rSStvKzV3UXM2WS9xdnc3agorZUJ2bGN0eVhDWFdoMWVGZWIv" - + "RmFpQTVDcG9hazhOYy9vWTdUL3lCajVnZktIbE5xVlQxb3dhQmtIc0VZTUJ2CmFVWHh5RENibkZNem5KZmt4amJ2Rm" - + "JRZGQxaGNlSmh0OER4K2lrcEI2TUpIcUhJRXJ5MFdXZ2YzSmRONVBFcnIKQVRuZGpCRTRCYVRaMnE2c0N2K1NkSzYw" - + "TWswbVlBNmw2blNDOWVCOEc5QzRiQTFjUUVPdTYrRlBtRnpTa2lJRgp0ZW1BMXRqUW5oeEtaWmlnenhJTjNFUUFucS" - + "8yM2pmK0NreEF0NUdrcFVqcUY1YnFLSTFuZXJKT2duNEptNWo2CnNQWkdwR2xsekhMQmF5YmZZNjNBejRzRVJDMjhP" - + "bHFGdzF2eFFzNGhXSVdOV0VBTUYzT3o0K3BZZzRPSUloNUMKTnIxYXFKZ3NzV2ZPWnJYMktTejJ2cXJab1U2N3pxOD" - + "RNUWNKVFNtZ0tWQmI5T25yQzV0WW41WVZVbHlkUFBqcgpVbTBpSGxXQzBNRmlJZ1N6eDZUaTJIblBnYzBVSHNBNklw" - + "U1RvK1V1ZllZTkRpRkNzc1JidTRyMC9TeXE0TVAzCmdoWVhkUDlUajBGSVN6MlR2TTZZUWZ6SGVqOTRiWmNWTnduRj" - + "RwV0VuR1p0QmJOVnZKUnc5aUpISGtEV0xpWU0KMUI3M3pzNytwQThZZ0txRXhESFhjMVNob3U1SHZTdVRYU21hVE1V" - + "SHJDa2hvdEhmcHFZaHJKaUFtSitPZnROdgo2b3hNUGZOaFpnMDFlT290bTFKK1dWMm1KYmdjUFROU0MxT05jU0ZkUT" - + "V2WlpMTDI0SjJIY3c9PTwvZHNpZzpYNTA5Q2VydGlmaWNhdGU+PC9kc2lnOlg1MDlEYXRhPjwvZHNpZzpLZXlJbmZv" - + "Pjxkc2lnOk9iamVjdD48ZHNpZzpNYW5pZmVzdCBJZD0ibWFuaWZlc3QiPjxkc2lnOlJlZmVyZW5jZSBVUkk9IiI+PG" - + "RzaWc6VHJhbnNmb3Jtcz48ZHNpZzpUcmFuc2Zvcm0gQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy9UUi8xOTk5" - + "L1JFQy14cGF0aC0xOTk5MTExNiI+PGRzaWc6WFBhdGggeG1sbnM6ZHNpZz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC" - + "8wOS94bWxkc2lnIyI+bm90KGFuY2VzdG9yLW9yLXNlbGY6OmRzaWc6U2lnbmF0dXJlKTwvZHNpZzpYUGF0aD48L2Rz" - + "aWc6VHJhbnNmb3JtPjwvZHNpZzpUcmFuc2Zvcm1zPjxkc2lnOkRpZ2VzdE1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly" - + "93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNzaGExIi8+PGRzaWc6RGlnZXN0VmFsdWU+QXN4VHprWmRBWUM0U0s1" - + "cTh5c0pLVDd5ZHVRPTwvZHNpZzpEaWdlc3RWYWx1ZT48L2RzaWc6UmVmZXJlbmNlPjwvZHNpZzpNYW5pZmVzdD48L2" - + "RzaWc6T2JqZWN0PjwvZHNpZzpTaWduYXR1cmU+PC9zYW1sOkFzc2VydGlvbj4="; + + "cl9YWFhUw7x6ZWvDp2kiIElzc3VlSW5zdGFudD0iMjAxOS0wMy0wNFQxNTo1MzowNCswMTowMCIgSXNzdWVyPSJodH" + + "RwOi8vcG9ydGFsLmJtaS5ndi5hdC9yZWYvc3pyL2lzc3VlciIgTWFqb3JWZXJzaW9uPSIxIiBNaW5vclZlcnNpb249" + + "IjAiIHhtbG5zOmRzaWc9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyMiIHhtbG5zOmVjZHNhPSJodH" + + "RwOi8vd3d3LnczLm9yZy8yMDAxLzA0L3htbGRzaWctbW9yZSMiIHhtbG5zOnByPSJodHRwOi8vcmVmZXJlbmNlLmUt" + + "Z292ZXJubWVudC5ndi5hdC9uYW1lc3BhY2UvcGVyc29uZGF0YS8yMDAyMDIyOCMiIHhtbG5zOnNhbWw9InVybjpvYX" + + "NpczpuYW1lczp0YzpTQU1MOjEuMDphc3NlcnRpb24iIHhtbG5zOnNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hN" + + "TFNjaGVtYS1pbnN0YW5jZSI+Cgk8c2FtbDpBdHRyaWJ1dGVTdGF0ZW1lbnQ+CgkJPHNhbWw6U3ViamVjdD4KCQkJPH" + + "NhbWw6U3ViamVjdENvbmZpcm1hdGlvbj4KCQkJCTxzYW1sOkNvbmZpcm1hdGlvbk1ldGhvZD51cm46b2FzaXM6bmFt" + + "ZXM6dGM6U0FNTDoxLjA6Y206c2VuZGVyLXZvdWNoZXM8L3NhbWw6Q29uZmlybWF0aW9uTWV0aG9kPgoJCQkJPHNhbW" + + "w6U3ViamVjdENvbmZpcm1hdGlvbkRhdGE+CgkJCQkJPHByOlBlcnNvbiBzaTp0eXBlPSJwcjpQaHlzaWNhbFBlcnNv" + + "blR5cGUiPjxwcjpJZGVudGlmaWNhdGlvbj48cHI6VmFsdWU+UlV4SFFWUmxjM1JRUWpCWVdGakZrSHBudzd4eVgxaF" + + "lXRlREdkhwbGE4T25hUT09PC9wcjpWYWx1ZT48cHI6VHlwZT51cm46cHVibGljaWQ6Z3YuYXQ6YmFzZWlkPC9wcjpU" + + "eXBlPjwvcHI6SWRlbnRpZmljYXRpb24+PHByOk5hbWU+PHByOkdpdmVuTmFtZT5YWFjFkHonZ8O8cjwvcHI6R2l2ZW" + + "5OYW1lPjxwcjpGYW1pbHlOYW1lIHByaW1hcnk9InVuZGVmaW5lZCI+WFhYVMO8emVrw6dpPC9wcjpGYW1pbHlOYW1l" + + "PjwvcHI6TmFtZT48cHI6RGF0ZU9mQmlydGg+MTk3My0wNi0wNDwvcHI6RGF0ZU9mQmlydGg+PC9wcjpQZXJzb24+Cg" + + "kJCQk8L3NhbWw6U3ViamVjdENvbmZpcm1hdGlvbkRhdGE+CgkJCTwvc2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uPgoJ" + + "CTwvc2FtbDpTdWJqZWN0PgoJCTxzYW1sOkF0dHJpYnV0ZSBBdHRyaWJ1dGVOYW1lPSJDaXRpemVuUHVibGljS2V5Ii" + + "BBdHRyaWJ1dGVOYW1lc3BhY2U9InVybjpwdWJsaWNpZDpndi5hdDpuYW1lc3BhY2VzOmlkZW50aXR5bGluazoxLjIi" + + "PjxzYW1sOkF0dHJpYnV0ZVZhbHVlPjxkc2lnOlJTQUtleVZhbHVlPjxkc2lnOk1vZHVsdXM+L1VLUkZIYkFhRWtnVm" + + "RnTTFTRE9KaldIcUszN3JKWVN0UHF0VVh6bzlWTm9yTzgzWW95emE5YjBkcDdtdVM4b2paMjRZRVBMUUZ3WQpCSVpk" + + "bTROSHJBNXZsVlZrRGV1Qng2bVRwRXBldTdkMkUzd3VZbVFXTjQxUXhWajZPcFhvSHRzek9jajd1Rm9mem1SR09PVU" + + "IzNUxDCkg2QzBMTFpJNTU5a3BPbmFxa2RLbU83dnduYVE0eTEwcHpCdjJ3U3BTZnY0djlIV3NCYUYxUWtYNmlmQ3lB" + + "bklLS3FKczR6S1RuK2EKR0kvS0FKOXdoam9GQk9yd1MzTlFpK1ZSVGxPYTdKdHdxeHBJZUYrT3c0R2wzaWdVb2szaG" + + "tsYlUyeElYcG5VeXNQYWhqUTBMNm5ORApZVHVmUC9jRmxrNWkvR1BZdmtONjJHd0Z4Rko1bDBoL1A3QWtJaCtWZmRC" + + "L0Q3SFVYaC9PV2dmek9MK2ZFRGdiL1dHM1BNenlObVFNCm5QQkdQb21hdGFOREtla0hhNUYwOUxFUHR5L0ZwMDUxLz" + + "FEUTZUMXhzamZ5ZG11aVZsWDZIRUZqZjFkYmQ4cUtGRm5TQ3NxRHBQdUQKR0hNcStKS0lmN25HQWtYSWxraTA1Nzd1" + + "bzM0MmxaeHBUVlRGVkFGdkJHS0Z6azNlQzMyT0NwOUo8L2RzaWc6TW9kdWx1cz48ZHNpZzpFeHBvbmVudD5BUUFCPC" + + "9kc2lnOkV4cG9uZW50PjwvZHNpZzpSU0FLZXlWYWx1ZT48L3NhbWw6QXR0cmlidXRlVmFsdWU+PC9zYW1sOkF0dHJp" + + "YnV0ZT48c2FtbDpBdHRyaWJ1dGUgQXR0cmlidXRlTmFtZT0iQ2l0aXplblB1YmxpY0tleSIgQXR0cmlidXRlTmFtZX" + + "NwYWNlPSJ1cm46cHVibGljaWQ6Z3YuYXQ6bmFtZXNwYWNlczppZGVudGl0eWxpbms6MS4yIj48c2FtbDpBdHRyaWJ1" + + "dGVWYWx1ZT48ZHNpZzpSU0FLZXlWYWx1ZT48ZHNpZzpNb2R1bHVzPnlQWGJhcEZhYXBycWlmVXVJaUxzR0FMaVdTTG" + + "RsUGNRN0VGZGZ5UzM0RVNJNGEyQnMwbUxTbm5FY1djeHJjWlgzcmxJUXBKaklwb1UKQStSRG9sNVBrU3BoSENMNkl2" + + "SVFNZmtreEg1Z0s2akN6VFNWOVJFVm1xUlRFMXNxUmNCUUduRFlwMjZwSFFoYzBHSG13NnVqeCtQTwp1dlE2Mm9hUU" + + "lxUXZ0T2ZLWFBReXlXTDE5clhXOTcrRUcweTBLd2VpOHRWY01uamJ5ZEtNL3Z5d01Fb3FFcU1mMEYrR0tjd3A3ZW50" + + "ClpzcnVEVEgrY0tJYnBXdUpLZzAwVUhraG45QWZkYlBXdzZWOWUrQmhxU0lYcTBoaEhmSkNBdzZwWXVYaVY2dE9ESl" + + "BGdnUxN1diQnQKV3B1ejJOR1RMU3Y3NXJlaklCa09TMk5MS0FmV3JhVmhUaDY3Vnc9PTwvZHNpZzpNb2R1bHVzPjxk" + + "c2lnOkV4cG9uZW50PkFRQUI8L2RzaWc6RXhwb25lbnQ+PC9kc2lnOlJTQUtleVZhbHVlPjwvc2FtbDpBdHRyaWJ1dG" + + "VWYWx1ZT48L3NhbWw6QXR0cmlidXRlPgoJPC9zYW1sOkF0dHJpYnV0ZVN0YXRlbWVudD4KPGRzaWc6U2lnbmF0dXJl" + + "IHhtbG5zOmRzaWc9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyMiPjxkc2lnOlNpZ25lZEluZm8+PG" + + "RzaWc6Q2Fub25pY2FsaXphdGlvbk1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMTAveG1s" + + "LWV4Yy1jMTRuIyIvPjxkc2lnOlNpZ25hdHVyZU1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMD" + + "AvMDkveG1sZHNpZyNyc2Etc2hhMSIvPjxkc2lnOlJlZmVyZW5jZSBVUkk9IiI+PGRzaWc6VHJhbnNmb3Jtcz48ZHNp" + + "ZzpUcmFuc2Zvcm0gQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy9UUi8xOTk5L1JFQy14cGF0aC0xOTk5MTExNi" + + "I+PGRzaWc6WFBhdGg+bm90KGFuY2VzdG9yLW9yLXNlbGY6OnByOklkZW50aWZpY2F0aW9uKTwvZHNpZzpYUGF0aD48" + + "L2RzaWc6VHJhbnNmb3JtPjxkc2lnOlRyYW5zZm9ybSBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMD" + + "kveG1sZHNpZyNlbnZlbG9wZWQtc2lnbmF0dXJlIi8+PC9kc2lnOlRyYW5zZm9ybXM+PGRzaWc6RGlnZXN0TWV0aG9k" + + "IEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnI3NoYTEiLz48ZHNpZzpEaWdlc3RWYW" + + "x1ZT43TmZyRUJKZGw4NTRyZG1BaDFjdFEyWDdXTWM9PC9kc2lnOkRpZ2VzdFZhbHVlPjwvZHNpZzpSZWZlcmVuY2U+" + + "PGRzaWc6UmVmZXJlbmNlIFR5cGU9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNNYW5pZmVzdCIgVV" + + "JJPSIjbWFuaWZlc3QiPjxkc2lnOkRpZ2VzdE1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAv" + + "MDkveG1sZHNpZyNzaGExIi8+PGRzaWc6RGlnZXN0VmFsdWU+aGZnOHphM21ZcXU1UVNiVXpYSHhEZTUvU05FPTwvZH" + + "NpZzpEaWdlc3RWYWx1ZT48L2RzaWc6UmVmZXJlbmNlPjwvZHNpZzpTaWduZWRJbmZvPjxkc2lnOlNpZ25hdHVyZVZh" + + "bHVlPm11V2IzOVRhZ0NkM053V2N1NWlrRUp1SnBaZG5lZFJEY2RtMTdJWnYrT0VWRXRxeWxSdXIvd1g2QUdVQ1UvUF" + + "UKWm5DdWROR1ZwQ0hMWXpIaXBONWM4b2JtbmhsbElOb1NFTk81b3Y1amlNb05Lb2RBZXhKSU42bVpPREJkL1RtVApt" + + "NzBWaVd5ckdVTGJJWWwvd2hsdjFsZ2EzSjhjeDhLU29QejhTd05MMnF3VWoydG8vQWhnNGtjSmxxT3MyNVlNCk5YL3" + + "dhSW53NkRSN05HQ0pvRStaWlNwcEh3d1FtNnYrOUhZOUU4NnNlQkFBUHhJOU0xako0WldiMzI5akZ0aUEKcXZiOHM2" + + "anhyMmxsOHVWYWdxWENZaFg5K1dOUXdheXFZTCtPdzhPcGxVem9OMVRpS2hSbVFLWkl3S1lDMVo4eQpLK3ZqQWxRTz" + + "JhT05zNEhVaG9SNmQyNmUvTVUxZmJlWEhxVHpyZmI5R1hXSHl0dFRkanhiemtaQTFGODJsUUZvCjUrVnpjTUhRUmc3" + + "c0RKODY1Wk1zM3BwY2VoLzlaU2ZvT2Y1SFlEUFl1V2VjT0RpZ1pRWVh0TVlwdVBRVGsrQ20KczlaSkd6QlYybGVtZk" + + "5DOVFVNzh0Zm42cDFVWnJTTG5zWGFYbVVjOEVjNTNQaUhBT3Z6blh0QjVjRW5hV2daMgp1TGVGOEtTUmw2SjBlTlE5" + + "SkRQZ1NOMHNmYWxiVkNkaENUTlFtclJ0T2pVZjNlN3UzeElNelJ1Zm4wb2o2SHRwCnQzaEVESFhuSS9kTk1scHBSSX" + + "l4cGQxbFo5bXJYZklLcnJMZVdxdGd3cFB1OTRoVUhRL2VKejFrMy9IM0h6M2QKWkR4dkFFYzNTRERkb1FXeS9HUGZp" + + "cXNwRWZjbGd0SkNKQ2E4L2t2dTdSVT08L2RzaWc6U2lnbmF0dXJlVmFsdWU+PGRzaWc6S2V5SW5mbz48ZHNpZzpYNT" + + "A5RGF0YT48ZHNpZzpYNTA5Q2VydGlmaWNhdGU+TUlJRlpEQ0NBMHlnQXdJQkFnSUpBSmF2K3plcVUvRE1NQTBHQ1Nx" + + "R1NJYjNEUUVCQ3dVQU1Gd3hDekFKQmdOVgpCQVlUQWtGVU1RMHdDd1lEVlFRS0V3UkZSMGxhTVJZd0ZBWURWUVFMRX" + + "cxVGIyWjBkMkZ5WlVOaGNtUnpNU1l3CkpBWURWUVFERkIxVVpYTjBYMU52Wm5SM1lYSmxZMkZ5WkhOZlNVUk1YMU5w" + + "WjI1bGNqQWVGdzB4TmpFd01UZ3gKTURNNU1EZGFGdzB4T1RBM01UUXhNRE01TURkYU1Gd3hDekFKQmdOVkJBWVRBa0" + + "ZVTVEwd0N3WURWUVFLRXdSRgpSMGxhTVJZd0ZBWURWUVFMRXcxVGIyWjBkMkZ5WlVOaGNtUnpNU1l3SkFZRFZRUURG" + + "QjFVWlhOMFgxTnZablIzCllYSmxZMkZ5WkhOZlNVUk1YMU5wWjI1bGNqQ0NBaUl3RFFZSktvWklodmNOQVFFQkJRQU" + + "RnZ0lQQURDQ0Fnb0MKZ2dJQkFMa0xndCtNRlR4TGZSemNFSVowYnljSUZnN2cvSFBON1FXSVo2N2JIenJiNmVoZWJ6" + + "RjlWaW56RFpYQwprZktXZFVKYmtOU3VXS1dycDJYNjJmN29HaGRxSzB5RmMrRGxvK09wSURnUWlXQ3BCZktKbzhjUF" + + "dzaUFtTnVUCnhXVmFnVTVmYUkxaDd4dnZPVk15YldlOTJuaXZmcUxPdUV4Nld2WC9Vb0lhd1JIVjJWbVBHRmdab2NN" + + "NUcwWDYKYlVWRXBxeEFhM3FPSWxScjBwb0IrUkEwUEE4NmhScFJZYWwvT3I5M0Q4QmZRSDVsOHpWOVFjdlBlL0tlSl" + + "NwSgpIZ0dXbUVzNTkzTHROdUExUnYxaURwdXUxMHk3QzJGZU1CdmNVcFJrUjdXQWo3dklZVnRRSUxYQ2gxRmhmTjFi" + + "CkhnNnhMVlR5c2hsZ1VuN0FSUUpZb0ozdG9nZEdhbURSbG5LVTJyWE45ajg4VHc2ZkFkY0N2V2JXVnRqeThwTmoKV0" + + "xrVkpNbEZXZGZPNi81TEF2YTFIeFJPTWhGeDdRT1BoT3plbWV0Q3RUMmZJNEZUQWs5VnlmOXdUVVFPTDhzcQpLNzN0" + + "MUE0MTlsWVM4V3VVQ3pIRHhMdWpMaVR1d29JVWd6TU4vYnFNRVpyb2dQTFkyS2o0dm1aTVo0Z1UyUFU3Cll3K1hmYW" + + "5nMysveUsxZ1lORWVicGR2UGk4U1ZVQW51cy9DZm1kd2RuOU8vbmFXaUJwamMwNkdKdk1iZWdqeHcKb1BCTTVjMFNr" + + "Q1I1eENheWdaTDJPQnBSTUtnZGZyazRrMHBqNVpVbSttdHJPR29qdFJaSkVaUUNCcFZQazF5RAozTDQvWjRBWm9mT2" + + "84ZFNrVVIreEpOMG9LbklkZm5kdkJ4TkY0c3hZNEl3T3ZGUnJBZ01CQUFHaktUQW5NQWtHCkExVWRFd1FDTUFBd0N3" + + "WURWUjBQQkFRREFnV2dNQTBHQnlvb0FBb0JCd0VFQWdVQU1BMEdDU3FHU0liM0RRRUIKQ3dVQUE0SUNBUUJjRUQ3dE" + + "U4cW1Bd0ZCZGh5b3oxRDh5b2RFWm1tZFhad2tzQS9rSStvKzV3UXM2WS9xdnc3agorZUJ2bGN0eVhDWFdoMWVGZWIv" + + "RmFpQTVDcG9hazhOYy9vWTdUL3lCajVnZktIbE5xVlQxb3dhQmtIc0VZTUJ2CmFVWHh5RENibkZNem5KZmt4amJ2Rm" + + "JRZGQxaGNlSmh0OER4K2lrcEI2TUpIcUhJRXJ5MFdXZ2YzSmRONVBFcnIKQVRuZGpCRTRCYVRaMnE2c0N2K1NkSzYw" + + "TWswbVlBNmw2blNDOWVCOEc5QzRiQTFjUUVPdTYrRlBtRnpTa2lJRgp0ZW1BMXRqUW5oeEtaWmlnenhJTjNFUUFucS" + + "8yM2pmK0NreEF0NUdrcFVqcUY1YnFLSTFuZXJKT2duNEptNWo2CnNQWkdwR2xsekhMQmF5YmZZNjNBejRzRVJDMjhP" + + "bHFGdzF2eFFzNGhXSVdOV0VBTUYzT3o0K3BZZzRPSUloNUMKTnIxYXFKZ3NzV2ZPWnJYMktTejJ2cXJab1U2N3pxOD" + + "RNUWNKVFNtZ0tWQmI5T25yQzV0WW41WVZVbHlkUFBqcgpVbTBpSGxXQzBNRmlJZ1N6eDZUaTJIblBnYzBVSHNBNklw" + + "U1RvK1V1ZllZTkRpRkNzc1JidTRyMC9TeXE0TVAzCmdoWVhkUDlUajBGSVN6MlR2TTZZUWZ6SGVqOTRiWmNWTnduRj" + + "RwV0VuR1p0QmJOVnZKUnc5aUpISGtEV0xpWU0KMUI3M3pzNytwQThZZ0txRXhESFhjMVNob3U1SHZTdVRYU21hVE1V" + + "SHJDa2hvdEhmcHFZaHJKaUFtSitPZnROdgo2b3hNUGZOaFpnMDFlT290bTFKK1dWMm1KYmdjUFROU0MxT05jU0ZkUT" + + "V2WlpMTDI0SjJIY3c9PTwvZHNpZzpYNTA5Q2VydGlmaWNhdGU+PC9kc2lnOlg1MDlEYXRhPjwvZHNpZzpLZXlJbmZv" + + "Pjxkc2lnOk9iamVjdD48ZHNpZzpNYW5pZmVzdCBJZD0ibWFuaWZlc3QiPjxkc2lnOlJlZmVyZW5jZSBVUkk9IiI+PG" + + "RzaWc6VHJhbnNmb3Jtcz48ZHNpZzpUcmFuc2Zvcm0gQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy9UUi8xOTk5" + + "L1JFQy14cGF0aC0xOTk5MTExNiI+PGRzaWc6WFBhdGggeG1sbnM6ZHNpZz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC" + + "8wOS94bWxkc2lnIyI+bm90KGFuY2VzdG9yLW9yLXNlbGY6OmRzaWc6U2lnbmF0dXJlKTwvZHNpZzpYUGF0aD48L2Rz" + + "aWc6VHJhbnNmb3JtPjwvZHNpZzpUcmFuc2Zvcm1zPjxkc2lnOkRpZ2VzdE1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly" + + "93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNzaGExIi8+PGRzaWc6RGlnZXN0VmFsdWU+QXN4VHprWmRBWUM0U0s1" + + "cTh5c0pLVDd5ZHVRPTwvZHNpZzpEaWdlc3RWYWx1ZT48L2RzaWc6UmVmZXJlbmNlPjwvZHNpZzpNYW5pZmVzdD48L2" + + "RzaWc6T2JqZWN0PjwvZHNpZzpTaWduYXR1cmU+PC9zYW1sOkFzc2VydGlvbj4="; @Test public void dummyTest() throws Exception { - } - - @Test public void buildAuthDataWithIdlOnly_2_without_flag() throws Exception { buildAuthDataWithIdlOnly_2(null, "XXXŐz'gür", "XXXTüzekçi"); @@ -143,7 +142,6 @@ public class AuthenticationDataBuilderTest { } - @Test public void buildAuthDataWithIdlOnly_2_with_flag_true() throws Exception { buildAuthDataWithIdlOnly_2(true, "XXXŐz'gür", "XXXTüzekçi"); @@ -203,7 +201,6 @@ public class AuthenticationDataBuilderTest { throw new Exception("DateOfBirth wrong"); } - if (!authData.getIdentificationValue() .equals("RUxHQVRlc3RQQjBYWFjFkHpnw7xyX1hYWFTDvHpla8OnaQ==")) { throw new Exception("baseId wrong"); diff --git a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/auth/IdentityLinkTest.java b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/auth/IdentityLinkTest.java index db97f4ca..16c2079a 100644 --- a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/auth/IdentityLinkTest.java +++ b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/auth/IdentityLinkTest.java @@ -20,82 +20,84 @@ import at.gv.egiz.eaaf.core.impl.idp.auth.data.SimpleIdentityLinkAssertionParser @RunWith(BlockJUnit4ClassRunner.class) public class IdentityLinkTest { - - private IdentityLink idl = null; - - /** - * jUnit test set-up. - * @throws EaafParserException In case of an error - * @throws UnsupportedEncodingException In case of an unsupported encoding - */ - @Before - public void testInit() throws EaafParserException, UnsupportedEncodingException { - idl = (IdentityLink) new SimpleIdentityLinkAssertionParser( - new ByteArrayInputStream(Base64Utils.decode(AuthenticationDataBuilderTest.DUMMY_IDL_2.getBytes("UTF-8")))).parseIdentityLink(); - - } - - @Test - public void checkElement() { - Assert.assertNotNull("DateOfBirth", idl.getDateOfBirth()); - Assert.assertNotNull("FamilyName", idl.getFamilyName()); - Assert.assertNotNull("GivenNamae", idl.getGivenName()); - Assert.assertNotNull("baseIdType", idl.getIdentificationType()); - Assert.assertNotNull("baseid", idl.getIdentificationValue()); - Assert.assertNotNull("IssuerInstant", idl.getIssueInstant()); - Assert.assertNotNull("name", idl.getName()); - Assert.assertNotNull("prPerson", idl.getPrPerson()); - Assert.assertNotNull("Assertion element", idl.getSamlAssertion()); - Assert.assertNotNull("Assertion serialized", idl.getSerializedSamlAssertion()); - Assert.assertNotNull("Transform ref", idl.getDsigReferenceTransforms()); - Assert.assertEquals("Transform Size not match", 1, idl.getDsigReferenceTransforms().length); - - } - - @Test - public void checkPubKeys() { - PublicKey[] publicKey = new RSAPublicKey[2]; - publicKey[0] = generatePubKey(); - publicKey[1] = generatePubKey(); - - idl.setPublicKey(publicKey ); - - Assert.assertNotNull("PubKey", idl.getPublicKey()); - Assert.assertEquals("PubKeys not match", publicKey.length, idl.getPublicKey().length); - - } - - private PublicKey generatePubKey() { - return new RSAPublicKey() { - private static final long serialVersionUID = 1L; - - @Override - public BigInteger getModulus() { - return new BigInteger(RandomStringUtils.randomNumeric(10)); - } - - @Override - public String getFormat() { - // TODO Auto-generated method stub - return null; - } - - @Override - public byte[] getEncoded() { - // TODO Auto-generated method stub - return null; - } - - @Override - public String getAlgorithm() { - // TODO Auto-generated method stub - return null; - } - - @Override - public BigInteger getPublicExponent() { - return new BigInteger(RandomStringUtils.randomNumeric(2)); - } - }; - } + + private IdentityLink idl = null; + + /** + * jUnit test set-up. + * + * @throws EaafParserException In case of an error + * @throws UnsupportedEncodingException In case of an unsupported encoding + */ + @Before + public void testInit() throws EaafParserException, UnsupportedEncodingException { + idl = (IdentityLink) new SimpleIdentityLinkAssertionParser( + new ByteArrayInputStream(Base64Utils.decode(AuthenticationDataBuilderTest.DUMMY_IDL_2.getBytes( + "UTF-8")))).parseIdentityLink(); + + } + + @Test + public void checkElement() { + Assert.assertNotNull("DateOfBirth", idl.getDateOfBirth()); + Assert.assertNotNull("FamilyName", idl.getFamilyName()); + Assert.assertNotNull("GivenNamae", idl.getGivenName()); + Assert.assertNotNull("baseIdType", idl.getIdentificationType()); + Assert.assertNotNull("baseid", idl.getIdentificationValue()); + Assert.assertNotNull("IssuerInstant", idl.getIssueInstant()); + Assert.assertNotNull("name", idl.getName()); + Assert.assertNotNull("prPerson", idl.getPrPerson()); + Assert.assertNotNull("Assertion element", idl.getSamlAssertion()); + Assert.assertNotNull("Assertion serialized", idl.getSerializedSamlAssertion()); + Assert.assertNotNull("Transform ref", idl.getDsigReferenceTransforms()); + Assert.assertEquals("Transform Size not match", 1, idl.getDsigReferenceTransforms().length); + + } + + @Test + public void checkPubKeys() { + final PublicKey[] publicKey = new RSAPublicKey[2]; + publicKey[0] = generatePubKey(); + publicKey[1] = generatePubKey(); + + idl.setPublicKey(publicKey); + + Assert.assertNotNull("PubKey", idl.getPublicKey()); + Assert.assertEquals("PubKeys not match", publicKey.length, idl.getPublicKey().length); + + } + + private PublicKey generatePubKey() { + return new RSAPublicKey() { + private static final long serialVersionUID = 1L; + + @Override + public BigInteger getModulus() { + return new BigInteger(RandomStringUtils.randomNumeric(10)); + } + + @Override + public String getFormat() { + // TODO Auto-generated method stub + return null; + } + + @Override + public byte[] getEncoded() { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getAlgorithm() { + // TODO Auto-generated method stub + return null; + } + + @Override + public BigInteger getPublicExponent() { + return new BigInteger(RandomStringUtils.randomNumeric(2)); + } + }; + } } diff --git a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/auth/TestAuthenticationDataBuilder.java b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/auth/TestAuthenticationDataBuilder.java index 3e21c211..229076a6 100644 --- a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/auth/TestAuthenticationDataBuilder.java +++ b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/auth/TestAuthenticationDataBuilder.java @@ -2,7 +2,7 @@ package at.gv.egiz.eaaf.core.impl.idp.auth; import at.gv.egiz.eaaf.core.api.IRequest; import at.gv.egiz.eaaf.core.api.idp.IAuthData; -import at.gv.egiz.eaaf.core.api.idp.IspConfiguration; +import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration; import at.gv.egiz.eaaf.core.api.idp.auth.data.IAuthProcessDataContainer; import at.gv.egiz.eaaf.core.exceptions.EaafAuthenticationException; import at.gv.egiz.eaaf.core.exceptions.EaafBuilderException; @@ -45,7 +45,7 @@ public class TestAuthenticationDataBuilder extends AbstractAuthenticationDataBui @Override protected Pair<String, String> getEncryptedBpkFromPvpAttribute( final IAuthProcessDataContainer authProcessDataContainer, final AuthenticationData authData, - final IspConfiguration spConfig) throws EaafBuilderException { + final ISpConfiguration spConfig) throws EaafBuilderException { // TODO Auto-generated method stub return null; } @@ -57,5 +57,4 @@ public class TestAuthenticationDataBuilder extends AbstractAuthenticationDataBui return null; } - } diff --git a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/auth/attributes/AbstractAttributeBuilderTest.java b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/auth/attributes/AbstractAttributeBuilderTest.java index 8619b58f..96e870ee 100644 --- a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/auth/attributes/AbstractAttributeBuilderTest.java +++ b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/auth/attributes/AbstractAttributeBuilderTest.java @@ -3,6 +3,11 @@ package at.gv.egiz.eaaf.core.impl.idp.auth.attributes; import java.io.ByteArrayInputStream; import java.util.HashMap; import java.util.Map; + +import org.junit.BeforeClass; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.util.Base64Utils; + import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator; import at.gv.egiz.eaaf.core.api.idp.IAuthData; import at.gv.egiz.eaaf.core.exceptions.EaafParserException; @@ -14,117 +19,113 @@ import at.gv.egiz.eaaf.core.impl.idp.builder.SimpleStringAttributeGenerator; import at.gv.egiz.eaaf.core.impl.idp.module.test.DummyConfiguration; import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySpConfiguration; import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl; -import org.junit.BeforeClass; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.util.Base64Utils; public abstract class AbstractAttributeBuilderTest { - @Autowired private TestAuthenticationDataBuilder authBuilder; private static final String DUMMY_IDL_2 = "PHNhbWw6QXNzZXJ0aW9uIEFzc2VydGlvbklEPSJlbGdhdGVzdC5lZ2l6Lmd2LmF0LUFzc2VydGlvbklEWFhYxZB6Z8O8" - + "cl9YWFhUw7x6ZWvDp2kiIElzc3VlSW5zdGFudD0iMjAxOS0wMy0wNFQxNTo1MzowNCswMTowMCIgSXNzdWVyPSJodH" - + "RwOi8vcG9ydGFsLmJtaS5ndi5hdC9yZWYvc3pyL2lzc3VlciIgTWFqb3JWZXJzaW9uPSIxIiBNaW5vclZlcnNpb249" - + "IjAiIHhtbG5zOmRzaWc9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyMiIHhtbG5zOmVjZHNhPSJodH" - + "RwOi8vd3d3LnczLm9yZy8yMDAxLzA0L3htbGRzaWctbW9yZSMiIHhtbG5zOnByPSJodHRwOi8vcmVmZXJlbmNlLmUt" - + "Z292ZXJubWVudC5ndi5hdC9uYW1lc3BhY2UvcGVyc29uZGF0YS8yMDAyMDIyOCMiIHhtbG5zOnNhbWw9InVybjpvYX" - + "NpczpuYW1lczp0YzpTQU1MOjEuMDphc3NlcnRpb24iIHhtbG5zOnNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hN" - + "TFNjaGVtYS1pbnN0YW5jZSI+Cgk8c2FtbDpBdHRyaWJ1dGVTdGF0ZW1lbnQ+CgkJPHNhbWw6U3ViamVjdD4KCQkJPH" - + "NhbWw6U3ViamVjdENvbmZpcm1hdGlvbj4KCQkJCTxzYW1sOkNvbmZpcm1hdGlvbk1ldGhvZD51cm46b2FzaXM6bmFt" - + "ZXM6dGM6U0FNTDoxLjA6Y206c2VuZGVyLXZvdWNoZXM8L3NhbWw6Q29uZmlybWF0aW9uTWV0aG9kPgoJCQkJPHNhbW" - + "w6U3ViamVjdENvbmZpcm1hdGlvbkRhdGE+CgkJCQkJPHByOlBlcnNvbiBzaTp0eXBlPSJwcjpQaHlzaWNhbFBlcnNv" - + "blR5cGUiPjxwcjpJZGVudGlmaWNhdGlvbj48cHI6VmFsdWU+UlV4SFFWUmxjM1JRUWpCWVdGakZrSHBudzd4eVgxaF" - + "lXRlREdkhwbGE4T25hUT09PC9wcjpWYWx1ZT48cHI6VHlwZT51cm46cHVibGljaWQ6Z3YuYXQ6YmFzZWlkPC9wcjpU" - + "eXBlPjwvcHI6SWRlbnRpZmljYXRpb24+PHByOk5hbWU+PHByOkdpdmVuTmFtZT5YWFjFkHonZ8O8cjwvcHI6R2l2ZW" - + "5OYW1lPjxwcjpGYW1pbHlOYW1lIHByaW1hcnk9InVuZGVmaW5lZCI+WFhYVMO8emVrw6dpPC9wcjpGYW1pbHlOYW1l" - + "PjwvcHI6TmFtZT48cHI6RGF0ZU9mQmlydGg+MTk3My0wNi0wNDwvcHI6RGF0ZU9mQmlydGg+PC9wcjpQZXJzb24+Cg" - + "kJCQk8L3NhbWw6U3ViamVjdENvbmZpcm1hdGlvbkRhdGE+CgkJCTwvc2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uPgoJ" - + "CTwvc2FtbDpTdWJqZWN0PgoJCTxzYW1sOkF0dHJpYnV0ZSBBdHRyaWJ1dGVOYW1lPSJDaXRpemVuUHVibGljS2V5Ii" - + "BBdHRyaWJ1dGVOYW1lc3BhY2U9InVybjpwdWJsaWNpZDpndi5hdDpuYW1lc3BhY2VzOmlkZW50aXR5bGluazoxLjIi" - + "PjxzYW1sOkF0dHJpYnV0ZVZhbHVlPjxkc2lnOlJTQUtleVZhbHVlPjxkc2lnOk1vZHVsdXM+L1VLUkZIYkFhRWtnVm" - + "RnTTFTRE9KaldIcUszN3JKWVN0UHF0VVh6bzlWTm9yTzgzWW95emE5YjBkcDdtdVM4b2paMjRZRVBMUUZ3WQpCSVpk" - + "bTROSHJBNXZsVlZrRGV1Qng2bVRwRXBldTdkMkUzd3VZbVFXTjQxUXhWajZPcFhvSHRzek9jajd1Rm9mem1SR09PVU" - + "IzNUxDCkg2QzBMTFpJNTU5a3BPbmFxa2RLbU83dnduYVE0eTEwcHpCdjJ3U3BTZnY0djlIV3NCYUYxUWtYNmlmQ3lB" - + "bklLS3FKczR6S1RuK2EKR0kvS0FKOXdoam9GQk9yd1MzTlFpK1ZSVGxPYTdKdHdxeHBJZUYrT3c0R2wzaWdVb2szaG" - + "tsYlUyeElYcG5VeXNQYWhqUTBMNm5ORApZVHVmUC9jRmxrNWkvR1BZdmtONjJHd0Z4Rko1bDBoL1A3QWtJaCtWZmRC" - + "L0Q3SFVYaC9PV2dmek9MK2ZFRGdiL1dHM1BNenlObVFNCm5QQkdQb21hdGFOREtla0hhNUYwOUxFUHR5L0ZwMDUxLz" - + "FEUTZUMXhzamZ5ZG11aVZsWDZIRUZqZjFkYmQ4cUtGRm5TQ3NxRHBQdUQKR0hNcStKS0lmN25HQWtYSWxraTA1Nzd1" - + "bzM0MmxaeHBUVlRGVkFGdkJHS0Z6azNlQzMyT0NwOUo8L2RzaWc6TW9kdWx1cz48ZHNpZzpFeHBvbmVudD5BUUFCPC" - + "9kc2lnOkV4cG9uZW50PjwvZHNpZzpSU0FLZXlWYWx1ZT48L3NhbWw6QXR0cmlidXRlVmFsdWU+PC9zYW1sOkF0dHJp" - + "YnV0ZT48c2FtbDpBdHRyaWJ1dGUgQXR0cmlidXRlTmFtZT0iQ2l0aXplblB1YmxpY0tleSIgQXR0cmlidXRlTmFtZX" - + "NwYWNlPSJ1cm46cHVibGljaWQ6Z3YuYXQ6bmFtZXNwYWNlczppZGVudGl0eWxpbms6MS4yIj48c2FtbDpBdHRyaWJ1" - + "dGVWYWx1ZT48ZHNpZzpSU0FLZXlWYWx1ZT48ZHNpZzpNb2R1bHVzPnlQWGJhcEZhYXBycWlmVXVJaUxzR0FMaVdTTG" - + "RsUGNRN0VGZGZ5UzM0RVNJNGEyQnMwbUxTbm5FY1djeHJjWlgzcmxJUXBKaklwb1UKQStSRG9sNVBrU3BoSENMNkl2" - + "SVFNZmtreEg1Z0s2akN6VFNWOVJFVm1xUlRFMXNxUmNCUUduRFlwMjZwSFFoYzBHSG13NnVqeCtQTwp1dlE2Mm9hUU" - + "lxUXZ0T2ZLWFBReXlXTDE5clhXOTcrRUcweTBLd2VpOHRWY01uamJ5ZEtNL3Z5d01Fb3FFcU1mMEYrR0tjd3A3ZW50" - + "ClpzcnVEVEgrY0tJYnBXdUpLZzAwVUhraG45QWZkYlBXdzZWOWUrQmhxU0lYcTBoaEhmSkNBdzZwWXVYaVY2dE9ESl" - + "BGdnUxN1diQnQKV3B1ejJOR1RMU3Y3NXJlaklCa09TMk5MS0FmV3JhVmhUaDY3Vnc9PTwvZHNpZzpNb2R1bHVzPjxk" - + "c2lnOkV4cG9uZW50PkFRQUI8L2RzaWc6RXhwb25lbnQ+PC9kc2lnOlJTQUtleVZhbHVlPjwvc2FtbDpBdHRyaWJ1dG" - + "VWYWx1ZT48L3NhbWw6QXR0cmlidXRlPgoJPC9zYW1sOkF0dHJpYnV0ZVN0YXRlbWVudD4KPGRzaWc6U2lnbmF0dXJl" - + "IHhtbG5zOmRzaWc9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyMiPjxkc2lnOlNpZ25lZEluZm8+PG" - + "RzaWc6Q2Fub25pY2FsaXphdGlvbk1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMTAveG1s" - + "LWV4Yy1jMTRuIyIvPjxkc2lnOlNpZ25hdHVyZU1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMD" - + "AvMDkveG1sZHNpZyNyc2Etc2hhMSIvPjxkc2lnOlJlZmVyZW5jZSBVUkk9IiI+PGRzaWc6VHJhbnNmb3Jtcz48ZHNp" - + "ZzpUcmFuc2Zvcm0gQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy9UUi8xOTk5L1JFQy14cGF0aC0xOTk5MTExNi" - + "I+PGRzaWc6WFBhdGg+bm90KGFuY2VzdG9yLW9yLXNlbGY6OnByOklkZW50aWZpY2F0aW9uKTwvZHNpZzpYUGF0aD48" - + "L2RzaWc6VHJhbnNmb3JtPjxkc2lnOlRyYW5zZm9ybSBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMD" - + "kveG1sZHNpZyNlbnZlbG9wZWQtc2lnbmF0dXJlIi8+PC9kc2lnOlRyYW5zZm9ybXM+PGRzaWc6RGlnZXN0TWV0aG9k" - + "IEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnI3NoYTEiLz48ZHNpZzpEaWdlc3RWYW" - + "x1ZT43TmZyRUJKZGw4NTRyZG1BaDFjdFEyWDdXTWM9PC9kc2lnOkRpZ2VzdFZhbHVlPjwvZHNpZzpSZWZlcmVuY2U+" - + "PGRzaWc6UmVmZXJlbmNlIFR5cGU9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNNYW5pZmVzdCIgVV" - + "JJPSIjbWFuaWZlc3QiPjxkc2lnOkRpZ2VzdE1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAv" - + "MDkveG1sZHNpZyNzaGExIi8+PGRzaWc6RGlnZXN0VmFsdWU+aGZnOHphM21ZcXU1UVNiVXpYSHhEZTUvU05FPTwvZH" - + "NpZzpEaWdlc3RWYWx1ZT48L2RzaWc6UmVmZXJlbmNlPjwvZHNpZzpTaWduZWRJbmZvPjxkc2lnOlNpZ25hdHVyZVZh" - + "bHVlPm11V2IzOVRhZ0NkM053V2N1NWlrRUp1SnBaZG5lZFJEY2RtMTdJWnYrT0VWRXRxeWxSdXIvd1g2QUdVQ1UvUF" - + "UKWm5DdWROR1ZwQ0hMWXpIaXBONWM4b2JtbmhsbElOb1NFTk81b3Y1amlNb05Lb2RBZXhKSU42bVpPREJkL1RtVApt" - + "NzBWaVd5ckdVTGJJWWwvd2hsdjFsZ2EzSjhjeDhLU29QejhTd05MMnF3VWoydG8vQWhnNGtjSmxxT3MyNVlNCk5YL3" - + "dhSW53NkRSN05HQ0pvRStaWlNwcEh3d1FtNnYrOUhZOUU4NnNlQkFBUHhJOU0xako0WldiMzI5akZ0aUEKcXZiOHM2" - + "anhyMmxsOHVWYWdxWENZaFg5K1dOUXdheXFZTCtPdzhPcGxVem9OMVRpS2hSbVFLWkl3S1lDMVo4eQpLK3ZqQWxRTz" - + "JhT05zNEhVaG9SNmQyNmUvTVUxZmJlWEhxVHpyZmI5R1hXSHl0dFRkanhiemtaQTFGODJsUUZvCjUrVnpjTUhRUmc3" - + "c0RKODY1Wk1zM3BwY2VoLzlaU2ZvT2Y1SFlEUFl1V2VjT0RpZ1pRWVh0TVlwdVBRVGsrQ20KczlaSkd6QlYybGVtZk" - + "5DOVFVNzh0Zm42cDFVWnJTTG5zWGFYbVVjOEVjNTNQaUhBT3Z6blh0QjVjRW5hV2daMgp1TGVGOEtTUmw2SjBlTlE5" - + "SkRQZ1NOMHNmYWxiVkNkaENUTlFtclJ0T2pVZjNlN3UzeElNelJ1Zm4wb2o2SHRwCnQzaEVESFhuSS9kTk1scHBSSX" - + "l4cGQxbFo5bXJYZklLcnJMZVdxdGd3cFB1OTRoVUhRL2VKejFrMy9IM0h6M2QKWkR4dkFFYzNTRERkb1FXeS9HUGZp" - + "cXNwRWZjbGd0SkNKQ2E4L2t2dTdSVT08L2RzaWc6U2lnbmF0dXJlVmFsdWU+PGRzaWc6S2V5SW5mbz48ZHNpZzpYNT" - + "A5RGF0YT48ZHNpZzpYNTA5Q2VydGlmaWNhdGU+TUlJRlpEQ0NBMHlnQXdJQkFnSUpBSmF2K3plcVUvRE1NQTBHQ1Nx" - + "R1NJYjNEUUVCQ3dVQU1Gd3hDekFKQmdOVgpCQVlUQWtGVU1RMHdDd1lEVlFRS0V3UkZSMGxhTVJZd0ZBWURWUVFMRX" - + "cxVGIyWjBkMkZ5WlVOaGNtUnpNU1l3CkpBWURWUVFERkIxVVpYTjBYMU52Wm5SM1lYSmxZMkZ5WkhOZlNVUk1YMU5w" - + "WjI1bGNqQWVGdzB4TmpFd01UZ3gKTURNNU1EZGFGdzB4T1RBM01UUXhNRE01TURkYU1Gd3hDekFKQmdOVkJBWVRBa0" - + "ZVTVEwd0N3WURWUVFLRXdSRgpSMGxhTVJZd0ZBWURWUVFMRXcxVGIyWjBkMkZ5WlVOaGNtUnpNU1l3SkFZRFZRUURG" - + "QjFVWlhOMFgxTnZablIzCllYSmxZMkZ5WkhOZlNVUk1YMU5wWjI1bGNqQ0NBaUl3RFFZSktvWklodmNOQVFFQkJRQU" - + "RnZ0lQQURDQ0Fnb0MKZ2dJQkFMa0xndCtNRlR4TGZSemNFSVowYnljSUZnN2cvSFBON1FXSVo2N2JIenJiNmVoZWJ6" - + "RjlWaW56RFpYQwprZktXZFVKYmtOU3VXS1dycDJYNjJmN29HaGRxSzB5RmMrRGxvK09wSURnUWlXQ3BCZktKbzhjUF" - + "dzaUFtTnVUCnhXVmFnVTVmYUkxaDd4dnZPVk15YldlOTJuaXZmcUxPdUV4Nld2WC9Vb0lhd1JIVjJWbVBHRmdab2NN" - + "NUcwWDYKYlVWRXBxeEFhM3FPSWxScjBwb0IrUkEwUEE4NmhScFJZYWwvT3I5M0Q4QmZRSDVsOHpWOVFjdlBlL0tlSl" - + "NwSgpIZ0dXbUVzNTkzTHROdUExUnYxaURwdXUxMHk3QzJGZU1CdmNVcFJrUjdXQWo3dklZVnRRSUxYQ2gxRmhmTjFi" - + "CkhnNnhMVlR5c2hsZ1VuN0FSUUpZb0ozdG9nZEdhbURSbG5LVTJyWE45ajg4VHc2ZkFkY0N2V2JXVnRqeThwTmoKV0" - + "xrVkpNbEZXZGZPNi81TEF2YTFIeFJPTWhGeDdRT1BoT3plbWV0Q3RUMmZJNEZUQWs5VnlmOXdUVVFPTDhzcQpLNzN0" - + "MUE0MTlsWVM4V3VVQ3pIRHhMdWpMaVR1d29JVWd6TU4vYnFNRVpyb2dQTFkyS2o0dm1aTVo0Z1UyUFU3Cll3K1hmYW" - + "5nMysveUsxZ1lORWVicGR2UGk4U1ZVQW51cy9DZm1kd2RuOU8vbmFXaUJwamMwNkdKdk1iZWdqeHcKb1BCTTVjMFNr" - + "Q1I1eENheWdaTDJPQnBSTUtnZGZyazRrMHBqNVpVbSttdHJPR29qdFJaSkVaUUNCcFZQazF5RAozTDQvWjRBWm9mT2" - + "84ZFNrVVIreEpOMG9LbklkZm5kdkJ4TkY0c3hZNEl3T3ZGUnJBZ01CQUFHaktUQW5NQWtHCkExVWRFd1FDTUFBd0N3" - + "WURWUjBQQkFRREFnV2dNQTBHQnlvb0FBb0JCd0VFQWdVQU1BMEdDU3FHU0liM0RRRUIKQ3dVQUE0SUNBUUJjRUQ3dE" - + "U4cW1Bd0ZCZGh5b3oxRDh5b2RFWm1tZFhad2tzQS9rSStvKzV3UXM2WS9xdnc3agorZUJ2bGN0eVhDWFdoMWVGZWIv" - + "RmFpQTVDcG9hazhOYy9vWTdUL3lCajVnZktIbE5xVlQxb3dhQmtIc0VZTUJ2CmFVWHh5RENibkZNem5KZmt4amJ2Rm" - + "JRZGQxaGNlSmh0OER4K2lrcEI2TUpIcUhJRXJ5MFdXZ2YzSmRONVBFcnIKQVRuZGpCRTRCYVRaMnE2c0N2K1NkSzYw" - + "TWswbVlBNmw2blNDOWVCOEc5QzRiQTFjUUVPdTYrRlBtRnpTa2lJRgp0ZW1BMXRqUW5oeEtaWmlnenhJTjNFUUFucS" - + "8yM2pmK0NreEF0NUdrcFVqcUY1YnFLSTFuZXJKT2duNEptNWo2CnNQWkdwR2xsekhMQmF5YmZZNjNBejRzRVJDMjhP" - + "bHFGdzF2eFFzNGhXSVdOV0VBTUYzT3o0K3BZZzRPSUloNUMKTnIxYXFKZ3NzV2ZPWnJYMktTejJ2cXJab1U2N3pxOD" - + "RNUWNKVFNtZ0tWQmI5T25yQzV0WW41WVZVbHlkUFBqcgpVbTBpSGxXQzBNRmlJZ1N6eDZUaTJIblBnYzBVSHNBNklw" - + "U1RvK1V1ZllZTkRpRkNzc1JidTRyMC9TeXE0TVAzCmdoWVhkUDlUajBGSVN6MlR2TTZZUWZ6SGVqOTRiWmNWTnduRj" - + "RwV0VuR1p0QmJOVnZKUnc5aUpISGtEV0xpWU0KMUI3M3pzNytwQThZZ0txRXhESFhjMVNob3U1SHZTdVRYU21hVE1V" - + "SHJDa2hvdEhmcHFZaHJKaUFtSitPZnROdgo2b3hNUGZOaFpnMDFlT290bTFKK1dWMm1KYmdjUFROU0MxT05jU0ZkUT" - + "V2WlpMTDI0SjJIY3c9PTwvZHNpZzpYNTA5Q2VydGlmaWNhdGU+PC9kc2lnOlg1MDlEYXRhPjwvZHNpZzpLZXlJbmZv" - + "Pjxkc2lnOk9iamVjdD48ZHNpZzpNYW5pZmVzdCBJZD0ibWFuaWZlc3QiPjxkc2lnOlJlZmVyZW5jZSBVUkk9IiI+PG" - + "RzaWc6VHJhbnNmb3Jtcz48ZHNpZzpUcmFuc2Zvcm0gQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy9UUi8xOTk5" - + "L1JFQy14cGF0aC0xOTk5MTExNiI+PGRzaWc6WFBhdGggeG1sbnM6ZHNpZz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC" - + "8wOS94bWxkc2lnIyI+bm90KGFuY2VzdG9yLW9yLXNlbGY6OmRzaWc6U2lnbmF0dXJlKTwvZHNpZzpYUGF0aD48L2Rz" - + "aWc6VHJhbnNmb3JtPjwvZHNpZzpUcmFuc2Zvcm1zPjxkc2lnOkRpZ2VzdE1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly" - + "93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNzaGExIi8+PGRzaWc6RGlnZXN0VmFsdWU+QXN4VHprWmRBWUM0U0s1" - + "cTh5c0pLVDd5ZHVRPTwvZHNpZzpEaWdlc3RWYWx1ZT48L2RzaWc6UmVmZXJlbmNlPjwvZHNpZzpNYW5pZmVzdD48L2" - + "RzaWc6T2JqZWN0PjwvZHNpZzpTaWduYXR1cmU+PC9zYW1sOkFzc2VydGlvbj4="; + + "cl9YWFhUw7x6ZWvDp2kiIElzc3VlSW5zdGFudD0iMjAxOS0wMy0wNFQxNTo1MzowNCswMTowMCIgSXNzdWVyPSJodH" + + "RwOi8vcG9ydGFsLmJtaS5ndi5hdC9yZWYvc3pyL2lzc3VlciIgTWFqb3JWZXJzaW9uPSIxIiBNaW5vclZlcnNpb249" + + "IjAiIHhtbG5zOmRzaWc9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyMiIHhtbG5zOmVjZHNhPSJodH" + + "RwOi8vd3d3LnczLm9yZy8yMDAxLzA0L3htbGRzaWctbW9yZSMiIHhtbG5zOnByPSJodHRwOi8vcmVmZXJlbmNlLmUt" + + "Z292ZXJubWVudC5ndi5hdC9uYW1lc3BhY2UvcGVyc29uZGF0YS8yMDAyMDIyOCMiIHhtbG5zOnNhbWw9InVybjpvYX" + + "NpczpuYW1lczp0YzpTQU1MOjEuMDphc3NlcnRpb24iIHhtbG5zOnNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hN" + + "TFNjaGVtYS1pbnN0YW5jZSI+Cgk8c2FtbDpBdHRyaWJ1dGVTdGF0ZW1lbnQ+CgkJPHNhbWw6U3ViamVjdD4KCQkJPH" + + "NhbWw6U3ViamVjdENvbmZpcm1hdGlvbj4KCQkJCTxzYW1sOkNvbmZpcm1hdGlvbk1ldGhvZD51cm46b2FzaXM6bmFt" + + "ZXM6dGM6U0FNTDoxLjA6Y206c2VuZGVyLXZvdWNoZXM8L3NhbWw6Q29uZmlybWF0aW9uTWV0aG9kPgoJCQkJPHNhbW" + + "w6U3ViamVjdENvbmZpcm1hdGlvbkRhdGE+CgkJCQkJPHByOlBlcnNvbiBzaTp0eXBlPSJwcjpQaHlzaWNhbFBlcnNv" + + "blR5cGUiPjxwcjpJZGVudGlmaWNhdGlvbj48cHI6VmFsdWU+UlV4SFFWUmxjM1JRUWpCWVdGakZrSHBudzd4eVgxaF" + + "lXRlREdkhwbGE4T25hUT09PC9wcjpWYWx1ZT48cHI6VHlwZT51cm46cHVibGljaWQ6Z3YuYXQ6YmFzZWlkPC9wcjpU" + + "eXBlPjwvcHI6SWRlbnRpZmljYXRpb24+PHByOk5hbWU+PHByOkdpdmVuTmFtZT5YWFjFkHonZ8O8cjwvcHI6R2l2ZW" + + "5OYW1lPjxwcjpGYW1pbHlOYW1lIHByaW1hcnk9InVuZGVmaW5lZCI+WFhYVMO8emVrw6dpPC9wcjpGYW1pbHlOYW1l" + + "PjwvcHI6TmFtZT48cHI6RGF0ZU9mQmlydGg+MTk3My0wNi0wNDwvcHI6RGF0ZU9mQmlydGg+PC9wcjpQZXJzb24+Cg" + + "kJCQk8L3NhbWw6U3ViamVjdENvbmZpcm1hdGlvbkRhdGE+CgkJCTwvc2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uPgoJ" + + "CTwvc2FtbDpTdWJqZWN0PgoJCTxzYW1sOkF0dHJpYnV0ZSBBdHRyaWJ1dGVOYW1lPSJDaXRpemVuUHVibGljS2V5Ii" + + "BBdHRyaWJ1dGVOYW1lc3BhY2U9InVybjpwdWJsaWNpZDpndi5hdDpuYW1lc3BhY2VzOmlkZW50aXR5bGluazoxLjIi" + + "PjxzYW1sOkF0dHJpYnV0ZVZhbHVlPjxkc2lnOlJTQUtleVZhbHVlPjxkc2lnOk1vZHVsdXM+L1VLUkZIYkFhRWtnVm" + + "RnTTFTRE9KaldIcUszN3JKWVN0UHF0VVh6bzlWTm9yTzgzWW95emE5YjBkcDdtdVM4b2paMjRZRVBMUUZ3WQpCSVpk" + + "bTROSHJBNXZsVlZrRGV1Qng2bVRwRXBldTdkMkUzd3VZbVFXTjQxUXhWajZPcFhvSHRzek9jajd1Rm9mem1SR09PVU" + + "IzNUxDCkg2QzBMTFpJNTU5a3BPbmFxa2RLbU83dnduYVE0eTEwcHpCdjJ3U3BTZnY0djlIV3NCYUYxUWtYNmlmQ3lB" + + "bklLS3FKczR6S1RuK2EKR0kvS0FKOXdoam9GQk9yd1MzTlFpK1ZSVGxPYTdKdHdxeHBJZUYrT3c0R2wzaWdVb2szaG" + + "tsYlUyeElYcG5VeXNQYWhqUTBMNm5ORApZVHVmUC9jRmxrNWkvR1BZdmtONjJHd0Z4Rko1bDBoL1A3QWtJaCtWZmRC" + + "L0Q3SFVYaC9PV2dmek9MK2ZFRGdiL1dHM1BNenlObVFNCm5QQkdQb21hdGFOREtla0hhNUYwOUxFUHR5L0ZwMDUxLz" + + "FEUTZUMXhzamZ5ZG11aVZsWDZIRUZqZjFkYmQ4cUtGRm5TQ3NxRHBQdUQKR0hNcStKS0lmN25HQWtYSWxraTA1Nzd1" + + "bzM0MmxaeHBUVlRGVkFGdkJHS0Z6azNlQzMyT0NwOUo8L2RzaWc6TW9kdWx1cz48ZHNpZzpFeHBvbmVudD5BUUFCPC" + + "9kc2lnOkV4cG9uZW50PjwvZHNpZzpSU0FLZXlWYWx1ZT48L3NhbWw6QXR0cmlidXRlVmFsdWU+PC9zYW1sOkF0dHJp" + + "YnV0ZT48c2FtbDpBdHRyaWJ1dGUgQXR0cmlidXRlTmFtZT0iQ2l0aXplblB1YmxpY0tleSIgQXR0cmlidXRlTmFtZX" + + "NwYWNlPSJ1cm46cHVibGljaWQ6Z3YuYXQ6bmFtZXNwYWNlczppZGVudGl0eWxpbms6MS4yIj48c2FtbDpBdHRyaWJ1" + + "dGVWYWx1ZT48ZHNpZzpSU0FLZXlWYWx1ZT48ZHNpZzpNb2R1bHVzPnlQWGJhcEZhYXBycWlmVXVJaUxzR0FMaVdTTG" + + "RsUGNRN0VGZGZ5UzM0RVNJNGEyQnMwbUxTbm5FY1djeHJjWlgzcmxJUXBKaklwb1UKQStSRG9sNVBrU3BoSENMNkl2" + + "SVFNZmtreEg1Z0s2akN6VFNWOVJFVm1xUlRFMXNxUmNCUUduRFlwMjZwSFFoYzBHSG13NnVqeCtQTwp1dlE2Mm9hUU" + + "lxUXZ0T2ZLWFBReXlXTDE5clhXOTcrRUcweTBLd2VpOHRWY01uamJ5ZEtNL3Z5d01Fb3FFcU1mMEYrR0tjd3A3ZW50" + + "ClpzcnVEVEgrY0tJYnBXdUpLZzAwVUhraG45QWZkYlBXdzZWOWUrQmhxU0lYcTBoaEhmSkNBdzZwWXVYaVY2dE9ESl" + + "BGdnUxN1diQnQKV3B1ejJOR1RMU3Y3NXJlaklCa09TMk5MS0FmV3JhVmhUaDY3Vnc9PTwvZHNpZzpNb2R1bHVzPjxk" + + "c2lnOkV4cG9uZW50PkFRQUI8L2RzaWc6RXhwb25lbnQ+PC9kc2lnOlJTQUtleVZhbHVlPjwvc2FtbDpBdHRyaWJ1dG" + + "VWYWx1ZT48L3NhbWw6QXR0cmlidXRlPgoJPC9zYW1sOkF0dHJpYnV0ZVN0YXRlbWVudD4KPGRzaWc6U2lnbmF0dXJl" + + "IHhtbG5zOmRzaWc9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyMiPjxkc2lnOlNpZ25lZEluZm8+PG" + + "RzaWc6Q2Fub25pY2FsaXphdGlvbk1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMTAveG1s" + + "LWV4Yy1jMTRuIyIvPjxkc2lnOlNpZ25hdHVyZU1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMD" + + "AvMDkveG1sZHNpZyNyc2Etc2hhMSIvPjxkc2lnOlJlZmVyZW5jZSBVUkk9IiI+PGRzaWc6VHJhbnNmb3Jtcz48ZHNp" + + "ZzpUcmFuc2Zvcm0gQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy9UUi8xOTk5L1JFQy14cGF0aC0xOTk5MTExNi" + + "I+PGRzaWc6WFBhdGg+bm90KGFuY2VzdG9yLW9yLXNlbGY6OnByOklkZW50aWZpY2F0aW9uKTwvZHNpZzpYUGF0aD48" + + "L2RzaWc6VHJhbnNmb3JtPjxkc2lnOlRyYW5zZm9ybSBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMD" + + "kveG1sZHNpZyNlbnZlbG9wZWQtc2lnbmF0dXJlIi8+PC9kc2lnOlRyYW5zZm9ybXM+PGRzaWc6RGlnZXN0TWV0aG9k" + + "IEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnI3NoYTEiLz48ZHNpZzpEaWdlc3RWYW" + + "x1ZT43TmZyRUJKZGw4NTRyZG1BaDFjdFEyWDdXTWM9PC9kc2lnOkRpZ2VzdFZhbHVlPjwvZHNpZzpSZWZlcmVuY2U+" + + "PGRzaWc6UmVmZXJlbmNlIFR5cGU9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNNYW5pZmVzdCIgVV" + + "JJPSIjbWFuaWZlc3QiPjxkc2lnOkRpZ2VzdE1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAv" + + "MDkveG1sZHNpZyNzaGExIi8+PGRzaWc6RGlnZXN0VmFsdWU+aGZnOHphM21ZcXU1UVNiVXpYSHhEZTUvU05FPTwvZH" + + "NpZzpEaWdlc3RWYWx1ZT48L2RzaWc6UmVmZXJlbmNlPjwvZHNpZzpTaWduZWRJbmZvPjxkc2lnOlNpZ25hdHVyZVZh" + + "bHVlPm11V2IzOVRhZ0NkM053V2N1NWlrRUp1SnBaZG5lZFJEY2RtMTdJWnYrT0VWRXRxeWxSdXIvd1g2QUdVQ1UvUF" + + "UKWm5DdWROR1ZwQ0hMWXpIaXBONWM4b2JtbmhsbElOb1NFTk81b3Y1amlNb05Lb2RBZXhKSU42bVpPREJkL1RtVApt" + + "NzBWaVd5ckdVTGJJWWwvd2hsdjFsZ2EzSjhjeDhLU29QejhTd05MMnF3VWoydG8vQWhnNGtjSmxxT3MyNVlNCk5YL3" + + "dhSW53NkRSN05HQ0pvRStaWlNwcEh3d1FtNnYrOUhZOUU4NnNlQkFBUHhJOU0xako0WldiMzI5akZ0aUEKcXZiOHM2" + + "anhyMmxsOHVWYWdxWENZaFg5K1dOUXdheXFZTCtPdzhPcGxVem9OMVRpS2hSbVFLWkl3S1lDMVo4eQpLK3ZqQWxRTz" + + "JhT05zNEhVaG9SNmQyNmUvTVUxZmJlWEhxVHpyZmI5R1hXSHl0dFRkanhiemtaQTFGODJsUUZvCjUrVnpjTUhRUmc3" + + "c0RKODY1Wk1zM3BwY2VoLzlaU2ZvT2Y1SFlEUFl1V2VjT0RpZ1pRWVh0TVlwdVBRVGsrQ20KczlaSkd6QlYybGVtZk" + + "5DOVFVNzh0Zm42cDFVWnJTTG5zWGFYbVVjOEVjNTNQaUhBT3Z6blh0QjVjRW5hV2daMgp1TGVGOEtTUmw2SjBlTlE5" + + "SkRQZ1NOMHNmYWxiVkNkaENUTlFtclJ0T2pVZjNlN3UzeElNelJ1Zm4wb2o2SHRwCnQzaEVESFhuSS9kTk1scHBSSX" + + "l4cGQxbFo5bXJYZklLcnJMZVdxdGd3cFB1OTRoVUhRL2VKejFrMy9IM0h6M2QKWkR4dkFFYzNTRERkb1FXeS9HUGZp" + + "cXNwRWZjbGd0SkNKQ2E4L2t2dTdSVT08L2RzaWc6U2lnbmF0dXJlVmFsdWU+PGRzaWc6S2V5SW5mbz48ZHNpZzpYNT" + + "A5RGF0YT48ZHNpZzpYNTA5Q2VydGlmaWNhdGU+TUlJRlpEQ0NBMHlnQXdJQkFnSUpBSmF2K3plcVUvRE1NQTBHQ1Nx" + + "R1NJYjNEUUVCQ3dVQU1Gd3hDekFKQmdOVgpCQVlUQWtGVU1RMHdDd1lEVlFRS0V3UkZSMGxhTVJZd0ZBWURWUVFMRX" + + "cxVGIyWjBkMkZ5WlVOaGNtUnpNU1l3CkpBWURWUVFERkIxVVpYTjBYMU52Wm5SM1lYSmxZMkZ5WkhOZlNVUk1YMU5w" + + "WjI1bGNqQWVGdzB4TmpFd01UZ3gKTURNNU1EZGFGdzB4T1RBM01UUXhNRE01TURkYU1Gd3hDekFKQmdOVkJBWVRBa0" + + "ZVTVEwd0N3WURWUVFLRXdSRgpSMGxhTVJZd0ZBWURWUVFMRXcxVGIyWjBkMkZ5WlVOaGNtUnpNU1l3SkFZRFZRUURG" + + "QjFVWlhOMFgxTnZablIzCllYSmxZMkZ5WkhOZlNVUk1YMU5wWjI1bGNqQ0NBaUl3RFFZSktvWklodmNOQVFFQkJRQU" + + "RnZ0lQQURDQ0Fnb0MKZ2dJQkFMa0xndCtNRlR4TGZSemNFSVowYnljSUZnN2cvSFBON1FXSVo2N2JIenJiNmVoZWJ6" + + "RjlWaW56RFpYQwprZktXZFVKYmtOU3VXS1dycDJYNjJmN29HaGRxSzB5RmMrRGxvK09wSURnUWlXQ3BCZktKbzhjUF" + + "dzaUFtTnVUCnhXVmFnVTVmYUkxaDd4dnZPVk15YldlOTJuaXZmcUxPdUV4Nld2WC9Vb0lhd1JIVjJWbVBHRmdab2NN" + + "NUcwWDYKYlVWRXBxeEFhM3FPSWxScjBwb0IrUkEwUEE4NmhScFJZYWwvT3I5M0Q4QmZRSDVsOHpWOVFjdlBlL0tlSl" + + "NwSgpIZ0dXbUVzNTkzTHROdUExUnYxaURwdXUxMHk3QzJGZU1CdmNVcFJrUjdXQWo3dklZVnRRSUxYQ2gxRmhmTjFi" + + "CkhnNnhMVlR5c2hsZ1VuN0FSUUpZb0ozdG9nZEdhbURSbG5LVTJyWE45ajg4VHc2ZkFkY0N2V2JXVnRqeThwTmoKV0" + + "xrVkpNbEZXZGZPNi81TEF2YTFIeFJPTWhGeDdRT1BoT3plbWV0Q3RUMmZJNEZUQWs5VnlmOXdUVVFPTDhzcQpLNzN0" + + "MUE0MTlsWVM4V3VVQ3pIRHhMdWpMaVR1d29JVWd6TU4vYnFNRVpyb2dQTFkyS2o0dm1aTVo0Z1UyUFU3Cll3K1hmYW" + + "5nMysveUsxZ1lORWVicGR2UGk4U1ZVQW51cy9DZm1kd2RuOU8vbmFXaUJwamMwNkdKdk1iZWdqeHcKb1BCTTVjMFNr" + + "Q1I1eENheWdaTDJPQnBSTUtnZGZyazRrMHBqNVpVbSttdHJPR29qdFJaSkVaUUNCcFZQazF5RAozTDQvWjRBWm9mT2" + + "84ZFNrVVIreEpOMG9LbklkZm5kdkJ4TkY0c3hZNEl3T3ZGUnJBZ01CQUFHaktUQW5NQWtHCkExVWRFd1FDTUFBd0N3" + + "WURWUjBQQkFRREFnV2dNQTBHQnlvb0FBb0JCd0VFQWdVQU1BMEdDU3FHU0liM0RRRUIKQ3dVQUE0SUNBUUJjRUQ3dE" + + "U4cW1Bd0ZCZGh5b3oxRDh5b2RFWm1tZFhad2tzQS9rSStvKzV3UXM2WS9xdnc3agorZUJ2bGN0eVhDWFdoMWVGZWIv" + + "RmFpQTVDcG9hazhOYy9vWTdUL3lCajVnZktIbE5xVlQxb3dhQmtIc0VZTUJ2CmFVWHh5RENibkZNem5KZmt4amJ2Rm" + + "JRZGQxaGNlSmh0OER4K2lrcEI2TUpIcUhJRXJ5MFdXZ2YzSmRONVBFcnIKQVRuZGpCRTRCYVRaMnE2c0N2K1NkSzYw" + + "TWswbVlBNmw2blNDOWVCOEc5QzRiQTFjUUVPdTYrRlBtRnpTa2lJRgp0ZW1BMXRqUW5oeEtaWmlnenhJTjNFUUFucS" + + "8yM2pmK0NreEF0NUdrcFVqcUY1YnFLSTFuZXJKT2duNEptNWo2CnNQWkdwR2xsekhMQmF5YmZZNjNBejRzRVJDMjhP" + + "bHFGdzF2eFFzNGhXSVdOV0VBTUYzT3o0K3BZZzRPSUloNUMKTnIxYXFKZ3NzV2ZPWnJYMktTejJ2cXJab1U2N3pxOD" + + "RNUWNKVFNtZ0tWQmI5T25yQzV0WW41WVZVbHlkUFBqcgpVbTBpSGxXQzBNRmlJZ1N6eDZUaTJIblBnYzBVSHNBNklw" + + "U1RvK1V1ZllZTkRpRkNzc1JidTRyMC9TeXE0TVAzCmdoWVhkUDlUajBGSVN6MlR2TTZZUWZ6SGVqOTRiWmNWTnduRj" + + "RwV0VuR1p0QmJOVnZKUnc5aUpISGtEV0xpWU0KMUI3M3pzNytwQThZZ0txRXhESFhjMVNob3U1SHZTdVRYU21hVE1V" + + "SHJDa2hvdEhmcHFZaHJKaUFtSitPZnROdgo2b3hNUGZOaFpnMDFlT290bTFKK1dWMm1KYmdjUFROU0MxT05jU0ZkUT" + + "V2WlpMTDI0SjJIY3c9PTwvZHNpZzpYNTA5Q2VydGlmaWNhdGU+PC9kc2lnOlg1MDlEYXRhPjwvZHNpZzpLZXlJbmZv" + + "Pjxkc2lnOk9iamVjdD48ZHNpZzpNYW5pZmVzdCBJZD0ibWFuaWZlc3QiPjxkc2lnOlJlZmVyZW5jZSBVUkk9IiI+PG" + + "RzaWc6VHJhbnNmb3Jtcz48ZHNpZzpUcmFuc2Zvcm0gQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy9UUi8xOTk5" + + "L1JFQy14cGF0aC0xOTk5MTExNiI+PGRzaWc6WFBhdGggeG1sbnM6ZHNpZz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC" + + "8wOS94bWxkc2lnIyI+bm90KGFuY2VzdG9yLW9yLXNlbGY6OmRzaWc6U2lnbmF0dXJlKTwvZHNpZzpYUGF0aD48L2Rz" + + "aWc6VHJhbnNmb3JtPjwvZHNpZzpUcmFuc2Zvcm1zPjxkc2lnOkRpZ2VzdE1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly" + + "93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNzaGExIi8+PGRzaWc6RGlnZXN0VmFsdWU+QXN4VHprWmRBWUM0U0s1" + + "cTh5c0pLVDd5ZHVRPTwvZHNpZzpEaWdlc3RWYWx1ZT48L2RzaWc6UmVmZXJlbmNlPjwvZHNpZzpNYW5pZmVzdD48L2" + + "RzaWc6T2JqZWN0PjwvZHNpZzpTaWduYXR1cmU+PC9zYW1sOkFzc2VydGlvbj4="; protected IAttributeGenerator<String> gen = new SimpleStringAttributeGenerator(); protected static DummySpConfiguration spConfig = null; @@ -132,12 +133,10 @@ public abstract class AbstractAttributeBuilderTest { private static final Map<String, String> spConfigMap = new HashMap<>(); private static final TestRequestImpl pendingReq = new TestRequestImpl(); - - /** * jUnit class initializer. * - * @throws EaafParserException In case of an error + * @throws EaafParserException In case of an error * @throws EaafStorageException In case of an error */ @BeforeClass @@ -153,7 +152,6 @@ public abstract class AbstractAttributeBuilderTest { new ByteArrayInputStream(Base64Utils.decode(DUMMY_IDL_2.getBytes()))).parseIdentityLink()); pendingReq.setRawDataToTransaction(sessionStore); - } protected void putIntoSpConfigMap(final String key, final String value) { diff --git a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/auth/attributes/BirthdayAttrBuilderTest.java b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/auth/attributes/BirthdayAttrBuilderTest.java index 7be691d2..21cf71a9 100644 --- a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/auth/attributes/BirthdayAttrBuilderTest.java +++ b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/auth/attributes/BirthdayAttrBuilderTest.java @@ -9,7 +9,7 @@ import org.junit.runner.RunWith; import org.springframework.test.context.ContextConfiguration; import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; -import at.gv.egiz.eaaf.core.api.data.PVPAttributeDefinitions; +import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions; import at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder; import at.gv.egiz.eaaf.core.api.idp.IAuthData; import at.gv.egiz.eaaf.core.impl.idp.builder.attributes.BirthdateAttributeBuilder; @@ -27,7 +27,7 @@ public class BirthdayAttrBuilderTest extends AbstractAttributeBuilderTest { final String value = attrBuilde.build(spConfig, authData, gen); final DateFormat format = - new SimpleDateFormat(PVPAttributeDefinitions.BIRTHDATE_FORMAT_PATTERN); + new SimpleDateFormat(PvpAttributeDefinitions.BIRTHDATE_FORMAT_PATTERN); Assert.assertEquals("Birthday does NOT match", authData.getDateOfBirth(), format.parse(value)); diff --git a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/auth/attributes/FamilyNameAttrBuilderTest.java b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/auth/attributes/FamilyNameAttrBuilderTest.java index ea3c12dd..f9abb0d3 100644 --- a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/auth/attributes/FamilyNameAttrBuilderTest.java +++ b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/auth/attributes/FamilyNameAttrBuilderTest.java @@ -7,7 +7,7 @@ import org.junit.runner.RunWith; import org.springframework.test.context.ContextConfiguration; import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; -import at.gv.egiz.eaaf.core.api.data.PVPAttributeDefinitions; +import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions; import at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder; import at.gv.egiz.eaaf.core.api.idp.IAuthData; import at.gv.egiz.eaaf.core.exceptions.UnavailableAttributeException; @@ -47,7 +47,7 @@ public class FamilyNameAttrBuilderTest extends AbstractAttributeBuilderTest { Assert.assertTrue("Attr. builder provide wrong exception", e instanceof UnavailableAttributeException); Assert.assertEquals("Attr. name in exception does NOT match", - PVPAttributeDefinitions.PRINCIPAL_NAME_NAME, + PvpAttributeDefinitions.PRINCIPAL_NAME_NAME, ((UnavailableAttributeException) e).getAttributeName()); } @@ -67,7 +67,7 @@ public class FamilyNameAttrBuilderTest extends AbstractAttributeBuilderTest { Assert.assertTrue("Attr. builder provide wrong exception", e instanceof UnavailableAttributeException); Assert.assertEquals("Attr. name in exception does NOT match", - PVPAttributeDefinitions.PRINCIPAL_NAME_NAME, + PvpAttributeDefinitions.PRINCIPAL_NAME_NAME, ((UnavailableAttributeException) e).getAttributeName()); } diff --git a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/auth/attributes/GivenNameAttrBuilderTest.java b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/auth/attributes/GivenNameAttrBuilderTest.java index 62324491..eb48ce21 100644 --- a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/auth/attributes/GivenNameAttrBuilderTest.java +++ b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/auth/attributes/GivenNameAttrBuilderTest.java @@ -7,7 +7,7 @@ import org.junit.runner.RunWith; import org.springframework.test.context.ContextConfiguration; import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; -import at.gv.egiz.eaaf.core.api.data.PVPAttributeDefinitions; +import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions; import at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder; import at.gv.egiz.eaaf.core.api.idp.IAuthData; import at.gv.egiz.eaaf.core.exceptions.UnavailableAttributeException; @@ -47,7 +47,7 @@ public class GivenNameAttrBuilderTest extends AbstractAttributeBuilderTest { Assert.assertTrue("Attr. builder provide wrong exception", e instanceof UnavailableAttributeException); Assert.assertEquals("Attr. name in exception does NOT match", - PVPAttributeDefinitions.GIVEN_NAME_NAME, + PvpAttributeDefinitions.GIVEN_NAME_NAME, ((UnavailableAttributeException) e).getAttributeName()); } @@ -67,7 +67,7 @@ public class GivenNameAttrBuilderTest extends AbstractAttributeBuilderTest { Assert.assertTrue("Attr. builder provide wrong exception", e instanceof UnavailableAttributeException); Assert.assertEquals("Attr. name in exception does NOT match", - PVPAttributeDefinitions.GIVEN_NAME_NAME, + PvpAttributeDefinitions.GIVEN_NAME_NAME, ((UnavailableAttributeException) e).getAttributeName()); } diff --git a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/module/test/DummyConfiguration.java b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/module/test/DummyConfiguration.java index 185e1d27..dd3976dd 100644 --- a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/module/test/DummyConfiguration.java +++ b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/module/test/DummyConfiguration.java @@ -3,8 +3,9 @@ package at.gv.egiz.eaaf.core.impl.idp.module.test; import java.net.URI; import java.net.URL; import java.util.Map; + import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP; -import at.gv.egiz.eaaf.core.api.idp.IspConfiguration; +import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration; import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException; import at.gv.egiz.eaaf.core.exceptions.EaafException; import at.gv.egiz.eaaf.core.impl.idp.auth.builder.AbstractAuthenticationDataBuilder; @@ -32,7 +33,7 @@ public class DummyConfiguration implements IConfigurationWithSP { } @Override - public IspConfiguration getServiceProviderConfiguration(final String uniqueID) + public ISpConfiguration getServiceProviderConfiguration(final String uniqueID) throws EaafConfigurationException { // TODO Auto-generated method stub return null; @@ -78,7 +79,6 @@ public class DummyConfiguration implements IConfigurationWithSP { } - return false; } diff --git a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/module/test/DummyProtocolAuthService.java b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/module/test/DummyProtocolAuthService.java index 87f2bcb6..300a390d 100644 --- a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/module/test/DummyProtocolAuthService.java +++ b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/module/test/DummyProtocolAuthService.java @@ -17,7 +17,6 @@ public class DummyProtocolAuthService implements IProtocolAuthenticationService private Throwable exception; private boolean writeToStatisticLog; - @Override public void performAuthentication(final HttpServletRequest req, final HttpServletResponse resp, final IRequest pendingReq) throws IOException, EaafException { @@ -78,6 +77,4 @@ public class DummyProtocolAuthService implements IProtocolAuthenticationService return writeToStatisticLog; } - - } diff --git a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/module/test/TestRequestImpl.java b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/module/test/TestRequestImpl.java index ad80d3ad..8b2dc419 100644 --- a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/module/test/TestRequestImpl.java +++ b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/module/test/TestRequestImpl.java @@ -23,11 +23,13 @@ import java.io.Serializable; import java.lang.reflect.InvocationTargetException; import java.util.HashMap; import java.util.Map; + +import org.apache.commons.lang3.StringUtils; + import at.gv.egiz.eaaf.core.api.IRequest; -import at.gv.egiz.eaaf.core.api.idp.IspConfiguration; +import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration; import at.gv.egiz.eaaf.core.exceptions.EaafStorageException; import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper; -import org.apache.commons.lang3.StringUtils; /** * Test pending-request for jUnit tests. @@ -37,8 +39,9 @@ import org.apache.commons.lang3.StringUtils; */ public class TestRequestImpl implements IRequest { + private static final long serialVersionUID = 3000578812622938236L; private String processInstanceID = null; - private IspConfiguration spConfig = null; + private ISpConfiguration spConfig = null; private final Map<String, Object> storage = new HashMap<>(); private String transactionId = null; private String pendingReqId = null; @@ -93,7 +96,8 @@ public class TestRequestImpl implements IRequest { /* * (non-Javadoc) * - * @see at.gv.egovernment.moa.id.moduls.IRequest#getGenericData(java.lang.String) + * @see + * at.gv.egovernment.moa.id.moduls.IRequest#getGenericData(java.lang.String) */ @Override public Object getRawData(final String key) { @@ -103,18 +107,20 @@ public class TestRequestImpl implements IRequest { /* * (non-Javadoc) * - * @see at.gv.egovernment.moa.id.moduls.IRequest#getGenericData(java.lang.String, java.lang.Class) + * @see + * at.gv.egovernment.moa.id.moduls.IRequest#getGenericData(java.lang.String, + * java.lang.Class) */ @Override public <T> T getRawData(final String key, final Class<T> clazz) { return (T) storage.get(key); } - /* * (non-Javadoc) * - * @see at.gv.egovernment.moa.id.moduls.IRequest#getUniqueTransactionIdentifier() + * @see + * at.gv.egovernment.moa.id.moduls.IRequest#getUniqueTransactionIdentifier() */ @Override public String getUniqueTransactionIdentifier() { @@ -192,7 +198,9 @@ public class TestRequestImpl implements IRequest { /* * (non-Javadoc) * - * @see at.gv.egovernment.moa.id.moduls.IRequest#setNeedSingleSignOnFunctionality(boolean) + * @see + * at.gv.egovernment.moa.id.moduls.IRequest#setNeedSingleSignOnFunctionality( + * boolean) */ @Override public void setNeedSingleSignOnFunctionality(final boolean needSso) { @@ -316,7 +324,7 @@ public class TestRequestImpl implements IRequest { } @Override - public IspConfiguration getServiceProviderConfiguration() { + public ISpConfiguration getServiceProviderConfiguration() { return spConfig; } @@ -326,9 +334,7 @@ public class TestRequestImpl implements IRequest { return (T) spConfig; } - - - public void setSpConfig(final IspConfiguration spConfig) { + public void setSpConfig(final ISpConfiguration spConfig) { this.spConfig = spConfig; } @@ -371,6 +377,4 @@ public class TestRequestImpl implements IRequest { this.needAuthentication = needAuthentication; } - - } diff --git a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/process/spring/test/DummyTransactionStorage.java b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/process/spring/test/DummyTransactionStorage.java index cc1d57cd..fb326eba 100644 --- a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/process/spring/test/DummyTransactionStorage.java +++ b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/process/spring/test/DummyTransactionStorage.java @@ -23,15 +23,18 @@ import java.util.ArrayList; import java.util.Date; import java.util.Iterator; import java.util.List; + import javax.sql.DataSource; -import at.gv.egiz.eaaf.core.api.storage.ITransactionStorage; -import at.gv.egiz.eaaf.core.exceptions.EaafException; + import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import at.gv.egiz.eaaf.core.api.storage.ITransactionStorage; +import at.gv.egiz.eaaf.core.exceptions.EaafException; + /** - * Dummy DataSource implementation for convenience in test cases where a database connection will - * never actually be acquired. + * Dummy DataSource implementation for convenience in test cases where a + * database connection will never actually be acquired. * * @see DataSource * @author Chris Beams @@ -40,7 +43,6 @@ public class DummyTransactionStorage implements ITransactionStorage { private static final Logger log = LoggerFactory.getLogger(DummyTransactionStorage.class); - public class DummyDbEntry { public DummyDbEntry(final String key, final Object value) { this.obj = value; @@ -69,8 +71,6 @@ public class DummyTransactionStorage implements ITransactionStorage { private final ArrayList<DummyDbEntry> ds = new ArrayList<>(); - - @Override public boolean containsKey(final String key) { // TODO Auto-generated method stub @@ -114,7 +114,7 @@ public class DummyTransactionStorage implements ITransactionStorage { } try { @SuppressWarnings("unchecked") - final T test = (clazz.cast(o.getObj())); + final T test = clazz.cast(o.getObj()); return test; } catch (final Exception e) { @@ -182,5 +182,4 @@ public class DummyTransactionStorage implements ITransactionStorage { // // } - } diff --git a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/process/spring/test/ExpressionContextAdapter.java b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/process/spring/test/ExpressionContextAdapter.java index c00cc628..fff256bf 100644 --- a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/process/spring/test/ExpressionContextAdapter.java +++ b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/process/spring/test/ExpressionContextAdapter.java @@ -19,15 +19,16 @@ package at.gv.egiz.eaaf.core.impl.idp.process.spring.test; - import java.io.Serializable; import java.util.Collections; import java.util.HashMap; import java.util.Map; + import at.gv.egiz.eaaf.core.api.idp.process.ExpressionEvaluationContext; /** - * Adapter class for {@link ExpressionEvaluationContext}. Intended to be used for testing purposes. + * Adapter class for {@link ExpressionEvaluationContext}. Intended to be used + * for testing purposes. * * @author tknall * @@ -40,11 +41,12 @@ public class ExpressionContextAdapter implements ExpressionEvaluationContext { Collections.synchronizedMap(new HashMap<String, Serializable>()); /** - * Returns a certain {@link Serializable} object associated with a certain {@code key}. + * Returns a certain {@link Serializable} object associated with a certain + * {@code key}. * * @param key The key. - * @return The object or {@code null} if no object was found stored with that key or if a - * {@code null} value was stored. + * @return The object or {@code null} if no object was found stored with that + * key or if a {@code null} value was stored. */ Serializable get(final String key) { return ctxData.get(key); @@ -53,7 +55,7 @@ public class ExpressionContextAdapter implements ExpressionEvaluationContext { /** * Stores a {@link Serializable} with a certain {@code key}. * - * @param key The key. + * @param key The key. * @param object The object. */ void put(final String key, final Serializable object) { diff --git a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/process/spring/test/SimplePojo.java b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/process/spring/test/SimplePojo.java index 28dc57b4..96576b2d 100644 --- a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/process/spring/test/SimplePojo.java +++ b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/process/spring/test/SimplePojo.java @@ -22,7 +22,8 @@ package at.gv.egiz.eaaf.core.impl.idp.process.spring.test; import at.gv.egiz.eaaf.core.api.idp.process.ExpressionEvaluator; /** - * A dummy pojo used to test {@link ExpressionEvaluator} with Spring EL referencing Spring beans. + * A dummy pojo used to test {@link ExpressionEvaluator} with Spring EL + * referencing Spring beans. * * @author tknall * diff --git a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/process/spring/test/SpringExpressionAwareProcessEngineTest.java b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/process/spring/test/SpringExpressionAwareProcessEngineTest.java index 1d139b5e..23d99837 100644 --- a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/process/spring/test/SpringExpressionAwareProcessEngineTest.java +++ b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/process/spring/test/SpringExpressionAwareProcessEngineTest.java @@ -23,8 +23,18 @@ import static at.gv.egiz.eaaf.core.impl.idp.process.ProcessInstanceState.NOT_STA import static at.gv.egiz.eaaf.core.impl.idp.process.ProcessInstanceState.SUSPENDED; import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertNotNull; + import java.io.IOException; import java.io.InputStream; + +import org.junit.Before; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.context.ApplicationContext; +import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; + import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; import at.gv.egiz.eaaf.core.api.idp.process.ProcessEngine; import at.gv.egiz.eaaf.core.exceptions.ProcessExecutionException; @@ -33,17 +43,10 @@ import at.gv.egiz.eaaf.core.impl.idp.process.ProcessDefinitionParserException; import at.gv.egiz.eaaf.core.impl.idp.process.ProcessEngineImpl; import at.gv.egiz.eaaf.core.impl.idp.process.ProcessInstance; import at.gv.egiz.eaaf.core.impl.idp.process.spring.SpringExpressionEvaluator; -import org.junit.Before; -import org.junit.Test; -import org.junit.runner.RunWith; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.context.ApplicationContext; -import org.springframework.test.context.ContextConfiguration; -import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; /** - * Tests the process engine using processes based on Spring EL referencing the process context and - * further Spring beans. + * Tests the process engine using processes based on Spring EL referencing the + * process context and further Spring beans. * * @author tknall * @@ -62,8 +65,8 @@ public class SpringExpressionAwareProcessEngineTest { /** * jUnit test set-up. * - * @throws IOException in case of an error - * @throws ProcessDefinitionParserException in case of an error + * @throws IOException in case of an error + * @throws ProcessDefinitionParserException in case of an error */ @Before public void init() throws IOException, ProcessDefinitionParserException { @@ -100,7 +103,6 @@ public class SpringExpressionAwareProcessEngineTest { ProcessInstance pi = pe.getProcessInstance(piId); assertEquals(NOT_STARTED, pi.getState()); - // start process req.setProcessInstanceID(piId); pe.start(req); @@ -157,8 +159,6 @@ public class SpringExpressionAwareProcessEngineTest { } - - } } diff --git a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/process/spring/test/SpringExpressionEvaluatorTest.java b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/process/spring/test/SpringExpressionEvaluatorTest.java index 5697365e..26e2e17b 100644 --- a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/process/spring/test/SpringExpressionEvaluatorTest.java +++ b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/process/spring/test/SpringExpressionEvaluatorTest.java @@ -21,7 +21,7 @@ package at.gv.egiz.eaaf.core.impl.idp.process.spring.test; import static org.junit.Assert.assertFalse; import static org.junit.Assert.assertTrue; -import at.gv.egiz.eaaf.core.api.idp.process.ExpressionEvaluator; + import org.junit.Before; import org.junit.Test; import org.junit.runner.RunWith; @@ -29,9 +29,11 @@ import org.springframework.beans.factory.annotation.Autowired; import org.springframework.test.context.ContextConfiguration; import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; +import at.gv.egiz.eaaf.core.api.idp.process.ExpressionEvaluator; + /** - * Tests the {@link ExpressionEvaluator} using a Spring EL based implementation capable of - * dereferencing Spring beans. + * Tests the {@link ExpressionEvaluator} using a Spring EL based implementation + * capable of dereferencing Spring beans. * * @author tknall * diff --git a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/process/spring/test/task/CreateSaml1AssertionTask.java b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/process/spring/test/task/CreateSaml1AssertionTask.java index c699f093..f29fa265 100644 --- a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/process/spring/test/task/CreateSaml1AssertionTask.java +++ b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/process/spring/test/task/CreateSaml1AssertionTask.java @@ -22,15 +22,17 @@ package at.gv.egiz.eaaf.core.impl.idp.process.spring.test.task; import java.io.IOException; import java.io.InputStream; import java.util.Objects; -import at.gv.egiz.eaaf.core.api.IRequest; -import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; -import at.gv.egiz.eaaf.core.api.idp.process.Task; -import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException; + import org.apache.commons.io.IOUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.stereotype.Service; +import at.gv.egiz.eaaf.core.api.IRequest; +import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; +import at.gv.egiz.eaaf.core.api.idp.process.Task; +import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException; + /** * A dummy task simulating the creation of a SAML1 assertion. * <p> @@ -61,11 +63,11 @@ public class CreateSaml1AssertionTask implements Task { public IRequest execute(final IRequest penReq, final ExecutionContext executionContext) throws TaskExecutionException { Objects.requireNonNull(executionContext.get("IdentityLink")); - assert (Boolean.TRUE - .equals(Objects.requireNonNull(executionContext.get("isIdentityLinkValidated")))); + assert Boolean.TRUE + .equals(Objects.requireNonNull(executionContext.get("isIdentityLinkValidated"))); Objects.requireNonNull(executionContext.get("SignedAuthBlock")); - assert (Boolean.TRUE - .equals(Objects.requireNonNull(executionContext.get("isSignedAuthBlockValidated")))); + assert Boolean.TRUE + .equals(Objects.requireNonNull(executionContext.get("isSignedAuthBlockValidated"))); log.debug("Using IdentityLink and signed auth block in order to create SAML1 assertion."); diff --git a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/process/spring/test/task/GetIdentityLinkTask.java b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/process/spring/test/task/GetIdentityLinkTask.java index 93fcf6db..b4f3d7c8 100644 --- a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/process/spring/test/task/GetIdentityLinkTask.java +++ b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/process/spring/test/task/GetIdentityLinkTask.java @@ -22,15 +22,17 @@ package at.gv.egiz.eaaf.core.impl.idp.process.spring.test.task; import java.io.IOException; import java.io.InputStream; import java.util.Objects; -import at.gv.egiz.eaaf.core.api.IRequest; -import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; -import at.gv.egiz.eaaf.core.api.idp.process.Task; -import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException; + import org.apache.commons.io.IOUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.stereotype.Service; +import at.gv.egiz.eaaf.core.api.IRequest; +import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; +import at.gv.egiz.eaaf.core.api.idp.process.Task; +import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException; + /** * A dummy task simulating the retrieval of an IdentityLink. * <p/> diff --git a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/process/spring/test/task/SelectBkuTask.java b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/process/spring/test/task/SelectBkuTask.java index a6e2ac2c..4d1edd53 100644 --- a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/process/spring/test/task/SelectBkuTask.java +++ b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/process/spring/test/task/SelectBkuTask.java @@ -19,13 +19,14 @@ package at.gv.egiz.eaaf.core.impl.idp.process.spring.test.task; -import at.gv.egiz.eaaf.core.api.IRequest; -import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; -import at.gv.egiz.eaaf.core.api.idp.process.Task; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.stereotype.Service; +import at.gv.egiz.eaaf.core.api.IRequest; +import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; +import at.gv.egiz.eaaf.core.api.idp.process.Task; + /** * A dummy task simulating a bku selection. * <p/> diff --git a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/process/spring/test/task/SignAuthBlockTask.java b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/process/spring/test/task/SignAuthBlockTask.java index 41beefc8..16c375c9 100644 --- a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/process/spring/test/task/SignAuthBlockTask.java +++ b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/process/spring/test/task/SignAuthBlockTask.java @@ -22,15 +22,17 @@ package at.gv.egiz.eaaf.core.impl.idp.process.spring.test.task; import java.io.IOException; import java.io.InputStream; import java.util.Objects; -import at.gv.egiz.eaaf.core.api.IRequest; -import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; -import at.gv.egiz.eaaf.core.api.idp.process.Task; -import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException; + import org.apache.commons.io.IOUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.stereotype.Service; +import at.gv.egiz.eaaf.core.api.IRequest; +import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; +import at.gv.egiz.eaaf.core.api.idp.process.Task; +import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException; + /** * A dummy task simulating the signature of an auth block. * <p/> @@ -62,8 +64,8 @@ public class SignAuthBlockTask implements Task { public IRequest execute(final IRequest penReq, final ExecutionContext executionContext) throws TaskExecutionException { Objects.requireNonNull(executionContext.get("IdentityLink")); - assert (Boolean.TRUE - .equals(Objects.requireNonNull(executionContext.get("isIdentityLinkValidated")))); + assert Boolean.TRUE + .equals(Objects.requireNonNull(executionContext.get("isIdentityLinkValidated"))); Objects.requireNonNull(executionContext.get("bkuURL")); log.debug("Using validated IdentityLink and bkuURL in order to sign auth block."); diff --git a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/process/spring/test/task/ValidateIdentityLinkTask.java b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/process/spring/test/task/ValidateIdentityLinkTask.java index 1a2cf5ee..be1bfb01 100644 --- a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/process/spring/test/task/ValidateIdentityLinkTask.java +++ b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/process/spring/test/task/ValidateIdentityLinkTask.java @@ -20,13 +20,15 @@ package at.gv.egiz.eaaf.core.impl.idp.process.spring.test.task; import java.util.Objects; -import at.gv.egiz.eaaf.core.api.IRequest; -import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; -import at.gv.egiz.eaaf.core.api.idp.process.Task; + import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.stereotype.Service; +import at.gv.egiz.eaaf.core.api.IRequest; +import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; +import at.gv.egiz.eaaf.core.api.idp.process.Task; + /** * Dummy task simulating the validation of an IdentityLink. * <p> diff --git a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/process/spring/test/task/ValidateSignedAuthBlockTask.java b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/process/spring/test/task/ValidateSignedAuthBlockTask.java index f07920cd..6e42d19c 100644 --- a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/process/spring/test/task/ValidateSignedAuthBlockTask.java +++ b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/process/spring/test/task/ValidateSignedAuthBlockTask.java @@ -20,13 +20,15 @@ package at.gv.egiz.eaaf.core.impl.idp.process.spring.test.task; import java.util.Objects; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.stereotype.Service; + import at.gv.egiz.eaaf.core.api.IRequest; import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; import at.gv.egiz.eaaf.core.api.idp.process.Task; import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.springframework.stereotype.Service; /** * A dummy task simulating the validation of an auth block. @@ -57,8 +59,8 @@ public class ValidateSignedAuthBlockTask implements Task { public IRequest execute(final IRequest penReq, final ExecutionContext executionContext) throws TaskExecutionException { Objects.requireNonNull(executionContext.get("IdentityLink")); - assert (Boolean.TRUE - .equals(Objects.requireNonNull(executionContext.get("isIdentityLinkValidated")))); + assert Boolean.TRUE + .equals(Objects.requireNonNull(executionContext.get("isIdentityLinkValidated"))); Objects.requireNonNull(executionContext.get("SignedAuthBlock")); log.debug( diff --git a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/process/test/BooleanStringExpressionEvaluator.java b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/process/test/BooleanStringExpressionEvaluator.java index aa079f86..4540a01d 100644 --- a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/process/test/BooleanStringExpressionEvaluator.java +++ b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/process/test/BooleanStringExpressionEvaluator.java @@ -20,9 +20,11 @@ package at.gv.egiz.eaaf.core.impl.idp.process.test; import java.util.Objects; + +import org.apache.commons.lang3.BooleanUtils; + import at.gv.egiz.eaaf.core.api.idp.process.ExpressionEvaluationContext; import at.gv.egiz.eaaf.core.api.idp.process.ExpressionEvaluator; -import org.apache.commons.lang3.BooleanUtils; /** * Expression evaluator that guesses the boolean value from a String. Refer to diff --git a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/process/test/HalloWeltTask.java b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/process/test/HalloWeltTask.java index 40892476..eadb023d 100644 --- a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/process/test/HalloWeltTask.java +++ b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/process/test/HalloWeltTask.java @@ -19,10 +19,11 @@ package at.gv.egiz.eaaf.core.impl.idp.process.test; +import org.springframework.stereotype.Service; + import at.gv.egiz.eaaf.core.api.IRequest; import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; import at.gv.egiz.eaaf.core.api.idp.process.Task; -import org.springframework.stereotype.Service; /** * Simple task that just outputs a "Hallo World" text to the console. diff --git a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/process/test/HelloWorldTask.java b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/process/test/HelloWorldTask.java index ce49e33d..e3e01b90 100644 --- a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/process/test/HelloWorldTask.java +++ b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/process/test/HelloWorldTask.java @@ -19,10 +19,11 @@ package at.gv.egiz.eaaf.core.impl.idp.process.test; +import org.springframework.stereotype.Service; + import at.gv.egiz.eaaf.core.api.IRequest; import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; import at.gv.egiz.eaaf.core.api.idp.process.Task; -import org.springframework.stereotype.Service; /** * Simple task that just outputs a "Hello World" text to the console. diff --git a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/process/test/ProcessDefinitionParserTest.java b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/process/test/ProcessDefinitionParserTest.java index 2238ad09..56259663 100644 --- a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/process/test/ProcessDefinitionParserTest.java +++ b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/process/test/ProcessDefinitionParserTest.java @@ -24,8 +24,12 @@ import static org.junit.Assert.assertFalse; import static org.junit.Assert.assertNotNull; import static org.junit.Assert.assertNull; import static org.junit.Assert.assertTrue; + import java.io.IOException; import java.io.InputStream; + +import org.junit.Test; + import at.gv.egiz.eaaf.core.impl.idp.process.ProcessDefinitionParser; import at.gv.egiz.eaaf.core.impl.idp.process.ProcessDefinitionParserException; import at.gv.egiz.eaaf.core.impl.idp.process.model.EndEvent; @@ -34,7 +38,6 @@ import at.gv.egiz.eaaf.core.impl.idp.process.model.ProcessNode; import at.gv.egiz.eaaf.core.impl.idp.process.model.StartEvent; import at.gv.egiz.eaaf.core.impl.idp.process.model.TaskInfo; import at.gv.egiz.eaaf.core.impl.idp.process.model.Transition; -import org.junit.Test; public class ProcessDefinitionParserTest { diff --git a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/process/test/ProcessEngineTest.java b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/process/test/ProcessEngineTest.java index 9e8ce781..7ce4c6b3 100644 --- a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/process/test/ProcessEngineTest.java +++ b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/process/test/ProcessEngineTest.java @@ -22,16 +22,10 @@ package at.gv.egiz.eaaf.core.impl.idp.process.test; import static at.gv.egiz.eaaf.core.impl.idp.process.ProcessInstanceState.NOT_STARTED; import static at.gv.egiz.eaaf.core.impl.idp.process.ProcessInstanceState.SUSPENDED; import static org.junit.Assert.assertEquals; + import java.io.IOException; import java.io.InputStream; -import at.gv.egiz.eaaf.core.api.idp.process.ProcessEngine; -import at.gv.egiz.eaaf.core.exceptions.ProcessExecutionException; -import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException; -import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl; -import at.gv.egiz.eaaf.core.impl.idp.process.ProcessDefinitionParser; -import at.gv.egiz.eaaf.core.impl.idp.process.ProcessDefinitionParserException; -import at.gv.egiz.eaaf.core.impl.idp.process.ProcessEngineImpl; -import at.gv.egiz.eaaf.core.impl.idp.process.ProcessInstance; + import org.apache.commons.lang3.RandomStringUtils; import org.junit.Assert; import org.junit.Before; @@ -42,6 +36,15 @@ import org.springframework.context.ApplicationContext; import org.springframework.test.context.ContextConfiguration; import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; +import at.gv.egiz.eaaf.core.api.idp.process.ProcessEngine; +import at.gv.egiz.eaaf.core.exceptions.ProcessExecutionException; +import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException; +import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl; +import at.gv.egiz.eaaf.core.impl.idp.process.ProcessDefinitionParser; +import at.gv.egiz.eaaf.core.impl.idp.process.ProcessDefinitionParserException; +import at.gv.egiz.eaaf.core.impl.idp.process.ProcessEngineImpl; +import at.gv.egiz.eaaf.core.impl.idp.process.ProcessInstance; + @RunWith(SpringJUnit4ClassRunner.class) @ContextConfiguration("/process/spring/test/SpringExpressionAwareProcessEngineTest-context.xml") public class ProcessEngineTest { @@ -57,7 +60,7 @@ public class ProcessEngineTest { /** * jUnit test set-up. * - * @throws IOException in case of an error + * @throws IOException in case of an error * @throws ProcessDefinitionParserException in case of an error */ @Before @@ -203,7 +206,6 @@ public class ProcessEngineTest { "Wrong Exception in TaskExecutionException"); } - } @Test @@ -229,7 +231,6 @@ public class ProcessEngineTest { } - } @Test(expected = IllegalArgumentException.class) diff --git a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/process/test/StopProcessFlagTask.java b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/process/test/StopProcessFlagTask.java index 2ef58729..e2fd80a8 100644 --- a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/process/test/StopProcessFlagTask.java +++ b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/process/test/StopProcessFlagTask.java @@ -19,10 +19,11 @@ package at.gv.egiz.eaaf.core.impl.idp.process.test; +import org.springframework.stereotype.Service; + import at.gv.egiz.eaaf.core.api.IRequest; import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; import at.gv.egiz.eaaf.core.api.idp.process.Task; -import org.springframework.stereotype.Service; /** * Simple task that just outputs a "Hello World" text to the console. diff --git a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/process/test/ThrowExceptionTask.java b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/process/test/ThrowExceptionTask.java index 639121d6..759e3460 100644 --- a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/process/test/ThrowExceptionTask.java +++ b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/process/test/ThrowExceptionTask.java @@ -19,11 +19,12 @@ package at.gv.egiz.eaaf.core.impl.idp.process.test; +import org.springframework.stereotype.Service; + import at.gv.egiz.eaaf.core.api.IRequest; import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; import at.gv.egiz.eaaf.core.api.idp.process.Task; import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException; -import org.springframework.stereotype.Service; /** * Simple task that just outputs a "Hello World" text to the console. diff --git a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/utils/KeyValueUtilsTest.java b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/utils/KeyValueUtilsTest.java index d5ce24c5..36406304 100644 --- a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/utils/KeyValueUtilsTest.java +++ b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/utils/KeyValueUtilsTest.java @@ -8,6 +8,7 @@ import java.util.List; import java.util.Map; import java.util.Map.Entry; import java.util.Set; + import org.apache.commons.lang3.RandomStringUtils; import org.junit.Assert; import org.junit.Test; @@ -442,5 +443,4 @@ public class KeyValueUtilsTest { } - } diff --git a/eaaf_core/src/test/resources/process/spring/test/SampleProcessDefinitionForSAML1Authentication.xml b/eaaf_core/src/test/resources/process/spring/test/SampleProcessDefinitionForSAML1Authentication.xml index 2eec2b70..da3955e6 100644 --- a/eaaf_core/src/test/resources/process/spring/test/SampleProcessDefinitionForSAML1Authentication.xml +++ b/eaaf_core/src/test/resources/process/spring/test/SampleProcessDefinitionForSAML1Authentication.xml @@ -1,61 +1,58 @@ <?xml version="1.0" encoding="UTF-8"?> -<!-- - --> - -<pd:ProcessDefinition xmlns:pd="http://reference.e-government.gv.at/namespace/moa/process/definition/v1" - id="SampleProcessDefinitionForSAML1Authentication"> - - <!-- - returns String 'bkuURL' - --> - <pd:Task id="bkuSelectionTask" class="SelectBKUTask" /> - - <!-- - requires 'bkuURL' - returns String 'IdentityLink' - --> - <pd:Task id="getIdentityLinkTask" class="GetIdentityLinkTask" /> - - <!-- - requires 'IdentityLink' - returns Boolean 'isIdentityLinkValidated' - --> - <pd:Task id="validateIdentityLinkTask" class="ValidateIdentityLinkTask" /> - - <!-- - requires 'IdentityLink', 'isIdentityLinkValidated', 'bkuURL' - returns String 'SignedAuthBlock' - --> - <pd:Task id="signAuthBlockTask" class="SignAuthBlockTask" /> - - <!-- - requires 'IdentityLink', 'isIdentityLinkValidated', 'SignedAuthBlock' - returns Boolean 'isSignedAuthBlockValidated' - --> - <pd:Task id="validateSignedAuthBlockTask" class="ValidateSignedAuthBlockTask" /> - - <!-- - requires 'IdentityLink', 'isIdentityLinkValidated', 'SignedAuthBlock', 'isSignedAuthBlockValidated'; - returns 'SAML1Assertion' - --> - <pd:Task id="createAssertionTask" class="CreateSAML1AssertionTask" /> - - <pd:Task id="task2" class="HelloWorldTask" async="true" /> - - <pd:StartEvent id="start" /> - <pd:EndEvent id="end" /> - - <pd:Transition from="start" to="bkuSelectionTask" conditionExpression="ctx['bkuURL'] == null" /> - <pd:Transition from="start" to="getIdentityLinkTask" /> - - <pd:Transition from="bkuSelectionTask" to="getIdentityLinkTask" /> - <pd:Transition from="getIdentityLinkTask" to="validateIdentityLinkTask" /> - <pd:Transition from="validateIdentityLinkTask" to="signAuthBlockTask" conditionExpression="ctx['isIdentityLinkValidated']" /> - <pd:Transition from="signAuthBlockTask" to="validateSignedAuthBlockTask" /> - <pd:Transition from="validateSignedAuthBlockTask" to="createAssertionTask" conditionExpression="ctx['isSignedAuthBlockValidated']" /> - - <pd:Transition from="createAssertionTask" to="task2" /> - - <pd:Transition from="task2" to="end" /> +<!-- --> + +<pd:ProcessDefinition + xmlns:pd="http://reference.e-government.gv.at/namespace/moa/process/definition/v1" + id="SampleProcessDefinitionForSAML1Authentication"> + + <!-- returns String 'bkuURL' --> + <pd:Task id="bkuSelectionTask" class="SelectBKUTask" /> + + <!-- requires 'bkuURL' returns String 'IdentityLink' --> + <pd:Task id="getIdentityLinkTask" class="GetIdentityLinkTask" /> + + <!-- requires 'IdentityLink' returns Boolean 'isIdentityLinkValidated' --> + <pd:Task id="validateIdentityLinkTask" + class="ValidateIdentityLinkTask" /> + + <!-- requires 'IdentityLink', 'isIdentityLinkValidated', 'bkuURL' returns + String 'SignedAuthBlock' --> + <pd:Task id="signAuthBlockTask" class="SignAuthBlockTask" /> + + <!-- requires 'IdentityLink', 'isIdentityLinkValidated', 'SignedAuthBlock' + returns Boolean 'isSignedAuthBlockValidated' --> + <pd:Task id="validateSignedAuthBlockTask" + class="ValidateSignedAuthBlockTask" /> + + <!-- requires 'IdentityLink', 'isIdentityLinkValidated', 'SignedAuthBlock', + 'isSignedAuthBlockValidated'; returns 'SAML1Assertion' --> + <pd:Task id="createAssertionTask" + class="CreateSAML1AssertionTask" /> + + <pd:Task id="task2" class="HelloWorldTask" async="true" /> + + <pd:StartEvent id="start" /> + <pd:EndEvent id="end" /> + + <pd:Transition from="start" to="bkuSelectionTask" + conditionExpression="ctx['bkuURL'] == null" /> + <pd:Transition from="start" to="getIdentityLinkTask" /> + + <pd:Transition from="bkuSelectionTask" + to="getIdentityLinkTask" /> + <pd:Transition from="getIdentityLinkTask" + to="validateIdentityLinkTask" /> + <pd:Transition from="validateIdentityLinkTask" + to="signAuthBlockTask" + conditionExpression="ctx['isIdentityLinkValidated']" /> + <pd:Transition from="signAuthBlockTask" + to="validateSignedAuthBlockTask" /> + <pd:Transition from="validateSignedAuthBlockTask" + to="createAssertionTask" + conditionExpression="ctx['isSignedAuthBlockValidated']" /> + + <pd:Transition from="createAssertionTask" to="task2" /> + + <pd:Transition from="task2" to="end" /> </pd:ProcessDefinition> diff --git a/eaaf_core/src/test/resources/process/spring/test/SampleProcessDefinitionWithExpression1.xml b/eaaf_core/src/test/resources/process/spring/test/SampleProcessDefinitionWithExpression1.xml index 70c14c5d..0ca780d5 100644 --- a/eaaf_core/src/test/resources/process/spring/test/SampleProcessDefinitionWithExpression1.xml +++ b/eaaf_core/src/test/resources/process/spring/test/SampleProcessDefinitionWithExpression1.xml @@ -1,22 +1,27 @@ <?xml version="1.0" encoding="UTF-8"?> -<!-- - --> +<!-- --> -<pd:ProcessDefinition xmlns:pd="http://reference.e-government.gv.at/namespace/moa/process/definition/v1" - id="SampleProcessWithExpression1"> +<pd:ProcessDefinition + xmlns:pd="http://reference.e-government.gv.at/namespace/moa/process/definition/v1" + id="SampleProcessWithExpression1"> - <pd:Task id="task1" /> - <pd:Task id="task2" /> - <pd:Task id="task3" /> - <pd:Task id="task4" /> + <pd:Task id="task1" /> + <pd:Task id="task2" /> + <pd:Task id="task3" /> + <pd:Task id="task4" /> - <pd:StartEvent id="start" /> - <pd:EndEvent id="end" /> + <pd:StartEvent id="start" /> + <pd:EndEvent id="end" /> + + <pd:Transition from="start" to="task1" + conditionExpression="'true'" /> + <pd:Transition from="task1" to="task2" + conditionExpression="'true'" /> + <pd:Transition from="task2" to="task3" + conditionExpression="'true'" /> + <pd:Transition from="task3" to="task4" + conditionExpression="'true'" /> + <pd:Transition from="task4" to="end" + conditionExpression="'true'" /> - <pd:Transition from="start" to="task1" conditionExpression="'true'" /> - <pd:Transition from="task1" to="task2" conditionExpression="'true'" /> - <pd:Transition from="task2" to="task3" conditionExpression="'true'" /> - <pd:Transition from="task3" to="task4" conditionExpression="'true'" /> - <pd:Transition from="task4" to="end" conditionExpression="'true'" /> - </pd:ProcessDefinition> diff --git a/eaaf_core/src/test/resources/process/spring/test/SpringExpressionAwareProcessEngineTest-context.xml b/eaaf_core/src/test/resources/process/spring/test/SpringExpressionAwareProcessEngineTest-context.xml index b84aad57..d47ed8b3 100644 --- a/eaaf_core/src/test/resources/process/spring/test/SpringExpressionAwareProcessEngineTest-context.xml +++ b/eaaf_core/src/test/resources/process/spring/test/SpringExpressionAwareProcessEngineTest-context.xml @@ -1,55 +1,58 @@ <?xml version="1.0" encoding="UTF-8"?> <beans xmlns="http://www.springframework.org/schema/beans" - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xmlns:context="http://www.springframework.org/schema/context" - xmlns:tx="http://www.springframework.org/schema/tx" - xmlns:aop="http://www.springframework.org/schema/aop" - xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd - http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd - http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd - http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd"> - - <bean id="springElAwareExpressionEvaluator" class="at.gv.egiz.eaaf.core.impl.idp.process.spring.SpringExpressionEvaluator" /> - - <bean id="processEngine" class="at.gv.egiz.eaaf.core.impl.idp.process.ProcessEngineImpl"> - <property name="transitionConditionExpressionEvaluator" ref="springElAwareExpressionEvaluator" /> - </bean> - - <bean id="TransactionStorage" - class="at.gv.egiz.eaaf.core.impl.idp.process.spring.test.DummyTransactionStorage"/> - - <bean id="ProcessInstanceStoreage" - class="at.gv.egiz.eaaf.core.impl.idp.process.dao.ProcessInstanceStoreDaoImpl"/> - - <bean id="HelloWorldTask" - class="at.gv.egiz.eaaf.core.impl.idp.process.test.HelloWorldTask"/> - - <bean id="HalloWeltTask" - class="at.gv.egiz.eaaf.core.impl.idp.process.test.HalloWeltTask"/> - - <bean id="StopProcessFlagTask" - class="at.gv.egiz.eaaf.core.impl.idp.process.test.StopProcessFlagTask"/> - - <bean id="ThrowExceptionTask" - class="at.gv.egiz.eaaf.core.impl.idp.process.test.ThrowExceptionTask"/> - - <bean id="SelectBKUTask" - class="at.gv.egiz.eaaf.core.impl.idp.process.spring.test.task.SelectBkuTask"/> - - <bean id="CreateSAML1AssertionTask" - class="at.gv.egiz.eaaf.core.impl.idp.process.spring.test.task.CreateSaml1AssertionTask"/> - - <bean id="GetIdentityLinkTask" - class="at.gv.egiz.eaaf.core.impl.idp.process.spring.test.task.GetIdentityLinkTask"/> - - <bean id="SignAuthBlockTask" - class="at.gv.egiz.eaaf.core.impl.idp.process.spring.test.task.SignAuthBlockTask"/> - - <bean id="ValidateIdentityLinkTask" - class="at.gv.egiz.eaaf.core.impl.idp.process.spring.test.task.ValidateIdentityLinkTask"/> - - <bean id="ValidateSignedAuthBlockTask" - class="at.gv.egiz.eaaf.core.impl.idp.process.spring.test.task.ValidateSignedAuthBlockTask"/> - + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xmlns:context="http://www.springframework.org/schema/context" + xmlns:tx="http://www.springframework.org/schema/tx" + xmlns:aop="http://www.springframework.org/schema/aop" + xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd + http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd + http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd + http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd"> + + <bean id="springElAwareExpressionEvaluator" + class="at.gv.egiz.eaaf.core.impl.idp.process.spring.SpringExpressionEvaluator" /> + + <bean id="processEngine" + class="at.gv.egiz.eaaf.core.impl.idp.process.ProcessEngineImpl"> + <property name="transitionConditionExpressionEvaluator" + ref="springElAwareExpressionEvaluator" /> + </bean> + + <bean id="TransactionStorage" + class="at.gv.egiz.eaaf.core.impl.idp.process.spring.test.DummyTransactionStorage" /> + + <bean id="ProcessInstanceStoreage" + class="at.gv.egiz.eaaf.core.impl.idp.process.dao.ProcessInstanceStoreDaoImpl" /> + + <bean id="HelloWorldTask" + class="at.gv.egiz.eaaf.core.impl.idp.process.test.HelloWorldTask" /> + + <bean id="HalloWeltTask" + class="at.gv.egiz.eaaf.core.impl.idp.process.test.HalloWeltTask" /> + + <bean id="StopProcessFlagTask" + class="at.gv.egiz.eaaf.core.impl.idp.process.test.StopProcessFlagTask" /> + + <bean id="ThrowExceptionTask" + class="at.gv.egiz.eaaf.core.impl.idp.process.test.ThrowExceptionTask" /> + + <bean id="SelectBKUTask" + class="at.gv.egiz.eaaf.core.impl.idp.process.spring.test.task.SelectBkuTask" /> + + <bean id="CreateSAML1AssertionTask" + class="at.gv.egiz.eaaf.core.impl.idp.process.spring.test.task.CreateSaml1AssertionTask" /> + + <bean id="GetIdentityLinkTask" + class="at.gv.egiz.eaaf.core.impl.idp.process.spring.test.task.GetIdentityLinkTask" /> + + <bean id="SignAuthBlockTask" + class="at.gv.egiz.eaaf.core.impl.idp.process.spring.test.task.SignAuthBlockTask" /> + + <bean id="ValidateIdentityLinkTask" + class="at.gv.egiz.eaaf.core.impl.idp.process.spring.test.task.ValidateIdentityLinkTask" /> + + <bean id="ValidateSignedAuthBlockTask" + class="at.gv.egiz.eaaf.core.impl.idp.process.spring.test.task.ValidateSignedAuthBlockTask" /> + </beans> diff --git a/eaaf_core/src/test/resources/process/spring/test/SpringExpressionEvaluatorTest-context.xml b/eaaf_core/src/test/resources/process/spring/test/SpringExpressionEvaluatorTest-context.xml index ebf72e41..111a00c4 100644 --- a/eaaf_core/src/test/resources/process/spring/test/SpringExpressionEvaluatorTest-context.xml +++ b/eaaf_core/src/test/resources/process/spring/test/SpringExpressionEvaluatorTest-context.xml @@ -1,17 +1,18 @@ <?xml version="1.0" encoding="UTF-8"?> -<!-- - --> +<!-- --> <beans xmlns="http://www.springframework.org/schema/beans" - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd"> + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd"> - <bean id="simplePojo" class="at.gv.egiz.eaaf.core.impl.idp.process.spring.test.SimplePojo"> - <property name="booleanValue" value="true" /> - <property name="integerValue" value="42" /> - <property name="stringValue" value="HelloWorld" /> - </bean> - - <bean id="expressionEvaluator" class="at.gv.egiz.eaaf.core.impl.idp.process.spring.SpringExpressionEvaluator" /> + <bean id="simplePojo" + class="at.gv.egiz.eaaf.core.impl.idp.process.spring.test.SimplePojo"> + <property name="booleanValue" value="true" /> + <property name="integerValue" value="42" /> + <property name="stringValue" value="HelloWorld" /> + </bean> + + <bean id="expressionEvaluator" + class="at.gv.egiz.eaaf.core.impl.idp.process.spring.SpringExpressionEvaluator" /> </beans> diff --git a/eaaf_core/src/test/resources/process/spring/test/task/IdentityLink_Max_Mustermann.xml b/eaaf_core/src/test/resources/process/spring/test/task/IdentityLink_Max_Mustermann.xml index 3973a784..828727c0 100644 --- a/eaaf_core/src/test/resources/process/spring/test/task/IdentityLink_Max_Mustermann.xml +++ b/eaaf_core/src/test/resources/process/spring/test/task/IdentityLink_Max_Mustermann.xml @@ -1,55 +1,115 @@ <?xml version="1.0" encoding="UTF-8"?> -<!-- - --> -<saml:Assertion xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:ecdsa="http://www.w3.org/2001/04/xmldsig-more#" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:si="http://www.w3.org/2001/XMLSchema-instance" AssertionID="szr.bmi.gv.at-AssertionID132860852347311974" IssueInstant="2012-02-07T10:55:23+01:00" Issuer="http://portal.bmi.gv.at/ref/szr/issuer" MajorVersion="1" MinorVersion="0"> - <saml:AttributeStatement> - <saml:Subject> - <saml:SubjectConfirmation> - <saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:sender-vouches</saml:ConfirmationMethod> - <saml:SubjectConfirmationData> - <pr:Person si:type="pr:PhysicalPersonType"><pr:Identification><pr:Value>tqCQEC7+AqGEeeL390V5Jg==</pr:Value><pr:Type>urn:publicid:gv.at:baseid</pr:Type></pr:Identification><pr:Name><pr:GivenName>Max</pr:GivenName><pr:FamilyName primary="undefined">Mustermann</pr:FamilyName></pr:Name><pr:DateOfBirth>1940-01-01</pr:DateOfBirth></pr:Person> - </saml:SubjectConfirmationData> - </saml:SubjectConfirmation> - </saml:Subject> - <saml:Attribute AttributeName="CitizenPublicKey" AttributeNamespace="urn:publicid:gv.at:namespaces:identitylink:1.2"><saml:AttributeValue><ecdsa:ECDSAKeyValue><ecdsa:DomainParameters><ecdsa:NamedCurve URN="urn:oid:1.2.840.10045.3.1.7"/></ecdsa:DomainParameters><ecdsa:PublicKey><ecdsa:X Value="111409151487007036894649069746411000129419717653159596280366627647453458115517" si:type="ecdsa:PrimeFieldElemType"/><ecdsa:Y Value="94725036374184689337892465478597728884477416796494369571140658859618867645034" si:type="ecdsa:PrimeFieldElemType"/></ecdsa:PublicKey></ecdsa:ECDSAKeyValue></saml:AttributeValue></saml:Attribute></saml:AttributeStatement> - <dsig:Signature> - <dsig:SignedInfo> - <dsig:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> - <dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> - <dsig:Reference URI=""> - <dsig:Transforms> - <dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116"> - <dsig:XPath>not(ancestor-or-self::pr:Identification)</dsig:XPath> - </dsig:Transform> - <dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/> - </dsig:Transforms> - <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> - <dsig:DigestValue>Rmr5vkWXL/PvpoXnbK632QmzYms=</dsig:DigestValue> - </dsig:Reference> - <dsig:Reference Type="http://www.w3.org/2000/09/xmldsig#Manifest" URI="#manifest"> - <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> - <dsig:DigestValue>HoPZWYll8aMFpKOlRSwckt5iCQk=</dsig:DigestValue> - </dsig:Reference> - </dsig:SignedInfo> - <dsig:SignatureValue> - NPpRwVo5/5kf5iHUyaEc7d7So3W4oPgOCYNgnKpgdZfttFkFFN+9oG60w7YvKEYSeTPhP3zp7eaH -ZFapj+naD+wd0y5ELWep9Y+s+qP7fNLrFECHQxQasLWtR4akxlWDpYQ0bvOuepK2ip1EQ6pRlccA -wJ1l4iOWFhfdA9YAg5QLkBqWSwgrNUswhLnDBM+Ot6Gj5g2rpYY7aoAOXvTR8B5Dkg94ASb4u0wv -VPV8+4mjOfP+l6QWLqywzcq3qj/qFZkbujjZbV/fNPDnDD1ff/M6ZfCGO8xzlYfjfEA7cmHuiJf2 -/ey/3nT7vI5XbpBPWChT5Sl4DQysxlfE6e4MZw== - </dsig:SignatureValue><dsig:KeyInfo><dsig:X509Data><dsig:X509Certificate>MIIF3TCCBMWgAwIBAgIDByniMA0GCSqGSIb3DQEBBQUAMIGfMQswCQYDVQQGEwJBVDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBpbSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMSIwIAYDVQQLDBlhLXNpZ24tY29ycG9yYXRlLWxpZ2h0LTAyMSIwIAYDVQQDDBlhLXNpZ24tY29ycG9yYXRlLWxpZ2h0LTAyMB4XDTEwMDcyODExMzY0M1oXDTE1MDcyODExMzY0M1owgbYxCzAJBgNVBAYTAkFUMR4wHAYDVQQKDBVEYXRlbnNjaHV0emtvbW1pc3Npb24xIjAgBgNVBAsMGVN0YW1temFobHJlZ2lzdGVyYmVob2VyZGUxLjAsBgNVBAMMJVNpZ25hdHVyc2VydmljZSBEYXRlbnNjaHV0emtvbW1pc3Npb24xFTATBgNVBAUTDDMyNTkyODMyMzk5ODEcMBoGCSqGSIb3DQEJARYNZHNrQGRzay5ndi5hdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAN+dBSEBGj2jUXIK1Mp3lVxc/Za+pJMiyKrX3G1ZxgX/ikx7D9scsPYMt473LlAWl9cmCbHbJK+PV2XNNdURLMUCIX+4vUNs2MHeDTQtX8BXjJFpwJYSoaRJQ39FVS/1r5sWcra9Hhdm7w5Gtx/2ukyDX0kdkxawkhP4EQEzi/SI+Fugn+WqgQ1nAdlbxb/dcBw5w1h9b3lmuwUf4z3ooQWUD2DgA/kKd1KejNR43mLUsmvSzevPxT9zs78pOR1OacB7IszTVJPXeOEaaNZHnnB/UeO3g8LEV/3OkXcUgcMkbIIiaBHlll71Pq0COj9kqjXoe7OrRjLY5i3KwOpa6TMCAwEAAaOCAgcwggIDMBMGA1UdIwQMMAqACEkcWDpP6A0DMH8GCCsGAQUFBwEBBHMwcTAnBggrBgEFBQcwAYYbaHR0cDovL29jc3AuYS10cnVzdC5hdC9vY3NwMEYGCCsGAQUFBzAChjpodHRwOi8vd3d3LmEtdHJ1c3QuYXQvY2VydHMvYS1zaWduLWNvcnBvcmF0ZS1saWdodC0wMmEuY3J0MFQGA1UdIARNMEswSQYGKigAEQESMD8wPQYIKwYBBQUHAgEWMWh0dHA6Ly93d3cuYS10cnVzdC5hdC9kb2NzL2NwL2Etc2lnbi1BbXRzc2lnbmF0dXIwgZ4GA1UdHwSBljCBkzCBkKCBjaCBioaBh2xkYXA6Ly9sZGFwLmEtdHJ1c3QuYXQvb3U9YS1zaWduLWNvcnBvcmF0ZS1saWdodC0wMixvPUEtVHJ1c3QsYz1BVD9jZXJ0aWZpY2F0ZXJldm9jYXRpb25saXN0P2Jhc2U/b2JqZWN0Y2xhc3M9ZWlkQ2VydGlmaWNhdGlvbkF1dGhvcml0eTARBgNVHQ4ECgQITAgOnhr0tbowDgYDVR0PAQH/BAQDAgSwMCAGA1UdEQQZMBeBFW1hcmN1cy5oaWxkQGRzay5ndi5hdDAJBgNVHRMEAjAAMA4GByooAAoBBwEEAwEB/zAUBgcqKAAKAQEBBAkMB0JTQi1EU0swDQYJKoZIhvcNAQEFBQADggEBAHTklnvPCH/bJSOlIPbLUEkSGuFHsektSZ8Vr22x/Yv7EzsxoQrJIiz2mQ2gQqFuExdWYxvsowjiSbiis9iUf1c0zscvDS3mIZxGs4M89XHsjHnIyb+Fuwnamw65QrFvM1tNB1ZMjxJ3x+YmHLHdtT3BEBcr3/NCRHd2S0HoBspNz9HVgJaZY1llR7poKBvnAc4g1i+QTvyVb00PtKxR9Lw/9ABInX/1pzpxqrPy7Ib2OP8z6dd3WHmIsCiSHUaj0Dxwwln6fYJjhxZ141SnbovlCLYtrsZLXoi9ljIqX4xO0PwMI2RfNc9cXxTRrRS6rEOvX7PpvgXiDXhp592Yyp4=</dsig:X509Certificate></dsig:X509Data></dsig:KeyInfo> - <dsig:Object> - <dsig:Manifest Id="manifest"> - <dsig:Reference URI=""> - <dsig:Transforms> - <dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116"> - <dsig:XPath>not(ancestor-or-self::dsig:Signature)</dsig:XPath> - </dsig:Transform> - </dsig:Transforms> - <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> - <dsig:DigestValue>7IkIdYti2dh3VZQ4Fp+9lPT67cM=</dsig:DigestValue> - </dsig:Reference> - </dsig:Manifest> - </dsig:Object> - </dsig:Signature> +<!-- --> +<saml:Assertion + xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" + xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" + xmlns:ecdsa="http://www.w3.org/2001/04/xmldsig-more#" + xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" + xmlns:si="http://www.w3.org/2001/XMLSchema-instance" + AssertionID="szr.bmi.gv.at-AssertionID132860852347311974" + IssueInstant="2012-02-07T10:55:23+01:00" + Issuer="http://portal.bmi.gv.at/ref/szr/issuer" MajorVersion="1" + MinorVersion="0"> + <saml:AttributeStatement> + <saml:Subject> + <saml:SubjectConfirmation> + <saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:sender-vouches + </saml:ConfirmationMethod> + <saml:SubjectConfirmationData> + <pr:Person si:type="pr:PhysicalPersonType"> + <pr:Identification> + <pr:Value>tqCQEC7+AqGEeeL390V5Jg==</pr:Value> + <pr:Type>urn:publicid:gv.at:baseid</pr:Type> + </pr:Identification> + <pr:Name> + <pr:GivenName>Max</pr:GivenName> + <pr:FamilyName primary="undefined">Mustermann + </pr:FamilyName> + </pr:Name> + <pr:DateOfBirth>1940-01-01</pr:DateOfBirth> + </pr:Person> + </saml:SubjectConfirmationData> + </saml:SubjectConfirmation> + </saml:Subject> + <saml:Attribute AttributeName="CitizenPublicKey" + AttributeNamespace="urn:publicid:gv.at:namespaces:identitylink:1.2"> + <saml:AttributeValue> + <ecdsa:ECDSAKeyValue> + <ecdsa:DomainParameters> + <ecdsa:NamedCurve + URN="urn:oid:1.2.840.10045.3.1.7" /> + </ecdsa:DomainParameters> + <ecdsa:PublicKey> + <ecdsa:X + Value="111409151487007036894649069746411000129419717653159596280366627647453458115517" + si:type="ecdsa:PrimeFieldElemType" /> + <ecdsa:Y + Value="94725036374184689337892465478597728884477416796494369571140658859618867645034" + si:type="ecdsa:PrimeFieldElemType" /> + </ecdsa:PublicKey> + </ecdsa:ECDSAKeyValue> + </saml:AttributeValue> + </saml:Attribute> + </saml:AttributeStatement> + <dsig:Signature> + <dsig:SignedInfo> + <dsig:CanonicalizationMethod + Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" /> + <dsig:SignatureMethod + Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" /> + <dsig:Reference URI=""> + <dsig:Transforms> + <dsig:Transform + Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116"> + <dsig:XPath>not(ancestor-or-self::pr:Identification) + </dsig:XPath> + </dsig:Transform> + <dsig:Transform + Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" /> + </dsig:Transforms> + <dsig:DigestMethod + Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" /> + <dsig:DigestValue>Rmr5vkWXL/PvpoXnbK632QmzYms= + </dsig:DigestValue> + </dsig:Reference> + <dsig:Reference + Type="http://www.w3.org/2000/09/xmldsig#Manifest" + URI="#manifest"> + <dsig:DigestMethod + Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" /> + <dsig:DigestValue>HoPZWYll8aMFpKOlRSwckt5iCQk= + </dsig:DigestValue> + </dsig:Reference> + </dsig:SignedInfo> + <dsig:SignatureValue> + NPpRwVo5/5kf5iHUyaEc7d7So3W4oPgOCYNgnKpgdZfttFkFFN+9oG60w7YvKEYSeTPhP3zp7eaH + ZFapj+naD+wd0y5ELWep9Y+s+qP7fNLrFECHQxQasLWtR4akxlWDpYQ0bvOuepK2ip1EQ6pRlccA + wJ1l4iOWFhfdA9YAg5QLkBqWSwgrNUswhLnDBM+Ot6Gj5g2rpYY7aoAOXvTR8B5Dkg94ASb4u0wv + VPV8+4mjOfP+l6QWLqywzcq3qj/qFZkbujjZbV/fNPDnDD1ff/M6ZfCGO8xzlYfjfEA7cmHuiJf2 + /ey/3nT7vI5XbpBPWChT5Sl4DQysxlfE6e4MZw== + </dsig:SignatureValue> + <dsig:KeyInfo> + <dsig:X509Data> + <dsig:X509Certificate>MIIF3TCCBMWgAwIBAgIDByniMA0GCSqGSIb3DQEBBQUAMIGfMQswCQYDVQQGEwJBVDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBpbSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMSIwIAYDVQQLDBlhLXNpZ24tY29ycG9yYXRlLWxpZ2h0LTAyMSIwIAYDVQQDDBlhLXNpZ24tY29ycG9yYXRlLWxpZ2h0LTAyMB4XDTEwMDcyODExMzY0M1oXDTE1MDcyODExMzY0M1owgbYxCzAJBgNVBAYTAkFUMR4wHAYDVQQKDBVEYXRlbnNjaHV0emtvbW1pc3Npb24xIjAgBgNVBAsMGVN0YW1temFobHJlZ2lzdGVyYmVob2VyZGUxLjAsBgNVBAMMJVNpZ25hdHVyc2VydmljZSBEYXRlbnNjaHV0emtvbW1pc3Npb24xFTATBgNVBAUTDDMyNTkyODMyMzk5ODEcMBoGCSqGSIb3DQEJARYNZHNrQGRzay5ndi5hdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAN+dBSEBGj2jUXIK1Mp3lVxc/Za+pJMiyKrX3G1ZxgX/ikx7D9scsPYMt473LlAWl9cmCbHbJK+PV2XNNdURLMUCIX+4vUNs2MHeDTQtX8BXjJFpwJYSoaRJQ39FVS/1r5sWcra9Hhdm7w5Gtx/2ukyDX0kdkxawkhP4EQEzi/SI+Fugn+WqgQ1nAdlbxb/dcBw5w1h9b3lmuwUf4z3ooQWUD2DgA/kKd1KejNR43mLUsmvSzevPxT9zs78pOR1OacB7IszTVJPXeOEaaNZHnnB/UeO3g8LEV/3OkXcUgcMkbIIiaBHlll71Pq0COj9kqjXoe7OrRjLY5i3KwOpa6TMCAwEAAaOCAgcwggIDMBMGA1UdIwQMMAqACEkcWDpP6A0DMH8GCCsGAQUFBwEBBHMwcTAnBggrBgEFBQcwAYYbaHR0cDovL29jc3AuYS10cnVzdC5hdC9vY3NwMEYGCCsGAQUFBzAChjpodHRwOi8vd3d3LmEtdHJ1c3QuYXQvY2VydHMvYS1zaWduLWNvcnBvcmF0ZS1saWdodC0wMmEuY3J0MFQGA1UdIARNMEswSQYGKigAEQESMD8wPQYIKwYBBQUHAgEWMWh0dHA6Ly93d3cuYS10cnVzdC5hdC9kb2NzL2NwL2Etc2lnbi1BbXRzc2lnbmF0dXIwgZ4GA1UdHwSBljCBkzCBkKCBjaCBioaBh2xkYXA6Ly9sZGFwLmEtdHJ1c3QuYXQvb3U9YS1zaWduLWNvcnBvcmF0ZS1saWdodC0wMixvPUEtVHJ1c3QsYz1BVD9jZXJ0aWZpY2F0ZXJldm9jYXRpb25saXN0P2Jhc2U/b2JqZWN0Y2xhc3M9ZWlkQ2VydGlmaWNhdGlvbkF1dGhvcml0eTARBgNVHQ4ECgQITAgOnhr0tbowDgYDVR0PAQH/BAQDAgSwMCAGA1UdEQQZMBeBFW1hcmN1cy5oaWxkQGRzay5ndi5hdDAJBgNVHRMEAjAAMA4GByooAAoBBwEEAwEB/zAUBgcqKAAKAQEBBAkMB0JTQi1EU0swDQYJKoZIhvcNAQEFBQADggEBAHTklnvPCH/bJSOlIPbLUEkSGuFHsektSZ8Vr22x/Yv7EzsxoQrJIiz2mQ2gQqFuExdWYxvsowjiSbiis9iUf1c0zscvDS3mIZxGs4M89XHsjHnIyb+Fuwnamw65QrFvM1tNB1ZMjxJ3x+YmHLHdtT3BEBcr3/NCRHd2S0HoBspNz9HVgJaZY1llR7poKBvnAc4g1i+QTvyVb00PtKxR9Lw/9ABInX/1pzpxqrPy7Ib2OP8z6dd3WHmIsCiSHUaj0Dxwwln6fYJjhxZ141SnbovlCLYtrsZLXoi9ljIqX4xO0PwMI2RfNc9cXxTRrRS6rEOvX7PpvgXiDXhp592Yyp4= + </dsig:X509Certificate> + </dsig:X509Data> + </dsig:KeyInfo> + <dsig:Object> + <dsig:Manifest Id="manifest"> + <dsig:Reference URI=""> + <dsig:Transforms> + <dsig:Transform + Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116"> + <dsig:XPath>not(ancestor-or-self::dsig:Signature) + </dsig:XPath> + </dsig:Transform> + </dsig:Transforms> + <dsig:DigestMethod + Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" /> + <dsig:DigestValue>7IkIdYti2dh3VZQ4Fp+9lPT67cM= + </dsig:DigestValue> + </dsig:Reference> + </dsig:Manifest> + </dsig:Object> + </dsig:Signature> </saml:Assertion>
\ No newline at end of file diff --git a/eaaf_core/src/test/resources/process/spring/test/task/SAML1Assertion.xml b/eaaf_core/src/test/resources/process/spring/test/task/SAML1Assertion.xml index 1859f3a9..910bd6d6 100644 --- a/eaaf_core/src/test/resources/process/spring/test/task/SAML1Assertion.xml +++ b/eaaf_core/src/test/resources/process/spring/test/task/SAML1Assertion.xml @@ -1,490 +1,721 @@ <?xml version="1.0" encoding="UTF-8"?> -<!-- - --> +<!-- --> -<saml:Assertion AssertionID="6025428631468682100" IssueInstant="2008-07-14T17:51:38+02:00" Issuer="https://localhost:18443/moa-id-auth/" MajorVersion="1" MinorVersion="0" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:si="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<saml:Assertion AssertionID="6025428631468682100" + IssueInstant="2008-07-14T17:51:38+02:00" + Issuer="https://localhost:18443/moa-id-auth/" MajorVersion="1" + MinorVersion="0" + xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" + xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" + xmlns:si="http://www.w3.org/2001/XMLSchema-instance" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <saml:AttributeStatement> - <saml:Subject> - <saml:NameIdentifier NameQualifier="urn:publicid:gv.at:wbpk+FN+www.act.at">K2YMyx3/5kIpNJR+SAD/rbRYH+c=</saml:NameIdentifier> - <saml:SubjectConfirmation> - <saml:ConfirmationMethod>http://reference.e-government.gv.at/namespace/moa/20020822#cm</saml:ConfirmationMethod> - <saml:SubjectConfirmationData> - <saml:Assertion AssertionID="any" IssueInstant="2008-07-14T17:51:26+02:00" Issuer="Thomas Knall" MajorVersion="1" MinorVersion="0" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion"> - <saml:AttributeStatement> - <saml:Subject> - <saml:NameIdentifier>https://localhost:18443/moa-id-auth/</saml:NameIdentifier> - </saml:Subject> - <saml:Attribute AttributeName="wbPK" AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#"> - <saml:AttributeValue> - <pr:Identification> - <pr:Value>K2YMyx3/5kIpNJR+SAD/rbRYH+c=</pr:Value> - <pr:Type>urn:publicid:gv.at:wbpk+FN+www.act.at</pr:Type> - </pr:Identification> - </saml:AttributeValue> - </saml:Attribute> - <saml:Attribute AttributeName="OA" AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#"> - <saml:AttributeValue>https://localhost:48443/mandates/</saml:AttributeValue> - </saml:Attribute> - <saml:Attribute AttributeName="Geburtsdatum" AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#"> - <saml:AttributeValue>1978-04-29</saml:AttributeValue> - </saml:Attribute> - <saml:Attribute AttributeName="RepresentationType" AttributeNamespace="http://reference.e-government.gv.at/namespace/mandates/20040701#"> - <saml:AttributeValue>Vollmachtsvertreter</saml:AttributeValue> - </saml:Attribute> - <saml:Attribute AttributeName="MandatorName" AttributeNamespace="http://reference.e-government.gv.at/namespace/mandates/20040701#"> - <saml:AttributeValue>MeineTestFirma</saml:AttributeValue> - </saml:Attribute> - <saml:Attribute AttributeName="MandatorWbpk" AttributeNamespace="http://reference.e-government.gv.at/namespace/mandates/20040701#"> - <saml:AttributeValue>123456i</saml:AttributeValue> - </saml:Attribute> - </saml:AttributeStatement> - <dsig:Signature Id="signature-1216050695-35956125-21395" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"> - <dsig:SignedInfo> - <dsig:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/> - <dsig:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/> - <dsig:Reference Id="signed-data-reference-0-1216050695-35956125-19584" URI=""> - <dsig:Transforms> - <dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/> - <dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xslt-19991116"> - <xsl:stylesheet version="1.0" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:xsl="http://www.w3.org/1999/XSL/Transform"> - <xsl:template match="/" xmlns="http://www.w3.org/1999/xhtml"> - <html xmlns="http://www.w3.org/1999/xhtml"> - <head> - <title>Signatur der Anmeldedaten</title> - <style media="screen" type="text/css"> - .boldstyle { font-weight: bold; } - .italicstyle { font-style: italic; } - .annotationstyle { font-size: small; } - </style> - </head> - <body> - <h1>Signatur der Anmeldedaten</h1> - <p/> - <h4>Mit meiner elektronischen Signatur beantrage ich, - <span class="boldstyle"> - <xsl:value-of select="//@Issuer"/> - </span>, geboren am - <xsl:value-of select="substring(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue,9,2)"/>. - <xsl:value-of select="substring(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue,6,2)"/>. - <xsl:value-of select="substring(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue,1,4)"/>, - <xsl:if test="//saml:Attribute[@AttributeName='OIDTextualDescription']"> - in der Rolle als <xsl:value-of select="//saml:Attribute[@AttributeName='OIDTextualDescription']/saml:AttributeValue"/> - (OID***= <xsl:value-of select="//saml:Attribute[@AttributeName='OID']/saml:AttributeValue"/>), - </xsl:if> - den Zugang zur gesicherten Anwendung. - </h4> - <p/> - <h4>Datum und Uhrzeit: - <xsl:value-of select="substring(//@IssueInstant,9,2)"/>. - <xsl:value-of select="substring(//@IssueInstant,6,2)"/>. - <xsl:value-of select="substring(//@IssueInstant,1,4)"/>, - <xsl:value-of select="substring(//@IssueInstant,12,2)"/>: - <xsl:value-of select="substring(//@IssueInstant,15,2)"/>: - <xsl:value-of select="substring(//@IssueInstant,18,2)"/> - </h4> - <xsl:if test="//saml:Attribute[@AttributeName='HPI']"> - <h4>HPI(**): <xsl:value-of select="//saml:Attribute[@AttributeName='HPI']/saml:AttributeValue"/> - </h4> - </xsl:if> - <xsl:if test="//saml:Attribute[@AttributeName='wbPK']"> - <h4>wbPK(*): <xsl:value-of select="//saml:Attribute[@AttributeName='wbPK']/saml:AttributeValue/pr:Identification/pr:Value"/> - </h4> - </xsl:if> - <xsl:if test="//saml:Attribute[@AttributeName='MandatorName']"> - <hr/> - <h4>Ich bin weiters ermächtigt als <xsl:value-of select="//saml:Attribute[@AttributeName='RepresentationType']/saml:AttributeValue/text()"/> - von <xsl:value-of select="//saml:Attribute[@AttributeName='MandatorName']/saml:AttributeValue/text()"/> - <xsl:if test="//saml:Attribute[@AttributeName='MandatorDateOfBirth']">, geboren am - <xsl:value-of select="substring(//saml:Attribute[@AttributeName='MandatorDateOfBirth']/saml:AttributeValue,9,2)"/>. - <xsl:value-of select="substring(//saml:Attribute[@AttributeName='MandatorDateOfBirth']/saml:AttributeValue,6,2)"/>. - <xsl:value-of select="substring(//saml:Attribute[@AttributeName='MandatorDateOfBirth']/saml:AttributeValue,1,4)"/> - </xsl:if> - <xsl:if test="//saml:Attribute[@AttributeName='MandatorDomainIdentifier']">, - <xsl:value-of select="//saml:Attribute[@AttributeName='MandatorDomainIdentifier']/saml:AttributeValue/text()"/> - </xsl:if>, in deren Auftrag zu handeln. - </h4> - <xsl:if test="//saml:Attribute[@AttributeName='MandatorWbpk']"> - <h4>wbPK(*) des Vollmachtgebers: <xsl:value-of select="//saml:Attribute[@AttributeName='MandatorWbpk']/saml:AttributeValue/text()"/> - </h4> - </xsl:if> - <p/> - </xsl:if> - <xsl:choose> - <xsl:when test="//saml:Attribute[@AttributeName='OID']"> - <p/> - <hr/> - </xsl:when> - <xsl:when test="//saml:Attribute[@AttributeName='HPI']"> - <p/> - <hr/> - </xsl:when> - <xsl:when test="//saml:Attribute[@AttributeName='wbPK']"> - <p/> - <hr/> - </xsl:when> - </xsl:choose> - <xsl:if test="//saml:Attribute[@AttributeName='wbPK']"> - <div class="annotationstyle">(*) wbPK: Das <span class="italicstyle">wirtschaftsbereichsspezifische Personenkennzeichen</span> wird aus den - jeweiligen Stammzahlen des Bürgers und des Wirtschaftsunternehmens berechnet und ermöglicht eine eindeutige Zuordnung des Bürgers zum - Wirtschaftsunternehmen.</div> - </xsl:if> - <xsl:if test="//saml:Attribute[@AttributeName='HPI']"> - <div class="annotationstyle">(**) HPI: Der <span class="italicstyle">eHealth Professional Identifier</span> wird aus den jeweiligen - Stammzahlen der Gesundheitsdiensteanbieterinnen / Gesundheitsdiensteanbieter berechnet und ermöglicht eine eindeutige Zuordnung der - Gesundheitsdiensteanbieterin / des Gesundheitsdiensteanbieters im Gesundheitsbereich.</div> - </xsl:if> - <xsl:if test="//saml:Attribute[@AttributeName='OID']"> - <div class="annotationstyle">(***) OID: <span class="italicstyle">Object Identifier</span> sind standardisierte Objekt-Bezeichner und - beschreiben eindeutig die Rollen des GDA-Token Inhabers.</div> - </xsl:if> - </body> - </html> - </xsl:template> - </xsl:stylesheet> - </dsig:Transform> - <dsig:Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"/> - </dsig:Transforms> - <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> - <dsig:DigestValue>0q9QWyqAyyiVNNLu1rIcU+nKsEE=</dsig:DigestValue> - </dsig:Reference> - <dsig:Reference Id="etsi-data-reference-0-1216050695-35956125-7815" Type="http://uri.etsi.org/01903/v1.1.1#SignedProperties" URI="#xmlns(etsi=http://uri.etsi.org/01903/v1.1.1%23)%20xpointer(id('etsi-data-object-0-1216050695-35956125-20638')/child::etsi:QualifyingProperties/child::etsi:SignedProperties)"> - <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> - <dsig:DigestValue>WtB0/ptvoB/r/7+fauSUIBULymg=</dsig:DigestValue> - </dsig:Reference> - </dsig:SignedInfo> - <dsig:SignatureValue>mZt9DuZiDqG81scsf30qjSDdy6vKC2/n034ZZwMUAvfWOXy3+Ubsk5X5CHhz -+lyI</dsig:SignatureValue> - <dsig:KeyInfo> - <dsig:X509Data> - <dsig:X509Certificate>MIIEtDCCA5ygAwIBAgIDAgTEMA0GCSqGSIb3DQEBBQUAMIGXMQswCQYDVQQG -EwJBVDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lz -dGVtZSBpbSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMR4wHAYDVQQLDBVh -LXNpZ24tUHJlbWl1bS1TaWctMDIxHjAcBgNVBAMMFWEtc2lnbi1QcmVtaXVt -LVNpZy0wMjAeFw0wNjA0MDQwOTUyMjhaFw0xMTA0MDQwOTUyMjhaMGkxCzAJ -BgNVBAYTAkFUMRUwEwYDVQQDDAxUaG9tYXMgS25hbGwxDjAMBgNVBAQMBUtu -YWxsMQ8wDQYDVQQqDAZUaG9tYXMxFTATBgNVBAUTDDUzNTE5ODkyMzM0OTEL -MAkGA1UEDAwCREkwSTATBgcqhkjOPQIBBggqhkjOPQMBAQMyAARrnYW5sXCQ -6M3irWaanDPi/ROXueKWiPRyZGjNH0Cp/NaiOuvrpv2RDVEKQm2tBiajggIP -MIICCzATBgNVHSMEDDAKgAhN3+H/S9nJ3zAnBggrBgEFBQcBAwEB/wQYMBYw -CAYGBACORgEBMAoGCCsGAQUFBwsBMHsGCCsGAQUFBwEBBG8wbTBCBggrBgEF -BQcwAoY2aHR0cDovL3d3dy5hLXRydXN0LmF0L2NlcnRzL2Etc2lnbi1QcmVt -aXVtLVNpZy0wMmEuY3J0MCcGCCsGAQUFBzABhhtodHRwOi8vb2NzcC5hLXRy -dXN0LmF0L29jc3AwWQYDVR0gBFIwUDBEBgYqKAARAQswOjA4BggrBgEFBQcC -ARYsaHR0cDovL3d3dy5hLXRydXN0LmF0L2RvY3MvY3AvYS1zaWduLVByZW1p -dW0wCAYGBACLMAEBMIGaBgNVHR8EgZIwgY8wgYyggYmggYaGgYNsZGFwOi8v -bGRhcC5hLXRydXN0LmF0L291PWEtc2lnbi1QcmVtaXVtLVNpZy0wMixvPUEt -VHJ1c3QsYz1BVD9jZXJ0aWZpY2F0ZXJldm9jYXRpb25saXN0P2Jhc2U/b2Jq -ZWN0Y2xhc3M9ZWlkQ2VydGlmaWNhdGlvbkF1dGhvcml0eTARBgNVHQ4ECgQI -SNyH29WUoCgwDgYDVR0PAQH/BAQDAgbAMCgGA1UdCQQhMB8wHQYIKwYBBQUH -CQExERgPMTk3ODA0MjkwMDAwMDBaMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQEF -BQADggEBAFkSCJE0YD4p4izU3ekQYPv4Z7gm/VFlpma5hXNvwkajVjHlAqo/ -ylYn8NQ4mMkD+yCDNtm8m8nr0K/yICb8Gnkbv59i6nh2AbzYBBb49VnYYGL6 -uunLH0aFUpAhy+3mDdlH8uhhIQBHwCfgwG1qa5zXY7bz4Vzkac/h6T+JVFkI -egO8OHQDadhgJvW80qspiao2DTac6vVgx4tGvjpdmw1R2pXBYhHD5rkPHlkf -GoeL3ak6hq4ea94Oy5VfNTIJv5MA0J2G1mwnW9B8uPWSM5EYPoWJyBOWcKBL -SSUqOt9D/9215ZGfbchkdRZjx0dTAD3FIhgG8nA72/uCFrBzyTk= -</dsig:X509Certificate> - </dsig:X509Data> - </dsig:KeyInfo> - <dsig:Object Id="etsi-data-object-0-1216050695-35956125-20638"> - <etsi:QualifyingProperties Target="#signature-1216050695-35956125-21395" xmlns:etsi="http://uri.etsi.org/01903/v1.1.1#"> - <etsi:SignedProperties> - <etsi:SignedSignatureProperties> - <etsi:SigningTime>2008-07-14T15:51:35Z</etsi:SigningTime> - <etsi:SigningCertificate> - <etsi:Cert> - <etsi:CertDigest> - <etsi:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> - <etsi:DigestValue>inMYWBmAxMHP7mDENjLFaEtv0Zk=</etsi:DigestValue> - </etsi:CertDigest> - <etsi:IssuerSerial> - <dsig:X509IssuerName>CN=a-sign-Premium-Sig-02,OU=a-sign-Premium-Sig-02,O=A-Trust Ges. f. Sicherheitssysteme im elektr. Datenverkehr GmbH,C=AT</dsig:X509IssuerName> - <dsig:X509SerialNumber>132292</dsig:X509SerialNumber> - </etsi:IssuerSerial> - </etsi:Cert> - </etsi:SigningCertificate> - <etsi:SignaturePolicyIdentifier> - <etsi:SignaturePolicyImplied/> - </etsi:SignaturePolicyIdentifier> - </etsi:SignedSignatureProperties> - <etsi:SignedDataObjectProperties> - <etsi:DataObjectFormat ObjectReference="#signed-data-reference-0-1216050695-35956125-19584"> - <etsi:MimeType>application/xhtml+xml</etsi:MimeType> - </etsi:DataObjectFormat> - </etsi:SignedDataObjectProperties> - </etsi:SignedProperties> - </etsi:QualifyingProperties> - </dsig:Object> - </dsig:Signature> - </saml:Assertion> - <saml:Assertion AssertionID="szr.bmi.gv.at-AssertionID11936526102761952" IssueInstant="2007-10-29T10:10:10+01:00" Issuer="http://portal.bmi.gv.at/ref/szr/issuer" MajorVersion="1" MinorVersion="0" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:ecdsa="http://www.w3.org/2001/04/xmldsig-more#" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:si="http://www.w3.org/2001/XMLSchema-instance"> - <saml:AttributeStatement> - <saml:Subject> - <saml:SubjectConfirmation> - <saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:sender-vouches</saml:ConfirmationMethod> - <saml:SubjectConfirmationData> - <pr:Person si:type="pr:PhysicalPersonType"> - <pr:Identification> - <pr:Value>K2YMyx3/5kIpNJR+SAD/rbRYH+c=</pr:Value> - <pr:Type>urn:publicid:gv.at:wbpk+FN+www.act.at</pr:Type> - </pr:Identification> - <pr:Name> - <pr:GivenName>Thomas</pr:GivenName> - <pr:FamilyName primary="undefined">Knall</pr:FamilyName> - </pr:Name> - <pr:DateOfBirth>1978-04-29</pr:DateOfBirth> - </pr:Person> - </saml:SubjectConfirmationData> - </saml:SubjectConfirmation> - </saml:Subject> - <saml:Attribute AttributeName="CitizenPublicKey" AttributeNamespace="urn:publicid:gv.at:namespaces:identitylink:1.2"> - <saml:AttributeValue> - <ecdsa:ECDSAKeyValue> - <ecdsa:DomainParameters> - <ecdsa:NamedCurve URN="urn:oid:1.2.840.10045.3.1.1"/> - </ecdsa:DomainParameters> - <ecdsa:PublicKey> - <ecdsa:X Value="2638720011055700682018137297354399374048880611104468142324" si:type="ecdsa:PrimeFieldElemType"/> - <ecdsa:Y Value="2804889174475641803405778188053052844820705830770276369958" si:type="ecdsa:PrimeFieldElemType"/> - </ecdsa:PublicKey> - </ecdsa:ECDSAKeyValue> - </saml:AttributeValue> - </saml:Attribute> - <saml:Attribute AttributeName="CitizenPublicKey" AttributeNamespace="urn:publicid:gv.at:namespaces:identitylink:1.2"> - <saml:AttributeValue> - <dsig:RSAKeyValue> - <dsig:Modulus>sWOqPZzPTn9VvBR5LjuopIWYdh5aGzuX2vMjofhn8bStba1CDW1qkDdlYW4Rs/DfU/I1uqor4Lje -/G3Yzh82yD0MHdzlW8MYUJ8RJe+czbjRUPaSbC/NRqhyF3eKnflxM++sJb2abrUH/9TV0q8P5QRS -uZC/JpAEYpSazysPz/fv8AEnU8oxcTvCiax1jf2GZPmm3qFjPc4qDYNHqfnE8yWYt7kHeqPV/cRw -x3aMGW8mRwQZb7VRFLW5g37nrt9N</dsig:Modulus> - <dsig:Exponent>AQAB</dsig:Exponent> - </dsig:RSAKeyValue> - </saml:AttributeValue> - </saml:Attribute> - </saml:AttributeStatement> - <dsig:Signature> - <dsig:SignedInfo> - <dsig:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> - <dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> - <dsig:Reference URI=""> - <dsig:Transforms> - <dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116"> - <dsig:XPath>not(ancestor-or-self::pr:Identification)</dsig:XPath> - </dsig:Transform> - <dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/> - </dsig:Transforms> - <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> - <dsig:DigestValue>b3d/wcQb0Bl0/6GSPsrMxWpdRLA=</dsig:DigestValue> - </dsig:Reference> - <dsig:Reference Type="http://www.w3.org/2000/09/xmldsig#Manifest" URI="#manifest"> - <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> - <dsig:DigestValue>eet0q3Thmw6+cbO1fazbEg0556I=</dsig:DigestValue> - </dsig:Reference> - </dsig:SignedInfo> - <dsig:SignatureValue> -oy55Cq7IyYy7z/TO2a3+m7tjG/ztiKhxhGzVqEYIWIObEOs/GVJDCCI4oe/HS8Fhc4TaXDcZXk4y -qBp4JJ288TeaNjPYkPzp38nWJ4xRatEyo7VaySXy+TqgwiBT5uhxrwkroCr4ZIWwOvt1uR5UBVAf -qk1ii+LPW2WYE3bMpoHfrM9CdFSPzWTRl/0zsEURc64EBPyIdKz+c70DaexeX2E0JVelKcj+jDaJ -mHsFhi/9QoscqPEVA87qv07yhyK5S41+f3HDvpuhYwvQDdOq50sclfsI+g9r473VxiRsOmJ9Ak4/ -k2KP0tgfAQ+h5hRGQUUo5LYPywjg7zPxe8SGGA== -</dsig:SignatureValue> - <dsig:KeyInfo> - <dsig:X509Data> - <dsig:X509Certificate> -MIIFZTCCBE2gAwIBAgIDAt4cMA0GCSqGSIb3DQEBBQUAMIGfMQswCQYDVQQGEwJB -VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp -bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMSIwIAYDVQQLDBlhLXNpZ24tY29y -cG9yYXRlLWxpZ2h0LTAzMSIwIAYDVQQDDBlhLXNpZ24tY29ycG9yYXRlLWxpZ2h0 -LTAzMB4XDTA3MDExOTA5MDY0OFoXDTEyMDExOTA5MDY0OFowgZwxCzAJBgNVBAYT -AkFUMRkwFwYDVQQKDBBCdW5kZXNrYW56bGVyYW10MR4wHAYDVQQLDBVEYXRlbnNj -aHV0emtvbW1pc3Npb24xHTAbBgNVBAMMFERyLiBXYWx0cmF1dCBLb3RzY2h5MRUw -EwYDVQQFEww3MDAyNDc0OTk4MDQxHDAaBgkqhkiG9w0BCQEWDWRza0Bkc2suZ3Yu -YXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDfnQUhARo9o1FyCtTK -d5VcXP2WvqSTIsiq19xtWcYF/4pMew/bHLD2DLeO9y5QFpfXJgmx2ySvj1dlzTXV -ESzFAiF/uL1DbNjB3g00LV/AV4yRacCWEqGkSUN/RVUv9a+bFnK2vR4XZu8ORrcf -9rpMg19JHZMWsJIT+BEBM4v0iPhboJ/lqoENZwHZW8W/3XAcOcNYfW95ZrsFH+M9 -6KEFlA9g4AP5CndSnozUeN5i1LJr0s3rz8U/c7O/KTkdTmnAeyLM01ST13jhGmjW -R55wf1Hjt4PCxFf9zpF3FIHDJGyCImgR5ZZe9T6tAjo/ZKo16Huzq0Yy2OYtysDq -WukzAgMBAAGjggGpMIIBpTATBgNVHSMEDDAKgAhBkWkcv63YmDBVBggrBgEFBQcB -AQRJMEcwRQYIKwYBBQUHMAKGOWh0dHA6Ly93d3cuYS10cnVzdC5hdC9jZXJ0cy9h -LXNpZ24tY29ycG9yYXRlLWxpZ2h0LTAzLmNydDBYBgNVHSAEUTBPME0GByooABEB -BwEwQjBABggrBgEFBQcCARY0aHR0cDovL3d3dy5hLXRydXN0LmF0L2RvY3MvY3Av -YS1zaWduLWNvcnBvcmF0ZS1saWdodDCBngYDVR0fBIGWMIGTMIGQoIGNoIGKhoGH -bGRhcDovL2xkYXAuYS10cnVzdC5hdC9vdT1hLXNpZ24tY29ycG9yYXRlLWxpZ2h0 -LTAzLG89QS1UcnVzdCxjPUFUP2NlcnRpZmljYXRlcmV2b2NhdGlvbmxpc3Q/YmFz -ZT9vYmplY3RjbGFzcz1laWRDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5MBEGA1UdDgQK -BAhMCA6eGvS1ujAOBgNVHQ8BAf8EBAMCBLAwCQYDVR0TBAIwADAOBgcqKAAKAQcB -BAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAEoIvqPLAg0n2wCS27zTL+hmLi7zSbes -Od4e6pFT1l3cwGfdTkhiHVPnPRaDGLQkS384fAXBrOp6W13X9m2jD9csO6vZhd+T -nERXN1AqayoaecXFyHPykVUTLhn6pMdiSE21mEozfGLUDGMz74lvphEKFAOOCgp1 -o5ZCR09RbGAEbQNNn+ucXJxIa3mYjr1h3AElVbXoeoz12qUpqsNm9znymSkcmcNo -B5Pk6qXXx9UeC/Tj0aTglNkcMOSCFayldzOBaY6+qWKguPdzQUEryhGiNuARQpM5 -KMzvI0rmpc4Gau5HT9rQZHadr++VS8v1k6935uIyyZF9s+gdS5ywnSM= -</dsig:X509Certificate> - </dsig:X509Data> - </dsig:KeyInfo> - <dsig:Object> - <dsig:Manifest Id="manifest"> - <dsig:Reference URI=""> - <dsig:Transforms> - <dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116"> - <dsig:XPath>not(ancestor-or-self::dsig:Signature)</dsig:XPath> - </dsig:Transform> - </dsig:Transforms> - <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> - <dsig:DigestValue>JZGwiDzQAtJtnJMeeXyypTrDjwY=</dsig:DigestValue> - </dsig:Reference> - </dsig:Manifest> - </dsig:Object> - </dsig:Signature> - </saml:Assertion> - </saml:SubjectConfirmationData> - </saml:SubjectConfirmation> - </saml:Subject> - <saml:Attribute AttributeName="PersonData" AttributeNamespace="http://reference.e-government.gv.at/namespace/persondata/20020228#"> - <saml:AttributeValue> - <pr:Person si:type="pr:PhysicalPersonType" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:si="http://www.w3.org/2001/XMLSchema-instance"> - <pr:Identification> - <pr:Value>K2YMyx3/5kIpNJR+SAD/rbRYH+c=</pr:Value> - <pr:Type>urn:publicid:gv.at:wbpk+FN+www.act.at</pr:Type> - </pr:Identification> - <pr:Name> - <pr:GivenName>Thomas</pr:GivenName> - <pr:FamilyName primary="undefined">Knall</pr:FamilyName> - </pr:Name> - <pr:DateOfBirth>1978-04-29</pr:DateOfBirth> - </pr:Person> - </saml:AttributeValue> - </saml:Attribute> - <saml:Attribute AttributeName="isQualifiedCertificate" AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#"> - <saml:AttributeValue>true</saml:AttributeValue> - </saml:Attribute> - <saml:Attribute AttributeName="bkuURL" AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#"> - <saml:AttributeValue>https://127.0.0.1:3496/https-security-layer-request</saml:AttributeValue> - </saml:Attribute> - <saml:Attribute AttributeName="SignerCertificate" AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#"> - <saml:AttributeValue>MIIEtDCCA5ygAwIBAgIDAgTEMA0GCSqGSIb3DQEBBQUAMIGXMQswCQYDVQQGEwJB -VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp -bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMR4wHAYDVQQLDBVhLXNpZ24tUHJl -bWl1bS1TaWctMDIxHjAcBgNVBAMMFWEtc2lnbi1QcmVtaXVtLVNpZy0wMjAeFw0w -NjA0MDQwOTUyMjhaFw0xMTA0MDQwOTUyMjhaMGkxCzAJBgNVBAYTAkFUMRUwEwYD -VQQDDAxUaG9tYXMgS25hbGwxDjAMBgNVBAQMBUtuYWxsMQ8wDQYDVQQqDAZUaG9t -YXMxFTATBgNVBAUTDDUzNTE5ODkyMzM0OTELMAkGA1UEDAwCREkwSTATBgcqhkjO -PQIBBggqhkjOPQMBAQMyAARrnYW5sXCQ6M3irWaanDPi/ROXueKWiPRyZGjNH0Cp -/NaiOuvrpv2RDVEKQm2tBiajggIPMIICCzATBgNVHSMEDDAKgAhN3+H/S9nJ3zAn -BggrBgEFBQcBAwEB/wQYMBYwCAYGBACORgEBMAoGCCsGAQUFBwsBMHsGCCsGAQUF -BwEBBG8wbTBCBggrBgEFBQcwAoY2aHR0cDovL3d3dy5hLXRydXN0LmF0L2NlcnRz -L2Etc2lnbi1QcmVtaXVtLVNpZy0wMmEuY3J0MCcGCCsGAQUFBzABhhtodHRwOi8v -b2NzcC5hLXRydXN0LmF0L29jc3AwWQYDVR0gBFIwUDBEBgYqKAARAQswOjA4Bggr -BgEFBQcCARYsaHR0cDovL3d3dy5hLXRydXN0LmF0L2RvY3MvY3AvYS1zaWduLVBy -ZW1pdW0wCAYGBACLMAEBMIGaBgNVHR8EgZIwgY8wgYyggYmggYaGgYNsZGFwOi8v -bGRhcC5hLXRydXN0LmF0L291PWEtc2lnbi1QcmVtaXVtLVNpZy0wMixvPUEtVHJ1 -c3QsYz1BVD9jZXJ0aWZpY2F0ZXJldm9jYXRpb25saXN0P2Jhc2U/b2JqZWN0Y2xh -c3M9ZWlkQ2VydGlmaWNhdGlvbkF1dGhvcml0eTARBgNVHQ4ECgQISNyH29WUoCgw -DgYDVR0PAQH/BAQDAgbAMCgGA1UdCQQhMB8wHQYIKwYBBQUHCQExERgPMTk3ODA0 -MjkwMDAwMDBaMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQEFBQADggEBAFkSCJE0YD4p -4izU3ekQYPv4Z7gm/VFlpma5hXNvwkajVjHlAqo/ylYn8NQ4mMkD+yCDNtm8m8nr -0K/yICb8Gnkbv59i6nh2AbzYBBb49VnYYGL6uunLH0aFUpAhy+3mDdlH8uhhIQBH -wCfgwG1qa5zXY7bz4Vzkac/h6T+JVFkIegO8OHQDadhgJvW80qspiao2DTac6vVg -x4tGvjpdmw1R2pXBYhHD5rkPHlkfGoeL3ak6hq4ea94Oy5VfNTIJv5MA0J2G1mwn -W9B8uPWSM5EYPoWJyBOWcKBLSSUqOt9D/9215ZGfbchkdRZjx0dTAD3FIhgG8nA7 -2/uCFrBzyTk=</saml:AttributeValue> - </saml:Attribute> - <saml:Attribute AttributeName="Mandate" AttributeNamespace="http://reference.e-government.gv.at/namespace/mandates/20040701#"> - <saml:AttributeValue> - <md:Mandate MandateID="https://egov.act.at/mandates/20080714174835/886164" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:md="http://reference.e-government.gv.at/namespace/mandates/20040701#" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#"> - <md:Annotation>Prokura - MeineTestFirma</md:Annotation> - <md:StatusInformationService>http://localhost:58080/omsp/OMSPRequest</md:StatusInformationService> - <md:Representative> - <pr:PhysicalPerson> - <pr:Identification> - <pr:Value>K2YMyx3/5kIpNJR+SAD/rbRYH+c=</pr:Value> - <pr:Type>urn:publicid:gv.at:wbpk+FN+www.act.at</pr:Type> - </pr:Identification> - <pr:Name> - <pr:GivenName>Thomas</pr:GivenName> - <pr:FamilyName primary="undefined">Knall</pr:FamilyName> - </pr:Name> - <pr:DateOfBirth>1978-04-29</pr:DateOfBirth> - </pr:PhysicalPerson> - </md:Representative> - <md:Mandator> - <pr:CorporateBody> - <pr:Identification> - <pr:Value>123456i</pr:Value> - <pr:Type>urn:publicid:gv.at:baseid+XFN</pr:Type> - </pr:Identification> - <pr:FullName>MeineTestFirma</pr:FullName> - </pr:CorporateBody> - </md:Mandator> - <md:Issued> - <md:Place>Wien</md:Place> - <md:Date>2008-07-14</md:Date> - </md:Issued> - <md:Properties> - <md:SubstitutionAllowed>false</md:SubstitutionAllowed> - </md:Properties> - <md:SimpleMandateContent> - <md:TextualDescription>Der/Die Bevollmächtigte wird zum Prokuristen/Prokuristin bestellt.</md:TextualDescription> - </md:SimpleMandateContent> - <dsig:Signature Id="signature-1-1" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"> - <dsig:SignedInfo> - <dsig:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/> - <dsig:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/> - <dsig:Reference Id="reference-1-1" URI=""> - <dsig:Transforms> - <dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116"> - <dsig:XPath xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:moa="http://reference.e-government.gv.at/namespace/moa/20020822#" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#">not(ancestor-or-self::pr:Identification or ancestor-or-self::dsig:Signature)</dsig:XPath> - </dsig:Transform> - <dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/> - <dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> - </dsig:Transforms> - <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> - <dsig:DigestValue>PRRF0sWBgoywztCKWEXafZfhpd0=</dsig:DigestValue> - </dsig:Reference> - <dsig:Reference Type="http://www.w3.org/2000/09/xmldsig#Manifest" URI="#dsig-manifest-1-1"> - <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> - <dsig:DigestValue>NorNorUqPFMA06JfxSJopOq7Qv0=</dsig:DigestValue> - </dsig:Reference> - </dsig:SignedInfo> - <dsig:SignatureValue>IQMZFc57XZd9LjeiaZqSfzZtWuXhuikAqbKA7pWuDK02DLFSYZPXsGjcvnwNdVaP</dsig:SignatureValue> - <dsig:KeyInfo> - <dsig:X509Data> - <dsig:X509Certificate>MIICtjCCAm6gAwIBAgIBATAJBgcqhkjOPQQBMGoxCzAJBgNVBAYTAkFUMQ0wCwYD -VQQHEwRXaWVuMRkwFwYDVQQJExBFc3NsaW5nZ2Fzc2UgNS85MQwwCgYDVQQKEwNB -Q1QxIzAhBgNVBAMTGlZvbGxtYWNodGVuIFNpZ25hdHVyZGllbnN0MB4XDTA4MDcw -ODE1MTk1MFoXDTEyMTIzMTIxNTk1OVowajELMAkGA1UEBhMCQVQxDTALBgNVBAcT -BFdpZW4xGTAXBgNVBAkTEEVzc2xpbmdnYXNzZSA1LzkxDDAKBgNVBAoTA0FDVDEj -MCEGA1UEAxMaVm9sbG1hY2h0ZW4gU2lnbmF0dXJkaWVuc3QwgfMwgbwGByqGSM49 -AgEwgbACAQEwJAYHKoZIzj0BAQIZAP////////////////////7//////////zA0 -BBj////////////////////+//////////wEGGQhBRnlnIDnD6fpq3IkMEn+uN7s -wUa5sQQxBBiNqA6wMJD2fL8g60OhiAD0/wr9gv8QEgcZK5X/yNp4YxAR7WskzdVz -+XehHnlIEQIZAP///////////////5ne+DYUa8mxtNIoMQIBAQMyAAS908G9FD5/ -LLYruwFbp9giXahdQ1FAqKwzohSn9pgsVTQBnvXxU8IWIzhPHs49DZCjazBpMAwG -A1UdEwEB/wQCMAAwHQYDVR0OBBYEFLOSgnkLSJ3l4Ah49rHX/FAV1wWcMBkGA1Ud -IAQSMBAwDgYMKwYBBAGVEgECBAEBMB8GA1UdIwQYMBaAFLOSgnkLSJ3l4Ah49rHX -/FAV1wWcMAkGByqGSM49BAEDNwAwNAIYTTppZzS6wqoLDFcf9frHzf1kMheY04dT -Ahg4Nrb54vE3DTRf9sbO4xs4dTARHSt1ihA=</dsig:X509Certificate> - </dsig:X509Data> - </dsig:KeyInfo> - <dsig:Object> - <dsig:Manifest Id="dsig-manifest-1-1"> - <dsig:Reference Id="reference-1-2" URI=""> - <dsig:Transforms> - <dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116"> - <dsig:XPath xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:moa="http://reference.e-government.gv.at/namespace/moa/20020822#" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#">not(ancestor-or-self::dsig:Signature)</dsig:XPath> - </dsig:Transform> - <dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/> - <dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> - </dsig:Transforms> - <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> - <dsig:DigestValue>oz6ThHPL3V7RNibfPrDSWVhUgi8=</dsig:DigestValue> - </dsig:Reference> - </dsig:Manifest> - </dsig:Object> - </dsig:Signature> - </md:Mandate> - </saml:AttributeValue> - </saml:Attribute> + <saml:Subject> + <saml:NameIdentifier + NameQualifier="urn:publicid:gv.at:wbpk+FN+www.act.at">K2YMyx3/5kIpNJR+SAD/rbRYH+c=</saml:NameIdentifier> + <saml:SubjectConfirmation> + <saml:ConfirmationMethod>http://reference.e-government.gv.at/namespace/moa/20020822#cm + </saml:ConfirmationMethod> + <saml:SubjectConfirmationData> + <saml:Assertion AssertionID="any" + IssueInstant="2008-07-14T17:51:26+02:00" + Issuer="Thomas Knall" MajorVersion="1" MinorVersion="0" + xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" + xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion"> + <saml:AttributeStatement> + <saml:Subject> + <saml:NameIdentifier>https://localhost:18443/moa-id-auth/ + </saml:NameIdentifier> + </saml:Subject> + <saml:Attribute AttributeName="wbPK" + AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#"> + <saml:AttributeValue> + <pr:Identification> + <pr:Value>K2YMyx3/5kIpNJR+SAD/rbRYH+c=</pr:Value> + <pr:Type>urn:publicid:gv.at:wbpk+FN+www.act.at + </pr:Type> + </pr:Identification> + </saml:AttributeValue> + </saml:Attribute> + <saml:Attribute AttributeName="OA" + AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#"> + <saml:AttributeValue>https://localhost:48443/mandates/ + </saml:AttributeValue> + </saml:Attribute> + <saml:Attribute + AttributeName="Geburtsdatum" + AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#"> + <saml:AttributeValue>1978-04-29</saml:AttributeValue> + </saml:Attribute> + <saml:Attribute + AttributeName="RepresentationType" + AttributeNamespace="http://reference.e-government.gv.at/namespace/mandates/20040701#"> + <saml:AttributeValue>Vollmachtsvertreter + </saml:AttributeValue> + </saml:Attribute> + <saml:Attribute + AttributeName="MandatorName" + AttributeNamespace="http://reference.e-government.gv.at/namespace/mandates/20040701#"> + <saml:AttributeValue>MeineTestFirma + </saml:AttributeValue> + </saml:Attribute> + <saml:Attribute + AttributeName="MandatorWbpk" + AttributeNamespace="http://reference.e-government.gv.at/namespace/mandates/20040701#"> + <saml:AttributeValue>123456i</saml:AttributeValue> + </saml:Attribute> + </saml:AttributeStatement> + <dsig:Signature + Id="signature-1216050695-35956125-21395" + xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"> + <dsig:SignedInfo> + <dsig:CanonicalizationMethod + Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" /> + <dsig:SignatureMethod + Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1" /> + <dsig:Reference + Id="signed-data-reference-0-1216050695-35956125-19584" + URI=""> + <dsig:Transforms> + <dsig:Transform + Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" /> + <dsig:Transform + Algorithm="http://www.w3.org/TR/1999/REC-xslt-19991116"> + <xsl:stylesheet version="1.0" + xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" + xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" + xmlns:xsl="http://www.w3.org/1999/XSL/Transform"> + <xsl:template match="/" + xmlns="http://www.w3.org/1999/xhtml"> + <html + xmlns="http://www.w3.org/1999/xhtml"> + <head> + <title>Signatur der Anmeldedaten</title> + <style media="screen" + type="text/css"> + .boldstyle { font-weight: bold; } + .italicstyle { font-style: italic; } + .annotationstyle { font-size: small; } + </style> + </head> + <body> + <h1>Signatur der Anmeldedaten</h1> + <p /> + <h4> + Mit meiner elektronischen Signatur + beantrage ich, + <span class="boldstyle"> + <xsl:value-of + select="//@Issuer" /> + </span> + , geboren am + <xsl:value-of + select="substring(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue,9,2)" /> + . + <xsl:value-of + select="substring(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue,6,2)" /> + . + <xsl:value-of + select="substring(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue,1,4)" /> + , + <xsl:if + test="//saml:Attribute[@AttributeName='OIDTextualDescription']"> + in der Rolle als + <xsl:value-of + select="//saml:Attribute[@AttributeName='OIDTextualDescription']/saml:AttributeValue" /> + (OID***= + <xsl:value-of + select="//saml:Attribute[@AttributeName='OID']/saml:AttributeValue" /> + ), + </xsl:if> + den Zugang zur gesicherten Anwendung. + </h4> + <p /> + <h4> + Datum und Uhrzeit: + <xsl:value-of + select="substring(//@IssueInstant,9,2)" /> + . + <xsl:value-of + select="substring(//@IssueInstant,6,2)" /> + . + <xsl:value-of + select="substring(//@IssueInstant,1,4)" /> + , + <xsl:value-of + select="substring(//@IssueInstant,12,2)" /> + : + <xsl:value-of + select="substring(//@IssueInstant,15,2)" /> + : + <xsl:value-of + select="substring(//@IssueInstant,18,2)" /> + </h4> + <xsl:if + test="//saml:Attribute[@AttributeName='HPI']"> + <h4> + HPI(**): + <xsl:value-of + select="//saml:Attribute[@AttributeName='HPI']/saml:AttributeValue" /> + </h4> + </xsl:if> + <xsl:if + test="//saml:Attribute[@AttributeName='wbPK']"> + <h4> + wbPK(*): + <xsl:value-of + select="//saml:Attribute[@AttributeName='wbPK']/saml:AttributeValue/pr:Identification/pr:Value" /> + </h4> + </xsl:if> + <xsl:if + test="//saml:Attribute[@AttributeName='MandatorName']"> + <hr /> + <h4> + Ich bin weiters ermächtigt als + <xsl:value-of + select="//saml:Attribute[@AttributeName='RepresentationType']/saml:AttributeValue/text()" /> + von + <xsl:value-of + select="//saml:Attribute[@AttributeName='MandatorName']/saml:AttributeValue/text()" /> + <xsl:if + test="//saml:Attribute[@AttributeName='MandatorDateOfBirth']"> + , geboren am + <xsl:value-of + select="substring(//saml:Attribute[@AttributeName='MandatorDateOfBirth']/saml:AttributeValue,9,2)" /> + . + <xsl:value-of + select="substring(//saml:Attribute[@AttributeName='MandatorDateOfBirth']/saml:AttributeValue,6,2)" /> + . + <xsl:value-of + select="substring(//saml:Attribute[@AttributeName='MandatorDateOfBirth']/saml:AttributeValue,1,4)" /> + </xsl:if> + <xsl:if + test="//saml:Attribute[@AttributeName='MandatorDomainIdentifier']"> + , + <xsl:value-of + select="//saml:Attribute[@AttributeName='MandatorDomainIdentifier']/saml:AttributeValue/text()" /> + </xsl:if> + , in deren Auftrag zu handeln. + </h4> + <xsl:if + test="//saml:Attribute[@AttributeName='MandatorWbpk']"> + <h4> + wbPK(*) des Vollmachtgebers: + <xsl:value-of + select="//saml:Attribute[@AttributeName='MandatorWbpk']/saml:AttributeValue/text()" /> + </h4> + </xsl:if> + <p /> + </xsl:if> + <xsl:choose> + <xsl:when + test="//saml:Attribute[@AttributeName='OID']"> + <p /> + <hr /> + </xsl:when> + <xsl:when + test="//saml:Attribute[@AttributeName='HPI']"> + <p /> + <hr /> + </xsl:when> + <xsl:when + test="//saml:Attribute[@AttributeName='wbPK']"> + <p /> + <hr /> + </xsl:when> + </xsl:choose> + <xsl:if + test="//saml:Attribute[@AttributeName='wbPK']"> + <div class="annotationstyle"> + (*) wbPK: Das + <span class="italicstyle">wirtschaftsbereichsspezifische + Personenkennzeichen</span> + wird aus den + jeweiligen Stammzahlen des Bürgers und des + Wirtschaftsunternehmens berechnet und + ermöglicht eine eindeutige Zuordnung + des Bürgers zum + Wirtschaftsunternehmen. + </div> + </xsl:if> + <xsl:if + test="//saml:Attribute[@AttributeName='HPI']"> + <div class="annotationstyle"> + (**) HPI: Der + <span class="italicstyle">eHealth Professional + Identifier</span> + wird aus den jeweiligen + Stammzahlen der Gesundheitsdiensteanbieterinnen / + Gesundheitsdiensteanbieter berechnet + und ermöglicht eine eindeutige + Zuordnung der + Gesundheitsdiensteanbieterin / des + Gesundheitsdiensteanbieters im + Gesundheitsbereich. + </div> + </xsl:if> + <xsl:if + test="//saml:Attribute[@AttributeName='OID']"> + <div class="annotationstyle"> + (***) OID: + <span class="italicstyle">Object Identifier + </span> + sind standardisierte Objekt-Bezeichner + und + beschreiben eindeutig die Rollen des GDA-Token Inhabers. + </div> + </xsl:if> + </body> + </html> + </xsl:template> + </xsl:stylesheet> + </dsig:Transform> + <dsig:Transform + Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments" /> + </dsig:Transforms> + <dsig:DigestMethod + Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" /> + <dsig:DigestValue>0q9QWyqAyyiVNNLu1rIcU+nKsEE= + </dsig:DigestValue> + </dsig:Reference> + <dsig:Reference + Id="etsi-data-reference-0-1216050695-35956125-7815" + Type="http://uri.etsi.org/01903/v1.1.1#SignedProperties" + URI="#xmlns(etsi=http://uri.etsi.org/01903/v1.1.1%23)%20xpointer(id('etsi-data-object-0-1216050695-35956125-20638')/child::etsi:QualifyingProperties/child::etsi:SignedProperties)"> + <dsig:DigestMethod + Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" /> + <dsig:DigestValue>WtB0/ptvoB/r/7+fauSUIBULymg= + </dsig:DigestValue> + </dsig:Reference> + </dsig:SignedInfo> + <dsig:SignatureValue>mZt9DuZiDqG81scsf30qjSDdy6vKC2/n034ZZwMUAvfWOXy3+Ubsk5X5CHhz + +lyI + </dsig:SignatureValue> + <dsig:KeyInfo> + <dsig:X509Data> + <dsig:X509Certificate>MIIEtDCCA5ygAwIBAgIDAgTEMA0GCSqGSIb3DQEBBQUAMIGXMQswCQYDVQQG + EwJBVDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lz + dGVtZSBpbSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMR4wHAYDVQQLDBVh + LXNpZ24tUHJlbWl1bS1TaWctMDIxHjAcBgNVBAMMFWEtc2lnbi1QcmVtaXVt + LVNpZy0wMjAeFw0wNjA0MDQwOTUyMjhaFw0xMTA0MDQwOTUyMjhaMGkxCzAJ + BgNVBAYTAkFUMRUwEwYDVQQDDAxUaG9tYXMgS25hbGwxDjAMBgNVBAQMBUtu + YWxsMQ8wDQYDVQQqDAZUaG9tYXMxFTATBgNVBAUTDDUzNTE5ODkyMzM0OTEL + MAkGA1UEDAwCREkwSTATBgcqhkjOPQIBBggqhkjOPQMBAQMyAARrnYW5sXCQ + 6M3irWaanDPi/ROXueKWiPRyZGjNH0Cp/NaiOuvrpv2RDVEKQm2tBiajggIP + MIICCzATBgNVHSMEDDAKgAhN3+H/S9nJ3zAnBggrBgEFBQcBAwEB/wQYMBYw + CAYGBACORgEBMAoGCCsGAQUFBwsBMHsGCCsGAQUFBwEBBG8wbTBCBggrBgEF + BQcwAoY2aHR0cDovL3d3dy5hLXRydXN0LmF0L2NlcnRzL2Etc2lnbi1QcmVt + aXVtLVNpZy0wMmEuY3J0MCcGCCsGAQUFBzABhhtodHRwOi8vb2NzcC5hLXRy + dXN0LmF0L29jc3AwWQYDVR0gBFIwUDBEBgYqKAARAQswOjA4BggrBgEFBQcC + ARYsaHR0cDovL3d3dy5hLXRydXN0LmF0L2RvY3MvY3AvYS1zaWduLVByZW1p + dW0wCAYGBACLMAEBMIGaBgNVHR8EgZIwgY8wgYyggYmggYaGgYNsZGFwOi8v + bGRhcC5hLXRydXN0LmF0L291PWEtc2lnbi1QcmVtaXVtLVNpZy0wMixvPUEt + VHJ1c3QsYz1BVD9jZXJ0aWZpY2F0ZXJldm9jYXRpb25saXN0P2Jhc2U/b2Jq + ZWN0Y2xhc3M9ZWlkQ2VydGlmaWNhdGlvbkF1dGhvcml0eTARBgNVHQ4ECgQI + SNyH29WUoCgwDgYDVR0PAQH/BAQDAgbAMCgGA1UdCQQhMB8wHQYIKwYBBQUH + CQExERgPMTk3ODA0MjkwMDAwMDBaMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQEF + BQADggEBAFkSCJE0YD4p4izU3ekQYPv4Z7gm/VFlpma5hXNvwkajVjHlAqo/ + ylYn8NQ4mMkD+yCDNtm8m8nr0K/yICb8Gnkbv59i6nh2AbzYBBb49VnYYGL6 + uunLH0aFUpAhy+3mDdlH8uhhIQBHwCfgwG1qa5zXY7bz4Vzkac/h6T+JVFkI + egO8OHQDadhgJvW80qspiao2DTac6vVgx4tGvjpdmw1R2pXBYhHD5rkPHlkf + GoeL3ak6hq4ea94Oy5VfNTIJv5MA0J2G1mwnW9B8uPWSM5EYPoWJyBOWcKBL + SSUqOt9D/9215ZGfbchkdRZjx0dTAD3FIhgG8nA72/uCFrBzyTk= + </dsig:X509Certificate> + </dsig:X509Data> + </dsig:KeyInfo> + <dsig:Object + Id="etsi-data-object-0-1216050695-35956125-20638"> + <etsi:QualifyingProperties + Target="#signature-1216050695-35956125-21395" + xmlns:etsi="http://uri.etsi.org/01903/v1.1.1#"> + <etsi:SignedProperties> + <etsi:SignedSignatureProperties> + <etsi:SigningTime>2008-07-14T15:51:35Z + </etsi:SigningTime> + <etsi:SigningCertificate> + <etsi:Cert> + <etsi:CertDigest> + <etsi:DigestMethod + Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" /> + <etsi:DigestValue>inMYWBmAxMHP7mDENjLFaEtv0Zk= + </etsi:DigestValue> + </etsi:CertDigest> + <etsi:IssuerSerial> + <dsig:X509IssuerName>CN=a-sign-Premium-Sig-02,OU=a-sign-Premium-Sig-02,O=A-Trust + Ges. f. Sicherheitssysteme im elektr. + Datenverkehr GmbH,C=AT + </dsig:X509IssuerName> + <dsig:X509SerialNumber>132292 + </dsig:X509SerialNumber> + </etsi:IssuerSerial> + </etsi:Cert> + </etsi:SigningCertificate> + <etsi:SignaturePolicyIdentifier> + <etsi:SignaturePolicyImplied /> + </etsi:SignaturePolicyIdentifier> + </etsi:SignedSignatureProperties> + <etsi:SignedDataObjectProperties> + <etsi:DataObjectFormat + ObjectReference="#signed-data-reference-0-1216050695-35956125-19584"> + <etsi:MimeType>application/xhtml+xml + </etsi:MimeType> + </etsi:DataObjectFormat> + </etsi:SignedDataObjectProperties> + </etsi:SignedProperties> + </etsi:QualifyingProperties> + </dsig:Object> + </dsig:Signature> + </saml:Assertion> + <saml:Assertion + AssertionID="szr.bmi.gv.at-AssertionID11936526102761952" + IssueInstant="2007-10-29T10:10:10+01:00" + Issuer="http://portal.bmi.gv.at/ref/szr/issuer" + MajorVersion="1" MinorVersion="0" + xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" + xmlns:ecdsa="http://www.w3.org/2001/04/xmldsig-more#" + xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" + xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" + xmlns:si="http://www.w3.org/2001/XMLSchema-instance"> + <saml:AttributeStatement> + <saml:Subject> + <saml:SubjectConfirmation> + <saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:sender-vouches + </saml:ConfirmationMethod> + <saml:SubjectConfirmationData> + <pr:Person si:type="pr:PhysicalPersonType"> + <pr:Identification> + <pr:Value>K2YMyx3/5kIpNJR+SAD/rbRYH+c= + </pr:Value> + <pr:Type>urn:publicid:gv.at:wbpk+FN+www.act.at + </pr:Type> + </pr:Identification> + <pr:Name> + <pr:GivenName>Thomas</pr:GivenName> + <pr:FamilyName primary="undefined">Knall + </pr:FamilyName> + </pr:Name> + <pr:DateOfBirth>1978-04-29</pr:DateOfBirth> + </pr:Person> + </saml:SubjectConfirmationData> + </saml:SubjectConfirmation> + </saml:Subject> + <saml:Attribute + AttributeName="CitizenPublicKey" + AttributeNamespace="urn:publicid:gv.at:namespaces:identitylink:1.2"> + <saml:AttributeValue> + <ecdsa:ECDSAKeyValue> + <ecdsa:DomainParameters> + <ecdsa:NamedCurve + URN="urn:oid:1.2.840.10045.3.1.1" /> + </ecdsa:DomainParameters> + <ecdsa:PublicKey> + <ecdsa:X + Value="2638720011055700682018137297354399374048880611104468142324" + si:type="ecdsa:PrimeFieldElemType" /> + <ecdsa:Y + Value="2804889174475641803405778188053052844820705830770276369958" + si:type="ecdsa:PrimeFieldElemType" /> + </ecdsa:PublicKey> + </ecdsa:ECDSAKeyValue> + </saml:AttributeValue> + </saml:Attribute> + <saml:Attribute + AttributeName="CitizenPublicKey" + AttributeNamespace="urn:publicid:gv.at:namespaces:identitylink:1.2"> + <saml:AttributeValue> + <dsig:RSAKeyValue> + <dsig:Modulus>sWOqPZzPTn9VvBR5LjuopIWYdh5aGzuX2vMjofhn8bStba1CDW1qkDdlYW4Rs/DfU/I1uqor4Lje + /G3Yzh82yD0MHdzlW8MYUJ8RJe+czbjRUPaSbC/NRqhyF3eKnflxM++sJb2abrUH/9TV0q8P5QRS + uZC/JpAEYpSazysPz/fv8AEnU8oxcTvCiax1jf2GZPmm3qFjPc4qDYNHqfnE8yWYt7kHeqPV/cRw + x3aMGW8mRwQZb7VRFLW5g37nrt9N + </dsig:Modulus> + <dsig:Exponent>AQAB</dsig:Exponent> + </dsig:RSAKeyValue> + </saml:AttributeValue> + </saml:Attribute> + </saml:AttributeStatement> + <dsig:Signature> + <dsig:SignedInfo> + <dsig:CanonicalizationMethod + Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" /> + <dsig:SignatureMethod + Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" /> + <dsig:Reference URI=""> + <dsig:Transforms> + <dsig:Transform + Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116"> + <dsig:XPath>not(ancestor-or-self::pr:Identification) + </dsig:XPath> + </dsig:Transform> + <dsig:Transform + Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" /> + </dsig:Transforms> + <dsig:DigestMethod + Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" /> + <dsig:DigestValue>b3d/wcQb0Bl0/6GSPsrMxWpdRLA= + </dsig:DigestValue> + </dsig:Reference> + <dsig:Reference + Type="http://www.w3.org/2000/09/xmldsig#Manifest" + URI="#manifest"> + <dsig:DigestMethod + Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" /> + <dsig:DigestValue>eet0q3Thmw6+cbO1fazbEg0556I= + </dsig:DigestValue> + </dsig:Reference> + </dsig:SignedInfo> + <dsig:SignatureValue> + oy55Cq7IyYy7z/TO2a3+m7tjG/ztiKhxhGzVqEYIWIObEOs/GVJDCCI4oe/HS8Fhc4TaXDcZXk4y + qBp4JJ288TeaNjPYkPzp38nWJ4xRatEyo7VaySXy+TqgwiBT5uhxrwkroCr4ZIWwOvt1uR5UBVAf + qk1ii+LPW2WYE3bMpoHfrM9CdFSPzWTRl/0zsEURc64EBPyIdKz+c70DaexeX2E0JVelKcj+jDaJ + mHsFhi/9QoscqPEVA87qv07yhyK5S41+f3HDvpuhYwvQDdOq50sclfsI+g9r473VxiRsOmJ9Ak4/ + k2KP0tgfAQ+h5hRGQUUo5LYPywjg7zPxe8SGGA== + </dsig:SignatureValue> + <dsig:KeyInfo> + <dsig:X509Data> + <dsig:X509Certificate> + MIIFZTCCBE2gAwIBAgIDAt4cMA0GCSqGSIb3DQEBBQUAMIGfMQswCQYDVQQGEwJB + VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp + bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMSIwIAYDVQQLDBlhLXNpZ24tY29y + cG9yYXRlLWxpZ2h0LTAzMSIwIAYDVQQDDBlhLXNpZ24tY29ycG9yYXRlLWxpZ2h0 + LTAzMB4XDTA3MDExOTA5MDY0OFoXDTEyMDExOTA5MDY0OFowgZwxCzAJBgNVBAYT + AkFUMRkwFwYDVQQKDBBCdW5kZXNrYW56bGVyYW10MR4wHAYDVQQLDBVEYXRlbnNj + aHV0emtvbW1pc3Npb24xHTAbBgNVBAMMFERyLiBXYWx0cmF1dCBLb3RzY2h5MRUw + EwYDVQQFEww3MDAyNDc0OTk4MDQxHDAaBgkqhkiG9w0BCQEWDWRza0Bkc2suZ3Yu + YXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDfnQUhARo9o1FyCtTK + d5VcXP2WvqSTIsiq19xtWcYF/4pMew/bHLD2DLeO9y5QFpfXJgmx2ySvj1dlzTXV + ESzFAiF/uL1DbNjB3g00LV/AV4yRacCWEqGkSUN/RVUv9a+bFnK2vR4XZu8ORrcf + 9rpMg19JHZMWsJIT+BEBM4v0iPhboJ/lqoENZwHZW8W/3XAcOcNYfW95ZrsFH+M9 + 6KEFlA9g4AP5CndSnozUeN5i1LJr0s3rz8U/c7O/KTkdTmnAeyLM01ST13jhGmjW + R55wf1Hjt4PCxFf9zpF3FIHDJGyCImgR5ZZe9T6tAjo/ZKo16Huzq0Yy2OYtysDq + WukzAgMBAAGjggGpMIIBpTATBgNVHSMEDDAKgAhBkWkcv63YmDBVBggrBgEFBQcB + AQRJMEcwRQYIKwYBBQUHMAKGOWh0dHA6Ly93d3cuYS10cnVzdC5hdC9jZXJ0cy9h + LXNpZ24tY29ycG9yYXRlLWxpZ2h0LTAzLmNydDBYBgNVHSAEUTBPME0GByooABEB + BwEwQjBABggrBgEFBQcCARY0aHR0cDovL3d3dy5hLXRydXN0LmF0L2RvY3MvY3Av + YS1zaWduLWNvcnBvcmF0ZS1saWdodDCBngYDVR0fBIGWMIGTMIGQoIGNoIGKhoGH + bGRhcDovL2xkYXAuYS10cnVzdC5hdC9vdT1hLXNpZ24tY29ycG9yYXRlLWxpZ2h0 + LTAzLG89QS1UcnVzdCxjPUFUP2NlcnRpZmljYXRlcmV2b2NhdGlvbmxpc3Q/YmFz + ZT9vYmplY3RjbGFzcz1laWRDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5MBEGA1UdDgQK + BAhMCA6eGvS1ujAOBgNVHQ8BAf8EBAMCBLAwCQYDVR0TBAIwADAOBgcqKAAKAQcB + BAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAEoIvqPLAg0n2wCS27zTL+hmLi7zSbes + Od4e6pFT1l3cwGfdTkhiHVPnPRaDGLQkS384fAXBrOp6W13X9m2jD9csO6vZhd+T + nERXN1AqayoaecXFyHPykVUTLhn6pMdiSE21mEozfGLUDGMz74lvphEKFAOOCgp1 + o5ZCR09RbGAEbQNNn+ucXJxIa3mYjr1h3AElVbXoeoz12qUpqsNm9znymSkcmcNo + B5Pk6qXXx9UeC/Tj0aTglNkcMOSCFayldzOBaY6+qWKguPdzQUEryhGiNuARQpM5 + KMzvI0rmpc4Gau5HT9rQZHadr++VS8v1k6935uIyyZF9s+gdS5ywnSM= + </dsig:X509Certificate> + </dsig:X509Data> + </dsig:KeyInfo> + <dsig:Object> + <dsig:Manifest Id="manifest"> + <dsig:Reference URI=""> + <dsig:Transforms> + <dsig:Transform + Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116"> + <dsig:XPath>not(ancestor-or-self::dsig:Signature) + </dsig:XPath> + </dsig:Transform> + </dsig:Transforms> + <dsig:DigestMethod + Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" /> + <dsig:DigestValue>JZGwiDzQAtJtnJMeeXyypTrDjwY= + </dsig:DigestValue> + </dsig:Reference> + </dsig:Manifest> + </dsig:Object> + </dsig:Signature> + </saml:Assertion> + </saml:SubjectConfirmationData> + </saml:SubjectConfirmation> + </saml:Subject> + <saml:Attribute AttributeName="PersonData" + AttributeNamespace="http://reference.e-government.gv.at/namespace/persondata/20020228#"> + <saml:AttributeValue> + <pr:Person si:type="pr:PhysicalPersonType" + xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" + xmlns:si="http://www.w3.org/2001/XMLSchema-instance"> + <pr:Identification> + <pr:Value>K2YMyx3/5kIpNJR+SAD/rbRYH+c=</pr:Value> + <pr:Type>urn:publicid:gv.at:wbpk+FN+www.act.at</pr:Type> + </pr:Identification> + <pr:Name> + <pr:GivenName>Thomas</pr:GivenName> + <pr:FamilyName primary="undefined">Knall</pr:FamilyName> + </pr:Name> + <pr:DateOfBirth>1978-04-29</pr:DateOfBirth> + </pr:Person> + </saml:AttributeValue> + </saml:Attribute> + <saml:Attribute + AttributeName="isQualifiedCertificate" + AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#"> + <saml:AttributeValue>true</saml:AttributeValue> + </saml:Attribute> + <saml:Attribute AttributeName="bkuURL" + AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#"> + <saml:AttributeValue>https://127.0.0.1:3496/https-security-layer-request + </saml:AttributeValue> + </saml:Attribute> + <saml:Attribute AttributeName="SignerCertificate" + AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#"> + <saml:AttributeValue>MIIEtDCCA5ygAwIBAgIDAgTEMA0GCSqGSIb3DQEBBQUAMIGXMQswCQYDVQQGEwJB + VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp + bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMR4wHAYDVQQLDBVhLXNpZ24tUHJl + bWl1bS1TaWctMDIxHjAcBgNVBAMMFWEtc2lnbi1QcmVtaXVtLVNpZy0wMjAeFw0w + NjA0MDQwOTUyMjhaFw0xMTA0MDQwOTUyMjhaMGkxCzAJBgNVBAYTAkFUMRUwEwYD + VQQDDAxUaG9tYXMgS25hbGwxDjAMBgNVBAQMBUtuYWxsMQ8wDQYDVQQqDAZUaG9t + YXMxFTATBgNVBAUTDDUzNTE5ODkyMzM0OTELMAkGA1UEDAwCREkwSTATBgcqhkjO + PQIBBggqhkjOPQMBAQMyAARrnYW5sXCQ6M3irWaanDPi/ROXueKWiPRyZGjNH0Cp + /NaiOuvrpv2RDVEKQm2tBiajggIPMIICCzATBgNVHSMEDDAKgAhN3+H/S9nJ3zAn + BggrBgEFBQcBAwEB/wQYMBYwCAYGBACORgEBMAoGCCsGAQUFBwsBMHsGCCsGAQUF + BwEBBG8wbTBCBggrBgEFBQcwAoY2aHR0cDovL3d3dy5hLXRydXN0LmF0L2NlcnRz + L2Etc2lnbi1QcmVtaXVtLVNpZy0wMmEuY3J0MCcGCCsGAQUFBzABhhtodHRwOi8v + b2NzcC5hLXRydXN0LmF0L29jc3AwWQYDVR0gBFIwUDBEBgYqKAARAQswOjA4Bggr + BgEFBQcCARYsaHR0cDovL3d3dy5hLXRydXN0LmF0L2RvY3MvY3AvYS1zaWduLVBy + ZW1pdW0wCAYGBACLMAEBMIGaBgNVHR8EgZIwgY8wgYyggYmggYaGgYNsZGFwOi8v + bGRhcC5hLXRydXN0LmF0L291PWEtc2lnbi1QcmVtaXVtLVNpZy0wMixvPUEtVHJ1 + c3QsYz1BVD9jZXJ0aWZpY2F0ZXJldm9jYXRpb25saXN0P2Jhc2U/b2JqZWN0Y2xh + c3M9ZWlkQ2VydGlmaWNhdGlvbkF1dGhvcml0eTARBgNVHQ4ECgQISNyH29WUoCgw + DgYDVR0PAQH/BAQDAgbAMCgGA1UdCQQhMB8wHQYIKwYBBQUHCQExERgPMTk3ODA0 + MjkwMDAwMDBaMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQEFBQADggEBAFkSCJE0YD4p + 4izU3ekQYPv4Z7gm/VFlpma5hXNvwkajVjHlAqo/ylYn8NQ4mMkD+yCDNtm8m8nr + 0K/yICb8Gnkbv59i6nh2AbzYBBb49VnYYGL6uunLH0aFUpAhy+3mDdlH8uhhIQBH + wCfgwG1qa5zXY7bz4Vzkac/h6T+JVFkIegO8OHQDadhgJvW80qspiao2DTac6vVg + x4tGvjpdmw1R2pXBYhHD5rkPHlkfGoeL3ak6hq4ea94Oy5VfNTIJv5MA0J2G1mwn + W9B8uPWSM5EYPoWJyBOWcKBLSSUqOt9D/9215ZGfbchkdRZjx0dTAD3FIhgG8nA7 + 2/uCFrBzyTk= + </saml:AttributeValue> + </saml:Attribute> + <saml:Attribute AttributeName="Mandate" + AttributeNamespace="http://reference.e-government.gv.at/namespace/mandates/20040701#"> + <saml:AttributeValue> + <md:Mandate + MandateID="https://egov.act.at/mandates/20080714174835/886164" + xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" + xmlns:md="http://reference.e-government.gv.at/namespace/mandates/20040701#" + xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#"> + <md:Annotation>Prokura - MeineTestFirma</md:Annotation> + <md:StatusInformationService>http://localhost:58080/omsp/OMSPRequest + </md:StatusInformationService> + <md:Representative> + <pr:PhysicalPerson> + <pr:Identification> + <pr:Value>K2YMyx3/5kIpNJR+SAD/rbRYH+c=</pr:Value> + <pr:Type>urn:publicid:gv.at:wbpk+FN+www.act.at</pr:Type> + </pr:Identification> + <pr:Name> + <pr:GivenName>Thomas</pr:GivenName> + <pr:FamilyName primary="undefined">Knall + </pr:FamilyName> + </pr:Name> + <pr:DateOfBirth>1978-04-29</pr:DateOfBirth> + </pr:PhysicalPerson> + </md:Representative> + <md:Mandator> + <pr:CorporateBody> + <pr:Identification> + <pr:Value>123456i</pr:Value> + <pr:Type>urn:publicid:gv.at:baseid+XFN</pr:Type> + </pr:Identification> + <pr:FullName>MeineTestFirma</pr:FullName> + </pr:CorporateBody> + </md:Mandator> + <md:Issued> + <md:Place>Wien</md:Place> + <md:Date>2008-07-14</md:Date> + </md:Issued> + <md:Properties> + <md:SubstitutionAllowed>false</md:SubstitutionAllowed> + </md:Properties> + <md:SimpleMandateContent> + <md:TextualDescription>Der/Die Bevollmächtigte wird zum + Prokuristen/Prokuristin bestellt.</md:TextualDescription> + </md:SimpleMandateContent> + <dsig:Signature Id="signature-1-1" + xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"> + <dsig:SignedInfo> + <dsig:CanonicalizationMethod + Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" /> + <dsig:SignatureMethod + Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1" /> + <dsig:Reference Id="reference-1-1" URI=""> + <dsig:Transforms> + <dsig:Transform + Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116"> + <dsig:XPath + xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" + xmlns:moa="http://reference.e-government.gv.at/namespace/moa/20020822#" + xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#">not(ancestor-or-self::pr:Identification + or ancestor-or-self::dsig:Signature)</dsig:XPath> + </dsig:Transform> + <dsig:Transform + Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" /> + <dsig:Transform + Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" /> + </dsig:Transforms> + <dsig:DigestMethod + Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" /> + <dsig:DigestValue>PRRF0sWBgoywztCKWEXafZfhpd0= + </dsig:DigestValue> + </dsig:Reference> + <dsig:Reference + Type="http://www.w3.org/2000/09/xmldsig#Manifest" + URI="#dsig-manifest-1-1"> + <dsig:DigestMethod + Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" /> + <dsig:DigestValue>NorNorUqPFMA06JfxSJopOq7Qv0= + </dsig:DigestValue> + </dsig:Reference> + </dsig:SignedInfo> + <dsig:SignatureValue>IQMZFc57XZd9LjeiaZqSfzZtWuXhuikAqbKA7pWuDK02DLFSYZPXsGjcvnwNdVaP + </dsig:SignatureValue> + <dsig:KeyInfo> + <dsig:X509Data> + <dsig:X509Certificate>MIICtjCCAm6gAwIBAgIBATAJBgcqhkjOPQQBMGoxCzAJBgNVBAYTAkFUMQ0wCwYD + VQQHEwRXaWVuMRkwFwYDVQQJExBFc3NsaW5nZ2Fzc2UgNS85MQwwCgYDVQQKEwNB + Q1QxIzAhBgNVBAMTGlZvbGxtYWNodGVuIFNpZ25hdHVyZGllbnN0MB4XDTA4MDcw + ODE1MTk1MFoXDTEyMTIzMTIxNTk1OVowajELMAkGA1UEBhMCQVQxDTALBgNVBAcT + BFdpZW4xGTAXBgNVBAkTEEVzc2xpbmdnYXNzZSA1LzkxDDAKBgNVBAoTA0FDVDEj + MCEGA1UEAxMaVm9sbG1hY2h0ZW4gU2lnbmF0dXJkaWVuc3QwgfMwgbwGByqGSM49 + AgEwgbACAQEwJAYHKoZIzj0BAQIZAP////////////////////7//////////zA0 + BBj////////////////////+//////////wEGGQhBRnlnIDnD6fpq3IkMEn+uN7s + wUa5sQQxBBiNqA6wMJD2fL8g60OhiAD0/wr9gv8QEgcZK5X/yNp4YxAR7WskzdVz + +XehHnlIEQIZAP///////////////5ne+DYUa8mxtNIoMQIBAQMyAAS908G9FD5/ + LLYruwFbp9giXahdQ1FAqKwzohSn9pgsVTQBnvXxU8IWIzhPHs49DZCjazBpMAwG + A1UdEwEB/wQCMAAwHQYDVR0OBBYEFLOSgnkLSJ3l4Ah49rHX/FAV1wWcMBkGA1Ud + IAQSMBAwDgYMKwYBBAGVEgECBAEBMB8GA1UdIwQYMBaAFLOSgnkLSJ3l4Ah49rHX + /FAV1wWcMAkGByqGSM49BAEDNwAwNAIYTTppZzS6wqoLDFcf9frHzf1kMheY04dT + Ahg4Nrb54vE3DTRf9sbO4xs4dTARHSt1ihA= + </dsig:X509Certificate> + </dsig:X509Data> + </dsig:KeyInfo> + <dsig:Object> + <dsig:Manifest Id="dsig-manifest-1-1"> + <dsig:Reference Id="reference-1-2" URI=""> + <dsig:Transforms> + <dsig:Transform + Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116"> + <dsig:XPath + xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" + xmlns:moa="http://reference.e-government.gv.at/namespace/moa/20020822#" + xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#">not(ancestor-or-self::dsig:Signature) + </dsig:XPath> + </dsig:Transform> + <dsig:Transform + Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" /> + <dsig:Transform + Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" /> + </dsig:Transforms> + <dsig:DigestMethod + Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" /> + <dsig:DigestValue>oz6ThHPL3V7RNibfPrDSWVhUgi8= + </dsig:DigestValue> + </dsig:Reference> + </dsig:Manifest> + </dsig:Object> + </dsig:Signature> + </md:Mandate> + </saml:AttributeValue> + </saml:Attribute> </saml:AttributeStatement> </saml:Assertion> diff --git a/eaaf_core/src/test/resources/process/spring/test/task/SignedAuthBlock.xml b/eaaf_core/src/test/resources/process/spring/test/task/SignedAuthBlock.xml index 0879d2e1..dfe97f17 100644 --- a/eaaf_core/src/test/resources/process/spring/test/task/SignedAuthBlock.xml +++ b/eaaf_core/src/test/resources/process/spring/test/task/SignedAuthBlock.xml @@ -1,182 +1,287 @@ <?xml version="1.0" encoding="UTF-8"?> -<!-- - --> +<!-- --> -<dsig:Signature Id="signature-1216050695-35956125-21395" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"> +<dsig:Signature Id="signature-1216050695-35956125-21395" + xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"> <dsig:SignedInfo> - <dsig:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/> - <dsig:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/> - <dsig:Reference Id="signed-data-reference-0-1216050695-35956125-19584" URI=""> - <dsig:Transforms> - <dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/> - <dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xslt-19991116"> - <xsl:stylesheet version="1.0" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:xsl="http://www.w3.org/1999/XSL/Transform"> - <xsl:template match="/" xmlns="http://www.w3.org/1999/xhtml"> - <html xmlns="http://www.w3.org/1999/xhtml"> - <head> - <title>Signatur der Anmeldedaten</title> - <style media="screen" type="text/css"> -.boldstyle { font-weight: bold; } -.italicstyle { font-style: italic; } -.annotationstyle { font-size: small; } -</style> - </head> - <body> - <h1>Signatur der Anmeldedaten</h1> - <p/> - <h4>Mit meiner elektronischen Signatur beantrage ich, -<span class="boldstyle"> - <xsl:value-of select="//@Issuer"/> - </span>, geboren am -<xsl:value-of select="substring(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue,9,2)"/>. -<xsl:value-of select="substring(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue,6,2)"/>. -<xsl:value-of select="substring(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue,1,4)"/>, -<xsl:if test="//saml:Attribute[@AttributeName='OIDTextualDescription']"> -in der Rolle als <xsl:value-of select="//saml:Attribute[@AttributeName='OIDTextualDescription']/saml:AttributeValue"/> -(OID***= <xsl:value-of select="//saml:Attribute[@AttributeName='OID']/saml:AttributeValue"/>), -</xsl:if> -den Zugang zur gesicherten Anwendung. -</h4> - <p/> - <h4>Datum und Uhrzeit: -<xsl:value-of select="substring(//@IssueInstant,9,2)"/>. -<xsl:value-of select="substring(//@IssueInstant,6,2)"/>. -<xsl:value-of select="substring(//@IssueInstant,1,4)"/>, -<xsl:value-of select="substring(//@IssueInstant,12,2)"/>: -<xsl:value-of select="substring(//@IssueInstant,15,2)"/>: -<xsl:value-of select="substring(//@IssueInstant,18,2)"/> - </h4> - <xsl:if test="//saml:Attribute[@AttributeName='HPI']"> - <h4>HPI(**): <xsl:value-of select="//saml:Attribute[@AttributeName='HPI']/saml:AttributeValue"/> - </h4> - </xsl:if> - <xsl:if test="//saml:Attribute[@AttributeName='wbPK']"> - <h4>wbPK(*): <xsl:value-of select="//saml:Attribute[@AttributeName='wbPK']/saml:AttributeValue/pr:Identification/pr:Value"/> - </h4> - </xsl:if> - <xsl:if test="//saml:Attribute[@AttributeName='MandatorName']"> - <hr/> - <h4>Ich bin weiters ermächtigt als <xsl:value-of select="//saml:Attribute[@AttributeName='RepresentationType']/saml:AttributeValue/text()"/> -von <xsl:value-of select="//saml:Attribute[@AttributeName='MandatorName']/saml:AttributeValue/text()"/> - <xsl:if test="//saml:Attribute[@AttributeName='MandatorDateOfBirth']">, geboren am - <xsl:value-of select="substring(//saml:Attribute[@AttributeName='MandatorDateOfBirth']/saml:AttributeValue,9,2)"/>. - <xsl:value-of select="substring(//saml:Attribute[@AttributeName='MandatorDateOfBirth']/saml:AttributeValue,6,2)"/>. - <xsl:value-of select="substring(//saml:Attribute[@AttributeName='MandatorDateOfBirth']/saml:AttributeValue,1,4)"/> - </xsl:if> - <xsl:if test="//saml:Attribute[@AttributeName='MandatorDomainIdentifier']">, - <xsl:value-of select="//saml:Attribute[@AttributeName='MandatorDomainIdentifier']/saml:AttributeValue/text()"/> - </xsl:if>, in deren Auftrag zu handeln. -</h4> - <xsl:if test="//saml:Attribute[@AttributeName='MandatorWbpk']"> - <h4>wbPK(*) des Vollmachtgebers: <xsl:value-of select="//saml:Attribute[@AttributeName='MandatorWbpk']/saml:AttributeValue/text()"/> - </h4> - </xsl:if> - <p/> - </xsl:if> - <xsl:choose> - <xsl:when test="//saml:Attribute[@AttributeName='OID']"> - <p/> - <hr/> - </xsl:when> - <xsl:when test="//saml:Attribute[@AttributeName='HPI']"> - <p/> - <hr/> - </xsl:when> - <xsl:when test="//saml:Attribute[@AttributeName='wbPK']"> - <p/> - <hr/> - </xsl:when> - </xsl:choose> - <xsl:if test="//saml:Attribute[@AttributeName='wbPK']"> - <div class="annotationstyle">(*) wbPK: Das <span class="italicstyle">wirtschaftsbereichsspezifische Personenkennzeichen</span> wird aus den -jeweiligen Stammzahlen des Bürgers und des Wirtschaftsunternehmens berechnet und ermöglicht eine eindeutige Zuordnung des Bürgers zum -Wirtschaftsunternehmen.</div> - </xsl:if> - <xsl:if test="//saml:Attribute[@AttributeName='HPI']"> - <div class="annotationstyle">(**) HPI: Der <span class="italicstyle">eHealth Professional Identifier</span> wird aus den jeweiligen -Stammzahlen der Gesundheitsdiensteanbieterinnen / Gesundheitsdiensteanbieter berechnet und ermöglicht eine eindeutige Zuordnung der -Gesundheitsdiensteanbieterin / des Gesundheitsdiensteanbieters im Gesundheitsbereich.</div> - </xsl:if> - <xsl:if test="//saml:Attribute[@AttributeName='OID']"> - <div class="annotationstyle">(***) OID: <span class="italicstyle">Object Identifier</span> sind standardisierte Objekt-Bezeichner und -beschreiben eindeutig die Rollen des GDA-Token Inhabers.</div> - </xsl:if> - </body> - </html> - </xsl:template> - </xsl:stylesheet> - </dsig:Transform> - <dsig:Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"/> - </dsig:Transforms> - <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> - <dsig:DigestValue>0q9QWyqAyyiVNNLu1rIcU+nKsEE=</dsig:DigestValue> - </dsig:Reference> - <dsig:Reference Id="etsi-data-reference-0-1216050695-35956125-7815" Type="http://uri.etsi.org/01903/v1.1.1#SignedProperties" URI="#xmlns(etsi=http://uri.etsi.org/01903/v1.1.1%23)%20xpointer(id('etsi-data-object-0-1216050695-35956125-20638')/child::etsi:QualifyingProperties/child::etsi:SignedProperties)"> - <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> - <dsig:DigestValue>WtB0/ptvoB/r/7+fauSUIBULymg=</dsig:DigestValue> - </dsig:Reference> + <dsig:CanonicalizationMethod + Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" /> + <dsig:SignatureMethod + Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1" /> + <dsig:Reference + Id="signed-data-reference-0-1216050695-35956125-19584" URI=""> + <dsig:Transforms> + <dsig:Transform + Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" /> + <dsig:Transform + Algorithm="http://www.w3.org/TR/1999/REC-xslt-19991116"> + <xsl:stylesheet version="1.0" + xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" + xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" + xmlns:xsl="http://www.w3.org/1999/XSL/Transform"> + <xsl:template match="/" + xmlns="http://www.w3.org/1999/xhtml"> + <html xmlns="http://www.w3.org/1999/xhtml"> + <head> + <title>Signatur der Anmeldedaten</title> + <style media="screen" type="text/css"> + .boldstyle { font-weight: bold; } + .italicstyle { font-style: italic; } + .annotationstyle { font-size: small; } + </style> + </head> + <body> + <h1>Signatur der Anmeldedaten</h1> + <p /> + <h4> + Mit meiner elektronischen Signatur beantrage ich, + <span class="boldstyle"> + <xsl:value-of select="//@Issuer" /> + </span> + , geboren am + <xsl:value-of + select="substring(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue,9,2)" /> + . + <xsl:value-of + select="substring(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue,6,2)" /> + . + <xsl:value-of + select="substring(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue,1,4)" /> + , + <xsl:if + test="//saml:Attribute[@AttributeName='OIDTextualDescription']"> + in der Rolle als + <xsl:value-of + select="//saml:Attribute[@AttributeName='OIDTextualDescription']/saml:AttributeValue" /> + (OID***= + <xsl:value-of + select="//saml:Attribute[@AttributeName='OID']/saml:AttributeValue" /> + ), + </xsl:if> + den Zugang zur gesicherten Anwendung. + </h4> + <p /> + <h4> + Datum und Uhrzeit: + <xsl:value-of + select="substring(//@IssueInstant,9,2)" /> + . + <xsl:value-of + select="substring(//@IssueInstant,6,2)" /> + . + <xsl:value-of + select="substring(//@IssueInstant,1,4)" /> + , + <xsl:value-of + select="substring(//@IssueInstant,12,2)" /> + : + <xsl:value-of + select="substring(//@IssueInstant,15,2)" /> + : + <xsl:value-of + select="substring(//@IssueInstant,18,2)" /> + </h4> + <xsl:if + test="//saml:Attribute[@AttributeName='HPI']"> + <h4> + HPI(**): + <xsl:value-of + select="//saml:Attribute[@AttributeName='HPI']/saml:AttributeValue" /> + </h4> + </xsl:if> + <xsl:if + test="//saml:Attribute[@AttributeName='wbPK']"> + <h4> + wbPK(*): + <xsl:value-of + select="//saml:Attribute[@AttributeName='wbPK']/saml:AttributeValue/pr:Identification/pr:Value" /> + </h4> + </xsl:if> + <xsl:if + test="//saml:Attribute[@AttributeName='MandatorName']"> + <hr /> + <h4> + Ich bin weiters ermächtigt als + <xsl:value-of + select="//saml:Attribute[@AttributeName='RepresentationType']/saml:AttributeValue/text()" /> + von + <xsl:value-of + select="//saml:Attribute[@AttributeName='MandatorName']/saml:AttributeValue/text()" /> + <xsl:if + test="//saml:Attribute[@AttributeName='MandatorDateOfBirth']"> + , geboren am + <xsl:value-of + select="substring(//saml:Attribute[@AttributeName='MandatorDateOfBirth']/saml:AttributeValue,9,2)" /> + . + <xsl:value-of + select="substring(//saml:Attribute[@AttributeName='MandatorDateOfBirth']/saml:AttributeValue,6,2)" /> + . + <xsl:value-of + select="substring(//saml:Attribute[@AttributeName='MandatorDateOfBirth']/saml:AttributeValue,1,4)" /> + </xsl:if> + <xsl:if + test="//saml:Attribute[@AttributeName='MandatorDomainIdentifier']"> + , + <xsl:value-of + select="//saml:Attribute[@AttributeName='MandatorDomainIdentifier']/saml:AttributeValue/text()" /> + </xsl:if> + , in deren Auftrag zu handeln. + </h4> + <xsl:if + test="//saml:Attribute[@AttributeName='MandatorWbpk']"> + <h4> + wbPK(*) des Vollmachtgebers: + <xsl:value-of + select="//saml:Attribute[@AttributeName='MandatorWbpk']/saml:AttributeValue/text()" /> + </h4> + </xsl:if> + <p /> + </xsl:if> + <xsl:choose> + <xsl:when + test="//saml:Attribute[@AttributeName='OID']"> + <p /> + <hr /> + </xsl:when> + <xsl:when + test="//saml:Attribute[@AttributeName='HPI']"> + <p /> + <hr /> + </xsl:when> + <xsl:when + test="//saml:Attribute[@AttributeName='wbPK']"> + <p /> + <hr /> + </xsl:when> + </xsl:choose> + <xsl:if + test="//saml:Attribute[@AttributeName='wbPK']"> + <div class="annotationstyle"> + (*) wbPK: Das + <span class="italicstyle">wirtschaftsbereichsspezifische + Personenkennzeichen</span> + wird aus den + jeweiligen Stammzahlen des Bürgers und des Wirtschaftsunternehmens + berechnet und ermöglicht eine eindeutige Zuordnung + des Bürgers zum + Wirtschaftsunternehmen. + </div> + </xsl:if> + <xsl:if + test="//saml:Attribute[@AttributeName='HPI']"> + <div class="annotationstyle"> + (**) HPI: Der + <span class="italicstyle">eHealth Professional Identifier + </span> + wird aus den jeweiligen + Stammzahlen der Gesundheitsdiensteanbieterinnen / + Gesundheitsdiensteanbieter berechnet und + ermöglicht eine eindeutige Zuordnung der + Gesundheitsdiensteanbieterin / des + Gesundheitsdiensteanbieters im Gesundheitsbereich. + </div> + </xsl:if> + <xsl:if + test="//saml:Attribute[@AttributeName='OID']"> + <div class="annotationstyle"> + (***) OID: + <span class="italicstyle">Object Identifier</span> + sind standardisierte Objekt-Bezeichner und + beschreiben eindeutig die Rollen des GDA-Token + Inhabers. + </div> + </xsl:if> + </body> + </html> + </xsl:template> + </xsl:stylesheet> + </dsig:Transform> + <dsig:Transform + Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments" /> + </dsig:Transforms> + <dsig:DigestMethod + Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" /> + <dsig:DigestValue>0q9QWyqAyyiVNNLu1rIcU+nKsEE=</dsig:DigestValue> + </dsig:Reference> + <dsig:Reference + Id="etsi-data-reference-0-1216050695-35956125-7815" + Type="http://uri.etsi.org/01903/v1.1.1#SignedProperties" + URI="#xmlns(etsi=http://uri.etsi.org/01903/v1.1.1%23)%20xpointer(id('etsi-data-object-0-1216050695-35956125-20638')/child::etsi:QualifyingProperties/child::etsi:SignedProperties)"> + <dsig:DigestMethod + Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" /> + <dsig:DigestValue>WtB0/ptvoB/r/7+fauSUIBULymg=</dsig:DigestValue> + </dsig:Reference> </dsig:SignedInfo> <dsig:SignatureValue>mZt9DuZiDqG81scsf30qjSDdy6vKC2/n034ZZwMUAvfWOXy3+Ubsk5X5CHhz -+lyI</dsig:SignatureValue> + +lyI + </dsig:SignatureValue> <dsig:KeyInfo> - <dsig:X509Data> - <dsig:X509Certificate>MIIEtDCCA5ygAwIBAgIDAgTEMA0GCSqGSIb3DQEBBQUAMIGXMQswCQYDVQQG -EwJBVDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lz -dGVtZSBpbSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMR4wHAYDVQQLDBVh -LXNpZ24tUHJlbWl1bS1TaWctMDIxHjAcBgNVBAMMFWEtc2lnbi1QcmVtaXVt -LVNpZy0wMjAeFw0wNjA0MDQwOTUyMjhaFw0xMTA0MDQwOTUyMjhaMGkxCzAJ -BgNVBAYTAkFUMRUwEwYDVQQDDAxUaG9tYXMgS25hbGwxDjAMBgNVBAQMBUtu -YWxsMQ8wDQYDVQQqDAZUaG9tYXMxFTATBgNVBAUTDDUzNTE5ODkyMzM0OTEL -MAkGA1UEDAwCREkwSTATBgcqhkjOPQIBBggqhkjOPQMBAQMyAARrnYW5sXCQ -6M3irWaanDPi/ROXueKWiPRyZGjNH0Cp/NaiOuvrpv2RDVEKQm2tBiajggIP -MIICCzATBgNVHSMEDDAKgAhN3+H/S9nJ3zAnBggrBgEFBQcBAwEB/wQYMBYw -CAYGBACORgEBMAoGCCsGAQUFBwsBMHsGCCsGAQUFBwEBBG8wbTBCBggrBgEF -BQcwAoY2aHR0cDovL3d3dy5hLXRydXN0LmF0L2NlcnRzL2Etc2lnbi1QcmVt -aXVtLVNpZy0wMmEuY3J0MCcGCCsGAQUFBzABhhtodHRwOi8vb2NzcC5hLXRy -dXN0LmF0L29jc3AwWQYDVR0gBFIwUDBEBgYqKAARAQswOjA4BggrBgEFBQcC -ARYsaHR0cDovL3d3dy5hLXRydXN0LmF0L2RvY3MvY3AvYS1zaWduLVByZW1p -dW0wCAYGBACLMAEBMIGaBgNVHR8EgZIwgY8wgYyggYmggYaGgYNsZGFwOi8v -bGRhcC5hLXRydXN0LmF0L291PWEtc2lnbi1QcmVtaXVtLVNpZy0wMixvPUEt -VHJ1c3QsYz1BVD9jZXJ0aWZpY2F0ZXJldm9jYXRpb25saXN0P2Jhc2U/b2Jq -ZWN0Y2xhc3M9ZWlkQ2VydGlmaWNhdGlvbkF1dGhvcml0eTARBgNVHQ4ECgQI -SNyH29WUoCgwDgYDVR0PAQH/BAQDAgbAMCgGA1UdCQQhMB8wHQYIKwYBBQUH -CQExERgPMTk3ODA0MjkwMDAwMDBaMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQEF -BQADggEBAFkSCJE0YD4p4izU3ekQYPv4Z7gm/VFlpma5hXNvwkajVjHlAqo/ -ylYn8NQ4mMkD+yCDNtm8m8nr0K/yICb8Gnkbv59i6nh2AbzYBBb49VnYYGL6 -uunLH0aFUpAhy+3mDdlH8uhhIQBHwCfgwG1qa5zXY7bz4Vzkac/h6T+JVFkI -egO8OHQDadhgJvW80qspiao2DTac6vVgx4tGvjpdmw1R2pXBYhHD5rkPHlkf -GoeL3ak6hq4ea94Oy5VfNTIJv5MA0J2G1mwnW9B8uPWSM5EYPoWJyBOWcKBL -SSUqOt9D/9215ZGfbchkdRZjx0dTAD3FIhgG8nA72/uCFrBzyTk= -</dsig:X509Certificate> - </dsig:X509Data> + <dsig:X509Data> + <dsig:X509Certificate>MIIEtDCCA5ygAwIBAgIDAgTEMA0GCSqGSIb3DQEBBQUAMIGXMQswCQYDVQQG + EwJBVDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lz + dGVtZSBpbSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMR4wHAYDVQQLDBVh + LXNpZ24tUHJlbWl1bS1TaWctMDIxHjAcBgNVBAMMFWEtc2lnbi1QcmVtaXVt + LVNpZy0wMjAeFw0wNjA0MDQwOTUyMjhaFw0xMTA0MDQwOTUyMjhaMGkxCzAJ + BgNVBAYTAkFUMRUwEwYDVQQDDAxUaG9tYXMgS25hbGwxDjAMBgNVBAQMBUtu + YWxsMQ8wDQYDVQQqDAZUaG9tYXMxFTATBgNVBAUTDDUzNTE5ODkyMzM0OTEL + MAkGA1UEDAwCREkwSTATBgcqhkjOPQIBBggqhkjOPQMBAQMyAARrnYW5sXCQ + 6M3irWaanDPi/ROXueKWiPRyZGjNH0Cp/NaiOuvrpv2RDVEKQm2tBiajggIP + MIICCzATBgNVHSMEDDAKgAhN3+H/S9nJ3zAnBggrBgEFBQcBAwEB/wQYMBYw + CAYGBACORgEBMAoGCCsGAQUFBwsBMHsGCCsGAQUFBwEBBG8wbTBCBggrBgEF + BQcwAoY2aHR0cDovL3d3dy5hLXRydXN0LmF0L2NlcnRzL2Etc2lnbi1QcmVt + aXVtLVNpZy0wMmEuY3J0MCcGCCsGAQUFBzABhhtodHRwOi8vb2NzcC5hLXRy + dXN0LmF0L29jc3AwWQYDVR0gBFIwUDBEBgYqKAARAQswOjA4BggrBgEFBQcC + ARYsaHR0cDovL3d3dy5hLXRydXN0LmF0L2RvY3MvY3AvYS1zaWduLVByZW1p + dW0wCAYGBACLMAEBMIGaBgNVHR8EgZIwgY8wgYyggYmggYaGgYNsZGFwOi8v + bGRhcC5hLXRydXN0LmF0L291PWEtc2lnbi1QcmVtaXVtLVNpZy0wMixvPUEt + VHJ1c3QsYz1BVD9jZXJ0aWZpY2F0ZXJldm9jYXRpb25saXN0P2Jhc2U/b2Jq + ZWN0Y2xhc3M9ZWlkQ2VydGlmaWNhdGlvbkF1dGhvcml0eTARBgNVHQ4ECgQI + SNyH29WUoCgwDgYDVR0PAQH/BAQDAgbAMCgGA1UdCQQhMB8wHQYIKwYBBQUH + CQExERgPMTk3ODA0MjkwMDAwMDBaMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQEF + BQADggEBAFkSCJE0YD4p4izU3ekQYPv4Z7gm/VFlpma5hXNvwkajVjHlAqo/ + ylYn8NQ4mMkD+yCDNtm8m8nr0K/yICb8Gnkbv59i6nh2AbzYBBb49VnYYGL6 + uunLH0aFUpAhy+3mDdlH8uhhIQBHwCfgwG1qa5zXY7bz4Vzkac/h6T+JVFkI + egO8OHQDadhgJvW80qspiao2DTac6vVgx4tGvjpdmw1R2pXBYhHD5rkPHlkf + GoeL3ak6hq4ea94Oy5VfNTIJv5MA0J2G1mwnW9B8uPWSM5EYPoWJyBOWcKBL + SSUqOt9D/9215ZGfbchkdRZjx0dTAD3FIhgG8nA72/uCFrBzyTk= + </dsig:X509Certificate> + </dsig:X509Data> </dsig:KeyInfo> - <dsig:Object Id="etsi-data-object-0-1216050695-35956125-20638"> - <etsi:QualifyingProperties Target="#signature-1216050695-35956125-21395" xmlns:etsi="http://uri.etsi.org/01903/v1.1.1#"> - <etsi:SignedProperties> - <etsi:SignedSignatureProperties> - <etsi:SigningTime>2008-07-14T15:51:35Z</etsi:SigningTime> - <etsi:SigningCertificate> - <etsi:Cert> - <etsi:CertDigest> - <etsi:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> - <etsi:DigestValue>inMYWBmAxMHP7mDENjLFaEtv0Zk=</etsi:DigestValue> - </etsi:CertDigest> - <etsi:IssuerSerial> - <dsig:X509IssuerName>CN=a-sign-Premium-Sig-02,OU=a-sign-Premium-Sig-02,O=A-Trust Ges. f. Sicherheitssysteme im elektr. Datenverkehr GmbH,C=AT</dsig:X509IssuerName> - <dsig:X509SerialNumber>132292</dsig:X509SerialNumber> - </etsi:IssuerSerial> - </etsi:Cert> - </etsi:SigningCertificate> - <etsi:SignaturePolicyIdentifier> - <etsi:SignaturePolicyImplied/> - </etsi:SignaturePolicyIdentifier> - </etsi:SignedSignatureProperties> - <etsi:SignedDataObjectProperties> - <etsi:DataObjectFormat ObjectReference="#signed-data-reference-0-1216050695-35956125-19584"> - <etsi:MimeType>application/xhtml+xml</etsi:MimeType> - </etsi:DataObjectFormat> - </etsi:SignedDataObjectProperties> - </etsi:SignedProperties> - </etsi:QualifyingProperties> + <dsig:Object + Id="etsi-data-object-0-1216050695-35956125-20638"> + <etsi:QualifyingProperties + Target="#signature-1216050695-35956125-21395" + xmlns:etsi="http://uri.etsi.org/01903/v1.1.1#"> + <etsi:SignedProperties> + <etsi:SignedSignatureProperties> + <etsi:SigningTime>2008-07-14T15:51:35Z</etsi:SigningTime> + <etsi:SigningCertificate> + <etsi:Cert> + <etsi:CertDigest> + <etsi:DigestMethod + Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" /> + <etsi:DigestValue>inMYWBmAxMHP7mDENjLFaEtv0Zk= + </etsi:DigestValue> + </etsi:CertDigest> + <etsi:IssuerSerial> + <dsig:X509IssuerName>CN=a-sign-Premium-Sig-02,OU=a-sign-Premium-Sig-02,O=A-Trust + Ges. f. Sicherheitssysteme im elektr. Datenverkehr + GmbH,C=AT</dsig:X509IssuerName> + <dsig:X509SerialNumber>132292</dsig:X509SerialNumber> + </etsi:IssuerSerial> + </etsi:Cert> + </etsi:SigningCertificate> + <etsi:SignaturePolicyIdentifier> + <etsi:SignaturePolicyImplied /> + </etsi:SignaturePolicyIdentifier> + </etsi:SignedSignatureProperties> + <etsi:SignedDataObjectProperties> + <etsi:DataObjectFormat + ObjectReference="#signed-data-reference-0-1216050695-35956125-19584"> + <etsi:MimeType>application/xhtml+xml</etsi:MimeType> + </etsi:DataObjectFormat> + </etsi:SignedDataObjectProperties> + </etsi:SignedProperties> + </etsi:QualifyingProperties> </dsig:Object> </dsig:Signature>
\ No newline at end of file diff --git a/eaaf_core/src/test/resources/process/test/InvalidProcessDefinition_MultipleStartEvents.xml b/eaaf_core/src/test/resources/process/test/InvalidProcessDefinition_MultipleStartEvents.xml index 18c2f7ed..89e9f6e1 100644 --- a/eaaf_core/src/test/resources/process/test/InvalidProcessDefinition_MultipleStartEvents.xml +++ b/eaaf_core/src/test/resources/process/test/InvalidProcessDefinition_MultipleStartEvents.xml @@ -1,25 +1,24 @@ <?xml version="1.0" encoding="UTF-8"?> -<!-- - --> +<!-- --> -<tns:ProcessDefinition - id="SampleProcess2" - xmlns:tns="http://reference.e-government.gv.at/namespace/moa/process/definition/v1" - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:schemaLocation="http://reference.e-government.gv.at/namespace/moa/process/definition/v1 ../../main/resources/at/gv/egovernment/moa/id/process/ProcessDefinition.xsd "> +<tns:ProcessDefinition id="SampleProcess2" + xmlns:tns="http://reference.e-government.gv.at/namespace/moa/process/definition/v1" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation="http://reference.e-government.gv.at/namespace/moa/process/definition/v1 ../../main/resources/at/gv/egovernment/moa/id/process/ProcessDefinition.xsd "> - <tns:StartEvent id="start1" /> + <tns:StartEvent id="start1" /> - <tns:Task id="task1" class="HelloWorldTask" /> - <tns:Task id="task2" async="true" class="HalloWeltTask" /> - <tns:Task id="task3" /> + <tns:Task id="task1" class="HelloWorldTask" /> + <tns:Task id="task2" async="true" class="HalloWeltTask" /> + <tns:Task id="task3" /> - <tns:StartEvent id="start2" /> - <tns:EndEvent id="end" /> + <tns:StartEvent id="start2" /> + <tns:EndEvent id="end" /> + + <tns:Transition id="fromStart" from="start1" to="task1" + conditionExpression="true" /> + <tns:Transition from="task1" to="task2" /> + <tns:Transition from="task2" to="task3" /> + <tns:Transition from="task3" to="end" /> - <tns:Transition id="fromStart" from="start1" to="task1" conditionExpression="true" /> - <tns:Transition from="task1" to="task2" /> - <tns:Transition from="task2" to="task3" /> - <tns:Transition from="task3" to="end" /> - </tns:ProcessDefinition> diff --git a/eaaf_core/src/test/resources/process/test/InvalidProcessDefinition_NoStartEvents.xml b/eaaf_core/src/test/resources/process/test/InvalidProcessDefinition_NoStartEvents.xml index ec3e76ae..bcf80ad4 100644 --- a/eaaf_core/src/test/resources/process/test/InvalidProcessDefinition_NoStartEvents.xml +++ b/eaaf_core/src/test/resources/process/test/InvalidProcessDefinition_NoStartEvents.xml @@ -1,19 +1,17 @@ <?xml version="1.0" encoding="UTF-8"?> -<!-- - --> +<!-- --> -<tns:ProcessDefinition - id="SampleProcess1" - xmlns:tns="http://reference.e-government.gv.at/namespace/moa/process/definition/v1" - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:schemaLocation="http://reference.e-government.gv.at/namespace/moa/process/definition/v1 ../../main/resources/at/gv/egovernment/moa/id/process/ProcessDefinition.xsd "> +<tns:ProcessDefinition id="SampleProcess1" + xmlns:tns="http://reference.e-government.gv.at/namespace/moa/process/definition/v1" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation="http://reference.e-government.gv.at/namespace/moa/process/definition/v1 ../../main/resources/at/gv/egovernment/moa/id/process/ProcessDefinition.xsd "> - <tns:Task id="task1" class="HelloWorldTask" /> - <tns:Task id="task2" async="true" /> + <tns:Task id="task1" class="HelloWorldTask" /> + <tns:Task id="task2" async="true" /> - <tns:EndEvent id="end" /> + <tns:EndEvent id="end" /> + + <tns:Transition from="task1" to="task2" /> + <tns:Transition from="task2" to="end" /> - <tns:Transition from="task1" to="task2" /> - <tns:Transition from="task2" to="end" /> - </tns:ProcessDefinition> diff --git a/eaaf_core/src/test/resources/process/test/InvalidProcessDefinition_TransitionLoop.xml b/eaaf_core/src/test/resources/process/test/InvalidProcessDefinition_TransitionLoop.xml index 758507b9..aaee6a87 100644 --- a/eaaf_core/src/test/resources/process/test/InvalidProcessDefinition_TransitionLoop.xml +++ b/eaaf_core/src/test/resources/process/test/InvalidProcessDefinition_TransitionLoop.xml @@ -1,24 +1,23 @@ <?xml version="1.0" encoding="UTF-8"?> -<!-- - --> +<!-- --> -<tns:ProcessDefinition - id="SampleProcess1" - xmlns:tns="http://reference.e-government.gv.at/namespace/moa/process/definition/v1" - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:schemaLocation="http://reference.e-government.gv.at/namespace/moa/process/definition/v1 ../../main/resources/at/gv/egovernment/moa/id/process/ProcessDefinition.xsd "> +<tns:ProcessDefinition id="SampleProcess1" + xmlns:tns="http://reference.e-government.gv.at/namespace/moa/process/definition/v1" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation="http://reference.e-government.gv.at/namespace/moa/process/definition/v1 ../../main/resources/at/gv/egovernment/moa/id/process/ProcessDefinition.xsd "> - <tns:Task id="task1" class="HelloWorldTask" /> - <tns:Task id="task2" async="true" /> + <tns:Task id="task1" class="HelloWorldTask" /> + <tns:Task id="task2" async="true" /> - <tns:StartEvent id="start" /> - <tns:EndEvent id="end" /> + <tns:StartEvent id="start" /> + <tns:EndEvent id="end" /> - <tns:Transition id="fromStart" from="start" to="task1" conditionExpression="true" /> - <tns:Transition from="task1" to="task2" /> - <tns:Transition from="task2" to="end" /> + <tns:Transition id="fromStart" from="start" to="task1" + conditionExpression="true" /> + <tns:Transition from="task1" to="task2" /> + <tns:Transition from="task2" to="end" /> + + <!-- Must be loop since we have no conditionExpression set. --> + <tns:Transition id="loop" from="task1" to="task1" /> - <!-- Must be loop since we have no conditionExpression set. --> - <tns:Transition id="loop" from="task1" to="task1" /> - </tns:ProcessDefinition> diff --git a/eaaf_core/src/test/resources/process/test/InvalidProcessDefinition_TransitionRefsTransition.xml b/eaaf_core/src/test/resources/process/test/InvalidProcessDefinition_TransitionRefsTransition.xml index 302f180c..ea789adb 100644 --- a/eaaf_core/src/test/resources/process/test/InvalidProcessDefinition_TransitionRefsTransition.xml +++ b/eaaf_core/src/test/resources/process/test/InvalidProcessDefinition_TransitionRefsTransition.xml @@ -1,22 +1,22 @@ <?xml version="1.0" encoding="UTF-8"?> -<!-- - --> +<!-- --> -<tns:ProcessDefinition - id="SampleProcess1" - xmlns:tns="http://reference.e-government.gv.at/namespace/moa/process/definition/v1" - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:schemaLocation="http://reference.e-government.gv.at/namespace/moa/process/definition/v1 ../../main/resources/at/gv/egovernment/moa/id/process/ProcessDefinition.xsd "> +<tns:ProcessDefinition id="SampleProcess1" + xmlns:tns="http://reference.e-government.gv.at/namespace/moa/process/definition/v1" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation="http://reference.e-government.gv.at/namespace/moa/process/definition/v1 ../../main/resources/at/gv/egovernment/moa/id/process/ProcessDefinition.xsd "> - <tns:Task id="task1" class="HelloWorldTask" /> - <tns:Task id="task2" async="true" /> + <tns:Task id="task1" class="HelloWorldTask" /> + <tns:Task id="task2" async="true" /> - <tns:StartEvent id="start" /> - <tns:EndEvent id="end" /> + <tns:StartEvent id="start" /> + <tns:EndEvent id="end" /> + + <tns:Transition id="fromStart" from="start" to="task1" + conditionExpression="true" /> + <tns:Transition from="task1" to="task2" /> + <tns:Transition id="invalidTransition" from="task1" + to="fromStart" /> + <tns:Transition from="task2" to="end" /> - <tns:Transition id="fromStart" from="start" to="task1" conditionExpression="true" /> - <tns:Transition from="task1" to="task2" /> - <tns:Transition id="invalidTransition" from="task1" to="fromStart" /> - <tns:Transition from="task2" to="end" /> - </tns:ProcessDefinition> diff --git a/eaaf_core/src/test/resources/process/test/InvalidProcessDefinition_TransitionStartsFromEndEvent.xml b/eaaf_core/src/test/resources/process/test/InvalidProcessDefinition_TransitionStartsFromEndEvent.xml index 41d693cd..04f46564 100644 --- a/eaaf_core/src/test/resources/process/test/InvalidProcessDefinition_TransitionStartsFromEndEvent.xml +++ b/eaaf_core/src/test/resources/process/test/InvalidProcessDefinition_TransitionStartsFromEndEvent.xml @@ -1,22 +1,21 @@ <?xml version="1.0" encoding="UTF-8"?> -<!-- - --> +<!-- --> -<tns:ProcessDefinition - id="SampleProcess1" - xmlns:tns="http://reference.e-government.gv.at/namespace/moa/process/definition/v1" - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:schemaLocation="http://reference.e-government.gv.at/namespace/moa/process/definition/v1 ../../main/resources/at/gv/egovernment/moa/id/process/ProcessDefinition.xsd "> +<tns:ProcessDefinition id="SampleProcess1" + xmlns:tns="http://reference.e-government.gv.at/namespace/moa/process/definition/v1" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation="http://reference.e-government.gv.at/namespace/moa/process/definition/v1 ../../main/resources/at/gv/egovernment/moa/id/process/ProcessDefinition.xsd "> - <tns:Task id="task1" class="HelloWorldTask" /> - <tns:Task id="task2" async="true" /> + <tns:Task id="task1" class="HelloWorldTask" /> + <tns:Task id="task2" async="true" /> - <tns:StartEvent id="start" /> - <tns:EndEvent id="end" /> + <tns:StartEvent id="start" /> + <tns:EndEvent id="end" /> + + <tns:Transition id="fromStart" from="start" to="task1" + conditionExpression="true" /> + <tns:Transition from="task1" to="task2" /> + <tns:Transition from="task2" to="end" /> + <tns:Transition from="end" to="task1" /> - <tns:Transition id="fromStart" from="start" to="task1" conditionExpression="true" /> - <tns:Transition from="task1" to="task2" /> - <tns:Transition from="task2" to="end" /> - <tns:Transition from="end" to="task1" /> - </tns:ProcessDefinition> diff --git a/eaaf_core/src/test/resources/process/test/SampleProcessDefinition1.xml b/eaaf_core/src/test/resources/process/test/SampleProcessDefinition1.xml index 96773d2d..cdbcb7be 100644 --- a/eaaf_core/src/test/resources/process/test/SampleProcessDefinition1.xml +++ b/eaaf_core/src/test/resources/process/test/SampleProcessDefinition1.xml @@ -1,21 +1,20 @@ <?xml version="1.0" encoding="UTF-8"?> -<!-- - --> +<!-- --> -<tns:ProcessDefinition - id="SampleProcess1" - xmlns:tns="http://reference.e-government.gv.at/namespace/moa/process/definition/v1" - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:schemaLocation="http://reference.e-government.gv.at/namespace/moa/process/definition/v1 ../../main/resources/process/ProcessDefinition.xsd "> +<tns:ProcessDefinition id="SampleProcess1" + xmlns:tns="http://reference.e-government.gv.at/namespace/moa/process/definition/v1" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation="http://reference.e-government.gv.at/namespace/moa/process/definition/v1 ../../main/resources/process/ProcessDefinition.xsd "> - <tns:Task id="task1" class="HelloWorldTask" /> - <tns:Task id="task2" async="true" /> + <tns:Task id="task1" class="HelloWorldTask" /> + <tns:Task id="task2" async="true" /> - <tns:StartEvent id="start" /> - <tns:EndEvent id="end" /> + <tns:StartEvent id="start" /> + <tns:EndEvent id="end" /> + + <tns:Transition id="fromStart" from="start" to="task1" + conditionExpression="true" /> + <tns:Transition from="task1" to="task2" /> + <tns:Transition from="task2" to="end" /> - <tns:Transition id="fromStart" from="start" to="task1" conditionExpression="true" /> - <tns:Transition from="task1" to="task2" /> - <tns:Transition from="task2" to="end" /> - </tns:ProcessDefinition> diff --git a/eaaf_core/src/test/resources/process/test/SampleProcessDefinition2.xml b/eaaf_core/src/test/resources/process/test/SampleProcessDefinition2.xml index 03477de5..d0878038 100644 --- a/eaaf_core/src/test/resources/process/test/SampleProcessDefinition2.xml +++ b/eaaf_core/src/test/resources/process/test/SampleProcessDefinition2.xml @@ -1,24 +1,23 @@ <?xml version="1.0" encoding="UTF-8"?> -<!-- - --> +<!-- --> -<tns:ProcessDefinition - id="SampleProcess2" - xmlns:tns="http://reference.e-government.gv.at/namespace/moa/process/definition/v1" - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:schemaLocation="http://reference.e-government.gv.at/namespace/moa/process/definition/v1 ../../main/resources/process/ProcessDefinition.xsd "> +<tns:ProcessDefinition id="SampleProcess2" + xmlns:tns="http://reference.e-government.gv.at/namespace/moa/process/definition/v1" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation="http://reference.e-government.gv.at/namespace/moa/process/definition/v1 ../../main/resources/process/ProcessDefinition.xsd "> - <tns:StartEvent id="start" /> + <tns:StartEvent id="start" /> - <tns:Task id="task1" class="HelloWorldTask" /> - <tns:Task id="task2" async="true" class="HelloWorldTask" /> - <tns:Task id="task3" /> + <tns:Task id="task1" class="HelloWorldTask" /> + <tns:Task id="task2" async="true" class="HelloWorldTask" /> + <tns:Task id="task3" /> - <tns:EndEvent id="end" /> + <tns:EndEvent id="end" /> + + <tns:Transition id="fromStart" from="start" to="task1" + conditionExpression="true" /> + <tns:Transition from="task1" to="task2" /> + <tns:Transition from="task2" to="task3" /> + <tns:Transition from="task3" to="end" /> - <tns:Transition id="fromStart" from="start" to="task1" conditionExpression="true" /> - <tns:Transition from="task1" to="task2" /> - <tns:Transition from="task2" to="task3" /> - <tns:Transition from="task3" to="end" /> - </tns:ProcessDefinition> diff --git a/eaaf_core/src/test/resources/process/test/SampleProcessDefinition3.xml b/eaaf_core/src/test/resources/process/test/SampleProcessDefinition3.xml index ef6999cf..36887069 100644 --- a/eaaf_core/src/test/resources/process/test/SampleProcessDefinition3.xml +++ b/eaaf_core/src/test/resources/process/test/SampleProcessDefinition3.xml @@ -1,24 +1,23 @@ <?xml version="1.0" encoding="UTF-8"?> -<!-- - --> +<!-- --> -<tns:ProcessDefinition - id="SampleProcess3" - xmlns:tns="http://reference.e-government.gv.at/namespace/moa/process/definition/v1" - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:schemaLocation="http://reference.e-government.gv.at/namespace/moa/process/definition/v1 ../../main/resources/process/ProcessDefinition.xsd "> +<tns:ProcessDefinition id="SampleProcess3" + xmlns:tns="http://reference.e-government.gv.at/namespace/moa/process/definition/v1" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation="http://reference.e-government.gv.at/namespace/moa/process/definition/v1 ../../main/resources/process/ProcessDefinition.xsd "> - <tns:StartEvent id="start" /> + <tns:StartEvent id="start" /> - <tns:Task id="task1" class="NotExistTaskdTask" /> - <tns:Task id="task2" async="true" class="HelloWorldTask" /> - <tns:Task id="task3" /> + <tns:Task id="task1" class="NotExistTaskdTask" /> + <tns:Task id="task2" async="true" class="HelloWorldTask" /> + <tns:Task id="task3" /> - <tns:EndEvent id="end" /> + <tns:EndEvent id="end" /> + + <tns:Transition id="fromStart" from="start" to="task1" + conditionExpression="true" /> + <tns:Transition from="task1" to="task2" /> + <tns:Transition from="task2" to="task3" /> + <tns:Transition from="task3" to="end" /> - <tns:Transition id="fromStart" from="start" to="task1" conditionExpression="true" /> - <tns:Transition from="task1" to="task2" /> - <tns:Transition from="task2" to="task3" /> - <tns:Transition from="task3" to="end" /> - </tns:ProcessDefinition> diff --git a/eaaf_core/src/test/resources/process/test/SampleProcessDefinition4.xml b/eaaf_core/src/test/resources/process/test/SampleProcessDefinition4.xml index c88afd05..65dfc90b 100644 --- a/eaaf_core/src/test/resources/process/test/SampleProcessDefinition4.xml +++ b/eaaf_core/src/test/resources/process/test/SampleProcessDefinition4.xml @@ -1,24 +1,23 @@ <?xml version="1.0" encoding="UTF-8"?> -<!-- - --> +<!-- --> -<tns:ProcessDefinition - id="SampleProcess4" - xmlns:tns="http://reference.e-government.gv.at/namespace/moa/process/definition/v1" - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:schemaLocation="http://reference.e-government.gv.at/namespace/moa/process/definition/v1 ../../main/resources/process/ProcessDefinition.xsd "> +<tns:ProcessDefinition id="SampleProcess4" + xmlns:tns="http://reference.e-government.gv.at/namespace/moa/process/definition/v1" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation="http://reference.e-government.gv.at/namespace/moa/process/definition/v1 ../../main/resources/process/ProcessDefinition.xsd "> - <tns:StartEvent id="start" /> + <tns:StartEvent id="start" /> - <tns:Task id="task1" class="HelloWorldTask" /> - <tns:Task id="task2" class="ThrowExceptionTask" /> - <tns:Task id="task3" /> + <tns:Task id="task1" class="HelloWorldTask" /> + <tns:Task id="task2" class="ThrowExceptionTask" /> + <tns:Task id="task3" /> - <tns:EndEvent id="end" /> + <tns:EndEvent id="end" /> + + <tns:Transition id="fromStart" from="start" to="task1" + conditionExpression="true" /> + <tns:Transition from="task1" to="task2" /> + <tns:Transition from="task2" to="task3" /> + <tns:Transition from="task3" to="end" /> - <tns:Transition id="fromStart" from="start" to="task1" conditionExpression="true" /> - <tns:Transition from="task1" to="task2" /> - <tns:Transition from="task2" to="task3" /> - <tns:Transition from="task3" to="end" /> - </tns:ProcessDefinition> diff --git a/eaaf_core/src/test/resources/process/test/SampleProcessDefinition5.xml b/eaaf_core/src/test/resources/process/test/SampleProcessDefinition5.xml index e0072e62..5142ec61 100644 --- a/eaaf_core/src/test/resources/process/test/SampleProcessDefinition5.xml +++ b/eaaf_core/src/test/resources/process/test/SampleProcessDefinition5.xml @@ -1,24 +1,23 @@ <?xml version="1.0" encoding="UTF-8"?> -<!-- - --> +<!-- --> -<tns:ProcessDefinition - id="SampleProcess5" - xmlns:tns="http://reference.e-government.gv.at/namespace/moa/process/definition/v1" - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:schemaLocation="http://reference.e-government.gv.at/namespace/moa/process/definition/v1 ../../main/resources/process/ProcessDefinition.xsd "> +<tns:ProcessDefinition id="SampleProcess5" + xmlns:tns="http://reference.e-government.gv.at/namespace/moa/process/definition/v1" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation="http://reference.e-government.gv.at/namespace/moa/process/definition/v1 ../../main/resources/process/ProcessDefinition.xsd "> - <tns:StartEvent id="start" /> + <tns:StartEvent id="start" /> - <tns:Task id="task1" class="HelloWorldTask" /> - <tns:Task id="task2" class="StopProcessFlagTask" /> - <tns:Task id="task3" class="ThrowExceptionTask" /> + <tns:Task id="task1" class="HelloWorldTask" /> + <tns:Task id="task2" class="StopProcessFlagTask" /> + <tns:Task id="task3" class="ThrowExceptionTask" /> - <tns:EndEvent id="end" /> + <tns:EndEvent id="end" /> + + <tns:Transition id="fromStart" from="start" to="task1" + conditionExpression="true" /> + <tns:Transition from="task1" to="task2" /> + <tns:Transition from="task2" to="task3" /> + <tns:Transition from="task3" to="end" /> - <tns:Transition id="fromStart" from="start" to="task1" conditionExpression="true" /> - <tns:Transition from="task1" to="task2" /> - <tns:Transition from="task2" to="task3" /> - <tns:Transition from="task3" to="end" /> - </tns:ProcessDefinition> diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/IGarbageCollectorProcessing.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/IGarbageCollectorProcessing.java index 68d837c3..c1fab13f 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/IGarbageCollectorProcessing.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/IGarbageCollectorProcessing.java @@ -20,7 +20,8 @@ package at.gv.egiz.eaaf.core.api; /** - * Application internal garbage collector that can be used to clean caches as example. + * Application internal garbage collector that can be used to clean caches as + * example. * * @author tlenz * diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/IPostStartupInitializable.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/IPostStartupInitializable.java index bfa4cd21..cd44250c 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/IPostStartupInitializable.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/IPostStartupInitializable.java @@ -19,9 +19,9 @@ package at.gv.egiz.eaaf.core.api; - /** - * Interface initialize a Object when the MOA-ID-Auth start-up process is fully completed. + * Interface initialize a Object when the MOA-ID-Auth start-up process is fully + * completed. * * @author tlenz * @@ -30,7 +30,8 @@ package at.gv.egiz.eaaf.core.api; public interface IPostStartupInitializable { /** - * This method is called once when MOA-ID-Auth start-up process is fully completed. + * This method is called once when MOA-ID-Auth start-up process is fully + * completed. * */ void executeAfterStartup(); diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/IRequest.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/IRequest.java index fa8cb7f4..dd18d04f 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/IRequest.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/IRequest.java @@ -21,23 +21,26 @@ package at.gv.egiz.eaaf.core.api; import java.io.Serializable; import java.util.Map; + import javax.annotation.Nonnull; -import at.gv.egiz.eaaf.core.api.idp.IspConfiguration; + +import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration; import at.gv.egiz.eaaf.core.exceptions.EaafStorageException; public interface IRequest extends Serializable { /** - * Indicates the module, which implements this authentication protocol. The class, which is - * referenced, had to implement the 'IModulInfo' interface. + * Indicates the module, which implements this authentication protocol. The + * class, which is referenced, had to implement the 'IModulInfo' interface. * * @return Full-qualified name of the class which implements this protocol */ String requestedModule(); /** - * Indicates the protocol specific action, which should executed if the request is processed. The - * class, which is referenced, had to implement the 'IAction' interface. + * Indicates the protocol specific action, which should executed if the request + * is processed. The class, which is referenced, had to implement the 'IAction' + * interface. * * @return Full-qualified name of the class which implements the action */ @@ -51,24 +54,27 @@ public interface IRequest extends Serializable { String getSpEntityId(); /** - * Indicates the passive flag in authentication requests. If the passive flag is set, the - * identification and authentication process failed if no active SSO session is found. + * Indicates the passive flag in authentication requests. If the passive flag is + * set, the identification and authentication process failed if no active SSO + * session is found. * - * @return true, if the is passive flag is set in authentication request, otherwise false + * @return true, if the is passive flag is set in authentication request, + * otherwise false */ boolean isPassiv(); /** - * Indicates the force authentication flag in authentication request If this flag is set, a new - * identification and authentication process is carried out in any case. + * Indicates the force authentication flag in authentication request If this + * flag is set, a new identification and authentication process is carried out + * in any case. * * @return true, if the force authentication flag is set, otherwise false */ boolean forceAuth(); - /** - * Returns a generic request-data object with is stored with a specific identifier. + * Returns a generic request-data object with is stored with a specific + * identifier. * * @param key The specific identifier of the request-data object * @return The request-data object or null if no data is found with this key @@ -76,9 +82,10 @@ public interface IRequest extends Serializable { Object getRawData(String key); /** - * Returns a generic request-data object with is stored with a specific identifier. + * Returns a generic request-data object with is stored with a specific + * identifier. * - * @param key The specific identifier of the request-data object + * @param key The specific identifier of the request-data object * @param clazz The class type which is stored with this key * @return The request-data object or null if no data is found with this key */ @@ -87,11 +94,11 @@ public interface IRequest extends Serializable { /** * Store a generic data-object into pending request with a specific identifier. * - * @param key Identifier for this data-object - * @param object Generic data-object which should be stored. This data-object had to be implement - * the 'java.io.Serializable' interface - * @throws SessionDataStorageException Error message if the data-object can not stored to generic - * request-data storage + * @param key Identifier for this data-object + * @param object Generic data-object which should be stored. This data-object + * had to be implement the 'java.io.Serializable' interface + * @throws SessionDataStorageException Error message if the data-object can not + * stored to generic request-data storage */ void setRawDataToTransaction(String key, Object object) throws EaafStorageException; @@ -99,8 +106,8 @@ public interface IRequest extends Serializable { * Store generic data-objects into pending request with specific identifiers. * * @param map Map with Identifiers and values - * @throws SessionDataStorageException Error message if the data-object can not stored to generic - * request-data storage + * @throws SessionDataStorageException Error message if the data-object can not + * stored to generic request-data storage */ void setRawDataToTransaction(Map<String, Object> map) throws EaafStorageException; @@ -114,14 +121,13 @@ public interface IRequest extends Serializable { <T> T getSessionData(@Nonnull Class<T> wrapper); /** - * Hold the identifier of this request object. This identifier can be used to load the request - * from request storage. + * Hold the identifier of this request object. This identifier can be used to + * load the request from request storage. * * @return Request identifier */ String getPendingRequestId(); - /** * Hold the identifier of the SSO-Session which is associated with this request. * @@ -137,31 +143,31 @@ public interface IRequest extends Serializable { void setInternalSsoSessionIdentifier(String internalSsoSessionId); /** - * Holds a unique transaction identifier, which could be used for looging This transaction - * identifier is unique for a single identification and authentication process. + * Holds a unique transaction identifier, which could be used for looging This + * transaction identifier is unique for a single identification and + * authentication process. * * @return Unique transaction identifier. */ String getUniqueTransactionIdentifier(); /** - * Holds a unique session identifier, which could be used for logging This session identifier is - * unique for the full Single Sign-On session time. + * Holds a unique session identifier, which could be used for logging This + * session identifier is unique for the full Single Sign-On session time. * * @return Unique session identifier */ String getUniqueSessionIdentifier(); - /** - * Hold the identifier if the process instance, which is associated with this request. + * Hold the identifier if the process instance, which is associated with this + * request. * - * @return ProcessInstanceID if this request is associated with a authentication process, - * otherwise null + * @return ProcessInstanceID if this request is associated with a authentication + * process, otherwise null */ String getProcessInstanceId(); - /** * get the IDP URL PreFix, which was used for authentication request. * @@ -197,7 +203,6 @@ public interface IRequest extends Serializable { */ void setNeedSingleSignOnFunctionality(boolean needSso); - /** * Indicates, if this pending request needs an additional user consent. * @@ -221,8 +226,7 @@ public interface IRequest extends Serializable { * * @return Service-Provider configuration */ - IspConfiguration getServiceProviderConfiguration(); - + ISpConfiguration getServiceProviderConfiguration(); /** * Get get Service-Provider configuration which is associated with this request. @@ -231,7 +235,6 @@ public interface IRequest extends Serializable { */ <T> T getServiceProviderConfiguration(final Class<T> decorator); - /** * Indicates, if this pending-request is aborted by the user. * @@ -242,7 +245,8 @@ public interface IRequest extends Serializable { /** * Set the 'isAboredByUser' flag of this pending-request. * - * @param isAborted true, if the user has abort the authentication process, otherwise false + * @param isAborted true, if the user has abort the authentication process, + * otherwise false */ void setAbortedByUser(boolean isAborted); diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/IRequestStorage.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/IRequestStorage.java index efd19591..2262e68a 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/IRequestStorage.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/IRequestStorage.java @@ -19,7 +19,6 @@ package at.gv.egiz.eaaf.core.api; - import at.gv.egiz.eaaf.core.exceptions.EaafException; import at.gv.egiz.eaaf.core.exceptions.PendingReqIdValidationException; diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/IStatusMessenger.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/IStatusMessenger.java index b6bcf18a..bbaf86d3 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/IStatusMessenger.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/IStatusMessenger.java @@ -38,11 +38,10 @@ public interface IStatusMessenger { String CODES_EXTERNAL_ERROR_GENERIC = "9199"; String CODES_EXTERNAL_ERROR_PROCESSENGINE = "1099"; - /** * Get the message corresponding to a given message ID. * - * @param messageId The ID of the message. + * @param messageId The ID of the message. * @param parameters The parameters to fill in into the message arguments. * @return The formatted message. */ @@ -52,7 +51,7 @@ public interface IStatusMessenger { /** * Get the message corresponding to a given message ID. * - * @param messageId The ID of the message. + * @param messageId The ID of the message. * @param parameters The parameters to fill in into the message arguments. * @return The formatted message, or <code>null</code> if no message was fround */ @@ -67,7 +66,6 @@ public interface IStatusMessenger { */ String getResponseErrorCode(Throwable throwable); - /** * Map internal to external errorCode. * diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/data/EAAFConfigConstants.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/data/EaafConfigConstants.java index d3529592..99537ffa 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/data/EAAFConfigConstants.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/data/EaafConfigConstants.java @@ -1,4 +1,4 @@ -/******************************************************************************* +/* * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology. * @@ -11,18 +11,15 @@ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express * or implied. See the Licence for the specific language governing permissions and limitations under * the Licence. - * + * * This product combines work with different licenses. See the "NOTICE" text file for details on the * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative * works that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -/******************************************************************************* - *******************************************************************************/ -/******************************************************************************* - *******************************************************************************/ +*/ + package at.gv.egiz.eaaf.core.api.data; -public class EAAFConfigConstants { +public class EaafConfigConstants { public static final String SERVICE_UNIQUEIDENTIFIER = "uniqueID"; // publicURLPrefix } diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/data/EAAFConstants.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/data/EaafConstants.java index dda3703a..8a5c9cb1 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/data/EAAFConstants.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/data/EaafConstants.java @@ -1,4 +1,4 @@ -/******************************************************************************* +/* * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology. * @@ -11,19 +11,15 @@ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express * or implied. See the Licence for the specific language governing permissions and limitations under * the Licence. - * + * * This product combines work with different licenses. See the "NOTICE" text file for details on the * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative * works that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -/******************************************************************************* - *******************************************************************************/ -/******************************************************************************* - *******************************************************************************/ -package at.gv.egiz.eaaf.core.api.data; +*/ +package at.gv.egiz.eaaf.core.api.data; -public class EAAFConstants { +public class EaafConstants { public static final String CONTENTTYPE_HTML_UTF8 = "text/html; charset=UTF-8"; @@ -32,7 +28,6 @@ public class EAAFConstants { public static final String PARAM_HTTP_ERROR_CODE = "errorid"; public static final String PARAM_HTTP_STOP_PROCESS = "stopAuthProcess"; - public static final String EIDAS_LOA_PREFIX = "http://eidas.europa.eu/LoA/"; public static final String EIDAS_LOA_LOW = EIDAS_LOA_PREFIX + "low"; public static final String EIDAS_LOA_SUBSTANTIAL = EIDAS_LOA_PREFIX + "substantial"; @@ -45,7 +40,6 @@ public class EAAFConstants { public static final String URN_PART_WBPK = "wbpk+"; public static final String URN_PART_EIDAS = "eidasid+"; - public static final String URN_PREFIX = "urn:publicid:gv.at"; public static final String URN_PREFIX_BASEID = URN_PREFIX + ":baseid"; public static final String URN_PREFIX_CDID = URN_PREFIX + ":cdid+"; @@ -54,21 +48,17 @@ public class EAAFConstants { public static final String URN_PREFIX_EIDAS = URN_PREFIX + ":" + URN_PART_EIDAS; public static final String URN_PREFIX_OW_BPK = URN_PREFIX_CDID + "OW"; - // Authentication process data_constants public static final String UNIQUESESSIONIDENTIFIER = "eaaf_uniqueSessionIdentifier"; public static final String AUTH_DATA_CREATED = "eaaf_authdata_created"; - public static final String PROCESS_ENGINE_PREFIX = "PARAMS_"; - public static final String PROCESS_ENGINE_PENDINGREQUESTID = - PROCESS_ENGINE_PREFIX + PARAM_HTTP_TARGET_PENDINGREQUESTID; - public static final String PROCESS_ENGINE_SERVICE_PROVIDER_ENTITYID = - PROCESS_ENGINE_PREFIX + "uniqueSPId"; - public static final String PROCESS_ENGINE_SSL_CLIENT_CERTIFICATE = - PROCESS_ENGINE_PREFIX + "holderofkey_cert"; - public static final String PROCESS_ENGINE_REQUIRES_NO_POSTAUTH_REDIRECT = - PROCESS_ENGINE_PREFIX + "requireNoPostAuthRedirect"; + public static final String PROCESS_ENGINE_PENDINGREQUESTID = PROCESS_ENGINE_PREFIX + + PARAM_HTTP_TARGET_PENDINGREQUESTID; + public static final String PROCESS_ENGINE_SERVICE_PROVIDER_ENTITYID = PROCESS_ENGINE_PREFIX + "uniqueSPId"; + public static final String PROCESS_ENGINE_SSL_CLIENT_CERTIFICATE = PROCESS_ENGINE_PREFIX + "holderofkey_cert"; + public static final String PROCESS_ENGINE_REQUIRES_NO_POSTAUTH_REDIRECT = PROCESS_ENGINE_PREFIX + + "requireNoPostAuthRedirect"; public static final String PROCESSCONTEXT_SWITCH_LANGUAGE = "changeLanguage"; public static final int ALLOWED_TIME_JITTER = 5; // minutes diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/data/EAAFEventCodes.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/data/EaafEventCodes.java index e25c05b5..74f79239 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/data/EAAFEventCodes.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/data/EaafEventCodes.java @@ -1,5 +1,5 @@ package at.gv.egiz.eaaf.core.api.data; -public class EAAFEventCodes { +public class EaafEventCodes { public static final int PROCESS_STOPPED_BY_USER = 4102; } diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/data/ExceptionContainer.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/data/ExceptionContainer.java index 69268562..80c7094c 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/data/ExceptionContainer.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/data/ExceptionContainer.java @@ -1,4 +1,4 @@ -/******************************************************************************* +/* * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology. * @@ -11,15 +11,12 @@ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express * or implied. See the Licence for the specific language governing permissions and limitations under * the Licence. - * + * * This product combines work with different licenses. See the "NOTICE" text file for details on the * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative * works that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -/******************************************************************************* - *******************************************************************************/ -/******************************************************************************* - *******************************************************************************/ +*/ + package at.gv.egiz.eaaf.core.api.data; import java.io.Serializable; @@ -27,6 +24,8 @@ import java.io.Serializable; import at.gv.egiz.eaaf.core.api.IRequest; /** + * AuthProcess exception containter for Front-Channel exception handling. + * * @author tlenz * */ @@ -36,9 +35,11 @@ public class ExceptionContainer implements Serializable { private Throwable exceptionThrown = null; private IRequest pendingReq = null; - /** + * Create an exception container. * + * @param pendingReq Pending request that has an exception + * @param exception error */ public ExceptionContainer(final IRequest pendingReq, final Throwable exception) { this.pendingReq = pendingReq; @@ -47,6 +48,8 @@ public class ExceptionContainer implements Serializable { } /** + * Get the error. + * * @return the exceptionThrown */ public Throwable getExceptionThrown() { @@ -59,6 +62,8 @@ public class ExceptionContainer implements Serializable { } /** + * Get the unique sessionId for this error. + * * @return the uniqueSessionID */ public String getUniqueSessionID() { @@ -70,6 +75,8 @@ public class ExceptionContainer implements Serializable { } /** + * Get the unique transactionId for this error. + * * @return the uniqueTransactionID */ public String getUniqueTransactionID() { @@ -81,6 +88,8 @@ public class ExceptionContainer implements Serializable { } /** + * Get the service-provider identifier. + * * @return the uniqueServiceProviderId */ public String getUniqueServiceProviderId() { @@ -91,6 +100,4 @@ public class ExceptionContainer implements Serializable { } } - - } diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/data/ExtendedPVPAttributeDefinitions.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/data/ExtendedPVPAttributeDefinitions.java deleted file mode 100644 index b895ab7d..00000000 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/data/ExtendedPVPAttributeDefinitions.java +++ /dev/null @@ -1,48 +0,0 @@ -/******************************************************************************* - * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a - * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European - * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in - * compliance with the Licence. You may obtain a copy of the Licence at: - * https://joinup.ec.europa.eu/news/understanding-eupl-v12 - * - * Unless required by applicable law or agreed to in writing, software distributed under the Licence - * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express - * or implied. See the Licence for the specific language governing permissions and limitations under - * the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text file for details on the - * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative - * works that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -/******************************************************************************* - *******************************************************************************/ -package at.gv.egiz.eaaf.core.api.data; - -public interface ExtendedPVPAttributeDefinitions extends PVPAttributeDefinitions { - - String SP_UNIQUEID_NAME = "urn:eidgvat:attributes.ServiceProviderUniqueId"; - String SP_UNIQUEID_FRIENDLY_NAME = "ServiceProvider-UniqueId"; - - String SP_FRIENDLYNAME_NAME = - "urn:eidgvat:attributes.ServiceProviderFriendlyName"; - String SP_FRIENDLYNAME_FRIENDLY_NAME = "ServiceProvider-FriendlyName"; - - String SP_COUNTRYCODE_NAME = - "urn:eidgvat:attributes.ServiceProviderCountryCode"; - String SP_COUNTRYCODE_FRIENDLY_NAME = "ServiceProvider-CountryCode"; - - String SP_USESMANDATES_NAME = - "urn:eidgvat:attributes.ServiceProviderMandateProfiles"; - String SP_USESMANDATES_FRIENDLY_NAME = "ServiceProvider-MandateProfiles"; - - /* Attributes for E-ID */ - String EID_ENCRYPTED_SOURCEID_NAME = "urn:eidgvat:attributes.vsz.value"; - String EID_ENCRYPTED_SOURCEID_FRIENDLY_NAME = "vSZ"; - - String EID_ENCRYPTED_SOURCEID_TYPE_NAME = "urn:eidgvat:attributes.vsz.type"; - String EID_ENCRYPTED_SOURCEID_TYPE_FRIENDLY_NAME = "vSZ-Type"; - - -} diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/data/ExtendedPvpAttributeDefinitions.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/data/ExtendedPvpAttributeDefinitions.java new file mode 100644 index 00000000..f5865067 --- /dev/null +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/data/ExtendedPvpAttributeDefinitions.java @@ -0,0 +1,43 @@ +/* + * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a + * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European + * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in + * compliance with the Licence. You may obtain a copy of the Licence at: + * https://joinup.ec.europa.eu/news/understanding-eupl-v12 + * + * Unless required by applicable law or agreed to in writing, software distributed under the Licence + * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express + * or implied. See the Licence for the specific language governing permissions and limitations under + * the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text file for details on the + * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative + * works that you distribute must include a readable copy of the "NOTICE" text file. + */ + +package at.gv.egiz.eaaf.core.api.data; + +public interface ExtendedPvpAttributeDefinitions extends PvpAttributeDefinitions { + + String SP_UNIQUEID_NAME = "urn:eidgvat:attributes.ServiceProviderUniqueId"; + String SP_UNIQUEID_FRIENDLY_NAME = "ServiceProvider-UniqueId"; + + String SP_FRIENDLYNAME_NAME = "urn:eidgvat:attributes.ServiceProviderFriendlyName"; + String SP_FRIENDLYNAME_FRIENDLY_NAME = "ServiceProvider-FriendlyName"; + + String SP_COUNTRYCODE_NAME = "urn:eidgvat:attributes.ServiceProviderCountryCode"; + String SP_COUNTRYCODE_FRIENDLY_NAME = "ServiceProvider-CountryCode"; + + String SP_USESMANDATES_NAME = "urn:eidgvat:attributes.ServiceProviderMandateProfiles"; + String SP_USESMANDATES_FRIENDLY_NAME = "ServiceProvider-MandateProfiles"; + + /* Attributes for E-ID */ + String EID_ENCRYPTED_SOURCEID_NAME = "urn:eidgvat:attributes.vsz.value"; + String EID_ENCRYPTED_SOURCEID_FRIENDLY_NAME = "vSZ"; + + String EID_ENCRYPTED_SOURCEID_TYPE_NAME = "urn:eidgvat:attributes.vsz.type"; + String EID_ENCRYPTED_SOURCEID_TYPE_FRIENDLY_NAME = "vSZ-Type"; + +} diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/data/ILoALevelMapper.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/data/ILoALevelMapper.java index 3abf39e7..91fb1bf7 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/data/ILoALevelMapper.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/data/ILoALevelMapper.java @@ -1,4 +1,4 @@ -/******************************************************************************* +/* * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology. * @@ -11,42 +11,38 @@ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express * or implied. See the Licence for the specific language governing permissions and limitations under * the Licence. - * + * * This product combines work with different licenses. See the "NOTICE" text file for details on the * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative * works that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -/******************************************************************************* - *******************************************************************************/ -/******************************************************************************* - *******************************************************************************/ +*/ + package at.gv.egiz.eaaf.core.api.data; public interface ILoALevelMapper { /** - * Map an arbitrary QAA level to eIDAS LoA - * - * @param qaa, but not null + * Map an arbitrary QAA level to eIDAS LoA. + * + * @param qaa but not null * @return An eIDAS LoA if there is a mapping, otherwise null */ - String mapToeIDASLoA(String qaa); + String mapToEidasLoa(String qaa); /** - * Map an arbitrary QAA level to PVP SecClass - * - * @param qaa, but not null + * Map an arbitrary QAA level to PVP SecClass. + * + * @param qaa but not null * @return A PVP SecClass if there is a mapping, otherwise null */ String mapToSecClass(String qaa); - /** - * Map an an arbitrary eIDAS LoA to STORK QAA Level - * - * @param eidasqaaLevel + * Map an an arbitrary eIDAS LoA to STORK QAA Level. + * + * @param eidasqaaLevel eIDAS LoA for mapping * @return A STORK QAA level */ @Deprecated - String mapeIDASQAAToSTORKQAA(String eidasqaaLevel); + String mapEidasQaaToStorkQaa(String eidasqaaLevel); } diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/data/PVPAttributeDefinitions.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/data/PVPAttributeDefinitions.java deleted file mode 100644 index 7604299e..00000000 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/data/PVPAttributeDefinitions.java +++ /dev/null @@ -1,380 +0,0 @@ -/******************************************************************************* - * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a - * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European - * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in - * compliance with the Licence. You may obtain a copy of the Licence at: - * https://joinup.ec.europa.eu/news/understanding-eupl-v12 - * - * Unless required by applicable law or agreed to in writing, software distributed under the Licence - * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express - * or implied. See the Licence for the specific language governing permissions and limitations under - * the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text file for details on the - * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative - * works that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -/******************************************************************************* - *******************************************************************************/ -/******************************************************************************* - *******************************************************************************/ -package at.gv.egiz.eaaf.core.api.data; - -public interface PVPAttributeDefinitions { - - String URN_OID_PREFIX = "urn:oid:"; - - String PVP_VERSION_OID = "1.2.40.0.10.2.1.1.261.10"; - String PVP_VERSION_NAME = URN_OID_PREFIX + PVP_VERSION_OID; - String PVP_VERSION_FRIENDLY_NAME = "PVP-VERSION"; - String PVP_VERSION_2_1 = "2.2"; - - - String SECCLASS_OID = "1.2.40.0.10.2.1.1.261.110"; - String SECCLASS_FRIENDLY_NAME = "SECCLASS"; - String SECCLASS_NAME = URN_OID_PREFIX + SECCLASS_OID; - int SECCLASS_MAX_LENGTH = 128; - - String PRINCIPAL_NAME_OID = "1.2.40.0.10.2.1.1.261.20"; - String PRINCIPAL_NAME_NAME = URN_OID_PREFIX + PRINCIPAL_NAME_OID; - String PRINCIPAL_NAME_FRIENDLY_NAME = "PRINCIPAL-NAME"; - int PRINCIPAL_NAME_MAX_LENGTH = 128; - - String GIVEN_NAME_OID = "2.5.4.42"; - String GIVEN_NAME_NAME = URN_OID_PREFIX + GIVEN_NAME_OID; - String GIVEN_NAME_FRIENDLY_NAME = "GIVEN-NAME"; - int GIVEN_NAME_MAX_LENGTH = 128; - - String BIRTHDATE_OID = "1.2.40.0.10.2.1.1.55"; - String BIRTHDATE_NAME = URN_OID_PREFIX + BIRTHDATE_OID; - String BIRTHDATE_FRIENDLY_NAME = "BIRTHDATE"; - String BIRTHDATE_FORMAT_PATTERN = "yyyy-MM-dd"; - - String USERID_OID = "0.9.2342.19200300.100.1.1"; - String USERID_NAME = URN_OID_PREFIX + USERID_OID; - String USERID_FRIENDLY_NAME = "USERID"; - int USERID_MAX_LENGTH = 128; - - String GID_OID = "1.2.40.0.10.2.1.1.1"; - String GID_NAME = URN_OID_PREFIX + GID_OID; - String GID_FRIENDLY_NAME = "GID"; - int GID_MAX_LENGTH = 128; - - String BPK_OID = "1.2.40.0.10.2.1.1.149"; - String BPK_NAME = URN_OID_PREFIX + BPK_OID; - String BPK_FRIENDLY_NAME = "BPK"; - int BPK_MAX_LENGTH = 1024; - String BPK_R_PROFILE21_HEADER = "X-PVP-BPK"; - - String BPK_LIST_OID = "1.2.40.0.10.2.1.1.261.28"; - String BPK_LIST_NAME = URN_OID_PREFIX + BPK_LIST_OID; - String BPK_LIST_FRIENDLY_NAME = "BPK-LIST"; - int BPK_LIST_MAX_LENGTH = 32767; - - String ENC_BPK_LIST_OID = "1.2.40.0.10.2.1.1.261.22"; - String ENC_BPK_LIST_NAME = URN_OID_PREFIX + ENC_BPK_LIST_OID; - String ENC_BPK_LIST_FRIENDLY_NAME = "ENC-BPK-LIST"; - int ENC_BPK_LIST_MAX_LENGTH = 32767; - - String MAIL_OID = "0.9.2342.19200300.100.1.3"; - String MAIL_NAME = URN_OID_PREFIX + MAIL_OID; - String MAIL_FRIENDLY_NAME = "MAIL"; - int MAIL_MAX_LENGTH = 128; - - String TEL_OID = "2.5.4.20"; - String TEL_NAME = URN_OID_PREFIX + TEL_OID; - String TEL_FRIENDLY_NAME = "TEL"; - int TEL_MAX_LENGTH = 32; - - String PARTICIPANT_ID_OID = "1.2.40.0.10.2.1.1.71"; - String PARTICIPANT_ID_NAME = URN_OID_PREFIX + PARTICIPANT_ID_OID; - String PARTICIPANT_ID_FRIENDLY_NAME = "PARTICIPANT-ID"; - int PARTICIPANT_MAX_LENGTH = 39; - - String PARTICIPANT_OKZ_OID = "1.2.40.0.10.2.1.1.261.24"; - String PARTICIPANT_OKZ_NAME = URN_OID_PREFIX + PARTICIPANT_OKZ_OID; - String PARTICIPANT_OKZ_FRIENDLY_NAME = "PARTICIPANT-OKZ"; - int PARTICIPANT_OKZ_MAX_LENGTH = 32; - - String OU_OKZ_OID = "1.2.40.0.10.2.1.1.153"; - String OU_OKZ_NAME = URN_OID_PREFIX + OU_OKZ_OID; - int OU_OKZ_MAX_LENGTH = 32; - - String OU_GV_OU_ID_OID = "1.2.40.0.10.2.1.1.3"; - String OU_GV_OU_ID_NAME = URN_OID_PREFIX + OU_GV_OU_ID_OID; - String OU_GV_OU_ID_FRIENDLY_NAME = "OU-GV-OU-ID"; - int OU_GV_OU_ID_MAX_LENGTH = 39; - - String OU_OID = "2.5.4.11"; - String OU_NAME = URN_OID_PREFIX + OU_OID; - String OU_FRIENDLY_NAME = "OU"; - int OU_MAX_LENGTH = 64; - - String FUNCTION_OID = "1.2.40.0.10.2.1.1.33"; - String FUNCTION_NAME = URN_OID_PREFIX + FUNCTION_OID; - String FUNCTION_FRIENDLY_NAME = "FUNCTION"; - int FUNCTION_MAX_LENGTH = 32; - - String ROLES_OID = "1.2.40.0.10.2.1.1.261.30"; - String ROLES_NAME = URN_OID_PREFIX + ROLES_OID; - String ROLES_FRIENDLY_NAME = "ROLES"; - int ROLES_MAX_LENGTH = 32767; - - @Deprecated - String EID_CITIZEN_QAA_LEVEL_OID = "1.2.40.0.10.2.1.1.261.94"; - @Deprecated - String EID_CITIZEN_QAA_LEVEL_NAME = - URN_OID_PREFIX + EID_CITIZEN_QAA_LEVEL_OID; - @Deprecated - String EID_CITIZEN_QAA_LEVEL_FRIENDLY_NAME = "EID-CITIZEN-QAA-LEVEL"; - - String EID_CITIZEN_EIDAS_QAA_LEVEL_OID = "1.2.40.0.10.2.1.1.261.108"; - String EID_CITIZEN_EIDAS_QAA_LEVEL_NAME = - URN_OID_PREFIX + EID_CITIZEN_EIDAS_QAA_LEVEL_OID; - String EID_CITIZEN_EIDAS_QAA_LEVEL_FRIENDLY_NAME = - "EID-CITIZEN-QAA-EIDAS-LEVEL"; - - String EID_IDENTITY_STATUS_LEVEL_OID = "1.2.40.0.10.2.1.1.261.109"; - String EID_IDENTITY_STATUS_LEVEL_NAME = - URN_OID_PREFIX + EID_IDENTITY_STATUS_LEVEL_OID; - String EID_IDENTITY_STATUS_LEVEL_FRIENDLY_NAME = "EID-IDENTITY-STATUS-LEVEL"; - - enum EID_IDENTITY_STATUS_LEVEL_VALUES { - IDENTITY("http://eid.gv.at/eID/status/identity"), TESTIDENTITY( - "http://eid.gv.at/eID/status/testidentity"), SYSTEM("http://eid.gv.at/eID/status/system"); - - private final String uri; - - EID_IDENTITY_STATUS_LEVEL_VALUES(final String uri) { - this.uri = uri; - } - - /** - * Get the URI based status identifier of an E-ID - * - * @return - */ - public String getURI() { - return this.uri; - } - } - - String EID_ISSUING_NATION_OID = "1.2.40.0.10.2.1.1.261.32"; - String EID_ISSUING_NATION_NAME = URN_OID_PREFIX + EID_ISSUING_NATION_OID; - String EID_ISSUING_NATION_FRIENDLY_NAME = "EID-ISSUING-NATION"; - int EID_ISSUING_NATION_MAX_LENGTH = 2; - - String EID_SECTOR_FOR_IDENTIFIER_OID = "1.2.40.0.10.2.1.1.261.34"; - String EID_SECTOR_FOR_IDENTIFIER_NAME = - URN_OID_PREFIX + EID_SECTOR_FOR_IDENTIFIER_OID; - String EID_SECTOR_FOR_IDENTIFIER_FRIENDLY_NAME = "EID-SECTOR-FOR-IDENTIFIER"; - int EID_SECTOR_FOR_IDENTIFIER_MAX_LENGTH = 255; - - @Deprecated - String EID_SOURCE_PIN_OID = "1.2.40.0.10.2.1.1.261.36"; - @Deprecated - String EID_SOURCE_PIN_NAME = URN_OID_PREFIX + EID_SOURCE_PIN_OID; - @Deprecated - String EID_SOURCE_PIN_FRIENDLY_NAME = "EID-SOURCE-PIN"; - @Deprecated - int EID_SOURCE_PIN_MAX_LENGTH = 128; - - @Deprecated - String EID_SOURCE_PIN_TYPE_OID = "1.2.40.0.10.2.1.1.261.104"; - @Deprecated - String EID_SOURCE_PIN_TYPE_NAME = URN_OID_PREFIX + EID_SOURCE_PIN_TYPE_OID; - @Deprecated - String EID_SOURCE_PIN_TYPE_FRIENDLY_NAME = "EID-SOURCE-PIN-TYPE"; - @Deprecated - int EID_SOURCE_PIN_TYPE_MAX_LENGTH = 128; - - @Deprecated - String EID_IDENTITY_LINK_OID = "1.2.40.0.10.2.1.1.261.38"; - @Deprecated - String EID_IDENTITY_LINK_NAME = URN_OID_PREFIX + EID_IDENTITY_LINK_OID; - @Deprecated - String EID_IDENTITY_LINK_FRIENDLY_NAME = "EID-IDENTITY-LINK"; - @Deprecated - int EID_IDENTITY_LINK_MAX_LENGTH = 32767; - - String EID_E_ID_TOKEN_OID = "1.2.40.0.10.2.1.1.261.39"; - String EID_E_ID_TOKEN_NAME = URN_OID_PREFIX + EID_E_ID_TOKEN_OID; - String EID_E_ID_TOKEN_FRIENDLY_NAME = "EID-E-ID-TOKEN"; - int EID_E_ID_TOKEN_MAX_LENGTH = 32767; - - @Deprecated - String EID_AUTH_BLOCK_OID = "1.2.40.0.10.2.1.1.261.62"; - @Deprecated - String EID_AUTH_BLOCK_NAME = URN_OID_PREFIX + EID_AUTH_BLOCK_OID; - @Deprecated - String EID_AUTH_BLOCK_FRIENDLY_NAME = "EID-AUTH-BLOCK"; - @Deprecated - int EID_AUTH_BLOCK_MAX_LENGTH = 32767; - - String EID_CCS_URL_OID = "1.2.40.0.10.2.1.1.261.64"; - String EID_CCS_URL_NAME = URN_OID_PREFIX + EID_CCS_URL_OID; - String EID_CCS_URL_FRIENDLY_NAME = "EID-CCS-URL"; - int EID_CCS_URL_MAX_LENGTH = 1024; - - String EID_SIGNER_CERTIFICATE_OID = "1.2.40.0.10.2.1.1.261.66"; - String EID_SIGNER_CERTIFICATE_NAME = - URN_OID_PREFIX + EID_SIGNER_CERTIFICATE_OID; - String EID_SIGNER_CERTIFICATE_FRIENDLY_NAME = "EID-SIGNER-CERTIFICATE"; - int EID_SIGNER_CERTIFICATE_MAX_LENGTH = 32767; - - @Deprecated - String EID_STORK_TOKEN_OID = "1.2.40.0.10.2.1.1.261.96"; - @Deprecated - String EID_STORK_TOKEN_NAME = URN_OID_PREFIX + EID_STORK_TOKEN_OID; - @Deprecated - String EID_STORK_TOKEN_FRIENDLY_NAME = "EID-STORK-TOKEN"; - @Deprecated - int EID_STORK_TOKEN_MAX_LENGTH = 32767; - - String MANDATE_TYPE_OID = "1.2.40.0.10.2.1.1.261.68"; - String MANDATE_TYPE_NAME = URN_OID_PREFIX + MANDATE_TYPE_OID; - String MANDATE_TYPE_FRIENDLY_NAME = "MANDATE-TYPE"; - int MANDATE_TYPE_MAX_LENGTH = 256; - - String MANDATE_TYPE_OID_OID = "1.2.40.0.10.2.1.1.261.106"; - String MANDATE_TYPE_OID_NAME = URN_OID_PREFIX + MANDATE_TYPE_OID_OID; - String MANDATE_TYPE_OID_FRIENDLY_NAME = "MANDATE-TYPE-OID"; - int MANDATE_TYPE_OID_MAX_LENGTH = 256; - - @Deprecated - String MANDATE_NAT_PER_SOURCE_PIN_OID = "1.2.40.0.10.2.1.1.261.70"; - @Deprecated - String MANDATE_NAT_PER_SOURCE_PIN_NAME = - URN_OID_PREFIX + MANDATE_NAT_PER_SOURCE_PIN_OID; - @Deprecated - String MANDATE_NAT_PER_SOURCE_PIN_FRIENDLY_NAME = - "MANDATOR-NATURAL-PERSON-SOURCE-PIN"; - @Deprecated - int MANDATE_NAT_PER_SOURCE_PIN_MAX_LENGTH = 128; - - String MANDATE_LEG_PER_SOURCE_PIN_OID = "1.2.40.0.10.2.1.1.261.100"; - String MANDATE_LEG_PER_SOURCE_PIN_NAME = - URN_OID_PREFIX + MANDATE_LEG_PER_SOURCE_PIN_OID; - String MANDATE_LEG_PER_SOURCE_PIN_FRIENDLY_NAME = - "MANDATOR-LEGAL-PERSON-SOURCE-PIN"; - int MANDATE_LEG_PER_SOURCE_PIN_MAX_LENGTH = 128; - - @Deprecated - String MANDATE_NAT_PER_SOURCE_PIN_TYPE_OID = "1.2.40.0.10.2.1.1.261.102"; - @Deprecated - String MANDATE_NAT_PER_SOURCE_PIN_TYPE_NAME = - URN_OID_PREFIX + MANDATE_NAT_PER_SOURCE_PIN_TYPE_OID; - @Deprecated - String MANDATE_NAT_PER_SOURCE_PIN_TYPE_FRIENDLY_NAME = - "MANDATOR-NATURAL-PERSON-SOURCE-PIN-TYPE"; - @Deprecated - int MANDATE_NAT_PER_SOURCE_PIN_TYPE_MAX_LENGTH = 128; - - String MANDATE_LEG_PER_SOURCE_PIN_TYPE_OID = "1.2.40.0.10.2.1.1.261.76"; - String MANDATE_LEG_PER_SOURCE_PIN_TYPE_NAME = - URN_OID_PREFIX + MANDATE_LEG_PER_SOURCE_PIN_TYPE_OID; - String MANDATE_LEG_PER_SOURCE_PIN_TYPE_FRIENDLY_NAME = - "MANDATOR-LEGAL-PERSON-SOURCE-PIN-TYPE"; - int MANDATE_LEG_PER_SOURCE_PIN_TYPE_MAX_LENGTH = 128; - - String MANDATE_NAT_PER_BPK_OID = "1.2.40.0.10.2.1.1.261.98"; - String MANDATE_NAT_PER_BPK_NAME = URN_OID_PREFIX + MANDATE_NAT_PER_BPK_OID; - String MANDATE_NAT_PER_BPK_FRIENDLY_NAME = "MANDATOR-NATURAL-PERSON-BPK"; - int MANDATE_NAT_PER_BPK_MAX_LENGTH = 1024; - - String MANDATE_NAT_PER_BPK_LIST_OID = "1.2.40.0.10.2.1.1.261.73"; - String MANDATE_NAT_PER_BPK_LIST_NAME = - URN_OID_PREFIX + MANDATE_NAT_PER_BPK_LIST_OID; - String MANDATE_NAT_PER_BPK_LIST_FRIENDLY_NAME = - "MANDATOR-NATURAL-PERSON-BPK-LIST"; - int MANDATE_NAT_PER_ENC_LIST_MAX_LENGTH = 32767; - - String MANDATE_NAT_PER_ENC_BPK_LIST_OID = "1.2.40.0.10.2.1.1.261.72"; - String MANDATE_NAT_PER_ENC_BPK_LIST_NAME = - URN_OID_PREFIX + MANDATE_NAT_PER_ENC_BPK_LIST_OID; - String MANDATE_NAT_PER_ENC_BPK_LIST_FRIENDLY_NAME = - "MANDATOR-NATURAL-PERSON-ENC-BPK-LIST"; - int MANDATE_NAT_PER_ENC_BPK_LIST_MAX_LENGTH = 32767; - - String MANDATE_NAT_PER_GIVEN_NAME_OID = "1.2.40.0.10.2.1.1.261.78"; - String MANDATE_NAT_PER_GIVEN_NAME_NAME = - URN_OID_PREFIX + MANDATE_NAT_PER_GIVEN_NAME_OID; - String MANDATE_NAT_PER_GIVEN_NAME_FRIENDLY_NAME = - "MANDATOR-NATURAL-PERSON-GIVEN-NAME"; - int MANDATE_NAT_PER_GIVEN_NAME_MAX_LENGTH = 128; - - String MANDATE_NAT_PER_FAMILY_NAME_OID = "1.2.40.0.10.2.1.1.261.80"; - String MANDATE_NAT_PER_FAMILY_NAME_NAME = - URN_OID_PREFIX + MANDATE_NAT_PER_FAMILY_NAME_OID; - String MANDATE_NAT_PER_FAMILY_NAME_FRIENDLY_NAME = - "MANDATOR-NATURAL-PERSON-FAMILY-NAME"; - int MANDATE_NAT_PER_FAMILY_NAME_MAX_LENGTH = 128; - - String MANDATE_NAT_PER_BIRTHDATE_OID = "1.2.40.0.10.2.1.1.261.82"; - String MANDATE_NAT_PER_BIRTHDATE_NAME = - URN_OID_PREFIX + MANDATE_NAT_PER_BIRTHDATE_OID; - String MANDATE_NAT_PER_BIRTHDATE_FRIENDLY_NAME = - "MANDATOR-NATURAL-PERSON-BIRTHDATE"; - String MANDATE_NAT_PER_BIRTHDATE_FORMAT_PATTERN = BIRTHDATE_FORMAT_PATTERN; - - String MANDATE_LEG_PER_FULL_NAME_OID = "1.2.40.0.10.2.1.1.261.84"; - String MANDATE_LEG_PER_FULL_NAME_NAME = - URN_OID_PREFIX + MANDATE_LEG_PER_FULL_NAME_OID; - String MANDATE_LEG_PER_FULL_NAME_FRIENDLY_NAME = - "MANDATOR-LEGAL-PERSON-FULL-NAME"; - int MANDATE_LEG_PER_FULL_NAME_MAX_LENGTH = 256; - - String MANDATE_PROF_REP_OID_OID = "1.2.40.0.10.2.1.1.261.86"; - String MANDATE_PROF_REP_OID_NAME = URN_OID_PREFIX + MANDATE_PROF_REP_OID_OID; - String MANDATE_PROF_REP_OID_FRIENDLY_NAME = "MANDATE-PROF-REP-OID"; - int MANDATE_PROF_REP_OID_MAX_LENGTH = 256; - - String MANDATE_PROF_REP_DESC_OID = "1.2.40.0.10.2.1.1.261.88"; - String MANDATE_PROF_REP_DESC_NAME = - URN_OID_PREFIX + MANDATE_PROF_REP_DESC_OID; - String MANDATE_PROF_REP_DESC_FRIENDLY_NAME = "MANDATE-PROF-REP-DESCRIPTION"; - int MANDATE_PROF_REP_DESC_MAX_LENGTH = 1024; - - String MANDATE_REFERENCE_VALUE_OID = "1.2.40.0.10.2.1.1.261.90"; - String MANDATE_REFERENCE_VALUE_NAME = - URN_OID_PREFIX + MANDATE_REFERENCE_VALUE_OID; - String MANDATE_REFERENCE_VALUE_FRIENDLY_NAME = "MANDATE-REFERENCE-VALUE"; - int MANDATE_REFERENCE_VALUE_MAX_LENGTH = 100; - - String MANDATE_IDENTIFIER_OID = "1.2.40.0.10.2.1.1.261.91"; - String MANDATE_IDENTIFIER_FRIENDLY_NAME = "MANDATE-IDENTIFIER"; - String MANDATE_IDENTIFIER_NAME = URN_OID_PREFIX + MANDATE_IDENTIFIER_OID; - int MANDATE_IDENTIFIER_MAX_LENGTH = 256; - - - @Deprecated - String MANDATE_FULL_MANDATE_OID = "1.2.40.0.10.2.1.1.261.92"; - @Deprecated - String MANDATE_FULL_MANDATE_NAME = URN_OID_PREFIX + MANDATE_FULL_MANDATE_OID; - @Deprecated - String MANDATE_FULL_MANDATE_FRIENDLY_NAME = "MANDATE-FULL-MANDATE"; - @Deprecated - int MANDATE_FULL_MANDATE_MAX_LENGTH = 32767; - - String INVOICE_RECPT_ID_OID = "1.2.40.0.10.2.1.1.261.40"; - String INVOICE_RECPT_ID_NAME = URN_OID_PREFIX + INVOICE_RECPT_ID_OID; - String INVOICE_RECPT_ID_FRIENDLY_NAME = "INVOICE-RECPT-ID"; - int INVOICE_RECPT_ID_MAX_LENGTH = 64; - - String COST_CENTER_ID_OID = "1.2.40.0.10.2.1.1.261.50"; - String COST_CENTER_ID_NAME = URN_OID_PREFIX + COST_CENTER_ID_OID; - String COST_CENTER_ID_FRIENDLY_NAME = "COST-CENTER-ID"; - int COST_CENTER_ID_MAX_LENGTH = 32767; - - String CHARGE_CODE_OID = "1.2.40.0.10.2.1.1.261.60"; - String CHARGE_CODE_NAME = URN_OID_PREFIX + CHARGE_CODE_OID; - String CHARGE_CODE_FRIENDLY_NAME = "CHARGE-CODE"; - int CHARGE_CODE_MAX_LENGTH = 32767; - - String PVP_HOLDEROFKEY_OID = "1.2.40.0.10.2.1.1.261.xx.xx"; - String PVP_HOLDEROFKEY_NAME = URN_OID_PREFIX + PVP_HOLDEROFKEY_OID; - String PVP_HOLDEROFKEY_FRIENDLY_NAME = "HOLDER-OF-KEY-CERTIFICATE"; - -} diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/data/PvpAttributeDefinitions.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/data/PvpAttributeDefinitions.java new file mode 100644 index 00000000..2a9a8317 --- /dev/null +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/data/PvpAttributeDefinitions.java @@ -0,0 +1,347 @@ +/* + * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a + * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European + * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in + * compliance with the Licence. You may obtain a copy of the Licence at: + * https://joinup.ec.europa.eu/news/understanding-eupl-v12 + * + * Unless required by applicable law or agreed to in writing, software distributed under the Licence + * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express + * or implied. See the Licence for the specific language governing permissions and limitations under + * the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text file for details on the + * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative + * works that you distribute must include a readable copy of the "NOTICE" text file. + */ + +package at.gv.egiz.eaaf.core.api.data; + +public interface PvpAttributeDefinitions { + + String URN_OID_PREFIX = "urn:oid:"; + + String PVP_VERSION_OID = "1.2.40.0.10.2.1.1.261.10"; + String PVP_VERSION_NAME = URN_OID_PREFIX + PVP_VERSION_OID; + String PVP_VERSION_FRIENDLY_NAME = "PVP-VERSION"; + String PVP_VERSION_2_1 = "2.2"; + + String SECCLASS_OID = "1.2.40.0.10.2.1.1.261.110"; + String SECCLASS_FRIENDLY_NAME = "SECCLASS"; + String SECCLASS_NAME = URN_OID_PREFIX + SECCLASS_OID; + int SECCLASS_MAX_LENGTH = 128; + + String PRINCIPAL_NAME_OID = "1.2.40.0.10.2.1.1.261.20"; + String PRINCIPAL_NAME_NAME = URN_OID_PREFIX + PRINCIPAL_NAME_OID; + String PRINCIPAL_NAME_FRIENDLY_NAME = "PRINCIPAL-NAME"; + int PRINCIPAL_NAME_MAX_LENGTH = 128; + + String GIVEN_NAME_OID = "2.5.4.42"; + String GIVEN_NAME_NAME = URN_OID_PREFIX + GIVEN_NAME_OID; + String GIVEN_NAME_FRIENDLY_NAME = "GIVEN-NAME"; + int GIVEN_NAME_MAX_LENGTH = 128; + + String BIRTHDATE_OID = "1.2.40.0.10.2.1.1.55"; + String BIRTHDATE_NAME = URN_OID_PREFIX + BIRTHDATE_OID; + String BIRTHDATE_FRIENDLY_NAME = "BIRTHDATE"; + String BIRTHDATE_FORMAT_PATTERN = "yyyy-MM-dd"; + + String USERID_OID = "0.9.2342.19200300.100.1.1"; + String USERID_NAME = URN_OID_PREFIX + USERID_OID; + String USERID_FRIENDLY_NAME = "USERID"; + int USERID_MAX_LENGTH = 128; + + String GID_OID = "1.2.40.0.10.2.1.1.1"; + String GID_NAME = URN_OID_PREFIX + GID_OID; + String GID_FRIENDLY_NAME = "GID"; + int GID_MAX_LENGTH = 128; + + String BPK_OID = "1.2.40.0.10.2.1.1.149"; + String BPK_NAME = URN_OID_PREFIX + BPK_OID; + String BPK_FRIENDLY_NAME = "BPK"; + int BPK_MAX_LENGTH = 1024; + String BPK_R_PROFILE21_HEADER = "X-PVP-BPK"; + + String BPK_LIST_OID = "1.2.40.0.10.2.1.1.261.28"; + String BPK_LIST_NAME = URN_OID_PREFIX + BPK_LIST_OID; + String BPK_LIST_FRIENDLY_NAME = "BPK-LIST"; + int BPK_LIST_MAX_LENGTH = 32767; + + String ENC_BPK_LIST_OID = "1.2.40.0.10.2.1.1.261.22"; + String ENC_BPK_LIST_NAME = URN_OID_PREFIX + ENC_BPK_LIST_OID; + String ENC_BPK_LIST_FRIENDLY_NAME = "ENC-BPK-LIST"; + int ENC_BPK_LIST_MAX_LENGTH = 32767; + + String MAIL_OID = "0.9.2342.19200300.100.1.3"; + String MAIL_NAME = URN_OID_PREFIX + MAIL_OID; + String MAIL_FRIENDLY_NAME = "MAIL"; + int MAIL_MAX_LENGTH = 128; + + String TEL_OID = "2.5.4.20"; + String TEL_NAME = URN_OID_PREFIX + TEL_OID; + String TEL_FRIENDLY_NAME = "TEL"; + int TEL_MAX_LENGTH = 32; + + String PARTICIPANT_ID_OID = "1.2.40.0.10.2.1.1.71"; + String PARTICIPANT_ID_NAME = URN_OID_PREFIX + PARTICIPANT_ID_OID; + String PARTICIPANT_ID_FRIENDLY_NAME = "PARTICIPANT-ID"; + int PARTICIPANT_MAX_LENGTH = 39; + + String PARTICIPANT_OKZ_OID = "1.2.40.0.10.2.1.1.261.24"; + String PARTICIPANT_OKZ_NAME = URN_OID_PREFIX + PARTICIPANT_OKZ_OID; + String PARTICIPANT_OKZ_FRIENDLY_NAME = "PARTICIPANT-OKZ"; + int PARTICIPANT_OKZ_MAX_LENGTH = 32; + + String OU_OKZ_OID = "1.2.40.0.10.2.1.1.153"; + String OU_OKZ_NAME = URN_OID_PREFIX + OU_OKZ_OID; + int OU_OKZ_MAX_LENGTH = 32; + + String OU_GV_OU_ID_OID = "1.2.40.0.10.2.1.1.3"; + String OU_GV_OU_ID_NAME = URN_OID_PREFIX + OU_GV_OU_ID_OID; + String OU_GV_OU_ID_FRIENDLY_NAME = "OU-GV-OU-ID"; + int OU_GV_OU_ID_MAX_LENGTH = 39; + + String OU_OID = "2.5.4.11"; + String OU_NAME = URN_OID_PREFIX + OU_OID; + String OU_FRIENDLY_NAME = "OU"; + int OU_MAX_LENGTH = 64; + + String FUNCTION_OID = "1.2.40.0.10.2.1.1.33"; + String FUNCTION_NAME = URN_OID_PREFIX + FUNCTION_OID; + String FUNCTION_FRIENDLY_NAME = "FUNCTION"; + int FUNCTION_MAX_LENGTH = 32; + + String ROLES_OID = "1.2.40.0.10.2.1.1.261.30"; + String ROLES_NAME = URN_OID_PREFIX + ROLES_OID; + String ROLES_FRIENDLY_NAME = "ROLES"; + int ROLES_MAX_LENGTH = 32767; + + @Deprecated + String EID_CITIZEN_QAA_LEVEL_OID = "1.2.40.0.10.2.1.1.261.94"; + @Deprecated + String EID_CITIZEN_QAA_LEVEL_NAME = URN_OID_PREFIX + EID_CITIZEN_QAA_LEVEL_OID; + @Deprecated + String EID_CITIZEN_QAA_LEVEL_FRIENDLY_NAME = "EID-CITIZEN-QAA-LEVEL"; + + String EID_CITIZEN_EIDAS_QAA_LEVEL_OID = "1.2.40.0.10.2.1.1.261.108"; + String EID_CITIZEN_EIDAS_QAA_LEVEL_NAME = URN_OID_PREFIX + EID_CITIZEN_EIDAS_QAA_LEVEL_OID; + String EID_CITIZEN_EIDAS_QAA_LEVEL_FRIENDLY_NAME = "EID-CITIZEN-QAA-EIDAS-LEVEL"; + + String EID_IDENTITY_STATUS_LEVEL_OID = "1.2.40.0.10.2.1.1.261.109"; + String EID_IDENTITY_STATUS_LEVEL_NAME = URN_OID_PREFIX + EID_IDENTITY_STATUS_LEVEL_OID; + String EID_IDENTITY_STATUS_LEVEL_FRIENDLY_NAME = "EID-IDENTITY-STATUS-LEVEL"; + + enum EidIdentityStatusLevelValues { + IDENTITY("http://eid.gv.at/eID/status/identity"), TESTIDENTITY("http://eid.gv.at/eID/status/testidentity"), + SYSTEM("http://eid.gv.at/eID/status/system"); + + private String uri; + + EidIdentityStatusLevelValues(final String uri) { + this.uri = uri; + } + + /** + * Get the URI based status identifier of an E-ID. + * + * @return + */ + public String getUri() { + return this.uri; + } + } + + String EID_ISSUING_NATION_OID = "1.2.40.0.10.2.1.1.261.32"; + String EID_ISSUING_NATION_NAME = URN_OID_PREFIX + EID_ISSUING_NATION_OID; + String EID_ISSUING_NATION_FRIENDLY_NAME = "EID-ISSUING-NATION"; + int EID_ISSUING_NATION_MAX_LENGTH = 2; + + String EID_SECTOR_FOR_IDENTIFIER_OID = "1.2.40.0.10.2.1.1.261.34"; + String EID_SECTOR_FOR_IDENTIFIER_NAME = URN_OID_PREFIX + EID_SECTOR_FOR_IDENTIFIER_OID; + String EID_SECTOR_FOR_IDENTIFIER_FRIENDLY_NAME = "EID-SECTOR-FOR-IDENTIFIER"; + int EID_SECTOR_FOR_IDENTIFIER_MAX_LENGTH = 255; + + @Deprecated + String EID_SOURCE_PIN_OID = "1.2.40.0.10.2.1.1.261.36"; + @Deprecated + String EID_SOURCE_PIN_NAME = URN_OID_PREFIX + EID_SOURCE_PIN_OID; + @Deprecated + String EID_SOURCE_PIN_FRIENDLY_NAME = "EID-SOURCE-PIN"; + @Deprecated + int EID_SOURCE_PIN_MAX_LENGTH = 128; + + @Deprecated + String EID_SOURCE_PIN_TYPE_OID = "1.2.40.0.10.2.1.1.261.104"; + @Deprecated + String EID_SOURCE_PIN_TYPE_NAME = URN_OID_PREFIX + EID_SOURCE_PIN_TYPE_OID; + @Deprecated + String EID_SOURCE_PIN_TYPE_FRIENDLY_NAME = "EID-SOURCE-PIN-TYPE"; + @Deprecated + int EID_SOURCE_PIN_TYPE_MAX_LENGTH = 128; + + @Deprecated + String EID_IDENTITY_LINK_OID = "1.2.40.0.10.2.1.1.261.38"; + @Deprecated + String EID_IDENTITY_LINK_NAME = URN_OID_PREFIX + EID_IDENTITY_LINK_OID; + @Deprecated + String EID_IDENTITY_LINK_FRIENDLY_NAME = "EID-IDENTITY-LINK"; + @Deprecated + int EID_IDENTITY_LINK_MAX_LENGTH = 32767; + + String EID_E_ID_TOKEN_OID = "1.2.40.0.10.2.1.1.261.39"; + String EID_E_ID_TOKEN_NAME = URN_OID_PREFIX + EID_E_ID_TOKEN_OID; + String EID_E_ID_TOKEN_FRIENDLY_NAME = "EID-E-ID-TOKEN"; + int EID_E_ID_TOKEN_MAX_LENGTH = 32767; + + @Deprecated + String EID_AUTH_BLOCK_OID = "1.2.40.0.10.2.1.1.261.62"; + @Deprecated + String EID_AUTH_BLOCK_NAME = URN_OID_PREFIX + EID_AUTH_BLOCK_OID; + @Deprecated + String EID_AUTH_BLOCK_FRIENDLY_NAME = "EID-AUTH-BLOCK"; + @Deprecated + int EID_AUTH_BLOCK_MAX_LENGTH = 32767; + + String EID_CCS_URL_OID = "1.2.40.0.10.2.1.1.261.64"; + String EID_CCS_URL_NAME = URN_OID_PREFIX + EID_CCS_URL_OID; + String EID_CCS_URL_FRIENDLY_NAME = "EID-CCS-URL"; + int EID_CCS_URL_MAX_LENGTH = 1024; + + String EID_SIGNER_CERTIFICATE_OID = "1.2.40.0.10.2.1.1.261.66"; + String EID_SIGNER_CERTIFICATE_NAME = URN_OID_PREFIX + EID_SIGNER_CERTIFICATE_OID; + String EID_SIGNER_CERTIFICATE_FRIENDLY_NAME = "EID-SIGNER-CERTIFICATE"; + int EID_SIGNER_CERTIFICATE_MAX_LENGTH = 32767; + + @Deprecated + String EID_STORK_TOKEN_OID = "1.2.40.0.10.2.1.1.261.96"; + @Deprecated + String EID_STORK_TOKEN_NAME = URN_OID_PREFIX + EID_STORK_TOKEN_OID; + @Deprecated + String EID_STORK_TOKEN_FRIENDLY_NAME = "EID-STORK-TOKEN"; + @Deprecated + int EID_STORK_TOKEN_MAX_LENGTH = 32767; + + String MANDATE_TYPE_OID = "1.2.40.0.10.2.1.1.261.68"; + String MANDATE_TYPE_NAME = URN_OID_PREFIX + MANDATE_TYPE_OID; + String MANDATE_TYPE_FRIENDLY_NAME = "MANDATE-TYPE"; + int MANDATE_TYPE_MAX_LENGTH = 256; + + String MANDATE_TYPE_OID_OID = "1.2.40.0.10.2.1.1.261.106"; + String MANDATE_TYPE_OID_NAME = URN_OID_PREFIX + MANDATE_TYPE_OID_OID; + String MANDATE_TYPE_OID_FRIENDLY_NAME = "MANDATE-TYPE-OID"; + int MANDATE_TYPE_OID_MAX_LENGTH = 256; + + @Deprecated + String MANDATE_NAT_PER_SOURCE_PIN_OID = "1.2.40.0.10.2.1.1.261.70"; + @Deprecated + String MANDATE_NAT_PER_SOURCE_PIN_NAME = URN_OID_PREFIX + MANDATE_NAT_PER_SOURCE_PIN_OID; + @Deprecated + String MANDATE_NAT_PER_SOURCE_PIN_FRIENDLY_NAME = "MANDATOR-NATURAL-PERSON-SOURCE-PIN"; + @Deprecated + int MANDATE_NAT_PER_SOURCE_PIN_MAX_LENGTH = 128; + + String MANDATE_LEG_PER_SOURCE_PIN_OID = "1.2.40.0.10.2.1.1.261.100"; + String MANDATE_LEG_PER_SOURCE_PIN_NAME = URN_OID_PREFIX + MANDATE_LEG_PER_SOURCE_PIN_OID; + String MANDATE_LEG_PER_SOURCE_PIN_FRIENDLY_NAME = "MANDATOR-LEGAL-PERSON-SOURCE-PIN"; + int MANDATE_LEG_PER_SOURCE_PIN_MAX_LENGTH = 128; + + @Deprecated + String MANDATE_NAT_PER_SOURCE_PIN_TYPE_OID = "1.2.40.0.10.2.1.1.261.102"; + @Deprecated + String MANDATE_NAT_PER_SOURCE_PIN_TYPE_NAME = URN_OID_PREFIX + MANDATE_NAT_PER_SOURCE_PIN_TYPE_OID; + @Deprecated + String MANDATE_NAT_PER_SOURCE_PIN_TYPE_FRIENDLY_NAME = "MANDATOR-NATURAL-PERSON-SOURCE-PIN-TYPE"; + @Deprecated + int MANDATE_NAT_PER_SOURCE_PIN_TYPE_MAX_LENGTH = 128; + + String MANDATE_LEG_PER_SOURCE_PIN_TYPE_OID = "1.2.40.0.10.2.1.1.261.76"; + String MANDATE_LEG_PER_SOURCE_PIN_TYPE_NAME = URN_OID_PREFIX + MANDATE_LEG_PER_SOURCE_PIN_TYPE_OID; + String MANDATE_LEG_PER_SOURCE_PIN_TYPE_FRIENDLY_NAME = "MANDATOR-LEGAL-PERSON-SOURCE-PIN-TYPE"; + int MANDATE_LEG_PER_SOURCE_PIN_TYPE_MAX_LENGTH = 128; + + String MANDATE_NAT_PER_BPK_OID = "1.2.40.0.10.2.1.1.261.98"; + String MANDATE_NAT_PER_BPK_NAME = URN_OID_PREFIX + MANDATE_NAT_PER_BPK_OID; + String MANDATE_NAT_PER_BPK_FRIENDLY_NAME = "MANDATOR-NATURAL-PERSON-BPK"; + int MANDATE_NAT_PER_BPK_MAX_LENGTH = 1024; + + String MANDATE_NAT_PER_BPK_LIST_OID = "1.2.40.0.10.2.1.1.261.73"; + String MANDATE_NAT_PER_BPK_LIST_NAME = URN_OID_PREFIX + MANDATE_NAT_PER_BPK_LIST_OID; + String MANDATE_NAT_PER_BPK_LIST_FRIENDLY_NAME = "MANDATOR-NATURAL-PERSON-BPK-LIST"; + int MANDATE_NAT_PER_ENC_LIST_MAX_LENGTH = 32767; + + String MANDATE_NAT_PER_ENC_BPK_LIST_OID = "1.2.40.0.10.2.1.1.261.72"; + String MANDATE_NAT_PER_ENC_BPK_LIST_NAME = URN_OID_PREFIX + MANDATE_NAT_PER_ENC_BPK_LIST_OID; + String MANDATE_NAT_PER_ENC_BPK_LIST_FRIENDLY_NAME = "MANDATOR-NATURAL-PERSON-ENC-BPK-LIST"; + int MANDATE_NAT_PER_ENC_BPK_LIST_MAX_LENGTH = 32767; + + String MANDATE_NAT_PER_GIVEN_NAME_OID = "1.2.40.0.10.2.1.1.261.78"; + String MANDATE_NAT_PER_GIVEN_NAME_NAME = URN_OID_PREFIX + MANDATE_NAT_PER_GIVEN_NAME_OID; + String MANDATE_NAT_PER_GIVEN_NAME_FRIENDLY_NAME = "MANDATOR-NATURAL-PERSON-GIVEN-NAME"; + int MANDATE_NAT_PER_GIVEN_NAME_MAX_LENGTH = 128; + + String MANDATE_NAT_PER_FAMILY_NAME_OID = "1.2.40.0.10.2.1.1.261.80"; + String MANDATE_NAT_PER_FAMILY_NAME_NAME = URN_OID_PREFIX + MANDATE_NAT_PER_FAMILY_NAME_OID; + String MANDATE_NAT_PER_FAMILY_NAME_FRIENDLY_NAME = "MANDATOR-NATURAL-PERSON-FAMILY-NAME"; + int MANDATE_NAT_PER_FAMILY_NAME_MAX_LENGTH = 128; + + String MANDATE_NAT_PER_BIRTHDATE_OID = "1.2.40.0.10.2.1.1.261.82"; + String MANDATE_NAT_PER_BIRTHDATE_NAME = URN_OID_PREFIX + MANDATE_NAT_PER_BIRTHDATE_OID; + String MANDATE_NAT_PER_BIRTHDATE_FRIENDLY_NAME = "MANDATOR-NATURAL-PERSON-BIRTHDATE"; + String MANDATE_NAT_PER_BIRTHDATE_FORMAT_PATTERN = BIRTHDATE_FORMAT_PATTERN; + + String MANDATE_LEG_PER_FULL_NAME_OID = "1.2.40.0.10.2.1.1.261.84"; + String MANDATE_LEG_PER_FULL_NAME_NAME = URN_OID_PREFIX + MANDATE_LEG_PER_FULL_NAME_OID; + String MANDATE_LEG_PER_FULL_NAME_FRIENDLY_NAME = "MANDATOR-LEGAL-PERSON-FULL-NAME"; + int MANDATE_LEG_PER_FULL_NAME_MAX_LENGTH = 256; + + String MANDATE_PROF_REP_OID_OID = "1.2.40.0.10.2.1.1.261.86"; + String MANDATE_PROF_REP_OID_NAME = URN_OID_PREFIX + MANDATE_PROF_REP_OID_OID; + String MANDATE_PROF_REP_OID_FRIENDLY_NAME = "MANDATE-PROF-REP-OID"; + int MANDATE_PROF_REP_OID_MAX_LENGTH = 256; + + String MANDATE_PROF_REP_DESC_OID = "1.2.40.0.10.2.1.1.261.88"; + String MANDATE_PROF_REP_DESC_NAME = URN_OID_PREFIX + MANDATE_PROF_REP_DESC_OID; + String MANDATE_PROF_REP_DESC_FRIENDLY_NAME = "MANDATE-PROF-REP-DESCRIPTION"; + int MANDATE_PROF_REP_DESC_MAX_LENGTH = 1024; + + String MANDATE_REFERENCE_VALUE_OID = "1.2.40.0.10.2.1.1.261.90"; + String MANDATE_REFERENCE_VALUE_NAME = URN_OID_PREFIX + MANDATE_REFERENCE_VALUE_OID; + String MANDATE_REFERENCE_VALUE_FRIENDLY_NAME = "MANDATE-REFERENCE-VALUE"; + int MANDATE_REFERENCE_VALUE_MAX_LENGTH = 100; + + String MANDATE_IDENTIFIER_OID = "1.2.40.0.10.2.1.1.261.91"; + String MANDATE_IDENTIFIER_FRIENDLY_NAME = "MANDATE-IDENTIFIER"; + String MANDATE_IDENTIFIER_NAME = URN_OID_PREFIX + MANDATE_IDENTIFIER_OID; + int MANDATE_IDENTIFIER_MAX_LENGTH = 256; + + @Deprecated + String MANDATE_FULL_MANDATE_OID = "1.2.40.0.10.2.1.1.261.92"; + @Deprecated + String MANDATE_FULL_MANDATE_NAME = URN_OID_PREFIX + MANDATE_FULL_MANDATE_OID; + @Deprecated + String MANDATE_FULL_MANDATE_FRIENDLY_NAME = "MANDATE-FULL-MANDATE"; + @Deprecated + int MANDATE_FULL_MANDATE_MAX_LENGTH = 32767; + + String INVOICE_RECPT_ID_OID = "1.2.40.0.10.2.1.1.261.40"; + String INVOICE_RECPT_ID_NAME = URN_OID_PREFIX + INVOICE_RECPT_ID_OID; + String INVOICE_RECPT_ID_FRIENDLY_NAME = "INVOICE-RECPT-ID"; + int INVOICE_RECPT_ID_MAX_LENGTH = 64; + + String COST_CENTER_ID_OID = "1.2.40.0.10.2.1.1.261.50"; + String COST_CENTER_ID_NAME = URN_OID_PREFIX + COST_CENTER_ID_OID; + String COST_CENTER_ID_FRIENDLY_NAME = "COST-CENTER-ID"; + int COST_CENTER_ID_MAX_LENGTH = 32767; + + String CHARGE_CODE_OID = "1.2.40.0.10.2.1.1.261.60"; + String CHARGE_CODE_NAME = URN_OID_PREFIX + CHARGE_CODE_OID; + String CHARGE_CODE_FRIENDLY_NAME = "CHARGE-CODE"; + int CHARGE_CODE_MAX_LENGTH = 32767; + + String PVP_HOLDEROFKEY_OID = "1.2.40.0.10.2.1.1.261.xx.xx"; + String PVP_HOLDEROFKEY_NAME = URN_OID_PREFIX + PVP_HOLDEROFKEY_OID; + String PVP_HOLDEROFKEY_FRIENDLY_NAME = "HOLDER-OF-KEY-CERTIFICATE"; + +} diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/data/XMLNamespaceConstants.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/data/XMLNamespaceConstants.java deleted file mode 100644 index bda600f3..00000000 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/data/XMLNamespaceConstants.java +++ /dev/null @@ -1,454 +0,0 @@ -/* - * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a - * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European - * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in - * compliance with the Licence. You may obtain a copy of the Licence at: - * https://joinup.ec.europa.eu/news/understanding-eupl-v12 - * - * Unless required by applicable law or agreed to in writing, software distributed under the Licence - * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express - * or implied. See the Licence for the specific language governing permissions and limitations under - * the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text file for details on the - * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative - * works that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egiz.eaaf.core.api.data; - -import java.util.Collections; -import java.util.HashMap; -import java.util.Map; - - -/** - * Contains various constants used throughout the system. - * - */ -public interface XMLNamespaceConstants { - /** Root location of the schema files. */ - String SCHEMA_ROOT = "/schemas/"; - - /** URI of the Widerrufregister XML namespace. */ - String WRR_NS_URI = - "http://reference.e-government.gv.at/namespace/moavv/20041223"; - - /** Prefix used for the Widerrufregister XML namespace */ - String WRR_PREFIX = "wrr"; - - /** URI of the StandardTextBlock XML namespace. */ - String STB_NS_URI = - "http://reference.e-government.gv.at/namespace/standardtextblock/20041105#"; - - /** Prefix used for the standard text block XML namespace */ - String STB_PREFIX = "stb"; - - /** URI of the MOA XML namespace. */ - String MOA_NS_URI = - "http://reference.e-government.gv.at/namespace/moa/20020822#"; - - /** Name of the mandates infobox */ - String INFOBOXIDENTIFIER_MANDATES = "Mandates"; - - /** Prefix used for the Mandate XML namespace */ - String MD_PREFIX = "md"; - - /** URI of the Mandate XML namespace. */ - String MD_NS_URI = - "http://reference.e-government.gv.at/namespace/mandates/20040701#"; - - /** Prefix used for the Mandate XML namespace */ - String MVV_PREFIX = "mvv"; - - /** URI of the Mandate XML namespace. */ - String MVV_NS_URI = - "http://reference.e-government.gv.at/namespace/moavv/app2mvv/20041125"; - - /** Prefix used for the MandateCheckProfile XML namespace */ - String MDP_PREFIX = "mdp"; - - /** URI of the Mandate XML namespace. */ - String MDP_NS_URI = - "http://reference.e-government.gv.at/namespace/mandateprofile/20041105#"; - - /** Prefix used for the MOA XML namespace */ - String MOA_PREFIX = "moa"; - - /** Local location of the MOA XML schema definition. */ - String MOA_SCHEMA_LOCATION = SCHEMA_ROOT + "MOA-SPSS-2.0.0.xsd"; - - /** URI of the MOA configuration XML namespace. */ - String MOA_CONFIG_NS_URI = - "http://reference.e-government.gv.at/namespace/moaconfig/20021122#"; - - /** URI of the MOA ID configuration XML namespace. */ - String MOA_ID_CONFIG_NS_URI = - "http://www.buergerkarte.at/namespaces/moaconfig#"; - - /** Prefix used for the MOA configuration XML namespace */ - String MOA_CONFIG_PREFIX = "conf"; - - /** Prefix used for the MOA configuration XML namespace */ - String MOA_ID_CONFIG_PREFIX = "confID"; - - /** Local location of the MOA configuration XML schema definition. */ - String MOA_CONFIG_SCHEMA_LOCATION = SCHEMA_ROOT + "MOA-SPSS-config-2.0.0.xsd"; - - /** Local location of the MOA ID configuration XML schema definition. */ - String MOA_ID_CONFIG_SCHEMA_LOCATION = - SCHEMA_ROOT + "MOA-ID-Configuration-1.5.2.xsd"; - - /** URI of the Security Layer 1.0 namespace. */ - String SL10_NS_URI = - "http://www.buergerkarte.at/namespaces/securitylayer/20020225#"; - - /** Prefix used for the Security Layer 1.0 XML namespace */ - String SL10_PREFIX = "sl10"; - - /** Local location of the Security Layer 1.0 XML schema definition */ - String SL10_SCHEMA_LOCATION = SCHEMA_ROOT + "Core.20020225.xsd"; - - /** URI of the Security Layer 1.1 XML namespace */ - String SL11_NS_URI = - "http://www.buergerkarte.at/namespaces/securitylayer/20020831#"; - - /** Prefix used for the Security Layer 1.1 XML namespace */ - String SL11_PREFIX = "sl11"; - - /** Local location of the Security Layer 1.1 XML schema definition */ - String SL11_SCHEMA_LOCATION = SCHEMA_ROOT + "Core.20020831.xsd"; - - /** URI of the Security Layer 1.2 XML namespace */ - String SL12_NS_URI = - "http://www.buergerkarte.at/namespaces/securitylayer/1.2#"; - - /** Prefix used for the Security Layer 1.2 XML namespace */ - String SL12_PREFIX = "sl"; - - /** Local location of the Security Layer 1.2 XML schema definition */ - String SL12_SCHEMA_LOCATION = SCHEMA_ROOT + "Core-1.2.xsd"; - - /** URI of the ECDSA XML namespace */ - String ECDSA_NS_URI = "http://www.w3.org/2001/04/xmldsig-more#"; - - /** Prefix used for ECDSA namespace */ - String ECDSA_PREFIX = "ecdsa"; - - /** Local location of ECDSA XML schema definition */ - String ECDSA_SCHEMA_LOCATION = SCHEMA_ROOT + "ECDSAKeyValue.xsd"; - - /** URI of the PersonData XML namespace. */ - String PD_NS_URI = - "http://reference.e-government.gv.at/namespace/persondata/20020228#"; - - /** Prefix used for the PersonData XML namespace */ - String PD_PREFIX = "pr"; - - // /** Local location of the PersonData XML schema definition */ - // String PD_SCHEMA_LOCATION = - // SCHEMA_ROOT + "PersonData.xsd"; - - /** Local location of the PersonData XML schema definition */ - String PD_SCHEMA_LOCATION = SCHEMA_ROOT + "PersonData_20_en_moaWID.xsd"; - - /** URI of the SAML namespace. */ - String SAML_NS_URI = "urn:oasis:names:tc:SAML:1.0:assertion"; - - /** Prefix used for the SAML XML namespace */ - String SAML_PREFIX = "saml"; - - /** Local location of the SAML XML schema definition. */ - String SAML_SCHEMA_LOCATION = SCHEMA_ROOT + "cs-sstc-schema-assertion-01.xsd"; - - /** URI of the SAML request-response protocol namespace. */ - String SAMLP_NS_URI = "urn:oasis:names:tc:SAML:1.0:protocol"; - - /** Prefix used for the SAML request-response protocol namespace */ - String SAMLP_PREFIX = "samlp"; - - /** Local location of the SAML request-response protocol schema definition. */ - String SAMLP_SCHEMA_LOCATION = SCHEMA_ROOT + "cs-sstc-schema-protocol-01.xsd"; - - /** URI of the XML namespace. */ - String XML_NS_URI = "http://www.w3.org/XML/1998/namespace"; - - /** Prefix used for the XML namespace */ - String XML_PREFIX = "xml"; - - /** Local location of the XML schema definition. */ - String XML_SCHEMA_LOCATION = SCHEMA_ROOT + "xml.xsd"; - - /** URI of the XMLNS namespace */ - String XMLNS_NS_URI = "http://www.w3.org/2000/xmlns/"; - - /** Prefix used for the XSI namespace */ - String XSI_PREFIX = "xsi"; - - /** Local location of the XSI schema definition. */ - String XSI_SCHEMA_LOCATION = SCHEMA_ROOT + "XMLSchema-instance.xsd"; - - /** URI of the XSI XMLNS namespace */ - String XSI_NS_URI = "http://www.w3.org/2001/XMLSchema-instance"; - - /** URI of the XSLT XML namespace */ - String XSLT_NS_URI = "http://www.w3.org/1999/XSL/Transform"; - - /** Prefix used for the XSLT XML namespace */ - String XSLT_PREFIX = "xsl"; - - /** URI of the XMLDSig XML namespace. */ - String DSIG_NS_URI = "http://www.w3.org/2000/09/xmldsig#"; - - /** Prefix used for the XMLDSig XML namespace */ - String DSIG_PREFIX = "dsig"; - - /** Local location of the XMLDSig XML schema. */ - String DSIG_SCHEMA_LOCATION = SCHEMA_ROOT + "xmldsig-core-schema.xsd"; - - /** URI of the XMLDSig XPath Filter XML namespace. */ - String DSIG_FILTER2_NS_URI = "http://www.w3.org/2002/06/xmldsig-filter2"; - - /** Prefix used for the XMLDSig XPath Filter XML namespace */ - String DSIG_FILTER2_PREFIX = "dsig-filter2"; - - /** Local location of the XMLDSig XPath Filter XML schema definition. */ - String DSIG_FILTER2_SCHEMA_LOCATION = SCHEMA_ROOT + "xmldsig-filter2.xsd"; - - /** URI of the Exclusive Canonicalization XML namespace */ - String DSIG_EC_NS_URI = "http://www.w3.org/2001/10/xml-exc-c14n#"; - - /** Prefix used for the Exclusive Canonicalization XML namespace */ - String DSIG_EC_PREFIX = "ec"; - - /** Local location of the Exclusive Canonicalizaion XML schema definition */ - String DSIG_EC_SCHEMA_LOCATION = - SCHEMA_ROOT + "exclusive-canonicalization.xsd"; - - /** URI of the XMLLoginParameterResolver Configuration XML namespace */ - String XMLLPR_NS_URI = - "http://reference.e-government.gv.at/namespace/moa/20020822#/xmllpr20030814"; - - /** Local location of the XMLLoginParameterResolver Configuration XML schema definition */ - String XMLLPR_SCHEMA_LOCATION = SCHEMA_ROOT + "MOAIdentities.xsd"; - - /** Local location of the XAdES v1.1.1 schema definition */ - String XADES_1_1_1_SCHEMA_LOCATION = SCHEMA_ROOT + "XAdES-1.1.1.xsd"; - - /** URI of the XAdES v1.1.1 namespace */ - String XADES_1_1_1_NS_URI = "http://uri.etsi.org/01903/v1.1.1#"; - - String XADES_1_1_1_NS_PREFIX = "xades111"; - - /** Local location of the XAdES v1.2.2 schema definition */ - String XADES_1_2_2_SCHEMA_LOCATION = SCHEMA_ROOT + "XAdES-1.2.2.xsd"; - - /** URI of the XAdES v1.2.2 namespace */ - String XADES_1_2_2_NS_URI = "http://uri.etsi.org/01903/v1.2.2#"; - - String XADES_1_2_2_NS_PREFIX = "xades122"; - - /** Local location of the XAdES v1.1.1 schema definition */ - String XADES_1_3_2_SCHEMA_LOCATION = SCHEMA_ROOT + "XAdES-1.3.2.xsd"; - - /** URI of the XAdES v1.3.2 namespace */ - String XADES_1_3_2_NS_URI = "http://uri.etsi.org/01903/v1.3.2#"; - - String XADES_1_3_2_NS_PREFIX = "xades132"; - - /** Local location of the XAdES v1.4.1 schema definition */ - String XADES_1_4_1_SCHEMA_LOCATION = SCHEMA_ROOT + "XAdES-1.4.1.xsd"; - - /** URI of the XAdES v1.4.1 namespace */ - String XADES_1_4_1_NS_URI = "http://uri.etsi.org/01903/v1.4.1#"; - - String XADES_1_4_1_NS_PREFIX = "xades141"; - /** URI of the SAML 2.0 namespace. */ - String SAML2_NS_URI = "urn:oasis:names:tc:SAML:2.0:assertion"; - - /** Prefix used for the SAML 2.0 XML namespace */ - String SAML2_PREFIX = "saml2"; - - /** Local location of the SAML 2.0 XML schema definition. */ - String SAML2_SCHEMA_LOCATION = SCHEMA_ROOT + "saml-schema-assertion-2.0.xsd"; - - /** URI of the SAML 2.0 protocol namespace. */ - String SAML2P_NS_URI = "urn:oasis:names:tc:SAML:2.0:protocol"; - - /** Prefix used for the SAML 2.0 protocol XML namespace */ - String SAML2P_PREFIX = "saml2p"; - - /** Local location of the SAML 2.0 protocol XML schema definition. */ - String SAML2P_SCHEMA_LOCATION = SCHEMA_ROOT + "saml-schema-protocol-2.0.xsd"; - - /** URI of the STORK namespace. */ - String STORK_NS_URI = "urn:eu:stork:names:tc:STORK:1.0:assertion"; - - /** Prefix used for the STORK XML namespace */ - String STORK_PREFIX = "stork"; - - /** Local location of the STORK XML schema definition. */ - String STORK_SCHEMA_LOCATION = SCHEMA_ROOT + "stork-schema-assertion-1.0.xsd"; - - /** URI of the STORK protocol namespace. */ - String STORKP_NS_URI = "urn:eu:stork:names:tc:STORK:1.0:protocol"; - - /** Prefix used for the STORK protocol XML namespace */ - String STORKP_PREFIX = "storkp"; - - /** Local location of the STORK protocol XML schema definition. */ - String STORKP_SCHEMA_LOCATION = SCHEMA_ROOT + "stork-schema-protocol-1.0.xsd"; - - /** URI of the TSL namespace. */ - String TSL_NS_URI = "http://uri.etsi.org/02231/v2#"; - - /** Prefix used for the TSL namespace */ - String TSL_PREFIX = "tsl1"; - - /** Local location of the TSL schema definition. */ - String TSL_SCHEMA_LOCATION = SCHEMA_ROOT + "ts_119612v010201_xsd.xsd"; - - /** URI of the TSL SIE namespace. */ - String TSL_SIE_NS_URI = - "http://uri.etsi.org/TrstSvc/SvcInfoExt/eSigDir-1999-93-EC-TrustedList/#"; - - /** Prefix used for the TSL SIE namespace */ - String TSL_SIE_PREFIX = "tslsie"; - - /** Local location of the TSL SIE schema definition. */ - String TSL_SIE_SCHEMA_LOCATION = SCHEMA_ROOT + "ts_119612v010201_sie_xsd.xsd"; - - /** URI of the TSL additional types namespace. */ - String TSL_ADDTYPES_NS_URI = "http://uri.etsi.org/02231/v2/additionaltypes#"; - - /** Prefix used for the TSL additional types namespace */ - String TSL_ADDTYPES_PREFIX = "tsltype"; - - /** Local location of the TSL additional types schema definition. */ - String TSL_ADDTYPES_SCHEMA_LOCATION = - SCHEMA_ROOT + "ts_ts_119612v010201_additionaltypes_xsd.xsd"; - - /** URI of the XML Encryption namespace. */ - String XENC_NS_URI = "http://www.w3.org/2001/04/xmlenc#"; - - /** Prefix used for the XML Encryption XML namespace */ - String XENC_PREFIX = "xenc"; - - /** Local location of the XML Encryption XML schema definition. */ - String XENC_SCHEMA_LOCATION = SCHEMA_ROOT + "xenc-schema.xsd"; - - /** Prefix used for the XML Encryption XML namespace */ - String SAML2_METADATA_PREFIX = "md"; - - /** Prefix used for the XML Encryption XML namespace */ - String SAML2_METADATA_URI = "urn:oasis:names:tc:SAML:2.0:metadata"; - - /** Local location of the XML Encryption XML schema definition. */ - String SAML2_METADATA_SCHEMA_LOCATION = - SCHEMA_ROOT + "saml-schema-metadata-2.0.xsd"; - - - /* Prefix and Schema definition for eIDAS specific SAML2 extensions */ - String SAML2_eIDAS_EXTENSIONS_PREFIX = "eidas"; - String SAML2_eIDAS_EXTENSIONS = "http://eidas.europa.eu/saml-extensions"; - String SAML2_eIDAS_EXTENSIONS_SCHEMA_LOCATION = - SCHEMA_ROOT + "eIDAS_saml_extensions.xsd"; - - - /* Prefix and Schema for SAML2 Entity Attributes */ - String SAML2_MDATTR_EXTENSIONS_PREFIX = "mdattr"; - String SAML2_MDATTR_EXTENSIONS = "urn:oasis:names:tc:SAML:metadata:attribute"; - String SAML2_MDATTR_EXTENSIONS_SCHEMA_LOCATION = - SCHEMA_ROOT + "sstc-metadata-attr.xsd"; - - /** - * Contains all namespaces and local schema locations for XML schema definitions relevant for MOA. - * For use in validating XML parsers. - */ - String ALL_SCHEMA_LOCATIONS = MOA_NS_URI + " " + MOA_SCHEMA_LOCATION + " " - + MOA_CONFIG_NS_URI + " " + MOA_CONFIG_SCHEMA_LOCATION + " " - + MOA_ID_CONFIG_NS_URI + " " + MOA_ID_CONFIG_SCHEMA_LOCATION + " " - + SL10_NS_URI + " " + SL10_SCHEMA_LOCATION + " " - + SL11_NS_URI + " " + SL11_SCHEMA_LOCATION + " " - + SL12_NS_URI + " " + SL12_SCHEMA_LOCATION + " " - + ECDSA_NS_URI + " " + ECDSA_SCHEMA_LOCATION + " " - + PD_NS_URI + " " + PD_SCHEMA_LOCATION + " " - + SAML_NS_URI + " " + SAML_SCHEMA_LOCATION + " " - + SAMLP_NS_URI + " " + SAMLP_SCHEMA_LOCATION + " " - + XML_NS_URI + " " + XML_SCHEMA_LOCATION + " " - + XSI_NS_URI + " " + XSI_SCHEMA_LOCATION + " " - + DSIG_NS_URI + " " + DSIG_SCHEMA_LOCATION + " " - + DSIG_FILTER2_NS_URI + " " + DSIG_FILTER2_SCHEMA_LOCATION + " " - + DSIG_EC_NS_URI + " " + DSIG_EC_SCHEMA_LOCATION + " " - + XMLLPR_NS_URI + " " + XMLLPR_SCHEMA_LOCATION + " " - + XADES_1_1_1_NS_URI + " " + XADES_1_1_1_SCHEMA_LOCATION + " " - + XADES_1_2_2_NS_URI + " " + XADES_1_2_2_SCHEMA_LOCATION + " " - + XADES_1_3_2_NS_URI + " " + XADES_1_3_2_SCHEMA_LOCATION + " " - + XADES_1_4_1_NS_URI + " " + XADES_1_4_1_SCHEMA_LOCATION + " " - + TSL_NS_URI + " " + TSL_SCHEMA_LOCATION + " " - + TSL_SIE_NS_URI + " " + TSL_SIE_SCHEMA_LOCATION + " " - + TSL_ADDTYPES_NS_URI + " " + TSL_ADDTYPES_SCHEMA_LOCATION + " " - + SAML2_NS_URI + " " + SAML2_SCHEMA_LOCATION + " " - + SAML2P_NS_URI + " " + SAML2P_SCHEMA_LOCATION + " " - + STORK_NS_URI + " " + STORK_SCHEMA_LOCATION + " " - + STORKP_NS_URI + " " + STORKP_SCHEMA_LOCATION + " " - + SAML2_METADATA_URI + " " + SAML2_METADATA_SCHEMA_LOCATION + " " - + XENC_NS_URI + " " + XENC_SCHEMA_LOCATION + " " - + SAML2_eIDAS_EXTENSIONS + " " + SAML2_eIDAS_EXTENSIONS_SCHEMA_LOCATION + " " - + SAML2_MDATTR_EXTENSIONS + " " + SAML2_MDATTR_EXTENSIONS_SCHEMA_LOCATION; - - - /** Security Layer manifest type URI. */ - String SL_MANIFEST_TYPE_URI = - "http://www.buergerkarte.at/specifications/Security-Layer/20020225#SignatureManifest"; - - /** URI of the SHA1 digest algorithm */ - String SHA1_URI = "http://www.w3.org/2000/09/xmldsig#sha1"; - - /** URI of the SHA1 digest algorithm */ - String SHA256_URI = "http://www.w3.org/2000/09/xmldsig#sha256"; - - /** URI of the SHA1 digest algorithm */ - String SHA384_URI = "http://www.w3.org/2000/09/xmldsig#sha384"; - - /** URI of the SHA1 digest algorithm */ - String SHA512_URI = "http://www.w3.org/2000/09/xmldsig#sha512"; - - String SHA3_256_URI = "http://www.w3.org/2007/05/xmldsig-more#sha3-256"; - - String SHA3_512_URI = "http://www.w3.org/2007/05/xmldsig-more#sha3-512"; - - - - /** URI of the Canonical XML algorithm */ - String C14N_URI = "http://www.w3.org/TR/2001/REC-xml-c14n-20010315"; - - /** URI of the Canoncial XML with comments algorithm */ - String C14N_WITH_COMMENTS_URI = - "http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"; - - /** URI of the Exclusive Canonical XML algorithm */ - String EXC_C14N_URI = "http://www.w3.org/2001/10/xml-exc-c14n#"; - - /** URI of the Exclusive Canonical XML with commments algorithm */ - String EXC_C14N_WITH_COMMENTS_URI = - "http://www.w3.org/2001/10/xml-exc-c14n#WithComments"; - - /** - * A map used to map namespace prefixes to namespace URIs - */ - Map<String, String> nSMap = - Collections.unmodifiableMap(new HashMap<String, String>() { - private static final long serialVersionUID = 3845384324295136490L; - { - put(XMLNamespaceConstants.SAML_PREFIX, XMLNamespaceConstants.SAML_NS_URI); - put(XMLNamespaceConstants.ECDSA_PREFIX, "http://www.w3.org/2001/04/xmldsig-more#"); - put(XMLNamespaceConstants.DSIG_PREFIX, XMLNamespaceConstants.DSIG_NS_URI); - } - }); - - -} diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/data/XmlNamespaceConstants.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/data/XmlNamespaceConstants.java new file mode 100644 index 00000000..5c10fd1e --- /dev/null +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/data/XmlNamespaceConstants.java @@ -0,0 +1,412 @@ +/* + * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a + * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European + * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in + * compliance with the Licence. You may obtain a copy of the Licence at: + * https://joinup.ec.europa.eu/news/understanding-eupl-v12 + * + * Unless required by applicable law or agreed to in writing, software distributed under the Licence + * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express + * or implied. See the Licence for the specific language governing permissions and limitations under + * the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text file for details on the + * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative + * works that you distribute must include a readable copy of the "NOTICE" text file. + */ + +package at.gv.egiz.eaaf.core.api.data; + +import java.util.Collections; +import java.util.HashMap; +import java.util.Map; + +/** + * Contains various constants used throughout the system. + * + */ +public interface XmlNamespaceConstants { + /** Root location of the schema files. */ + String SCHEMA_ROOT = "/schemas/"; + + /** URI of the Widerrufregister XML namespace. */ + String WRR_NS_URI = "http://reference.e-government.gv.at/namespace/moavv/20041223"; + + /** Prefix used for the Widerrufregister XML namespace. */ + String WRR_PREFIX = "wrr"; + + /** URI of the StandardTextBlock XML namespace. */ + String STB_NS_URI = "http://reference.e-government.gv.at/namespace/standardtextblock/20041105#"; + + /** Prefix used for the standard text block XML namespace. */ + String STB_PREFIX = "stb"; + + /** URI of the MOA XML namespace. */ + String MOA_NS_URI = "http://reference.e-government.gv.at/namespace/moa/20020822#"; + + /** Name of the mandates infobox. */ + String INFOBOXIDENTIFIER_MANDATES = "Mandates"; + + /** Prefix used for the Mandate XML namespace. */ + String MD_PREFIX = "md"; + + /** URI of the Mandate XML namespace. */ + String MD_NS_URI = "http://reference.e-government.gv.at/namespace/mandates/20040701#"; + + /** Prefix used for the Mandate XML namespace. */ + String MVV_PREFIX = "mvv"; + + /** URI of the Mandate XML namespace. */ + String MVV_NS_URI = "http://reference.e-government.gv.at/namespace/moavv/app2mvv/20041125"; + + /** Prefix used for the MandateCheckProfile XML namespace. */ + String MDP_PREFIX = "mdp"; + + /** URI of the Mandate XML namespace. */ + String MDP_NS_URI = "http://reference.e-government.gv.at/namespace/mandateprofile/20041105#"; + + /** Prefix used for the MOA XML namespace. */ + String MOA_PREFIX = "moa"; + + /** Local location of the MOA XML schema definition. */ + String MOA_SCHEMA_LOCATION = SCHEMA_ROOT + "MOA-SPSS-2.0.0.xsd"; + + /** URI of the MOA configuration XML namespace. */ + String MOA_CONFIG_NS_URI = "http://reference.e-government.gv.at/namespace/moaconfig/20021122#"; + + /** URI of the MOA ID configuration XML namespace. */ + String MOA_ID_CONFIG_NS_URI = "http://www.buergerkarte.at/namespaces/moaconfig#"; + + /** Prefix used for the MOA configuration XML namespace. */ + String MOA_CONFIG_PREFIX = "conf"; + + /** Prefix used for the MOA configuration XML namespace. */ + String MOA_ID_CONFIG_PREFIX = "confID"; + + /** Local location of the MOA configuration XML schema definition. */ + String MOA_CONFIG_SCHEMA_LOCATION = SCHEMA_ROOT + "MOA-SPSS-config-2.0.0.xsd"; + + /** Local location of the MOA ID configuration XML schema definition. */ + String MOA_ID_CONFIG_SCHEMA_LOCATION = SCHEMA_ROOT + "MOA-ID-Configuration-1.5.2.xsd"; + + /** URI of the Security Layer 1.0 namespace. */ + String SL10_NS_URI = "http://www.buergerkarte.at/namespaces/securitylayer/20020225#"; + + /** Prefix used for the Security Layer 1.0 XML namespace */ + String SL10_PREFIX = "sl10"; + + /** Local location of the Security Layer 1.0 XML schema definition */ + String SL10_SCHEMA_LOCATION = SCHEMA_ROOT + "Core.20020225.xsd"; + + /** URI of the Security Layer 1.1 XML namespace */ + String SL11_NS_URI = "http://www.buergerkarte.at/namespaces/securitylayer/20020831#"; + + /** Prefix used for the Security Layer 1.1 XML namespace */ + String SL11_PREFIX = "sl11"; + + /** Local location of the Security Layer 1.1 XML schema definition */ + String SL11_SCHEMA_LOCATION = SCHEMA_ROOT + "Core.20020831.xsd"; + + /** URI of the Security Layer 1.2 XML namespace */ + String SL12_NS_URI = "http://www.buergerkarte.at/namespaces/securitylayer/1.2#"; + + /** Prefix used for the Security Layer 1.2 XML namespace */ + String SL12_PREFIX = "sl"; + + /** Local location of the Security Layer 1.2 XML schema definition */ + String SL12_SCHEMA_LOCATION = SCHEMA_ROOT + "Core-1.2.xsd"; + + /** URI of the ECDSA XML namespace .*/ + String ECDSA_NS_URI = "http://www.w3.org/2001/04/xmldsig-more#"; + + /** Prefix used for ECDSA namespace. */ + String ECDSA_PREFIX = "ecdsa"; + + /** Local location of ECDSA XML schema definition .*/ + String ECDSA_SCHEMA_LOCATION = SCHEMA_ROOT + "ECDSAKeyValue.xsd"; + + /** URI of the PersonData XML namespace. */ + String PD_NS_URI = "http://reference.e-government.gv.at/namespace/persondata/20020228#"; + + /** Prefix used for the PersonData XML namespace. */ + String PD_PREFIX = "pr"; + + // /** Local location of the PersonData XML schema definition */ + // String PD_SCHEMA_LOCATION = + // SCHEMA_ROOT + "PersonData.xsd"; + + /** Local location of the PersonData XML schema definition. */ + String PD_SCHEMA_LOCATION = SCHEMA_ROOT + "PersonData_20_en_moaWID.xsd"; + + /** URI of the SAML namespace. */ + String SAML_NS_URI = "urn:oasis:names:tc:SAML:1.0:assertion"; + + /** Prefix used for the SAML XML namespace. */ + String SAML_PREFIX = "saml"; + + /** Local location of the SAML XML schema definition. */ + String SAML_SCHEMA_LOCATION = SCHEMA_ROOT + "cs-sstc-schema-assertion-01.xsd"; + + /** URI of the SAML request-response protocol namespace. */ + String SAMLP_NS_URI = "urn:oasis:names:tc:SAML:1.0:protocol"; + + /** Prefix used for the SAML request-response protocol namespace. */ + String SAMLP_PREFIX = "samlp"; + + /** Local location of the SAML request-response protocol schema definition. */ + String SAMLP_SCHEMA_LOCATION = SCHEMA_ROOT + "cs-sstc-schema-protocol-01.xsd"; + + /** URI of the XML namespace. */ + String XML_NS_URI = "http://www.w3.org/XML/1998/namespace"; + + /** Prefix used for the XML namespace. */ + String XML_PREFIX = "xml"; + + /** Local location of the XML schema definition. */ + String XML_SCHEMA_LOCATION = SCHEMA_ROOT + "xml.xsd"; + + /** URI of the XMLNS namespace. */ + String XMLNS_NS_URI = "http://www.w3.org/2000/xmlns/"; + + /** Prefix used for the XSI namespace. */ + String XSI_PREFIX = "xsi"; + + /** Local location of the XSI schema definition. */ + String XSI_SCHEMA_LOCATION = SCHEMA_ROOT + "XMLSchema-instance.xsd"; + + /** URI of the XSI XMLNS namespace. */ + String XSI_NS_URI = "http://www.w3.org/2001/XMLSchema-instance"; + + /** URI of the XSLT XML namespace. */ + String XSLT_NS_URI = "http://www.w3.org/1999/XSL/Transform"; + + /** Prefix used for the XSLT XML namespace.*/ + String XSLT_PREFIX = "xsl"; + + /** URI of the XMLDSig XML namespace. */ + String DSIG_NS_URI = "http://www.w3.org/2000/09/xmldsig#"; + + /** Prefix used for the XMLDSig XML namespace. */ + String DSIG_PREFIX = "dsig"; + + /** Local location of the XMLDSig XML schema. */ + String DSIG_SCHEMA_LOCATION = SCHEMA_ROOT + "xmldsig-core-schema.xsd"; + + /** URI of the XMLDSig XPath Filter XML namespace. */ + String DSIG_FILTER2_NS_URI = "http://www.w3.org/2002/06/xmldsig-filter2"; + + /** Prefix used for the XMLDSig XPath Filter XML namespace. */ + String DSIG_FILTER2_PREFIX = "dsig-filter2"; + + /** Local location of the XMLDSig XPath Filter XML schema definition. */ + String DSIG_FILTER2_SCHEMA_LOCATION = SCHEMA_ROOT + "xmldsig-filter2.xsd"; + + /** URI of the Exclusive Canonicalization XML namespace. */ + String DSIG_EC_NS_URI = "http://www.w3.org/2001/10/xml-exc-c14n#"; + + /** Prefix used for the Exclusive Canonicalization XML namespace. */ + String DSIG_EC_PREFIX = "ec"; + + /** Local location of the Exclusive Canonicalizaion XML schema definition. */ + String DSIG_EC_SCHEMA_LOCATION = SCHEMA_ROOT + "exclusive-canonicalization.xsd"; + + /** URI of the XMLLoginParameterResolver Configuration XML namespace. */ + String XMLLPR_NS_URI = "http://reference.e-government.gv.at/namespace/moa/20020822#/xmllpr20030814"; + + /** + * Local location of the XMLLoginParameterResolver Configuration XML schema + * definition. + */ + String XMLLPR_SCHEMA_LOCATION = SCHEMA_ROOT + "MOAIdentities.xsd"; + + /** Local location of the XAdES v1.1.1 schema definition */ + String XADES_1_1_1_SCHEMA_LOCATION = SCHEMA_ROOT + "XAdES-1.1.1.xsd"; + + /** URI of the XAdES v1.1.1 namespace */ + String XADES_1_1_1_NS_URI = "http://uri.etsi.org/01903/v1.1.1#"; + + String XADES_1_1_1_NS_PREFIX = "xades111"; + + /** Local location of the XAdES v1.2.2 schema definition */ + String XADES_1_2_2_SCHEMA_LOCATION = SCHEMA_ROOT + "XAdES-1.2.2.xsd"; + + /** URI of the XAdES v1.2.2 namespace */ + String XADES_1_2_2_NS_URI = "http://uri.etsi.org/01903/v1.2.2#"; + + String XADES_1_2_2_NS_PREFIX = "xades122"; + + /** Local location of the XAdES v1.1.1 schema definition */ + String XADES_1_3_2_SCHEMA_LOCATION = SCHEMA_ROOT + "XAdES-1.3.2.xsd"; + + /** URI of the XAdES v1.3.2 namespace */ + String XADES_1_3_2_NS_URI = "http://uri.etsi.org/01903/v1.3.2#"; + + String XADES_1_3_2_NS_PREFIX = "xades132"; + + /** Local location of the XAdES v1.4.1 schema definition */ + String XADES_1_4_1_SCHEMA_LOCATION = SCHEMA_ROOT + "XAdES-1.4.1.xsd"; + + /** URI of the XAdES v1.4.1 namespace */ + String XADES_1_4_1_NS_URI = "http://uri.etsi.org/01903/v1.4.1#"; + + String XADES_1_4_1_NS_PREFIX = "xades141"; + /** URI of the SAML 2.0 namespace. */ + String SAML2_NS_URI = "urn:oasis:names:tc:SAML:2.0:assertion"; + + /** Prefix used for the SAML 2.0 XML namespace */ + String SAML2_PREFIX = "saml2"; + + /** Local location of the SAML 2.0 XML schema definition. */ + String SAML2_SCHEMA_LOCATION = SCHEMA_ROOT + "saml-schema-assertion-2.0.xsd"; + + /** URI of the SAML 2.0 protocol namespace. */ + String SAML2P_NS_URI = "urn:oasis:names:tc:SAML:2.0:protocol"; + + /** Prefix used for the SAML 2.0 protocol XML namespace */ + String SAML2P_PREFIX = "saml2p"; + + /** Local location of the SAML 2.0 protocol XML schema definition. */ + String SAML2P_SCHEMA_LOCATION = SCHEMA_ROOT + "saml-schema-protocol-2.0.xsd"; + + /** URI of the STORK namespace. */ + String STORK_NS_URI = "urn:eu:stork:names:tc:STORK:1.0:assertion"; + + /** Prefix used for the STORK XML namespace. */ + String STORK_PREFIX = "stork"; + + /** Local location of the STORK XML schema definition. */ + String STORK_SCHEMA_LOCATION = SCHEMA_ROOT + "stork-schema-assertion-1.0.xsd"; + + /** URI of the STORK protocol namespace. */ + String STORKP_NS_URI = "urn:eu:stork:names:tc:STORK:1.0:protocol"; + + /** Prefix used for the STORK protocol XML namespace. */ + String STORKP_PREFIX = "storkp"; + + /** Local location of the STORK protocol XML schema definition. */ + String STORKP_SCHEMA_LOCATION = SCHEMA_ROOT + "stork-schema-protocol-1.0.xsd"; + + /** URI of the TSL namespace. */ + String TSL_NS_URI = "http://uri.etsi.org/02231/v2#"; + + /** Prefix used for the TSL namespace. */ + String TSL_PREFIX = "tsl1"; + + /** Local location of the TSL schema definition. */ + String TSL_SCHEMA_LOCATION = SCHEMA_ROOT + "ts_119612v010201_xsd.xsd"; + + /** URI of the TSL SIE namespace. */ + String TSL_SIE_NS_URI = "http://uri.etsi.org/TrstSvc/SvcInfoExt/eSigDir-1999-93-EC-TrustedList/#"; + + /** Prefix used for the TSL SIE namespace. */ + String TSL_SIE_PREFIX = "tslsie"; + + /** Local location of the TSL SIE schema definition. */ + String TSL_SIE_SCHEMA_LOCATION = SCHEMA_ROOT + "ts_119612v010201_sie_xsd.xsd"; + + /** URI of the TSL additional types namespace. */ + String TSL_ADDTYPES_NS_URI = "http://uri.etsi.org/02231/v2/additionaltypes#"; + + /** Prefix used for the TSL additional types namespace. */ + String TSL_ADDTYPES_PREFIX = "tsltype"; + + /** Local location of the TSL additional types schema definition. */ + String TSL_ADDTYPES_SCHEMA_LOCATION = SCHEMA_ROOT + "ts_ts_119612v010201_additionaltypes_xsd.xsd"; + + /** URI of the XML Encryption namespace. */ + String XENC_NS_URI = "http://www.w3.org/2001/04/xmlenc#"; + + /** Prefix used for the XML Encryption XML namespace. */ + String XENC_PREFIX = "xenc"; + + /** Local location of the XML Encryption XML schema definition. */ + String XENC_SCHEMA_LOCATION = SCHEMA_ROOT + "xenc-schema.xsd"; + + /** Prefix used for the XML Encryption XML namespace. */ + String SAML2_METADATA_PREFIX = "md"; + + /** Prefix used for the XML Encryption XML namespace. */ + String SAML2_METADATA_URI = "urn:oasis:names:tc:SAML:2.0:metadata"; + + /** Local location of the XML Encryption XML schema definition. */ + String SAML2_METADATA_SCHEMA_LOCATION = SCHEMA_ROOT + "saml-schema-metadata-2.0.xsd"; + + /* Prefix and Schema definition for eIDAS specific SAML2 extensions */ + String SAML2_eIDAS_EXTENSIONS_PREFIX = "eidas"; + String SAML2_eIDAS_EXTENSIONS = "http://eidas.europa.eu/saml-extensions"; + String SAML2_eIDAS_EXTENSIONS_SCHEMA_LOCATION = SCHEMA_ROOT + "eIDAS_saml_extensions.xsd"; + + /* Prefix and Schema for SAML2 Entity Attributes */ + String SAML2_MDATTR_EXTENSIONS_PREFIX = "mdattr"; + String SAML2_MDATTR_EXTENSIONS = "urn:oasis:names:tc:SAML:metadata:attribute"; + String SAML2_MDATTR_EXTENSIONS_SCHEMA_LOCATION = SCHEMA_ROOT + "sstc-metadata-attr.xsd"; + + /** + * Contains all namespaces and local schema locations for XML schema definitions + * relevant for MOA. For use in validating XML parsers. + */ + String ALL_SCHEMA_LOCATIONS = MOA_NS_URI + " " + MOA_SCHEMA_LOCATION + " " + MOA_CONFIG_NS_URI + " " + + MOA_CONFIG_SCHEMA_LOCATION + " " + MOA_ID_CONFIG_NS_URI + " " + MOA_ID_CONFIG_SCHEMA_LOCATION + " " + + SL10_NS_URI + " " + SL10_SCHEMA_LOCATION + " " + SL11_NS_URI + " " + SL11_SCHEMA_LOCATION + " " + SL12_NS_URI + + " " + SL12_SCHEMA_LOCATION + " " + ECDSA_NS_URI + " " + ECDSA_SCHEMA_LOCATION + " " + PD_NS_URI + " " + + PD_SCHEMA_LOCATION + " " + SAML_NS_URI + " " + SAML_SCHEMA_LOCATION + " " + SAMLP_NS_URI + " " + + SAMLP_SCHEMA_LOCATION + " " + XML_NS_URI + " " + XML_SCHEMA_LOCATION + " " + XSI_NS_URI + " " + + XSI_SCHEMA_LOCATION + " " + DSIG_NS_URI + " " + DSIG_SCHEMA_LOCATION + " " + DSIG_FILTER2_NS_URI + " " + + DSIG_FILTER2_SCHEMA_LOCATION + " " + DSIG_EC_NS_URI + " " + DSIG_EC_SCHEMA_LOCATION + " " + XMLLPR_NS_URI + " " + + XMLLPR_SCHEMA_LOCATION + " " + XADES_1_1_1_NS_URI + " " + XADES_1_1_1_SCHEMA_LOCATION + " " + XADES_1_2_2_NS_URI + + " " + XADES_1_2_2_SCHEMA_LOCATION + " " + XADES_1_3_2_NS_URI + " " + XADES_1_3_2_SCHEMA_LOCATION + " " + + XADES_1_4_1_NS_URI + " " + XADES_1_4_1_SCHEMA_LOCATION + " " + TSL_NS_URI + " " + TSL_SCHEMA_LOCATION + " " + + TSL_SIE_NS_URI + " " + TSL_SIE_SCHEMA_LOCATION + " " + TSL_ADDTYPES_NS_URI + " " + TSL_ADDTYPES_SCHEMA_LOCATION + + " " + SAML2_NS_URI + " " + SAML2_SCHEMA_LOCATION + " " + SAML2P_NS_URI + " " + SAML2P_SCHEMA_LOCATION + " " + + STORK_NS_URI + " " + STORK_SCHEMA_LOCATION + " " + STORKP_NS_URI + " " + STORKP_SCHEMA_LOCATION + " " + + SAML2_METADATA_URI + " " + SAML2_METADATA_SCHEMA_LOCATION + " " + XENC_NS_URI + " " + XENC_SCHEMA_LOCATION + " " + + SAML2_eIDAS_EXTENSIONS + " " + SAML2_eIDAS_EXTENSIONS_SCHEMA_LOCATION + " " + SAML2_MDATTR_EXTENSIONS + " " + + SAML2_MDATTR_EXTENSIONS_SCHEMA_LOCATION; + + /** Security Layer manifest type URI. */ + String SL_MANIFEST_TYPE_URI = "http://www.buergerkarte.at/specifications/Security-Layer/20020225#SignatureManifest"; + + /** URI of the SHA1 digest algorithm. */ + String SHA1_URI = "http://www.w3.org/2000/09/xmldsig#sha1"; + + /** URI of the SHA1 digest algorithm. */ + String SHA256_URI = "http://www.w3.org/2000/09/xmldsig#sha256"; + + /** URI of the SHA1 digest algorithm. */ + String SHA384_URI = "http://www.w3.org/2000/09/xmldsig#sha384"; + + /** URI of the SHA1 digest algorithm. */ + String SHA512_URI = "http://www.w3.org/2000/09/xmldsig#sha512"; + + String SHA3_256_URI = "http://www.w3.org/2007/05/xmldsig-more#sha3-256"; + + String SHA3_512_URI = "http://www.w3.org/2007/05/xmldsig-more#sha3-512"; + + /** URI of the Canonical XML algorithm. */ + String C14N_URI = "http://www.w3.org/TR/2001/REC-xml-c14n-20010315"; + + /** URI of the Canoncial XML with comments algorithm. */ + String C14N_WITH_COMMENTS_URI = "http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"; + + /** URI of the Exclusive Canonical XML algorithm. */ + String EXC_C14N_URI = "http://www.w3.org/2001/10/xml-exc-c14n#"; + + /** URI of the Exclusive Canonical XML with commments algorithm. */ + String EXC_C14N_WITH_COMMENTS_URI = "http://www.w3.org/2001/10/xml-exc-c14n#WithComments"; + + /** + * A map used to map namespace prefixes to namespace URIs. + */ + Map<String, String> nSMap = Collections.unmodifiableMap(new HashMap<String, String>() { + private static final long serialVersionUID = -4750456733381176033L; + + { + put(XmlNamespaceConstants.SAML_PREFIX, XmlNamespaceConstants.SAML_NS_URI); + put(XmlNamespaceConstants.ECDSA_PREFIX, "http://www.w3.org/2001/04/xmldsig-more#"); + put(XmlNamespaceConstants.DSIG_PREFIX, XmlNamespaceConstants.DSIG_NS_URI); + } + }); + +} diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/gui/GroupDefinition.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/gui/GroupDefinition.java index 5fdbe2bb..30491ca2 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/gui/GroupDefinition.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/gui/GroupDefinition.java @@ -31,4 +31,3 @@ public class GroupDefinition { } } - diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/gui/IGuiBuilderConfiguration.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/gui/IGuiBuilderConfiguration.java index 52fa7f45..55197b52 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/gui/IGuiBuilderConfiguration.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/gui/IGuiBuilderConfiguration.java @@ -29,7 +29,6 @@ import java.util.Map; */ public interface IGuiBuilderConfiguration { - /** * Define the name of the template (with suffix) which should be used. * diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/gui/IGuiBuilderConfigurationFactory.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/gui/IGuiBuilderConfigurationFactory.java index b01990af..ed888f87 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/gui/IGuiBuilderConfigurationFactory.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/gui/IGuiBuilderConfigurationFactory.java @@ -17,11 +17,11 @@ * works that you distribute must include a readable copy of the "NOTICE" text file. */ - package at.gv.egiz.eaaf.core.api.gui; import java.net.MalformedURLException; import java.net.URI; + import at.gv.egiz.eaaf.core.api.IRequest; public interface IGuiBuilderConfigurationFactory { @@ -37,17 +37,18 @@ public interface IGuiBuilderConfigurationFactory { /** * Default Velocity based GUI builder configuration. * - * <p> - * Manly used for SAML2 POST-Binding - * </p> + * <p> + * Manly used for SAML2 POST-Binding + * </p> * - * @param pendingReq Current processed pending-request but never null - * @param viewName Name of the default template (with suffix) but never null + * @param pendingReq Current processed pending-request but never null + * @param viewName Name of the default template (with suffix) but + * never null * @param configRootContextDir Path to configuration root directory * @return GUI builder configuration * @throws MalformedURLException If configRootContextDir is not a valid URI */ - IVelocityGuiBuilderConfiguration getSpSpecificSaml2PostConfiguration(IRequest pendingReq, - String viewName, URI configRootContextDir) throws MalformedURLException; + IVelocityGuiBuilderConfiguration getSpSpecificSaml2PostConfiguration(IRequest pendingReq, String viewName, + URI configRootContextDir) throws MalformedURLException; } diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/gui/IGuiFormBuilder.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/gui/IGuiFormBuilder.java index f0811021..d376d17b 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/gui/IGuiFormBuilder.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/gui/IGuiFormBuilder.java @@ -21,6 +21,7 @@ package at.gv.egiz.eaaf.core.api.gui; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; + import at.gv.egiz.eaaf.core.exceptions.GuiBuildException; /** @@ -31,40 +32,38 @@ import at.gv.egiz.eaaf.core.exceptions.GuiBuildException; */ public interface IGuiFormBuilder { - - /** - * Parse a GUI template, with parameters into a http servlet-response and use the default - * http-response content-type. <br> + * Parse a GUI template, with parameters into a http servlet-response and use + * the default http-response content-type. <br> * <br> - * The parser use the <code>VelocityEngine</code> as internal template evaluator. + * The parser use the <code>VelocityEngine</code> as internal template + * evaluator. * - * @param httpReq http-request object - * @param httpResp http-response object - * @param config Configuration object + * @param httpReq http-request object + * @param httpResp http-response object + * @param config Configuration object * @param loggerName String, which should be used from logger * * @throws GuiBuildException in case of an error */ - void build(HttpServletRequest httpReq, HttpServletResponse httpResp, - IGuiBuilderConfiguration config, String loggerName) throws GuiBuildException; + void build(HttpServletRequest httpReq, HttpServletResponse httpResp, IGuiBuilderConfiguration config, + String loggerName) throws GuiBuildException; /** * Parse a GUI template, with parameters into a http servlet-response. <br> * <br> - * The parser use the <code>VelocityEngine</code> as internal template evaluator. + * The parser use the <code>VelocityEngine</code> as internal template + * evaluator. * - * @param httpReq http-request object - * @param httpResp http-response object - * @param config Configuration object + * @param httpReq http-request object + * @param httpResp http-response object + * @param config Configuration object * @param contentType http-response content-type, which should be set - * @param loggerName String, which should be used from logger + * @param loggerName String, which should be used from logger * * @throws GuiBuildException in case of an error */ - void build(HttpServletRequest httpReq, HttpServletResponse httpResp, - IGuiBuilderConfiguration config, String contentType, String loggerName) - throws GuiBuildException; - + void build(HttpServletRequest httpReq, HttpServletResponse httpResp, IGuiBuilderConfiguration config, + String contentType, String loggerName) throws GuiBuildException; } diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/gui/IVelocityGuiBuilderConfiguration.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/gui/IVelocityGuiBuilderConfiguration.java index 151f1eeb..47de65ff 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/gui/IVelocityGuiBuilderConfiguration.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/gui/IVelocityGuiBuilderConfiguration.java @@ -4,8 +4,9 @@ import java.io.InputStream; public interface IVelocityGuiBuilderConfiguration extends IGuiBuilderConfiguration { /** - * Get a specific classpath template-directory prefix, which is used to load a template from - * classpath by using <code>ClassLoader.getResourceAsStream(...)</code>. + * Get a specific classpath template-directory prefix, which is used to load a + * template from classpath by using + * <code>ClassLoader.getResourceAsStream(...)</code>. * * @return Classpath directory, or null if the default directory should be used */ @@ -15,8 +16,8 @@ public interface IVelocityGuiBuilderConfiguration extends IGuiBuilderConfigurati * Get the GUI template with a specific name. * * @param viewName Name of the template - * @return Tempate as <code>InputStream</code>, or null if default getTemplate method should be - * used + * @return Tempate as <code>InputStream</code>, or null if default getTemplate + * method should be used */ InputStream getTemplate(String viewName); diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/gui/ModifyableGuiBuilderConfiguration.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/gui/ModifyableGuiBuilderConfiguration.java index 9d6b10ef..9c4a4471 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/gui/ModifyableGuiBuilderConfiguration.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/gui/ModifyableGuiBuilderConfiguration.java @@ -26,24 +26,27 @@ public interface ModifyableGuiBuilderConfiguration { /** * Add a key/value pair into Velocity context.<br> - * <b>IMPORTANT:</b> external HTML escapetion is required, because it is NOT done internally + * <b>IMPORTANT:</b> external HTML escapetion is required, because it is NOT + * done internally * - * @param group Group element of the key parameter, or null if root element should be set - * @param key velocity context key, can be null in case of List based group element + * @param group Group element of the key parameter, or null if root element + * should be set + * @param key velocity context key, can be null in case of List based group + * element * @param value of this key */ - void putCustomParameterWithOutEscaption(@Nullable GroupDefinition group, @Nullable String key, - @Nonnull Object value); + void putCustomParameterWithOutEscaption(@Nullable GroupDefinition group, @Nullable String key, @Nonnull Object value); /** * Add a key/value pair into Velocity context.<br> * All parameters get escaped internally * - * @param group Group element of the key parameter, or null if root element should be set - * @param key velocity context key, can be null in case of List based group element + * @param group Group element of the key parameter, or null if root element + * should be set + * @param key velocity context key, can be null in case of List based group + * element * @param value of this key */ - void putCustomParameter(@Nullable GroupDefinition group, @Nullable String key, - @Nonnull String value); + void putCustomParameter(@Nullable GroupDefinition group, @Nullable String key, @Nonnull String value); } diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/EaafAuthProcessDataConstants.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/EaafAuthProcessDataConstants.java index 5963dc5f..98c59236 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/EaafAuthProcessDataConstants.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/EaafAuthProcessDataConstants.java @@ -37,5 +37,4 @@ public interface EaafAuthProcessDataConstants { @Deprecated String VALUE_MISMANDATE = "direct_MIS_Mandate"; - } diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IAction.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IAction.java index e2d553fb..9a057801 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IAction.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IAction.java @@ -21,24 +21,23 @@ package at.gv.egiz.eaaf.core.api.idp; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; + import at.gv.egiz.eaaf.core.api.IRequest; import at.gv.egiz.eaaf.core.api.idp.slo.SloInformationInterface; import at.gv.egiz.eaaf.core.exceptions.EaafException; - /** - * Basic interface of a specific operation that is requested by an authentication protocol - * implementation. + * Basic interface of a specific operation that is requested by an + * authentication protocol implementation. * * @author tlenz * */ public interface IAction { - SloInformationInterface processRequest(IRequest req, HttpServletRequest httpReq, - HttpServletResponse httpResp, IAuthData authData) throws EaafException; + SloInformationInterface processRequest(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp, + IAuthData authData) throws EaafException; - boolean needAuthentication(IRequest req, HttpServletRequest httpReq, - HttpServletResponse httpResp); + boolean needAuthentication(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp); String getDefaultActionName(); } diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IAttributeBuilder.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IAttributeBuilder.java index 86739725..9c451282 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IAttributeBuilder.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IAttributeBuilder.java @@ -24,8 +24,8 @@ import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException; public interface IAttributeBuilder { String getName(); - <ATT> ATT build(final IspConfiguration oaParam, final IAuthData authData, - final IAttributeGenerator<ATT> g) throws AttributeBuilderException; + <ATT> ATT build(final ISpConfiguration oaParam, final IAuthData authData, final IAttributeGenerator<ATT> g) + throws AttributeBuilderException; <ATT> ATT buildEmpty(final IAttributeGenerator<ATT> g); } diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IAttributeGenerator.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IAttributeGenerator.java index 34f1f73f..072f76e6 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IAttributeGenerator.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IAttributeGenerator.java @@ -24,18 +24,15 @@ public interface IAttributeGenerator<ATT> { * Protocol attribute generator. * * @param friendlyName FriendlyName - * @param name Name - * @param value value + * @param name Name + * @param value value * @return */ - ATT buildStringAttribute(final String friendlyName, final String name, - final String value); + ATT buildStringAttribute(final String friendlyName, final String name, final String value); - ATT buildIntegerAttribute(final String friendlyName, final String name, - final int value); + ATT buildIntegerAttribute(final String friendlyName, final String name, final int value); - ATT buildLongAttribute(final String friendlyName, final String name, - final long value); + ATT buildLongAttribute(final String friendlyName, final String name, final long value); ATT buildEmptyAttribute(final String friendlyName, final String name); } diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IAuthData.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IAuthData.java index de18319b..ed2c6316 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IAuthData.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IAuthData.java @@ -21,6 +21,7 @@ package at.gv.egiz.eaaf.core.api.idp; import java.util.Date; import java.util.List; + import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink; import at.gv.egiz.eaaf.core.impl.data.Pair; @@ -35,7 +36,8 @@ public interface IAuthData { /** * BaseId transfer policy. * - * @return true if baseID transfer to service provider is allowed, otherwise false + * @return true if baseID transfer to service provider is allowed, otherwise + * false */ boolean isBaseIdTransferRestrication(); @@ -60,7 +62,6 @@ public interface IAuthData { */ String getAuthenticationIssueInstantString(); - /** * Familyname of the user. * @@ -111,7 +112,6 @@ public interface IAuthData { */ String getEidasQaaLevel(); - /** * Indicates that the user is a foreigner. * @@ -126,9 +126,9 @@ public interface IAuthData { */ String getCiticenCountryCode(); - /** - * Indicate that the authentication was done by using an active single sign-on session. + * Indicate that the authentication was done by using an active single sign-on + * session. * * @return true if it an SSO session was used, otherwise false */ @@ -141,9 +141,9 @@ public interface IAuthData { */ Date getSsoSessionValidTo(); - /** - * SessionIndex, if it was an reauthentication on a service provider by using the same SSO session. + * SessionIndex, if it was an reauthentication on a service provider by using + * the same SSO session. * * @return */ @@ -163,17 +163,15 @@ public interface IAuthData { */ String getNameIdFormat(); - /** * Get generic information for this authenticated user. * - * @param key Identifier for the generic data + * @param key Identifier for the generic data * @param clazz Type of the generic data * @return return the generic data of specific type, otherwise null */ <T> T getGenericData(String key, final Class<T> clazz); - /** * Get bPK of the user. * @@ -191,7 +189,6 @@ public interface IAuthData { @Deprecated String getBpkType(); - /** * Get List of bPK/bPKType tuples for this service provider. * @@ -209,14 +206,14 @@ public interface IAuthData { String getIdentificationValue(); /** - * Get type identifier of the baseId By default, this type is urn:publicid:gv.at:baseid. + * Get type identifier of the baseId By default, this type is + * urn:publicid:gv.at:baseid. * * @return */ @Deprecated String getIdentificationType(); - /** * Get the identityLink for the authenticated user. * diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IAuthenticationDataBuilder.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IAuthenticationDataBuilder.java index 519c4f5e..8c99b783 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IAuthenticationDataBuilder.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IAuthenticationDataBuilder.java @@ -26,6 +26,4 @@ public interface IAuthenticationDataBuilder { IAuthData buildAuthenticationData(IRequest pendingReq) throws EaafAuthenticationException; - - } diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IConfiguration.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IConfiguration.java index 5bb750ed..b9ba9869 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IConfiguration.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IConfiguration.java @@ -31,17 +31,15 @@ public interface IConfiguration { */ String getBasicConfiguration(final String key); - /** * Get a configuration value from file based configuration. * - * @param key configuration key + * @param key configuration key * @param defaultValue Default value if no value with this key is found * @return configuration value */ String getBasicConfiguration(final String key, final String defaultValue); - /** * Get a configuration value from file based configuration. * @@ -54,14 +52,13 @@ public interface IConfiguration { /** * Get a configuration value from file based configuration. * - * @param key configuration key + * @param key configuration key * @param defaultValue Default value if no value with this key is found * @return configuration value as {@link Boolean} or <code>defaultValue</code> * if key does not exist */ boolean getBasicConfigurationBoolean(final String key, final boolean defaultValue); - /** * Get the root directory of the configuration folder. * @@ -69,5 +66,4 @@ public interface IConfiguration { */ URI getConfigurationRootDirectory(); - } diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IConfigurationWithSP.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IConfigurationWithSP.java index 9e5786b6..1ab27e7f 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IConfigurationWithSP.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IConfigurationWithSP.java @@ -2,45 +2,47 @@ package at.gv.egiz.eaaf.core.api.idp; import java.net.URL; import java.util.Map; + import javax.annotation.Nullable; + import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException; import at.gv.egiz.eaaf.core.exceptions.EaafException; public interface IConfigurationWithSP extends IConfiguration { - String CONFIG_PROPS_AUTH_DEFAULT_COUNTRYCODE = - "configuration.auth.default.countrycode"; - + String CONFIG_PROPS_AUTH_DEFAULT_COUNTRYCODE = "configuration.auth.default.countrycode"; /** * Get a configuration entry for a specific Service Provider. * * @param uniqueID Unique identifier of the Service Provider - * @return {@link IspConfiguration} or <code>null</code> if no SP configuration was found - * @throws EaafConfigurationException In case of a Service-Provider loading error + * @return {@link ISpConfiguration} or <code>null</code> if no SP configuration + * was found + * @throws EaafConfigurationException In case of a Service-Provider loading + * error */ @Nullable - IspConfiguration getServiceProviderConfiguration(final String uniqueID) - throws EaafConfigurationException; - + ISpConfiguration getServiceProviderConfiguration(final String uniqueID) throws EaafConfigurationException; /** - * Get a configuration entry for a specific Service Provider that is decorated by a Object. + * Get a configuration entry for a specific Service Provider that is decorated + * by a Object. * * @param spIdentifier EntityID of a Service Provider - * @param decorator Decorator that should be used to decorate the result. This decorator has to be - * implement or extend the {@link IspConfiguration} interface + * @param decorator Decorator that should be used to decorate the result. + * This decorator has to be implement or extend the + * {@link ISpConfiguration} interface * @return <code>T</code> or <code>null</code> if no SP configuration was found - * @throws EaafConfigurationException In case of a Service-Provider loading error + * @throws EaafConfigurationException In case of a Service-Provider loading + * error */ @Nullable <T> T getServiceProviderConfiguration(String spIdentifier, final Class<T> decorator) throws EaafConfigurationException; - /** - * Get a set of configuration values from file based configuration that starts with this prefix. - * <br> + * Get a set of configuration values from file based configuration that starts + * with this prefix. <br> * <br> * <b>Important:</b> The configuration values must be of type String! * @@ -53,7 +55,8 @@ public interface IConfigurationWithSP extends IConfiguration { * Validate a URL if it it is allowed by configuration. * * @param authReqUrl URL for validation - * @return URL of the application context if the authReqUrl was valid, otherwise null + * @return URL of the application context if the authReqUrl was valid, otherwise + * null */ String validateIdpUrl(URL authReqUrl) throws EaafException; } diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IEidAuthData.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IEidAuthData.java index 97951d40..323e4aeb 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IEidAuthData.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IEidAuthData.java @@ -1,6 +1,6 @@ package at.gv.egiz.eaaf.core.api.idp; -import at.gv.egiz.eaaf.core.api.data.PVPAttributeDefinitions; +import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions; public interface IEidAuthData extends IAuthData { @@ -11,7 +11,6 @@ public interface IEidAuthData extends IAuthData { */ byte[] getSignerCertificate(); - /** * Get the serialized E-ID token that can be used to validate the Identity-Link. * @@ -19,14 +18,12 @@ public interface IEidAuthData extends IAuthData { */ byte[] getEidToken(); - /** * Get the status of the E-ID. * - * @return {@link PVPAttributeDefinitions.EID_IDENTITY_STATUS_LEVEL_VALUES} + * @return {@link PvpAttributeDefinitions.EidIdentityStatusLevelValues} */ - PVPAttributeDefinitions.EID_IDENTITY_STATUS_LEVEL_VALUES getEidStatus(); - + PvpAttributeDefinitions.EidIdentityStatusLevelValues getEidStatus(); /** * Get the URL of the VDA EndPoint, that was used for authentication. @@ -35,7 +32,6 @@ public interface IEidAuthData extends IAuthData { */ String getVdaEndPointUrl(); - /** * Flag that mandates are used. * diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IModulInfo.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IModulInfo.java index 8dc30568..4834f15e 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IModulInfo.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IModulInfo.java @@ -21,6 +21,7 @@ package at.gv.egiz.eaaf.core.api.idp; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; + import at.gv.egiz.eaaf.core.api.IRequest; /** @@ -49,25 +50,26 @@ public interface IModulInfo { * Generates a protocol specific error message. * * - * @param e Exception that contains the error message - * @param request httpRequest object from servlet container - * @param response httpResponse object from servlet container + * @param e Exception that contains the error message + * @param request httpRequest object from servlet container + * @param response httpResponse object from servlet container * @param protocolRequest incoming protocol request - * @return return <i>true</i> if a protocol specific error message was generated, otherwise - * <i>false</i> - * @throws Throwable In case of an internal error during error message generation + * @return return <i>true</i> if a protocol specific error message was + * generated, otherwise <i>false</i> + * @throws Throwable In case of an internal error during error message + * generation */ - boolean generateErrorMessage(Throwable e, HttpServletRequest request, - HttpServletResponse response, IRequest protocolRequest) throws Throwable; + boolean generateErrorMessage(Throwable e, HttpServletRequest request, HttpServletResponse response, + IRequest protocolRequest) throws Throwable; /** * additional validation of a incoming authentication request. * - * @param request httpRequest object from servlet container + * @param request httpRequest object from servlet container * @param response httpResponse object from servlet container - * @param pending incoming protocol request - * @return return <i>true</i> if the incoming request is valid, otherwise <i>false</i> + * @param pending incoming protocol request + * @return return <i>true</i> if the incoming request is valid, otherwise + * <i>false</i> */ - boolean validate(HttpServletRequest request, HttpServletResponse response, - IRequest pending); + boolean validate(HttpServletRequest request, HttpServletResponse response, IRequest pending); } diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IPvpAttributeBuilder.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IPvpAttributeBuilder.java index c1cb38f7..5115327d 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IPvpAttributeBuilder.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IPvpAttributeBuilder.java @@ -19,8 +19,8 @@ package at.gv.egiz.eaaf.core.api.idp; -import at.gv.egiz.eaaf.core.api.data.PVPAttributeDefinitions; +import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions; -public interface IPvpAttributeBuilder extends PVPAttributeDefinitions, IAttributeBuilder { +public interface IPvpAttributeBuilder extends PvpAttributeDefinitions, IAttributeBuilder { } diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IspConfiguration.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/ISpConfiguration.java index ab3ab87c..5a16f655 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IspConfiguration.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/ISpConfiguration.java @@ -23,15 +23,12 @@ import java.io.Serializable; import java.util.List; import java.util.Map; -public interface IspConfiguration extends Serializable { +public interface ISpConfiguration extends Serializable { - String CONFIG_KEY_RESTRICTIONS_BASEID_INTERNAL = - "configuration.restrictions.baseID.idpProcessing"; - String CONFIG_KEY_RESTRICTIONS_BASEID_TRANSMISSION = - "configuration.restrictions.baseID.spTransmission"; + String CONFIG_KEY_RESTRICTIONS_BASEID_INTERNAL = "configuration.restrictions.baseID.idpProcessing"; + String CONFIG_KEY_RESTRICTIONS_BASEID_TRANSMISSION = "configuration.restrictions.baseID.spTransmission"; - String CONFIG_KEY_RESTRICTIONS_EID_DEMO_MODE = - "configuration.restrictions.eIDTestMode"; + String CONFIG_KEY_RESTRICTIONS_EID_DEMO_MODE = "configuration.restrictions.eIDTestMode"; /** * Get the full key/value configuration for this Service Provider. @@ -51,32 +48,35 @@ public interface IspConfiguration extends Serializable { /** * Get a configuration value from Service Provider key/value configuration. * - * @param key The key identifier of a configuration value + * @param key The key identifier of a configuration value * @param defaultValue Default value if key does not exist - * @return The configuration value {String} or defaultValue if the key does not exist + * @return The configuration value {String} or defaultValue if the key does not + * exist */ String getConfigurationValue(String key, String defaultValue); /** - * Get a boolean configuration value from Service Provider key/value configuration. + * Get a boolean configuration value from Service Provider key/value + * configuration. * * @param key The key identifier of a configuration value * @return true / false, or false if the key does not exist */ boolean isConfigurationValue(String key); - /** - * Get a boolean configuration value from Service Provider key/value configuration. + * Get a boolean configuration value from Service Provider key/value + * configuration. * - * @param key The key identifier of a configuration value + * @param key The key identifier of a configuration value * @param defaultValue Default value if key does not exist * @return true / false, or defaultValue if the key does not exist */ boolean isConfigurationValue(String key, boolean defaultValue); /** - * Check if a configuration key is available in this Service Provider configuration. + * Check if a configuration key is available in this Service Provider + * configuration. * * @param key The key identifier of a configuration value * @return true if the configuration key exists, otherwise false @@ -98,34 +98,36 @@ public interface IspConfiguration extends Serializable { String getFriendlyName(); /** - * Indicates if this service provider has private area restrictions that disallow baseId. - * processing in general * + * Indicates if this service provider has private area restrictions that + * disallow baseId. processing in general * * * @return true if there is a restriction, otherwise false */ boolean hasBaseIdInternalProcessingRestriction(); - /** - * Indicates if this service provider has private area restrictions that disallow baseId transfer. - * to SP + * Indicates if this service provider has private area restrictions that + * disallow baseId transfer. to SP * * @return true if there is a restriction, otherwise false */ boolean hasBaseIdTransferRestriction(); /** - * Get the {@link List} of identifier's that indicates no baseID processing restriction - * exists.<br> - * This list can be configured by key: "configuration.restrictions.baseID.idpProcessing" + * Get the {@link List} of identifier's that indicates no baseID processing + * restriction exists.<br> + * This list can be configured by key: + * "configuration.restrictions.baseID.idpProcessing" * * @return */ List<String> getTargetsWithNoBaseIdInternalProcessingRestriction(); /** - * Get the {@link List} of identifier's that indicates no baseID transfer restriction exists.<br> - * This list can be configured by key: "configuration.restrictions.baseID.spTransmission" + * Get the {@link List} of identifier's that indicates no baseID transfer + * restriction exists.<br> + * This list can be configured by key: + * "configuration.restrictions.baseID.spTransmission" * * @return */ @@ -134,8 +136,9 @@ public interface IspConfiguration extends Serializable { /** * Get the List eIDAS LoA that are required by this service provider. * - * {@link EAAFConstants.EIDAS_LOA_LOW} {@link EAAFConstants.EIDAS_LOA_SUBSTANTIAL} - * {@link EAAFConstants.EIDAS_LOA_HIGH} or any other non-notified LoA scheme + * {@link at.gv.egiz.eaaf.core.api.data.EaafConstants.EIDAS_LOA_LOW} + * {@link at.gv.egiz.eaaf.core.api.data.EaafConstants.EIDAS_LOA_SUBSTANTIAL} + * {@link at.gv.egiz.eaaf.core.api.data.EaafConstants.EIDAS_LOA_HIGH} or any other non-notified LoA scheme * * @return return List of eIDAS LoAs */ @@ -149,11 +152,10 @@ public interface IspConfiguration extends Serializable { */ String getLoAMatchingMode(); - /** - * Get the full area-identifier for this service provider to calculate the area-specific unique - * person identifier (bPK, wbPK, eIDAS unique identifier, ...). This identifier always contains - * the full prefix + * Get the full area-identifier for this service provider to calculate the + * area-specific unique person identifier (bPK, wbPK, eIDAS unique identifier, + * ...). This identifier always contains the full prefix * * @return area identifier with prefix */ diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/IAuthenticationManager.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/IAuthenticationManager.java index 7c100d1d..3dba4e78 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/IAuthenticationManager.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/IAuthenticationManager.java @@ -21,6 +21,7 @@ package at.gv.egiz.eaaf.core.api.idp.auth; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; + import at.gv.egiz.eaaf.core.api.IRequest; import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; import at.gv.egiz.eaaf.core.api.idp.slo.ISloInformationContainer; @@ -33,60 +34,57 @@ public interface IAuthenticationManager { int EVENT_AUTHENTICATION_PROCESS_FINISHED = 4001; int EVENT_AUTHENTICATION_PROCESS_ERROR = 4002; - /** - * Add a request parameter to whitelist. All parameters that are part of the white list are added - * into {@link ExecutionContext} + * Add a request parameter to whitelist. All parameters that are part of the + * white list are added into {@link ExecutionContext} * * @param httpReqParam http parameter name, but never null */ void addParameterNameToWhiteList(String httpReqParam); /** - * Add a request header to whitelist. All parameters that are part of the white list are added - * into {@link ExecutionContext} + * Add a request header to whitelist. All parameters that are part of the white + * list are added into {@link ExecutionContext} * * @param httpReqParam http header name, but never null */ void addHeaderNameToWhiteList(String httpReqParam); - /** * Starts an authentication process for a specific pending request. * - * @param httpReq http servlet request - * @param httpResp http servlet response + * @param httpReq http servlet request + * @param httpResp http servlet response * @param pendingReq Pending request for that an authentication is required * @return true if the pending request is already authenticated, otherwise false * @throws EaafException In case of an authentication error */ - boolean doAuthentication(HttpServletRequest httpReq, HttpServletResponse httpResp, - IRequest pendingReq) throws EaafException; + boolean doAuthentication(HttpServletRequest httpReq, HttpServletResponse httpResp, IRequest pendingReq) + throws EaafException; /** * Close an active authenticated session on IDP side. * - * @param request http servlet request - * @param response http servlet response - * @param pendingReq ReqPending request for that an authentication session should be closed + * @param request http servlet request + * @param response http servlet response + * @param pendingReq ReqPending request for that an authentication session + * should be closed */ - void performOnlyIdpLogOut(HttpServletRequest request, HttpServletResponse response, - IRequest pendingReq); - + void performOnlyIdpLogOut(HttpServletRequest request, HttpServletResponse response, IRequest pendingReq); /** - * Close an active authenticated session on IDP side and get a list authenticated service - * providers. + * Close an active authenticated session on IDP side and get a list + * authenticated service providers. * - * @param httpReq http servlet request - * @param httpResp http servlet response - * @param pendingReq ReqPending request for that an authentication session should be closed + * @param httpReq http servlet request + * @param httpResp http servlet response + * @param pendingReq ReqPending request for that an authentication session + * should be closed * @param internalSsoId internal SSO session identifier * @return A container that contains all active SP sessions * @throws EaafException In case of an internal SLO error */ - ISloInformationContainer performSingleLogOut(HttpServletRequest httpReq, - HttpServletResponse httpResp, IRequest pendingReq, String internalSsoId) throws EaafException; - + ISloInformationContainer performSingleLogOut(HttpServletRequest httpReq, HttpServletResponse httpResp, + IRequest pendingReq, String internalSsoId) throws EaafException; } diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/ISsoManager.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/ISsoManager.java index 65c388e8..f0d6cfca 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/ISsoManager.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/ISsoManager.java @@ -21,6 +21,7 @@ package at.gv.egiz.eaaf.core.api.idp.auth; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; + import at.gv.egiz.eaaf.core.api.IRequest; import at.gv.egiz.eaaf.core.api.idp.slo.SloInformationInterface; import at.gv.egiz.eaaf.core.exceptions.EaafSsoException; @@ -31,97 +32,91 @@ public interface ISsoManager { int EVENT_SSO_SESSION_INVALID = -1; int EVENT_SSO_SESSION_VALID = -1; - String PROCESS_ENGINE_SSO_CONSENTS_EVALUATION = "ssoconsentsevaluation"; String AUTH_DATA_SSO_SESSIONID = "eaaf_authdata_sso_sessionId"; - /** - * Check if there is an active and valid SSO session for the current pending request. <br> - * If there is an active SSO session, the pending request will be populated with eID information - * from SSO session + * Check if there is an active and valid SSO session for the current pending + * request. <br> + * If there is an active SSO session, the pending request will be populated with + * eID information from SSO session * * @param pendingReq Current incoming pending request - * @param httpReq http Servlet request - * @param httpResp http Servlet response + * @param httpReq http Servlet request + * @param httpResp http Servlet response * @return true if there is a valid SSO session, otherwise false * @throws EaafSsoException In case of an internal error */ - boolean checkAndValidateSsoSession(IRequest pendingReq, HttpServletRequest httpReq, - HttpServletResponse httpResp) throws EaafSsoException; + boolean checkAndValidateSsoSession(IRequest pendingReq, HttpServletRequest httpReq, HttpServletResponse httpResp) + throws EaafSsoException; /** * Populate service provider specific SSO settings. * * <p> - * Check if Single Sign-On is allowed for the current pending request and the requested service - * provider Set IRequest.needSingleSignOnFunctionality() to true if SSO is allowed + * Check if Single Sign-On is allowed for the current pending request and the + * requested service provider Set IRequest.needSingleSignOnFunctionality() to + * true if SSO is allowed * </p> * * @param pendingReq Current incoming pending request - * @param httpReq http Servlet request + * @param httpReq http Servlet request */ void isSsoAllowedForSp(IRequest pendingReq, HttpServletRequest httpReq); - /** - * Populate the current pending request with eID information from an existing SSO session. + * Populate the current pending request with eID information from an existing + * SSO session. * * @param pendingReq pending request that should be populated by SSO session - * @throws EaafSsoException if pending request contains no SSO information or population failed + * @throws EaafSsoException if pending request contains no SSO information or + * population failed */ void populatePendingRequestWithSsoInformation(IRequest pendingReq) throws EaafSsoException; - /** * Destroy an active SSO session on IDP site only. * - * @param httpReq http servlet request - * @param httpResp http servlet response + * @param httpReq http servlet request + * @param httpResp http servlet response * @param pendingReq current pending request * @return true if a SSO session was closed successfully, otherwise false * @throws EaafSsoException in case of an internal processing error */ - boolean destroySsoSessionOnIdpOnly(HttpServletRequest httpReq, - HttpServletResponse httpResp, IRequest pendingReq) throws EaafSsoException; - - + boolean destroySsoSessionOnIdpOnly(HttpServletRequest httpReq, HttpServletResponse httpResp, IRequest pendingReq) + throws EaafSsoException; /** - * Create a new SSO session-cookie for a specific pendingRequest and add it into http response. + * Create a new SSO session-cookie for a specific pendingRequest and add it into + * http response. * - * @param req http Request - * @param resp http Response + * @param req http Request + * @param resp http Response * @param pendingReq Current open PendingRequest * @return new created SSO identifier * @throws EaafSsoException In case of an internal error */ - String createNewSsoSessionCookie(HttpServletRequest req, HttpServletResponse resp, - IRequest pendingReq) throws EaafSsoException; - + String createNewSsoSessionCookie(HttpServletRequest req, HttpServletResponse resp, IRequest pendingReq) + throws EaafSsoException; /** * Create a new SSO session in database. * - * @param pendingReq current pending request + * @param pendingReq current pending request * @param newSsoSessionId new SSO sessionId * @throws EaafSsoException In case of an internal error */ - void createNewSsoSession(IRequest pendingReq, String newSsoSessionId) - throws EaafSsoException; - + void createNewSsoSession(IRequest pendingReq, String newSsoSessionId) throws EaafSsoException; /** * Updateing an existing SSO session in database. * - * @param pendingReq current pending request + * @param pendingReq current pending request * @param newSsoSessionId new SSO session Id - * @param sloInformation SLO information container + * @param sloInformation SLO information container * @throws EaafSsoException In case of an internal error */ - void updateSsoSession(IRequest pendingReq, String newSsoSessionId, - SloInformationInterface sloInformation) throws EaafSsoException; - - + void updateSsoSession(IRequest pendingReq, String newSsoSessionId, SloInformationInterface sloInformation) + throws EaafSsoException; } diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/data/IAuthProcessDataContainer.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/data/IAuthProcessDataContainer.java index 77fc025c..60224ea6 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/data/IAuthProcessDataContainer.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/data/IAuthProcessDataContainer.java @@ -1,4 +1,4 @@ -/******************************************************************************* +/* * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology. * @@ -11,15 +11,12 @@ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express * or implied. See the Licence for the specific language governing permissions and limitations under * the Licence. - * + * * This product combines work with different licenses. See the "NOTICE" text file for details on the * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative * works that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -/******************************************************************************* - *******************************************************************************/ -/******************************************************************************* - *******************************************************************************/ +*/ + package at.gv.egiz.eaaf.core.api.idp.auth.data; import java.util.Date; @@ -31,36 +28,36 @@ public interface IAuthProcessDataContainer { /** * Returns the issuing time of the AUTH-Block SAML assertion. - * + * * @return The issuing time of the AUTH-Block SAML assertion. */ String getIssueInstant(); /** * Sets the issuing time of the AUTH-Block SAML assertion. - * + * * @param issueInstant The issueInstant to set. */ void setIssueInstant(String issueInstant); /** - * Indicate if the authentication process is finished - * + * Indicate if the authentication process is finished. + * * @return */ boolean isAuthenticated(); /** - * Mark the authentication as authenticated, which means that the authenication process is - * completed - * - * @param authenticated + * Mark the authentication as authenticated, which means that the authenication + * process is completed. + * + * @param authenticated If true, the authentication-process is marked as finished */ void setAuthenticated(boolean authenticated); /** * Returns the identityLink. - * + * * @return IdentityLink */ @Deprecated @@ -68,84 +65,84 @@ public interface IAuthProcessDataContainer { /** * Sets the identityLink. - * + * * @param identityLink The identityLink to set */ @Deprecated void setIdentityLink(IIdentityLink identityLink); - /** - * Flag marks the authentication process as new E-ID process - * + * Flag marks the authentication process as new E-ID process. + * * @return true if E-ID process, otherwise false */ - boolean isEIDProcess(); - + boolean isEidProcess(); /** - * Set the flag to make the process as new E-ID process - * + * Set the flag to make the process as new E-ID process. + * * @param value true if new E-ID process, otherwise false */ - void setEIDProcess(boolean value); + void setEidProcess(boolean value); /** * Indicate that mandates was used in this auth. process - * + * * @return */ boolean isMandateUsed(); /** * Mark that mandates was used in this auth. process - * - * @param useMandates + * + * @param useMandates true, if mandates are used */ void setUseMandates(boolean useMandates); /** * Indicate that the auth. process was performed by a foreigner - * + * * @return */ boolean isForeigner(); /** * Mark that the auth. process was done by a foreigner - * - * @param isForeigner + * + * @param isForeigner true, if citizenn is a foreigner */ void setForeigner(boolean isForeigner); /** * Indicate that the auth. process was performed by an official representatives - * + * * @return is official representatives */ boolean isOW(); /** * Mark that the auth. process was done by an official representatives - * + * */ void setOW(boolean isOW); /** - * eIDAS QAA level - * + * eIDAS QAA level. + * * @return the qAALevel */ - String getQAALevel(); + String getQaaLevel(); /** - * set QAA level in eIDAS form - * - * @param qAALevel the qAALevel to set + * set QAA level in eIDAS form. + * + * @param qaaLevel the qAALevel to set */ - void setQAALevel(String qAALevel); + void setQaaLevel(String qaaLevel); /** + * Get Timestamp when session was created. + * * @return the sessionCreated */ Date getSessionCreated(); @@ -153,30 +150,32 @@ public interface IAuthProcessDataContainer { Map<String, Object> getGenericSessionDataStorage(); /** - * Returns a generic session-data object with is stored with a specific identifier - * + * Returns a generic session-data object with is stored with a specific + * identifier. + * * @param key The specific identifier of the session-data object * @return The session-data object or null if no data is found with this key */ Object getGenericDataFromSession(String key); /** - * Returns a generic session-data object with is stored with a specific identifier - * - * @param key The specific identifier of the session-data object + * Returns a generic session-data object with is stored with a specific + * identifier. + * + * @param key The specific identifier of the session-data object * @param clazz The class type which is stored with this key * @return The session-data object or null if no data is found with this key */ <T> T getGenericDataFromSession(String key, Class<T> clazz); /** - * Store a generic data-object to session with a specific identifier - * - * @param key Identifier for this data-object - * @param object Generic data-object which should be stored. This data-object had to be implement - * the 'java.io.Serializable' interface - * @throws EaafStorageException Error message if the data-object can not stored to generic - * session-data storage + * Store a generic data-object to session with a specific identifier. + * + * @param key Identifier for this data-object + * @param object Generic data-object which should be stored. This data-object + * had to be implement the 'java.io.Serializable' interface + * @throws EaafStorageException Error message if the data-object can not stored + * to generic session-data storage */ void setGenericDataToSession(String key, Object object) throws EaafStorageException; } diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/data/IIdentityLink.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/data/IIdentityLink.java index b37d41e3..74c82181 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/data/IIdentityLink.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/data/IIdentityLink.java @@ -1,4 +1,4 @@ -/******************************************************************************* +/* * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology. * @@ -11,15 +11,12 @@ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express * or implied. See the Licence for the specific language governing permissions and limitations under * the Licence. - * + * * This product combines work with different licenses. See the "NOTICE" text file for details on the * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative * works that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -/******************************************************************************* - *******************************************************************************/ -/******************************************************************************* - *******************************************************************************/ +*/ + package at.gv.egiz.eaaf.core.api.idp.auth.data; import java.io.IOException; @@ -30,6 +27,8 @@ import javax.xml.transform.TransformerException; import org.w3c.dom.Element; /** + * Deprecated IdentityLink interface. + * * @author tlenz * */ @@ -37,38 +36,39 @@ public interface IIdentityLink { /** * Returns the dateOfBirth. - * + * * @return Calendar */ String getDateOfBirth(); /** * Returns the familyName. - * + * * @return String */ String getFamilyName(); /** * Returns the givenName. - * + * * @return String */ String getGivenName(); /** * Return the name as 'givenName + " " + familyName'<br> - * This method should be used any more. Use getFamilyName() and getGivenName() separately. - * + * This method should be used any more. Use getFamilyName() and getGivenName() + * separately. + * * @return The name. */ @Deprecated String getName(); /** - * Returns the identificationValue. <code>"identificationValue"</code> is the translation of - * <code>"Stammzahl"</code>. - * + * Returns the identificationValue. <code>"identificationValue"</code> is the + * translation of <code>"Stammzahl"</code>. + * * @return String */ String getIdentificationValue(); @@ -76,106 +76,106 @@ public interface IIdentityLink { /** * Returns the identificationType. <code>"identificationType"</code> type of the * identificationValue in the IdentityLink. - * + * * @return String */ String getIdentificationType(); /** * Sets the dateOfBirth. - * + * * @param dateOfBirth The dateOfBirth to set */ void setDateOfBirth(String dateOfBirth); /** * Sets the familyName. - * + * * @param familyName The familyName to set */ void setFamilyName(String familyName); /** * Sets the givenName. - * + * * @param givenName The givenName to set */ void setGivenName(String givenName); /** - * Sets the identificationValue. <code>"identificationValue"</code> is the translation of - * <code>"Stammzahl"</code>. - * + * Sets the identificationValue. <code>"identificationValue"</code> is the + * translation of <code>"Stammzahl"</code>. + * * @param identificationValue The identificationValue to set */ void setIdentificationValue(String identificationValue); /** * Sets the Type of the identificationValue. - * + * * @param identificationType The type of identificationValue to set */ void setIdentificationType(String identificationType); /** * Returns the samlAssertion. - * + * * @return Element */ Element getSamlAssertion(); /** * Returns the samlAssertion. - * + * * @return Element */ String getSerializedSamlAssertion(); /** * Sets the samlAssertion and the serializedSamlAssertion. - * + * * @param samlAssertion The samlAssertion to set */ void setSamlAssertion(Element samlAssertion) throws TransformerException, IOException; /** * Returns the dsigReferenceTransforms. - * + * * @return Element[] */ Element[] getDsigReferenceTransforms(); /** * Sets the dsigReferenceTransforms. - * + * * @param dsigReferenceTransforms The dsigReferenceTransforms to set */ void setDsigReferenceTransforms(Element[] dsigReferenceTransforms); /** * Returns the publicKey. - * + * * @return PublicKey[] */ PublicKey[] getPublicKey(); /** * Sets the publicKey. - * + * * @param publicKey The publicKey to set */ void setPublicKey(PublicKey[] publicKey); /** * Returns the prPerson. - * + * * @return Element */ Element getPrPerson(); /** * Sets the prPerson. - * + * * @param prPerson The prPerson to set */ void setPrPerson(Element prPerson); diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/modules/AuthModule.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/modules/AuthModule.java index e74bed63..54a50920 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/modules/AuthModule.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/modules/AuthModule.java @@ -23,37 +23,42 @@ import at.gv.egiz.eaaf.core.api.IRequest; import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; /** - * Provides metadata of a certain module. Uses for module discovery and process selection. + * Provides metadata of a certain module. Uses for module discovery and process + * selection. */ public interface AuthModule { /** - * Returns the priority of the module. The priority defines the order of the respective module - * within the chain of discovered modules. Higher priorized modules are asked before lower - * priorized modules for a process that they can handle. + * Returns the priority of the module. The priority defines the order of the + * respective module within the chain of discovered modules. Higher priorized + * modules are asked before lower priorized modules for a process that they can + * handle. * <p/> - * Internal default modules are priorized neutral ({@code 0}. Use a higher priority - * ({@code 1...Integer.MAX_VALUE}) in order to have your module(s) priorized or a lower priority - * ({@code Integer.MIN_VALUE...-1}) in order to put your modules behind default modules. + * Internal default modules are priorized neutral ({@code 0}. Use a higher + * priority ({@code 1...Integer.MAX_VALUE}) in order to have your module(s) + * priorized or a lower priority ({@code Integer.MIN_VALUE...-1}) in order to + * put your modules behind default modules. * * @return the priority of the module. */ int getPriority(); /** - * Selects a process (description), referenced by its unique id, which is able to perform - * authentication with the given {@link ExecutionContext}. Returns {@code null} if no appropriate - * process (description) was available within this module. + * Selects a process (description), referenced by its unique id, which is able + * to perform authentication with the given {@link ExecutionContext}. Returns + * {@code null} if no appropriate process (description) was available within + * this module. * - * @param context an ExecutionContext for a process. + * @param context an ExecutionContext for a process. * @param pendingReq the current processed pending request - * @return the process-ID of a process which is able to work with the given ExecutionContext, or - * {@code null}. + * @return the process-ID of a process which is able to work with the given + * ExecutionContext, or {@code null}. */ String selectProcess(ExecutionContext context, IRequest pendingReq); /** - * Returns the an Array of {@link ProcessDefinition}s of the processes included in this module. + * Returns the an Array of {@link ProcessDefinition}s of the processes included + * in this module. * * @return an array of resource uris of the processes included in this module. */ diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/services/IProtocolAuthenticationService.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/services/IProtocolAuthenticationService.java index e817720b..86d15d5b 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/services/IProtocolAuthenticationService.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/services/IProtocolAuthenticationService.java @@ -20,8 +20,10 @@ package at.gv.egiz.eaaf.core.api.idp.auth.services; import java.io.IOException; + import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; + import at.gv.egiz.eaaf.core.api.IRequest; import at.gv.egiz.eaaf.core.api.logging.IStatisticLogger; import at.gv.egiz.eaaf.core.exceptions.EaafException; @@ -33,14 +35,13 @@ public interface IProtocolAuthenticationService { String PARAM_GUI_ERRORCODEPARAMS = "errorParams"; String PARAM_GUI_ERRORSTACKTRACE = "stacktrace"; - /** * Initialize an authentication process for this protocol request. * - * @param httpReq HttpServletRequest - * @param httpResp HttpServletResponse + * @param httpReq HttpServletRequest + * @param httpResp HttpServletResponse * @param pendingReq Authentication request which is actually in process - * @throws IOException In case of a communication error + * @throws IOException In case of a communication error * @throws EaafException In case of an application error */ void performAuthentication(HttpServletRequest httpReq, HttpServletResponse httpResp, IRequest pendingReq) @@ -49,10 +50,11 @@ public interface IProtocolAuthenticationService { /** * Finalize the requested protocol operation. * - * @param httpReq HttpServletRequest - * @param httpResp HttpServletResponse + * @param httpReq HttpServletRequest + * @param httpResp HttpServletResponse * @param pendingReq Authentication request which is actually in process - * @throws IOException If response can not be written into {@link HttpServletResponse} + * @throws IOException If response can not be written into + * {@link HttpServletResponse} * @throws EaafException If an internal error occur */ void finalizeAuthentication(HttpServletRequest httpReq, HttpServletResponse httpResp, IRequest pendingReq) @@ -61,26 +63,30 @@ public interface IProtocolAuthenticationService { /** * Build protocol-specific error message. * - * @param throwable Exception that should be handled - * @param req Current open http request as {@link HttpServletRequest} - * @param resp Current open http response as {@link HttpServletResponse} + * @param throwable Exception that should be handled + * @param req Current open http request as {@link HttpServletRequest} + * @param resp Current open http response as {@link HttpServletResponse} * @param pendingReq Authentication request which is actually in process - * @throws IOException If response can not be written into {@link HttpServletResponse} + * @throws IOException If response can not be written into + * {@link HttpServletResponse} * @throws EaafException If an internal error occur */ - void buildProtocolSpecificErrorResponse(Throwable throwable, HttpServletRequest req, - HttpServletResponse resp, IRequest pendingReq) throws IOException, EaafException; + void buildProtocolSpecificErrorResponse(Throwable throwable, HttpServletRequest req, HttpServletResponse resp, + IRequest pendingReq) throws IOException, EaafException; /** - * Handles all exceptions with no pending request. Therefore, the error is written to the users - * browser + * Handles all exceptions with no pending request. Therefore, the error is + * written to the users browser * - * @param throwable Exception that should be handled - * @param req Current open http request as {@link HttpServletRequest} - * @param resp Current open http response as {@link HttpServletResponse} - * @param writeExceptionToStatisticLog if <code>true</code>, the exception get logged into - * {@link IStatisticLogger} - * @throws IOException If response can not be written into {@link HttpServletResponse} + * @param throwable Exception that should be handled + * @param req Current open http request as + * {@link HttpServletRequest} + * @param resp Current open http response as + * {@link HttpServletResponse} + * @param writeExceptionToStatisticLog if <code>true</code>, the exception get + * logged into {@link IStatisticLogger} + * @throws IOException If response can not be written into + * {@link HttpServletResponse} * @throws EaafException If an internal error occure */ void handleErrorNoRedirect(Throwable throwable, HttpServletRequest req, HttpServletResponse resp, diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/process/ExecutionContext.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/process/ExecutionContext.java index 3c2136aa..68584dc9 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/process/ExecutionContext.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/process/ExecutionContext.java @@ -31,7 +31,8 @@ import java.util.Set; public interface ExecutionContext extends Serializable { /** - * Flag that indicates that a Task canceled the current {@link ExecutionContext}. + * Flag that indicates that a Task canceled the current + * {@link ExecutionContext}. * * @return true if the process-flow was marked as canceled, otherwise false */ @@ -41,7 +42,8 @@ public interface ExecutionContext extends Serializable { * Mark this {@link ExecutionContext} as cancelled. * * <p> - * The process-flow engine will stop execution when the task that sets this flag is finished + * The process-flow engine will stop execution when the task that sets this flag + * is finished * </p> */ void setCanceleProcessFlag(); @@ -63,26 +65,29 @@ public interface ExecutionContext extends Serializable { /** * Stores a serializable object using {@code key}. * - * @param key The key under that the {@code object} should be stored. + * @param key The key under that the {@code object} should be stored. * @param object The object to be stored. */ void put(String key, Serializable object); /** - * Returns an serializable object stored within this process context using {@code key}. + * Returns an serializable object stored within this process context using + * {@code key}. * - * @param key The key that has been used to store the serializable object (may be {@code null}). - * @return The object or {@code null} in case the key does not relate to a stored object or the - * stored object itself was {@code null}. + * @param key The key that has been used to store the serializable object (may + * be {@code null}). + * @return The object or {@code null} in case the key does not relate to a + * stored object or the stored object itself was {@code null}. */ Serializable get(String key); /** * Removes the object stored using {@code key}. * - * @param key The key that has been used to store the serializable object (may be {@code null}). - * @return The object that has been removed or {@code null} there was no object stored using - * {@code key}. + * @param key The key that has been used to store the serializable object (may + * be {@code null}). + * @return The object that has been removed or {@code null} there was no object + * stored using {@code key}. */ Serializable remove(String key); diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/slo/ISloInformationContainer.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/slo/ISloInformationContainer.java index 9d72d877..9338da43 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/slo/ISloInformationContainer.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/slo/ISloInformationContainer.java @@ -24,6 +24,7 @@ import java.util.Iterator; import java.util.List; import java.util.Map.Entry; import java.util.Set; + import at.gv.egiz.eaaf.core.api.IRequest; /** diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/slo/SloInformationInterface.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/slo/SloInformationInterface.java index e956c07f..79fb18e3 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/slo/SloInformationInterface.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/slo/SloInformationInterface.java @@ -27,7 +27,6 @@ package at.gv.egiz.eaaf.core.api.idp.slo; */ public interface SloInformationInterface { - /** * get AssertionID which was used for Service Provider Single LogOut request. * @@ -42,7 +41,6 @@ public interface SloInformationInterface { */ String getUserNameIdentifier(); - /** * get protocol type which was used for authentication. * @@ -76,5 +74,4 @@ public interface SloInformationInterface { void setSessionIndex(String sessionIndex); - } diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/logging/IRevisionLogger.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/logging/IRevisionLogger.java index ac5bd45a..9a32e27b 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/logging/IRevisionLogger.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/logging/IRevisionLogger.java @@ -20,15 +20,14 @@ package at.gv.egiz.eaaf.core.api.logging; import at.gv.egiz.eaaf.core.api.IRequest; -import at.gv.egiz.eaaf.core.api.idp.IspConfiguration; +import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration; public interface IRevisionLogger { - // TODO: int AUTHPROTOCOL_TYPE = 3000; - void logEvent(IspConfiguration oaConfig, int eventCode, String message); + void logEvent(ISpConfiguration oaConfig, int eventCode, String message); void logEvent(IRequest pendingRequest, int eventCode); @@ -38,26 +37,26 @@ public interface IRevisionLogger { * Log event. * * @param eventCode EventCode to Log - * @param message Message + * @param message Message */ void logEvent(int eventCode, String message); /** * Log event. * - * @param sessionID Id of this session + * @param sessionID Id of this session * @param transactionID Id of this trasaction - * @param eventCode EventCode to Log - * @param message Message + * @param eventCode EventCode to Log + * @param message Message */ void logEvent(String sessionID, String transactionID, int eventCode, String message); /** * Log event. * - * @param sessionID Id of this session + * @param sessionID Id of this session * @param transactionID Id of this trasaction - * @param eventCode EventCode to Log + * @param eventCode EventCode to Log */ void logEvent(String sessionID, String transactionID, int eventCode); diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/logging/IStatisticLogger.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/logging/IStatisticLogger.java index 7ccbb8a7..d190038a 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/logging/IStatisticLogger.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/logging/IStatisticLogger.java @@ -22,12 +22,9 @@ package at.gv.egiz.eaaf.core.api.logging; import at.gv.egiz.eaaf.core.api.IRequest; import at.gv.egiz.eaaf.core.api.idp.IAuthData; - - public interface IStatisticLogger { - void logSuccessOperation(IRequest protocolRequest, IAuthData authData, - boolean isSsoSession); + void logSuccessOperation(IRequest protocolRequest, IAuthData authData, boolean isSsoSession); void logErrorOperation(Throwable throwable); diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/storage/ITransactionStorage.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/storage/ITransactionStorage.java index 15215b3e..754ff9ac 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/storage/ITransactionStorage.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/storage/ITransactionStorage.java @@ -21,8 +21,10 @@ package at.gv.egiz.eaaf.core.api.storage; import java.util.Date; import java.util.List; + import javax.annotation.Nonnull; import javax.annotation.Nullable; + import at.gv.egiz.eaaf.core.exceptions.EaafException; import at.gv.egiz.eaaf.core.exceptions.EaafStorageException; @@ -45,10 +47,11 @@ public interface ITransactionStorage { /** * Store a data object with a key to transaction storage. * - * @param key Id which identifiers the data object - * @param value Data object which should be stored. This data must implement the - * <code>java.io.Serializable</code> interface - * @param timeoutMs Defines the period of time a data object is kept within the storage + * @param key Id which identifiers the data object + * @param value Data object which should be stored. This data must implement + * the <code>java.io.Serializable</code> interface + * @param timeoutMs Defines the period of time a data object is kept within the + * storage * @throws EaafStorageException In case of store operation failed */ void put(String key, Object value, int timeoutMs) throws EaafException; @@ -65,7 +68,7 @@ public interface ITransactionStorage { /** * Get a data object from transaction storage. * - * @param key Id which identifiers the data object + * @param key Id which identifiers the data object * @param clazz The class type which is stored with this key * @return The transaction-data object from type class, or null * @throws EaafStorageException In case of load operation failed @@ -75,21 +78,20 @@ public interface ITransactionStorage { /** * Get a data object from transaction storage. * - * @param key Id which identifiers the data object - * @param clazz The class type which is stored with this key + * @param key Id which identifiers the data object + * @param clazz The class type which is stored with this key * @param dataTimeOut Data-object timeout in [ms] * @return The transaction-data object from type class, or null * @throws EaafStorageException In case of load operation failed */ <T> T get(String key, final Class<T> clazz, long dataTimeOut) throws EaafException; - /** * Change the key of a data object and store it under the new key. * * @param oldKey Old key of the data object * @param newKey New key, which should be used to store the data object - * @param value Data object which should be stored + * @param value Data object which should be stored * @throws EaafStorageException In case of store operation failed */ void changeKey(String oldKey, String newKey, Object value) throws EaafException; @@ -104,13 +106,12 @@ public interface ITransactionStorage { /** * Get all entries for Clean-up the transaction storage. * - * @param now Current time + * @param now Current time * @param dataTimeOut Data-object timeout in [ms] * @return List of entry-keys which as a timeout */ List<String> clean(Date now, long dataTimeOut); - /** * Get a raw object from storage by using this key. * @@ -121,15 +122,13 @@ public interface ITransactionStorage { @Nullable Object getRaw(String key) throws EaafException; - /** * Set a raw object to storage. * - * @param key Storagekey + * @param key Storagekey * @param element Object to store * @throws EaafException In case of a storage error */ void putRaw(@Nonnull String key, @Nonnull Object element) throws EaafException; - } diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/utils/IPendingRequestIdGenerationStrategy.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/utils/IPendingRequestIdGenerationStrategy.java index 31a61216..d5dc8aca 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/utils/IPendingRequestIdGenerationStrategy.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/utils/IPendingRequestIdGenerationStrategy.java @@ -2,6 +2,7 @@ package at.gv.egiz.eaaf.core.api.utils; import javax.annotation.Nonnull; import javax.annotation.Nullable; + import at.gv.egiz.eaaf.core.exceptions.EaafException; import at.gv.egiz.eaaf.core.exceptions.PendingReqIdValidationException; @@ -11,7 +12,7 @@ public interface IPendingRequestIdGenerationStrategy { * Generate a new external pending-request id. * * @return TransactionToken that can be used for pendingRequests - * @throws EaafException In case of a token generation error + * @throws EaafException In case of a token generation error */ @Nonnull String generateExternalPendingRequestId() throws EaafException; @@ -24,8 +25,7 @@ public interface IPendingRequestIdGenerationStrategy { * @throws PendingReqIdValidationException In case of a token validation error */ @Nonnull - String validateAndGetPendingRequestId(@Nullable String pendingReqId) - throws PendingReqIdValidationException; + String validateAndGetPendingRequestId(@Nullable String pendingReqId) throws PendingReqIdValidationException; /** * Get the internal pendingReqId without any validation. @@ -35,8 +35,6 @@ public interface IPendingRequestIdGenerationStrategy { * @throws PendingReqIdValidationException In case of token processing error */ @Nonnull - String getPendingRequestIdWithOutChecks(@Nullable String externalPendingReqId) - throws PendingReqIdValidationException; - + String getPendingRequestIdWithOutChecks(@Nullable String externalPendingReqId) throws PendingReqIdValidationException; } diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/exceptions/AttributeBuilderException.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/exceptions/AttributeBuilderException.java index 2a96490b..e98ffca0 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/exceptions/AttributeBuilderException.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/exceptions/AttributeBuilderException.java @@ -24,7 +24,7 @@ public class AttributeBuilderException extends EaafIdpException { private static final long serialVersionUID = 1L; public AttributeBuilderException(final String attrName) { - super("builder.12", new Object[] {attrName}); + super("builder.12", new Object[] { attrName }); } } diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/exceptions/AttributePolicyException.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/exceptions/AttributePolicyException.java index abbe56aa..a91d7520 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/exceptions/AttributePolicyException.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/exceptions/AttributePolicyException.java @@ -17,7 +17,6 @@ * works that you distribute must include a readable copy of the "NOTICE" text file. */ - package at.gv.egiz.eaaf.core.exceptions; public class AttributePolicyException extends AttributeBuilderException { diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/exceptions/AuthnRequestValidatorException.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/exceptions/AuthnRequestValidatorException.java index 32ad97b7..b30363fa 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/exceptions/AuthnRequestValidatorException.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/exceptions/AuthnRequestValidatorException.java @@ -39,8 +39,7 @@ public class AuthnRequestValidatorException extends EaafProtocolException { } - public AuthnRequestValidatorException(final String internalMsgId, final Object[] params, - final Throwable e) { + public AuthnRequestValidatorException(final String internalMsgId, final Object[] params, final Throwable e) { super(internalMsgId, params, e); } @@ -49,8 +48,8 @@ public class AuthnRequestValidatorException extends EaafProtocolException { * Protocol validation error. * * @param internalMsgId Internal error-code - * @param params Message parameters - * @param errorRequest Pending-Request that generates the error + * @param params Message parameters + * @param errorRequest Pending-Request that generates the error */ public AuthnRequestValidatorException(final String internalMsgId, final Object[] params, final IRequest errorRequest) { @@ -60,15 +59,15 @@ public class AuthnRequestValidatorException extends EaafProtocolException { } /** - * Protocol validation error. + * Protocol validation error. * * @param internalMsgId Internal error-code - * @param params Message parameters - * @param errorRequest Pending-Request that generates the error - * @param e error + * @param params Message parameters + * @param errorRequest Pending-Request that generates the error + * @param e error */ - public AuthnRequestValidatorException(final String internalMsgId, final Object[] params, - final IRequest errorRequest, final Throwable e) { + public AuthnRequestValidatorException(final String internalMsgId, final Object[] params, final IRequest errorRequest, + final Throwable e) { super(internalMsgId, params, e); this.errorRequest = errorRequest; @@ -91,8 +90,4 @@ public class AuthnRequestValidatorException extends EaafProtocolException { this.statusCodeValue = statusCodeValue; } - - - - } diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/exceptions/EaafAuthenticationException.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/exceptions/EaafAuthenticationException.java index 7dbf0a5d..22c8a8ca 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/exceptions/EaafAuthenticationException.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/exceptions/EaafAuthenticationException.java @@ -21,8 +21,6 @@ package at.gv.egiz.eaaf.core.exceptions; public class EaafAuthenticationException extends EaafException { - - private static final long serialVersionUID = -4793625336456467005L; public EaafAuthenticationException(final String internalMsgId, final Object[] params) { diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/exceptions/EaafBuilderException.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/exceptions/EaafBuilderException.java index 39b26f38..70e75e87 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/exceptions/EaafBuilderException.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/exceptions/EaafBuilderException.java @@ -22,7 +22,7 @@ package at.gv.egiz.eaaf.core.exceptions; public class EaafBuilderException extends EaafException { private static final long serialVersionUID = 1L; - private String msg; + private final String msg; public EaafBuilderException(final String errorId, final Object[] params, final String msg) { super(errorId, params); @@ -33,7 +33,7 @@ public class EaafBuilderException extends EaafException { super(errorId, objects, ex); this.msg = message; } - + public String getDetailMessage() { return this.msg; } diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/exceptions/EaafConfigurationException.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/exceptions/EaafConfigurationException.java index c40dc2a4..7ae749a1 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/exceptions/EaafConfigurationException.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/exceptions/EaafConfigurationException.java @@ -11,7 +11,7 @@ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express * or implied. See the Licence for the specific language governing permissions and limitations under * the Licence. - * + * * This product combines work with different licenses. See the "NOTICE" text file for details on the * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative * works that you distribute must include a readable copy of the "NOTICE" text file. @@ -21,7 +21,6 @@ package at.gv.egiz.eaaf.core.exceptions; public class EaafConfigurationException extends EaafException { - private static final long serialVersionUID = 1L; public EaafConfigurationException(final String msg, final Object[] params) { diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/exceptions/EaafException.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/exceptions/EaafException.java index 89011a87..351c6bbe 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/exceptions/EaafException.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/exceptions/EaafException.java @@ -20,7 +20,9 @@ package at.gv.egiz.eaaf.core.exceptions; import java.util.Arrays; + import javax.annotation.Nullable; + import at.gv.egiz.eaaf.core.impl.logging.LogMessageProviderFactory; public class EaafException extends Exception { @@ -38,8 +40,9 @@ public class EaafException extends Exception { /** * Generic processing-error in EAAF framework. * - * @param errorId Internal error-code that is also used to generate i18n messages - * @param params Message parameters + * @param errorId Internal error-code that is also used to generate i18n + * messages + * @param params Message parameters */ public EaafException(final String errorId, final Object[] params) { super(LogMessageProviderFactory.getMessager().getMessage(errorId, params)); @@ -48,13 +51,13 @@ public class EaafException extends Exception { } - /** * Generic processing-error in EAAF framework. * - * @param errorId Internal error-code that is also used to generate i18n messages - * @param params Message parameters - * @param e Exception + * @param errorId Internal error-code that is also used to generate i18n + * messages + * @param params Message parameters + * @param e Exception */ public EaafException(final String errorId, final Object[] params, final Throwable e) { super(LogMessageProviderFactory.getMessager().getMessage(errorId, params), e); diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/exceptions/EaafIdpException.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/exceptions/EaafIdpException.java index 234a6971..52f9abbb 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/exceptions/EaafIdpException.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/exceptions/EaafIdpException.java @@ -11,7 +11,7 @@ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express * or implied. See the Licence for the specific language governing permissions and limitations under * the Licence. - * + * * This product combines work with different licenses. See the "NOTICE" text file for details on the * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative * works that you distribute must include a readable copy of the "NOTICE" text file. diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/exceptions/EaafIllegalStateException.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/exceptions/EaafIllegalStateException.java index 09414cab..34544a95 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/exceptions/EaafIllegalStateException.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/exceptions/EaafIllegalStateException.java @@ -11,7 +11,7 @@ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express * or implied. See the Licence for the specific language governing permissions and limitations under * the Licence. - * + * * This product combines work with different licenses. See the "NOTICE" text file for details on the * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative * works that you distribute must include a readable copy of the "NOTICE" text file. diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/exceptions/EaafJsonMapperException.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/exceptions/EaafJsonMapperException.java index 0d24cb3a..331a9551 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/exceptions/EaafJsonMapperException.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/exceptions/EaafJsonMapperException.java @@ -2,15 +2,14 @@ package at.gv.egiz.eaaf.core.exceptions; public class EaafJsonMapperException extends EaafParserException { - private static final long serialVersionUID = 2278865064672630267L; public EaafJsonMapperException(final String reason) { - super("parser.03", new Object[] {reason}); + super("parser.03", new Object[] { reason }); } public EaafJsonMapperException(final String reason, final Throwable ex) { - super("parser.03", new Object[] {reason}, ex); + super("parser.03", new Object[] { reason }, ex); } } diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/exceptions/EaafProtocolException.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/exceptions/EaafProtocolException.java index 1aab2e55..d5d73608 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/exceptions/EaafProtocolException.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/exceptions/EaafProtocolException.java @@ -11,7 +11,7 @@ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express * or implied. See the Licence for the specific language governing permissions and limitations under * the Licence. - * + * * This product combines work with different licenses. See the "NOTICE" text file for details on the * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative * works that you distribute must include a readable copy of the "NOTICE" text file. diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/exceptions/EaafServiceException.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/exceptions/EaafServiceException.java index 2d26a8bf..7ba10d54 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/exceptions/EaafServiceException.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/exceptions/EaafServiceException.java @@ -24,6 +24,4 @@ public abstract class EaafServiceException extends EaafException { @Nonnull protected abstract String getServiceIdentifier(); - - } diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/exceptions/EaafStorageException.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/exceptions/EaafStorageException.java index 1df2e5dc..990e7108 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/exceptions/EaafStorageException.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/exceptions/EaafStorageException.java @@ -11,7 +11,7 @@ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express * or implied. See the Licence for the specific language governing permissions and limitations under * the Licence. - * + * * This product combines work with different licenses. See the "NOTICE" text file for details on the * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative * works that you distribute must include a readable copy of the "NOTICE" text file. @@ -24,12 +24,11 @@ public class EaafStorageException extends EaafException { private static final long serialVersionUID = 1L; public EaafStorageException(final String msg) { - super("internal.02", new Object[] {msg}); + super("internal.02", new Object[] { msg }); } public EaafStorageException(final String msg, final Throwable e) { - super("internal.02", new Object[] {msg}, e); + super("internal.02", new Object[] { msg }, e); } - } diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/exceptions/InvalidDateFormatAttributeException.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/exceptions/InvalidDateFormatAttributeException.java index 9ae02e07..aeddeaac 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/exceptions/InvalidDateFormatAttributeException.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/exceptions/InvalidDateFormatAttributeException.java @@ -27,6 +27,4 @@ public class InvalidDateFormatAttributeException extends AttributeBuilderExcepti super("Date format is invalid."); } - - } diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/exceptions/InvalidProtocolRequestException.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/exceptions/InvalidProtocolRequestException.java index 2d1847af..1a0437ab 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/exceptions/InvalidProtocolRequestException.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/exceptions/InvalidProtocolRequestException.java @@ -19,7 +19,6 @@ package at.gv.egiz.eaaf.core.exceptions; - public class InvalidProtocolRequestException extends EaafProtocolException { private static final long serialVersionUID = -7866198705324084601L; diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/exceptions/PendingReqIdValidationException.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/exceptions/PendingReqIdValidationException.java index 124881c2..ddc051b0 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/exceptions/PendingReqIdValidationException.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/exceptions/PendingReqIdValidationException.java @@ -1,7 +1,7 @@ package at.gv.egiz.eaaf.core.exceptions; - import javax.annotation.Nonnull; + import at.gv.egiz.eaaf.core.api.IRequest; public class PendingReqIdValidationException extends EaafException { @@ -15,11 +15,10 @@ public class PendingReqIdValidationException extends EaafException { * Pending-Request Id validation error. * * @param internalPendingReqId Internal Pending-Request Id - * @param reason error-message + * @param reason error-message */ - public PendingReqIdValidationException(final String internalPendingReqId, - @Nonnull final String reason) { - super("process.99", new Object[] {internalPendingReqId, reason}); + public PendingReqIdValidationException(final String internalPendingReqId, @Nonnull final String reason) { + super("process.99", new Object[] { internalPendingReqId, reason }); this.invalidInternalPendingReqId = internalPendingReqId; } @@ -28,12 +27,12 @@ public class PendingReqIdValidationException extends EaafException { * Pending-Request Id validation error. * * @param internalPendingReqId Internal Pending-Request Id - * @param reason error-message - * @param e error + * @param reason error-message + * @param e error */ - public PendingReqIdValidationException(final String internalPendingReqId, - @Nonnull final String reason, final Throwable e) { - super("process.99", new Object[] {internalPendingReqId, reason}, e); + public PendingReqIdValidationException(final String internalPendingReqId, @Nonnull final String reason, + final Throwable e) { + super("process.99", new Object[] { internalPendingReqId, reason }, e); this.invalidInternalPendingReqId = internalPendingReqId; } @@ -46,7 +45,6 @@ public class PendingReqIdValidationException extends EaafException { return invalidPendingReq; } - /** * Get the internal invalid pending-request id. * @@ -61,6 +59,4 @@ public class PendingReqIdValidationException extends EaafException { } - - } diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/exceptions/ProcessExecutionException.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/exceptions/ProcessExecutionException.java index d24a438d..8d97ada5 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/exceptions/ProcessExecutionException.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/exceptions/ProcessExecutionException.java @@ -30,18 +30,19 @@ public class ProcessExecutionException extends Exception { private static final long serialVersionUID = 1L; /** - * Creates a new process execution exception providing a {@code message} describing the reason and - * the respective {@code cause}. + * Creates a new process execution exception providing a {@code message} + * describing the reason and the respective {@code cause}. * * @param message The message. - * @param cause The cause. + * @param cause The cause. */ public ProcessExecutionException(final String message, final Throwable cause) { super(message, cause); } /** - * Creates a new process execution exception providing a {@code message} describing the reason. + * Creates a new process execution exception providing a {@code message} + * describing the reason. * * @param message The message. */ diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/exceptions/TaskExecutionException.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/exceptions/TaskExecutionException.java index 61149691..deccb6f0 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/exceptions/TaskExecutionException.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/exceptions/TaskExecutionException.java @@ -37,11 +37,10 @@ public class TaskExecutionException extends ProcessExecutionException { * Task execution error. * * @param pendingReq Current processed pending-request - * @param message error message - * @param cause error reason + * @param message error message + * @param cause error reason */ - public TaskExecutionException(final IRequest pendingReq, final String message, - final Throwable cause) { + public TaskExecutionException(final IRequest pendingReq, final String message, final Throwable cause) { super(message, cause); this.originalException = cause; @@ -62,7 +61,8 @@ public class TaskExecutionException extends ProcessExecutionException { } /** - * Get the pending-request ID of that request, which was processed when the exception occurs. + * Get the pending-request ID of that request, which was processed when the + * exception occurs. * * @return the pendingRequestID */ @@ -70,6 +70,4 @@ public class TaskExecutionException extends ProcessExecutionException { return pendingRequestID; } - - } diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/exceptions/UnavailableAttributeException.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/exceptions/UnavailableAttributeException.java index 5bc0880b..2bec2d2b 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/exceptions/UnavailableAttributeException.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/exceptions/UnavailableAttributeException.java @@ -21,7 +21,6 @@ package at.gv.egiz.eaaf.core.exceptions; public class UnavailableAttributeException extends AttributeBuilderException { - private static final long serialVersionUID = -1114323185905118432L; private final String attributeName; diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/exceptions/XPathException.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/exceptions/XPathException.java index d3c41994..b20efe3d 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/exceptions/XPathException.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/exceptions/XPathException.java @@ -17,8 +17,6 @@ * works that you distribute must include a readable copy of the "NOTICE" text file. */ - - package at.gv.egiz.eaaf.core.exceptions; import java.io.PrintStream; diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/impl/data/Pair.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/impl/data/Pair.java index 48a35cb7..01116d75 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/impl/data/Pair.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/impl/data/Pair.java @@ -1,4 +1,4 @@ -/******************************************************************************* +/* * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology. * @@ -15,7 +15,7 @@ * This product combines work with different licenses. See the "NOTICE" text file for details on the * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative * works that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ + */ package at.gv.egiz.eaaf.core.impl.data; diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/impl/data/Trible.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/impl/data/Trible.java index 597f0d1e..8fd3dd12 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/impl/data/Trible.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/impl/data/Trible.java @@ -1,4 +1,4 @@ -/******************************************************************************* +/* * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology. * @@ -11,15 +11,12 @@ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express * or implied. See the Licence for the specific language governing permissions and limitations under * the Licence. - * + * * This product combines work with different licenses. See the "NOTICE" text file for details on the * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative * works that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -/******************************************************************************* - *******************************************************************************/ -/******************************************************************************* - *******************************************************************************/ +*/ + package at.gv.egiz.eaaf.core.impl.data; public class Trible<P1, P2, P3> { @@ -45,8 +42,7 @@ public class Trible<P1, P2, P3> { return this.third; } - public static <P1, P2, P3> Trible<P1, P2, P3> newInstance(final P1 newFirst, final P2 newSecond, - final P3 newThird) { + public static <P1, P2, P3> Trible<P1, P2, P3> newInstance(final P1 newFirst, final P2 newSecond, final P3 newThird) { return new Trible<>(newFirst, newSecond, newThird); } } diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/impl/logging/DummyStatusMessager.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/impl/logging/DummyStatusMessager.java index 6cb6d5e4..dd3701b3 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/impl/logging/DummyStatusMessager.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/impl/logging/DummyStatusMessager.java @@ -20,6 +20,7 @@ package at.gv.egiz.eaaf.core.impl.logging; import java.util.Arrays; + import at.gv.egiz.eaaf.core.api.IStatusMessenger; public class DummyStatusMessager implements IStatusMessenger { @@ -37,7 +38,6 @@ public class DummyStatusMessager implements IStatusMessenger { } - @Override public String getResponseErrorCode(final Throwable throwable) { return "No StatusMessager-Backend available!"; @@ -50,5 +50,4 @@ public class DummyStatusMessager implements IStatusMessenger { } - } diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/impl/logging/LogMessageProviderFactory.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/impl/logging/LogMessageProviderFactory.java index a768b1d2..ed0de0ca 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/impl/logging/LogMessageProviderFactory.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/impl/logging/LogMessageProviderFactory.java @@ -19,12 +19,14 @@ package at.gv.egiz.eaaf.core.impl.logging; -import at.gv.egiz.eaaf.core.api.IStatusMessenger; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import at.gv.egiz.eaaf.core.api.IStatusMessenger; + /** - * Static Holder to get Spring-based messenger-implementation in non-Spring applications-code. + * Static Holder to get Spring-based messenger-implementation in non-Spring + * applications-code. * * @author tlenz * diff --git a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/utils/DataUrlBuilder.java b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/utils/DataUrlBuilder.java index a72e07dd..8090585f 100644 --- a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/utils/DataUrlBuilder.java +++ b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/utils/DataUrlBuilder.java @@ -20,7 +20,7 @@ package at.gv.egiz.eaaf.core.impl.utils; import org.apache.commons.lang3.StringUtils; -import at.gv.egiz.eaaf.core.api.data.EAAFConstants; +import at.gv.egiz.eaaf.core.api.data.EaafConstants; /** * Builds a DataURL parameter meant for the security layer implementation to respond to. @@ -62,7 +62,7 @@ public class DataUrlBuilder { if (StringUtils.isNotEmpty(pendingReqId)) { dataUrl = - addParameter(dataUrl, EAAFConstants.PARAM_HTTP_TARGET_PENDINGREQUESTID, pendingReqId); + addParameter(dataUrl, EaafConstants.PARAM_HTTP_TARGET_PENDINGREQUESTID, pendingReqId); } return dataUrl; diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/AbstractSL20AuthenticationModulImpl.java b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/AbstractSL20AuthenticationModulImpl.java index 1a88c43b..e9932ae8 100644 --- a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/AbstractSL20AuthenticationModulImpl.java +++ b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/AbstractSL20AuthenticationModulImpl.java @@ -2,19 +2,21 @@ package at.gv.egiz.eaaf.modules.auth.sl20; import java.util.Arrays; import java.util.List; + import javax.annotation.PostConstruct; + +import org.apache.commons.lang3.StringUtils; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.beans.factory.annotation.Autowired; + import at.gv.egiz.eaaf.core.api.IRequest; import at.gv.egiz.eaaf.core.api.idp.IConfiguration; -import at.gv.egiz.eaaf.core.api.idp.IspConfiguration; +import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration; import at.gv.egiz.eaaf.core.api.idp.auth.modules.AuthModule; import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; import at.gv.egiz.eaaf.core.impl.idp.auth.AbstractAuthenticationManager; import at.gv.egiz.eaaf.modules.auth.sl20.utils.SL20Constants; -import org.apache.commons.lang3.StringUtils; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.springframework.beans.factory.annotation.Autowired; - /** * AuthModule to select a Securtiy-Layer 2.0 based authentication process. @@ -23,8 +25,7 @@ import org.springframework.beans.factory.annotation.Autowired; * */ public abstract class AbstractSL20AuthenticationModulImpl implements AuthModule { - private static final Logger log = - LoggerFactory.getLogger(AbstractSL20AuthenticationModulImpl.class); + private static final Logger log = LoggerFactory.getLogger(AbstractSL20AuthenticationModulImpl.class); private int priority = 3; public static final List<String> VDA_TYPE_IDS = Arrays.asList("1", "2", "3", "4"); @@ -56,17 +57,15 @@ public abstract class AbstractSL20AuthenticationModulImpl implements AuthModule } - /* * (non-Javadoc) * - * @see - * at.gv.egovernment.moa.id.auth.modules.AuthModule#selectProcess(at.gv.egovernment.moa.id.process - * .api.ExecutionContext) + * @see at.gv.egovernment.moa.id.auth.modules.AuthModule#selectProcess(at.gv. + * egovernment.moa.id.process .api.ExecutionContext) */ @Override public String selectProcess(final ExecutionContext context, final IRequest pendingReq) { - final IspConfiguration spConfig = pendingReq.getServiceProviderConfiguration(); + final ISpConfiguration spConfig = pendingReq.getServiceProviderConfiguration(); if (spConfig == null) { log.error("Suspect state. NO SP CONFIGURATION IN CONTEXT!"); @@ -74,17 +73,13 @@ public abstract class AbstractSL20AuthenticationModulImpl implements AuthModule } - final String sl20ClientTypeHeader = - (String) context.get(SL20Constants.HTTP_HEADER_SL20_CLIENT_TYPE.toLowerCase()); - final String sl20VdaTypeHeader = - (String) context.get(SL20Constants.HTTP_HEADER_SL20_VDA_TYPE.toLowerCase()); + final String sl20ClientTypeHeader = (String) context.get(SL20Constants.HTTP_HEADER_SL20_CLIENT_TYPE.toLowerCase()); + final String sl20VdaTypeHeader = (String) context.get(SL20Constants.HTTP_HEADER_SL20_VDA_TYPE.toLowerCase()); if (authConfig.getBasicConfigurationBoolean(getGeneralConfigPropertyNameEnableModule(), getGeneralConfigPropertyNameEnableModuleDefault())) { - if (StringUtils - .isNotEmpty(spConfig.getConfigurationValue(getSpConfigPropertyNameEnableModule())) - && Boolean - .valueOf(spConfig.getConfigurationValue(getSpConfigPropertyNameEnableModule()))) { + if (StringUtils.isNotEmpty(spConfig.getConfigurationValue(getSpConfigPropertyNameEnableModule())) + && Boolean.valueOf(spConfig.getConfigurationValue(getSpConfigPropertyNameEnableModule()))) { log.debug("SL2.0 is enabled for " + spConfig.getUniqueIdentifier()); log.trace(SL20Constants.HTTP_HEADER_SL20_CLIENT_TYPE + ": " + sl20ClientTypeHeader); log.trace(SL20Constants.HTTP_HEADER_SL20_VDA_TYPE + ": " + sl20VdaTypeHeader); @@ -97,8 +92,7 @@ public abstract class AbstractSL20AuthenticationModulImpl implements AuthModule } } else { - log.trace("SL2.0 is NOT enabled with property: {}", - getGeneralConfigPropertyNameEnableModule()); + log.trace("SL2.0 is NOT enabled with property: {}", getGeneralConfigPropertyNameEnableModule()); return null; } @@ -106,22 +100,24 @@ public abstract class AbstractSL20AuthenticationModulImpl implements AuthModule } /** - * Get the general configuration-key that holds the enabled key for this authentication module. + * Get the general configuration-key that holds the enabled key for this + * authentication module. * * @return */ public abstract String getGeneralConfigPropertyNameEnableModule(); /** - * Get the default value of the general configuration-key that holds the enabled key for this - * authentication module. + * Get the default value of the general configuration-key that holds the enabled + * key for this authentication module. * * @return */ public abstract boolean getGeneralConfigPropertyNameEnableModuleDefault(); /** - * Get the SP specific configuration-key that holds the enabled key for this authentication module. + * Get the SP specific configuration-key that holds the enabled key for this + * authentication module. * * @return configuration key for SP configuration */ diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/Constants.java b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/Constants.java index a8460911..f607f8cb 100644 --- a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/Constants.java +++ b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/Constants.java @@ -3,44 +3,38 @@ package at.gv.egiz.eaaf.modules.auth.sl20; public class Constants { public static final String CONFIG_PROP_PREFIX = "modules.sl20"; - public static final String CONFIG_PROP_VDA_ENDPOINT_QUALeID = - CONFIG_PROP_PREFIX + ".vda.urls.qualeID."; + public static final String CONFIG_PROP_VDA_ENDPOINT_QUALeID = CONFIG_PROP_PREFIX + ".vda.urls.qualeID."; - public static final String CONFIG_PROP_VDA_AUTHBLOCK_TRANSFORMATION_ID = - CONFIG_PROP_PREFIX + ".vda.authblock.transformation.id"; - public static final String CONFIG_PROP_SECURITY_KEYSTORE_PATH = - CONFIG_PROP_PREFIX + ".security.keystore.path"; - public static final String CONFIG_PROP_SECURITY_KEYSTORE_PASSWORD = - CONFIG_PROP_PREFIX + ".security.keystore.password"; - public static final String CONFIG_PROP_SECURITY_KEYSTORE_KEY_SIGN_ALIAS = - CONFIG_PROP_PREFIX + ".security.sign.alias"; - public static final String CONFIG_PROP_SECURITY_KEYSTORE_KEY_SIGN_PASSWORD = - CONFIG_PROP_PREFIX + ".security.sign.password"; - public static final String CONFIG_PROP_SECURITY_KEYSTORE_KEY_ENCRYPTION_ALIAS = - CONFIG_PROP_PREFIX + ".security.encryption.alias"; - public static final String CONFIG_PROP_SECURITY_KEYSTORE_KEY_ENCRYPTION_PASSWORD = - CONFIG_PROP_PREFIX + ".security.encryption.password"; + public static final String CONFIG_PROP_VDA_AUTHBLOCK_TRANSFORMATION_ID = CONFIG_PROP_PREFIX + + ".vda.authblock.transformation.id"; + public static final String CONFIG_PROP_SECURITY_KEYSTORE_PATH = CONFIG_PROP_PREFIX + ".security.keystore.path"; + public static final String CONFIG_PROP_SECURITY_KEYSTORE_PASSWORD = CONFIG_PROP_PREFIX + + ".security.keystore.password"; + public static final String CONFIG_PROP_SECURITY_KEYSTORE_KEY_SIGN_ALIAS = CONFIG_PROP_PREFIX + ".security.sign.alias"; + public static final String CONFIG_PROP_SECURITY_KEYSTORE_KEY_SIGN_PASSWORD = CONFIG_PROP_PREFIX + + ".security.sign.password"; + public static final String CONFIG_PROP_SECURITY_KEYSTORE_KEY_ENCRYPTION_ALIAS = CONFIG_PROP_PREFIX + + ".security.encryption.alias"; + public static final String CONFIG_PROP_SECURITY_KEYSTORE_KEY_ENCRYPTION_PASSWORD = CONFIG_PROP_PREFIX + + ".security.encryption.password"; public static final String CONFIG_PROP_VDA_ENDPOINT_QUALeID_DEFAULT_ELEMENT = "default"; - public static final String CONFIG_PROP_VDA_ENDPOINT_QUALeID_DEFAULT = - CONFIG_PROP_VDA_ENDPOINT_QUALeID + CONFIG_PROP_VDA_ENDPOINT_QUALeID_DEFAULT_ELEMENT; - public static final String CONFIG_PROP_VDA_ENDPOINT_QUALeID_LIST = - CONFIG_PROP_VDA_ENDPOINT_QUALeID + "list"; + public static final String CONFIG_PROP_VDA_ENDPOINT_QUALeID_DEFAULT = CONFIG_PROP_VDA_ENDPOINT_QUALeID + + CONFIG_PROP_VDA_ENDPOINT_QUALeID_DEFAULT_ELEMENT; + public static final String CONFIG_PROP_VDA_ENDPOINT_QUALeID_LIST = CONFIG_PROP_VDA_ENDPOINT_QUALeID + "list"; public static final String CONFIG_PROP_SP_LIST = CONFIG_PROP_PREFIX + ".sp.entityIds."; - public static final String CONFIG_PROP_DISABLE_EID_VALIDATION = - CONFIG_PROP_PREFIX + ".security.eID.validation.disable"; - public static final String CONFIG_PROP_ENABLE_EID_ENCRYPTION = - CONFIG_PROP_PREFIX + ".security.eID.encryption.enabled"; - public static final String CONFIG_PROP_FORCE_EID_ENCRYPTION = - CONFIG_PROP_PREFIX + ".security.eID.encryption.required"; - public static final String CONFIG_PROP_FORCE_EID_SIGNED_RESULT = - CONFIG_PROP_PREFIX + ".security.eID.signed.result.required"; + public static final String CONFIG_PROP_DISABLE_EID_VALIDATION = CONFIG_PROP_PREFIX + + ".security.eID.validation.disable"; + public static final String CONFIG_PROP_ENABLE_EID_ENCRYPTION = CONFIG_PROP_PREFIX + + ".security.eID.encryption.enabled"; + public static final String CONFIG_PROP_FORCE_EID_ENCRYPTION = CONFIG_PROP_PREFIX + + ".security.eID.encryption.required"; + public static final String CONFIG_PROP_FORCE_EID_SIGNED_RESULT = CONFIG_PROP_PREFIX + + ".security.eID.signed.result.required"; - public static final String CONFIG_PROP_IPC_RETURN_URL = - CONFIG_PROP_PREFIX + ".testing.ipc.return.url"; - public static final String CONFIG_PROP_HTTP_REDIRECT_CODE = - CONFIG_PROP_PREFIX + ".testing.redirect.http.code"; + public static final String CONFIG_PROP_IPC_RETURN_URL = CONFIG_PROP_PREFIX + ".testing.ipc.return.url"; + public static final String CONFIG_PROP_HTTP_REDIRECT_CODE = CONFIG_PROP_PREFIX + ".testing.redirect.http.code"; public static final String CONFIG_PROP_HTTP_REDIRECT_CODE_DEFAULT_VALUE = "303"; public static final String CONFIG_PROP_SP_ENABLE_SL20_AUTHENTICATION = "auth.sl20.enabled"; @@ -51,25 +45,23 @@ public class Constants { /** * Only dummy data for development!!!!!!. */ - public static final String DUMMY_SIGNING_CERT = - "MIIC9zCCAd8CBFretWcwDQYJKoZIhvcNAQEOBQAwQDELMAkGA1UEBhMCQVQxDTAL\n" - + "BgNVBAoMBEVHSVoxIjAgBgNVBAMMGW93biBkdW1teSBtZXRhZGF0YSBzaWduZXIw\n" - + "HhcNMTgwNDI0MDQ0MTExWhcNMjEwMTE3MDQ0MTExWjBAMQswCQYDVQQGEwJBVDEN\n" - + "MAsGA1UECgwERUdJWjEiMCAGA1UEAwwZb3duIGR1bW15IG1ldGFkYXRhIHNpZ25l\n" - + "cjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJvN3l1pjzlnmoW5trHH\n" - + "Rb1s60QtGNp2v1nfMg1R6h7SzygtmO869v5bqrVBBVGmujslr7W8cZ2DLmJoQx1N\n" - + "WwhccjXTHpNPw0B70qHGch2uRNkqkizSOlwth0Ll2DJtzxTolbajYdg+xppXScUq\n" - + "WNlNZndauPSnB2CESgNkaUou4x4YVSDInugAtLvdLx8rf2YcuidI6UIXxeSZr3VO\n" - + "Z12YtddzcJ+lwh7OX8B0UvLsdYjKjefjEudyuNBmVwLv4K2LsFhSqgE1CAzk3oCb\n" - + "V2A84klaWVPiXoBiOucyouvX781WVp1aCBp0QA8gpJH7/2wRsdPQ90tjMzM7dcgY\n" - + "LDkCAwEAATANBgkqhkiG9w0BAQ4FAAOCAQEAQuYRQcCNLDYU1ItliYz9f28+KDyU\n" - + "8WjF3NDZrlJbGSKQ4n7wkBfxdK3zprmpHadWDB+aZaPt/+voE2FduzPiLUDlpazN\n" - + "60JJ5/YHZ3q9MZvdoNg6rjkpioWatoj/smUkT6oUWL/gp8tH12fOd2oJygBqXMve\n" - + "3y3qVCghnjRaMYuXcScTZcjH9yebkTLygirtw34oGVb7t+HwbtcN65fUIBly6Rcl\n" - + "8NV3pwOKhXFKDAqXUpvhebL4+tWOqPdqfIfGaE6rELfTf3icGY3CQCzDz5Gp0Ptc\n" - + "TfQqm64xnhtAruXNJXWg2ptg+GuQgWnJUgQ8wLNMxw9XdeEwlQo5dL6xmg=="; + public static final String DUMMY_SIGNING_CERT = "MIIC9zCCAd8CBFretWcwDQYJKoZIhvcNAQEOBQAwQDELMAkGA1UEBhMCQVQxDTAL\n" + + "BgNVBAoMBEVHSVoxIjAgBgNVBAMMGW93biBkdW1teSBtZXRhZGF0YSBzaWduZXIw\n" + + "HhcNMTgwNDI0MDQ0MTExWhcNMjEwMTE3MDQ0MTExWjBAMQswCQYDVQQGEwJBVDEN\n" + + "MAsGA1UECgwERUdJWjEiMCAGA1UEAwwZb3duIGR1bW15IG1ldGFkYXRhIHNpZ25l\n" + + "cjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJvN3l1pjzlnmoW5trHH\n" + + "Rb1s60QtGNp2v1nfMg1R6h7SzygtmO869v5bqrVBBVGmujslr7W8cZ2DLmJoQx1N\n" + + "WwhccjXTHpNPw0B70qHGch2uRNkqkizSOlwth0Ll2DJtzxTolbajYdg+xppXScUq\n" + + "WNlNZndauPSnB2CESgNkaUou4x4YVSDInugAtLvdLx8rf2YcuidI6UIXxeSZr3VO\n" + + "Z12YtddzcJ+lwh7OX8B0UvLsdYjKjefjEudyuNBmVwLv4K2LsFhSqgE1CAzk3oCb\n" + + "V2A84klaWVPiXoBiOucyouvX781WVp1aCBp0QA8gpJH7/2wRsdPQ90tjMzM7dcgY\n" + + "LDkCAwEAATANBgkqhkiG9w0BAQ4FAAOCAQEAQuYRQcCNLDYU1ItliYz9f28+KDyU\n" + + "8WjF3NDZrlJbGSKQ4n7wkBfxdK3zprmpHadWDB+aZaPt/+voE2FduzPiLUDlpazN\n" + + "60JJ5/YHZ3q9MZvdoNg6rjkpioWatoj/smUkT6oUWL/gp8tH12fOd2oJygBqXMve\n" + + "3y3qVCghnjRaMYuXcScTZcjH9yebkTLygirtw34oGVb7t+HwbtcN65fUIBly6Rcl\n" + + "8NV3pwOKhXFKDAqXUpvhebL4+tWOqPdqfIfGaE6rELfTf3icGY3CQCzDz5Gp0Ptc\n" + + "TfQqm64xnhtAruXNJXWg2ptg+GuQgWnJUgQ8wLNMxw9XdeEwlQo5dL6xmg=="; - public static final String DUMMY_SIGNING_CERT_FINGERPRINT = - "IwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJvN3l1pjzlnmoW"; + public static final String DUMMY_SIGNING_CERT_FINGERPRINT = "IwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJvN3l1pjzlnmoW"; } diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/data/VerificationResult.java b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/data/VerificationResult.java index 7ca4ea87..bb0c41d7 100644 --- a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/data/VerificationResult.java +++ b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/data/VerificationResult.java @@ -16,8 +16,15 @@ public class VerificationResult { } - public VerificationResult(final JsonNode string, final List<X509Certificate> certs, final boolean wasValidSigned) { - this.payload = string; + /** + * JWS signature verification-result container. + * + * @param payload JWS payload + * @param certs JWS signercertificate + * @param wasValidSigned true if signature was valid + */ + public VerificationResult(final JsonNode payload, final List<X509Certificate> certs, final boolean wasValidSigned) { + this.payload = payload; this.certs = certs; this.validSigned = wasValidSigned; @@ -35,6 +42,4 @@ public class VerificationResult { return payload; } - - } diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/exceptions/SL20SecurityException.java b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/exceptions/SL20SecurityException.java index c751f2c2..62abdeb8 100644 --- a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/exceptions/SL20SecurityException.java +++ b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/exceptions/SL20SecurityException.java @@ -9,7 +9,7 @@ public class SL20SecurityException extends SL20Exception { } public SL20SecurityException(final String parameter) { - super("sl20.05", new Object[] {parameter}); + super("sl20.05", new Object[] { parameter }); } public SL20SecurityException(final Object[] parameters, final Throwable wrapped) { diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/exceptions/SlCommandoBuildException.java b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/exceptions/SlCommandoBuildException.java index bed1cdb0..361f57b7 100644 --- a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/exceptions/SlCommandoBuildException.java +++ b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/exceptions/SlCommandoBuildException.java @@ -4,14 +4,13 @@ public class SlCommandoBuildException extends SL20Exception { private static final long serialVersionUID = 1L; - public SlCommandoBuildException(final String msg) { - super("sl20.01", new Object[] {msg}); + super("sl20.01", new Object[] { msg }); } public SlCommandoBuildException(final String msg, final Throwable e) { - super("sl20.01", new Object[] {msg}, e); + super("sl20.01", new Object[] { msg }, e); } } diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/exceptions/SlCommandoParserException.java b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/exceptions/SlCommandoParserException.java index dab42631..4993796a 100644 --- a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/exceptions/SlCommandoParserException.java +++ b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/exceptions/SlCommandoParserException.java @@ -4,14 +4,13 @@ public class SlCommandoParserException extends SL20Exception { private static final long serialVersionUID = 1L; - public SlCommandoParserException(final String msg) { - super("sl20.02", new Object[] {msg}); + super("sl20.02", new Object[] { msg }); } public SlCommandoParserException(final String msg, final Throwable e) { - super("sl20.02", new Object[] {msg}, e); + super("sl20.02", new Object[] { msg }, e); } } diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/tasks/AbstractCreateQualEidRequestTask.java b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/tasks/AbstractCreateQualEidRequestTask.java index 518f0d24..d1887d5c 100644 --- a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/tasks/AbstractCreateQualEidRequestTask.java +++ b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/tasks/AbstractCreateQualEidRequestTask.java @@ -4,10 +4,27 @@ import java.security.cert.CertificateEncodingException; import java.util.ArrayList; import java.util.List; import java.util.Map; + import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; + +import org.apache.commons.lang3.StringUtils; +import org.apache.http.HttpResponse; +import org.apache.http.NameValuePair; +import org.apache.http.client.entity.UrlEncodedFormEntity; +import org.apache.http.client.methods.HttpPost; +import org.apache.http.client.utils.URIBuilder; +import org.apache.http.message.BasicNameValuePair; +import org.jose4j.base64url.Base64Url; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.beans.factory.annotation.Autowired; + +import com.fasterxml.jackson.databind.JsonNode; +import com.fasterxml.jackson.databind.node.ObjectNode; + import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP; -import at.gv.egiz.eaaf.core.api.idp.IspConfiguration; +import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration; import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; import at.gv.egiz.eaaf.core.exceptions.EaafAuthenticationException; import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException; @@ -23,21 +40,8 @@ import at.gv.egiz.eaaf.modules.auth.sl20.exceptions.SL20Exception; import at.gv.egiz.eaaf.modules.auth.sl20.exceptions.SlCommandoParserException; import at.gv.egiz.eaaf.modules.auth.sl20.utils.SL20Constants; import at.gv.egiz.eaaf.modules.auth.sl20.utils.SL20HttpBindingUtils; -import at.gv.egiz.eaaf.modules.auth.sl20.utils.SL20JsonExtractorUtils; import at.gv.egiz.eaaf.modules.auth.sl20.utils.SL20JsonBuilderUtils; -import org.apache.commons.lang3.StringUtils; -import org.apache.http.HttpResponse; -import org.apache.http.NameValuePair; -import org.apache.http.client.entity.UrlEncodedFormEntity; -import org.apache.http.client.methods.HttpPost; -import org.apache.http.client.utils.URIBuilder; -import org.apache.http.message.BasicNameValuePair; -import org.jose4j.base64url.Base64Url; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.springframework.beans.factory.annotation.Autowired; -import com.fasterxml.jackson.databind.JsonNode; -import com.fasterxml.jackson.databind.node.ObjectNode; +import at.gv.egiz.eaaf.modules.auth.sl20.utils.SL20JsonExtractorUtils; public abstract class AbstractCreateQualEidRequestTask extends AbstractAuthServletTask { private static final Logger log = LoggerFactory.getLogger(AbstractCreateQualEidRequestTask.class); @@ -57,7 +61,7 @@ public abstract class AbstractCreateQualEidRequestTask extends AbstractAuthServl try { // get service-provider configuration - final IspConfiguration oaConfig = pendingReq.getServiceProviderConfiguration(); + final ISpConfiguration oaConfig = pendingReq.getServiceProviderConfiguration(); if (oaConfig == null) { log.warn("No SP configuration in pendingReq!"); @@ -68,16 +72,14 @@ public abstract class AbstractCreateQualEidRequestTask extends AbstractAuthServl // get basic configuration parameters final String vdaQualEidDUrl = extractVdaUrlForSpecificOa(oaConfig, executionContext); if (StringUtils.isEmpty(vdaQualEidDUrl)) { - log.error("NO VDA URL for qualified eID (" - + Constants.CONFIG_PROP_VDA_ENDPOINT_QUALeID_DEFAULT + ")"); - throw new SL20Exception("sl20.03", new Object[] {"NO VDA URL for qualified eID"}); + log.error("NO VDA URL for qualified eID (" + Constants.CONFIG_PROP_VDA_ENDPOINT_QUALeID_DEFAULT + ")"); + throw new SL20Exception("sl20.03", new Object[] { "NO VDA URL for qualified eID" }); } log.debug("Use {} as VDA end-point", vdaQualEidDUrl); pendingReq.setRawDataToTransaction( - Constants.PENDING_REQ_STORAGE_PREFIX + SL20Constants.SL20_COMMAND_PARAM_EID_RESULT_CCSURL, - vdaQualEidDUrl); + Constants.PENDING_REQ_STORAGE_PREFIX + SL20Constants.SL20_COMMAND_PARAM_EID_RESULT_CCSURL, vdaQualEidDUrl); revisionsLogger.logEvent(pendingReq, EventCodes.AUTHPROCESS_SL20_ENDPOINT_URL, vdaQualEidDUrl); // create SL2.0 command for qualified eID @@ -85,8 +87,8 @@ public abstract class AbstractCreateQualEidRequestTask extends AbstractAuthServl // build request container final String qualEidReqId = Random.nextProcessReferenceValue(); - final ObjectNode sl20Req = - SL20JsonBuilderUtils.createGenericRequest(qualEidReqId, null, null, signedQualEidCommand); + final ObjectNode sl20Req = SL20JsonBuilderUtils.createGenericRequest(qualEidReqId, null, null, + signedQualEidCommand); // build http POST request final HttpPost httpReq = new HttpPost(new URIBuilder(vdaQualEidDUrl).build()); @@ -102,8 +104,7 @@ public abstract class AbstractCreateQualEidRequestTask extends AbstractAuthServl // HttpGet httpReq = new HttpGet(sl20ReqUri.build()); // set native client header - httpReq.addHeader(SL20Constants.HTTP_HEADER_SL20_CLIENT_TYPE, - SL20Constants.HTTP_HEADER_VALUE_NATIVE); + httpReq.addHeader(SL20Constants.HTTP_HEADER_SL20_CLIENT_TYPE, SL20Constants.HTTP_HEADER_VALUE_NATIVE); log.trace("Request VDA via SL20 with: " + Base64Url.encode(sl20Req.toString().getBytes("UTF-8"))); @@ -113,8 +114,7 @@ public abstract class AbstractCreateQualEidRequestTask extends AbstractAuthServl // parse response log.info("Receive response from VDA ... "); final JsonNode sl20Resp = SL20JsonExtractorUtils.getSL20ContainerFromResponse(httpResp); - final VerificationResult respPayloadContainer = - SL20JsonExtractorUtils.extractSL20PayLoad(sl20Resp, null, false); + final VerificationResult respPayloadContainer = SL20JsonExtractorUtils.extractSL20PayLoad(sl20Resp, null, false); if (respPayloadContainer.isValidSigned() == null) { log.debug("Receive unsigned payLoad from VDA"); @@ -136,28 +136,27 @@ public abstract class AbstractCreateQualEidRequestTask extends AbstractAuthServl // create forward SL2.0 command final ObjectNode sl20Forward = sl20Resp.deepCopy(); - SL20JsonBuilderUtils.addOnlyOnceOfTwo(sl20Forward, SL20Constants.SL20_PAYLOAD, - SL20Constants.SL20_SIGNEDPAYLOAD, command.deepCopy(), signedCommand); + SL20JsonBuilderUtils.addOnlyOnceOfTwo(sl20Forward, SL20Constants.SL20_PAYLOAD, SL20Constants.SL20_SIGNEDPAYLOAD, + command.deepCopy(), signedCommand); // store pending request - pendingReq.setRawDataToTransaction( - Constants.PENDING_REQ_STORAGE_PREFIX + SL20Constants.SL20_REQID, qualEidReqId); + pendingReq.setRawDataToTransaction(Constants.PENDING_REQ_STORAGE_PREFIX + SL20Constants.SL20_REQID, + qualEidReqId); requestStoreage.storePendingRequest(pendingReq); // forward SL2.0 command // TODO: maybe add SL2ClientType Header from execution context SL20HttpBindingUtils.writeIntoResponse(request, response, sl20Forward, redirectUrl, - Integer - .parseInt(authConfig.getBasicConfiguration(Constants.CONFIG_PROP_HTTP_REDIRECT_CODE, - Constants.CONFIG_PROP_HTTP_REDIRECT_CODE_DEFAULT_VALUE))); + Integer.parseInt(authConfig.getBasicConfiguration(Constants.CONFIG_PROP_HTTP_REDIRECT_CODE, + Constants.CONFIG_PROP_HTTP_REDIRECT_CODE_DEFAULT_VALUE))); } else if (respPayload.get(SL20Constants.SL20_COMMAND_CONTAINER_NAME).asText() .equals(SL20Constants.SL20_COMMAND_IDENTIFIER_ERROR)) { JsonNode result = SL20JsonExtractorUtils.getJsonObjectValue(respPayload, SL20Constants.SL20_COMMAND_CONTAINER_RESULT, false); if (result == null) { - result = SL20JsonExtractorUtils.getJsonObjectValue(respPayload, - SL20Constants.SL20_COMMAND_CONTAINER_PARAMS, false); + result = SL20JsonExtractorUtils.getJsonObjectValue(respPayload, SL20Constants.SL20_COMMAND_CONTAINER_PARAMS, + false); } final String errorCode = SL20JsonExtractorUtils.getStringValue(result, @@ -166,21 +165,18 @@ public abstract class AbstractCreateQualEidRequestTask extends AbstractAuthServl SL20Constants.SL20_COMMAND_PARAM_GENERAL_RESPONSE_ERRORMESSAGE, true); log.info("Receive SL2.0 error. Code:" + errorCode + " Msg:" + errorMsg); - throw new SL20Exception("sl20.08", new Object[] {errorCode, errorMsg}); + throw new SL20Exception("sl20.08", new Object[] { errorCode, errorMsg }); } else { // TODO: update to add error handling - log.warn("Received an unrecognized command: " - + respPayload.get(SL20Constants.SL20_COMMAND_CONTAINER_NAME).asText()); - throw new SlCommandoParserException( - "Received an unrecognized command: " - + respPayload.get(SL20Constants.SL20_COMMAND_CONTAINER_NAME).toString()); + log.warn( + "Received an unrecognized command: " + respPayload.get(SL20Constants.SL20_COMMAND_CONTAINER_NAME).asText()); + throw new SlCommandoParserException("Received an unrecognized command: " + + respPayload.get(SL20Constants.SL20_COMMAND_CONTAINER_NAME).toString()); } - } catch (final EaafAuthenticationException e) { - throw new TaskExecutionException(pendingReq, - "SL2.0 Authentication FAILED. Msg: " + e.getMessage(), e); + throw new TaskExecutionException(pendingReq, "SL2.0 Authentication FAILED. Msg: " + e.getMessage(), e); } catch (final Exception e) { log.warn("SL2.0 Authentication FAILED with a generic error.", e); @@ -201,18 +197,14 @@ public abstract class AbstractCreateQualEidRequestTask extends AbstractAuthServl * * @return signed JWT token as serialized {@link String} * @throws CertificateEncodingException In case of certificate parsing error - * @throws SL20Exception In case of a SL2.0 error + * @throws SL20Exception In case of a SL2.0 error */ - protected abstract String buildSignedQualifiedEidCommand() - throws CertificateEncodingException, SL20Exception; + protected abstract String buildSignedQualifiedEidCommand() throws CertificateEncodingException, SL20Exception; - - private String extractVdaUrlForSpecificOa(final IspConfiguration oaConfig, - final ExecutionContext executionContext) { + private String extractVdaUrlForSpecificOa(final ISpConfiguration oaConfig, final ExecutionContext executionContext) { // load SP specific config for development and testing purposes - final String spSpecificVdaEndpoints = - oaConfig.getConfigurationValue(Constants.CONFIG_PROP_SP_SL20_ENDPOINT_LIST); + final String spSpecificVdaEndpoints = oaConfig.getConfigurationValue(Constants.CONFIG_PROP_SP_SL20_ENDPOINT_LIST); // load general configuration final Map<String, String> endPointMap = authConfigWithSp @@ -220,8 +212,8 @@ public abstract class AbstractCreateQualEidRequestTask extends AbstractAuthServl endPointMap.put(Constants.CONFIG_PROP_VDA_ENDPOINT_QUALeID_DEFAULT_ELEMENT, authConfig.getBasicConfiguration(Constants.CONFIG_PROP_VDA_ENDPOINT_QUALeID_DEFAULT)); if (StringUtils.isNotEmpty(spSpecificVdaEndpoints)) { - endPointMap.putAll(KeyValueUtils.convertListToMap(KeyValueUtils - .getListOfCsvValues(KeyValueUtils.normalizeCsvValueString(spSpecificVdaEndpoints)))); + endPointMap.putAll(KeyValueUtils.convertListToMap( + KeyValueUtils.getListOfCsvValues(KeyValueUtils.normalizeCsvValueString(spSpecificVdaEndpoints)))); log.debug("Find OA specific SL2.0 endpoints. Updating endPoint list ... "); } @@ -229,8 +221,8 @@ public abstract class AbstractCreateQualEidRequestTask extends AbstractAuthServl log.trace("Find #" + endPointMap.size() + " SL2.0 endpoints ... "); // selection based on request Header - final String sl20VdaTypeHeader = - (String) executionContext.get(SL20Constants.HTTP_HEADER_SL20_VDA_TYPE.toLowerCase()); + final String sl20VdaTypeHeader = (String) executionContext + .get(SL20Constants.HTTP_HEADER_SL20_VDA_TYPE.toLowerCase()); if (StringUtils.isNotEmpty(sl20VdaTypeHeader)) { final String vdaUrl = endPointMap.get(sl20VdaTypeHeader); if (StringUtils.isNotEmpty(vdaUrl)) { @@ -241,7 +233,6 @@ public abstract class AbstractCreateQualEidRequestTask extends AbstractAuthServl } - log.info("NO specific VDA endpoint requested or found. Use default VDA"); return endPointMap.get(Constants.CONFIG_PROP_VDA_ENDPOINT_QUALeID_DEFAULT_ELEMENT); diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/tasks/AbstractReceiveQualEidTask.java b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/tasks/AbstractReceiveQualEidTask.java index 516a33b9..87dd6263 100644 --- a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/tasks/AbstractReceiveQualEidTask.java +++ b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/tasks/AbstractReceiveQualEidTask.java @@ -6,9 +6,23 @@ import java.net.URISyntaxException; import java.util.HashMap; import java.util.Map; import java.util.UUID; + import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import at.gv.egiz.eaaf.core.api.data.EAAFConstants; + +import org.apache.commons.lang3.StringUtils; +import org.apache.http.client.utils.URIBuilder; +import org.apache.http.entity.ContentType; +import org.jose4j.base64url.Base64Url; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.beans.factory.annotation.Autowired; + +import com.fasterxml.jackson.core.JsonParseException; +import com.fasterxml.jackson.databind.JsonNode; +import com.fasterxml.jackson.databind.node.ObjectNode; + +import at.gv.egiz.eaaf.core.api.data.EaafConstants; import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; import at.gv.egiz.eaaf.core.exceptions.EaafAuthenticationException; import at.gv.egiz.eaaf.core.exceptions.EaafStorageException; @@ -28,17 +42,6 @@ import at.gv.egiz.eaaf.modules.auth.sl20.utils.JsonMapper; import at.gv.egiz.eaaf.modules.auth.sl20.utils.SL20Constants; import at.gv.egiz.eaaf.modules.auth.sl20.utils.SL20JsonBuilderUtils; import at.gv.egiz.eaaf.modules.auth.sl20.utils.SL20JsonExtractorUtils; -import org.apache.commons.lang3.StringUtils; -import org.apache.http.client.utils.URIBuilder; -import org.apache.http.entity.ContentType; -import org.jose4j.base64url.Base64Url; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.springframework.beans.factory.annotation.Autowired; -import com.fasterxml.jackson.core.JsonParseException; -import com.fasterxml.jackson.databind.JsonNode; -import com.fasterxml.jackson.databind.node.ObjectNode; - public abstract class AbstractReceiveQualEidTask extends AbstractAuthServletTask { private static final Logger log = LoggerFactory.getLogger(AbstractReceiveQualEidTask.class); @@ -81,81 +84,69 @@ public abstract class AbstractReceiveQualEidTask extends AbstractAuthServletTask } log.trace("Received SL2.0 result: " + sl20Result); - revisionsLogger.logEvent(pendingReq, EventCodes.AUTHPROCESS_SL20_DATAURL_IP, - request.getRemoteAddr()); + revisionsLogger.logEvent(pendingReq, EventCodes.AUTHPROCESS_SL20_DATAURL_IP, request.getRemoteAddr()); // parse SL2.0 command/result into JSON try { - sl20ReqObj = - new JsonMapper().getMapper().readTree(Base64Url.decodeToUtf8String(sl20Result)); + sl20ReqObj = new JsonMapper().getMapper().readTree(Base64Url.decodeToUtf8String(sl20Result)); } catch (final JsonParseException e) { log.warn("SL2.0 command or result is NOT valid JSON.", e); log.debug("SL2.0 msg: " + sl20Result); - throw new SL20Exception("sl20.02", - new Object[] {"SL2.0 command or result is NOT valid JSON."}, e); + throw new SL20Exception("sl20.02", new Object[] { "SL2.0 command or result is NOT valid JSON." }, e); } // check on errorMessage - final VerificationResult payLoadContainerErrorCheck = - SL20JsonExtractorUtils.extractSL20PayLoad(sl20ReqObj, joseTools, false); + final VerificationResult payLoadContainerErrorCheck = SL20JsonExtractorUtils.extractSL20PayLoad(sl20ReqObj, + joseTools, false); if (SL20JsonExtractorUtils - .getStringValue(payLoadContainerErrorCheck.getPayload(), - SL20Constants.SL20_COMMAND_CONTAINER_NAME, true) + .getStringValue(payLoadContainerErrorCheck.getPayload(), SL20Constants.SL20_COMMAND_CONTAINER_NAME, true) .equals(SL20Constants.SL20_COMMAND_IDENTIFIER_ERROR)) { log.debug("Find " + SL20Constants.SL20_COMMAND_IDENTIFIER_ERROR + " result .... "); - final JsonNode errorResult = SL20JsonExtractorUtils - .extractSL20Result(payLoadContainerErrorCheck.getPayload(), joseTools, false); + final JsonNode errorResult = SL20JsonExtractorUtils.extractSL20Result(payLoadContainerErrorCheck.getPayload(), + joseTools, false); final String errorCode = SL20JsonExtractorUtils.getStringValue(errorResult, SL20Constants.SL20_COMMAND_PARAM_GENERAL_RESPONSE_ERRORCODE, true); final String errorMsg = SL20JsonExtractorUtils.getStringValue(errorResult, SL20Constants.SL20_COMMAND_PARAM_GENERAL_RESPONSE_ERRORMESSAGE, false); - log.info("Receiving errorcode: {} with msg: {} from VDA! Stopping auth-process ... ", - errorCode, errorMsg); + log.info("Receiving errorcode: {} with msg: {} from VDA! Stopping auth-process ... ", errorCode, errorMsg); // aTrustErrorWorkAround = true; - throw new SL20Exception("sl20.08", new Object[] {errorCode, errorMsg}); + throw new SL20Exception("sl20.08", new Object[] { errorCode, errorMsg }); } else { // Receive no error - To request validation // validate reqId with inResponseTo - final String sl20ReqId = pendingReq.getRawData( - Constants.PENDING_REQ_STORAGE_PREFIX + SL20Constants.SL20_REQID, String.class); - final String inRespTo = - SL20JsonExtractorUtils.getStringValue(sl20ReqObj, SL20Constants.SL20_INRESPTO, true); + final String sl20ReqId = pendingReq + .getRawData(Constants.PENDING_REQ_STORAGE_PREFIX + SL20Constants.SL20_REQID, String.class); + final String inRespTo = SL20JsonExtractorUtils.getStringValue(sl20ReqObj, SL20Constants.SL20_INRESPTO, true); if (sl20ReqId == null || !sl20ReqId.equals(inRespTo)) { - log.info( - "SL20 'reqId': " + sl20ReqId + " does NOT match to 'inResponseTo':" + inRespTo); + log.info("SL20 'reqId': " + sl20ReqId + " does NOT match to 'inResponseTo':" + inRespTo); throw new SL20SecurityException( "SL20 'reqId': " + sl20ReqId + " does NOT match to 'inResponseTo':" + inRespTo); } - // validate signature - final VerificationResult payLoadContainer = SL20JsonExtractorUtils - .extractSL20PayLoad(sl20ReqObj, joseTools, authConfig.getBasicConfigurationBoolean( - Constants.CONFIG_PROP_FORCE_EID_SIGNED_RESULT, true)); + final VerificationResult payLoadContainer = SL20JsonExtractorUtils.extractSL20PayLoad(sl20ReqObj, joseTools, + authConfig.getBasicConfigurationBoolean(Constants.CONFIG_PROP_FORCE_EID_SIGNED_RESULT, true)); if (payLoadContainer.isValidSigned() == null || !payLoadContainer.isValidSigned()) { - if (authConfig.getBasicConfigurationBoolean( - Constants.CONFIG_PROP_FORCE_EID_SIGNED_RESULT, true)) { + if (authConfig.getBasicConfigurationBoolean(Constants.CONFIG_PROP_FORCE_EID_SIGNED_RESULT, true)) { log.info("SL20 result from VDA was not valid signed"); - throw new SL20SecurityException(new Object[] {"Signature on SL20 result NOT valid."}); + throw new SL20SecurityException(new Object[] { "Signature on SL20 result NOT valid." }); } else { - log.warn( - "SL20 result from VDA is NOT valid signed, but signatures-verification " + log.warn("SL20 result from VDA is NOT valid signed, but signatures-verification " + "is DISABLED by configuration!"); } } - + // extract payloaf final JsonNode payLoad = payLoadContainer.getPayload(); - // handle SL2.0 response payLoad handleResponsePayLoad(payLoad); @@ -168,8 +159,7 @@ public abstract class AbstractReceiveQualEidTask extends AbstractAuthServletTask } pendingReq.setRawDataToTransaction( Constants.PENDING_REQ_STORAGE_PREFIX + SL20Constants.SL20_COMMAND_IDENTIFIER_ERROR, - new TaskExecutionException(pendingReq, - "SL2.0 Authentication FAILED. Msg: " + e.getMessage(), e)); + new TaskExecutionException(pendingReq, "SL2.0 Authentication FAILED. Msg: " + e.getMessage(), e)); } catch (final Exception e) { log.warn("ERROR:", e); @@ -196,7 +186,8 @@ public abstract class AbstractReceiveQualEidTask extends AbstractAuthServletTask } } catch (final Exception e) { - // write internal server errror 500 according to SL2.0 specification, chapter https transport + // write internal server errror 500 according to SL2.0 specification, chapter + // https transport // binding log.warn("Can NOT build SL2.0 response. Reason: " + e.getMessage(), e); if (sl20Result != null) { @@ -228,9 +219,8 @@ public abstract class AbstractReceiveQualEidTask extends AbstractAuthServletTask final ObjectNode errorCommand = SL20JsonBuilderUtils .createCommandResponse(SL20Constants.SL20_COMMAND_IDENTIFIER_ERROR, error, null); - - final ObjectNode respContainer = SL20JsonBuilderUtils - .createGenericResponse(UUID.randomUUID().toString(), null, null, errorCommand, null); + final ObjectNode respContainer = SL20JsonBuilderUtils.createGenericResponse(UUID.randomUUID().toString(), null, + null, errorCommand, null); log.trace("SL20 response to VDA: " + respContainer); final StringWriter writer = new StringWriter(); @@ -247,37 +237,34 @@ public abstract class AbstractReceiveQualEidTask extends AbstractAuthServletTask final JsonNode sl20ReqObj) throws IOException, SL20Exception, URISyntaxException { // create response final Map<String, String> reqParameters = new HashMap<>(); - reqParameters.put(EAAFConstants.PARAM_HTTP_TARGET_PENDINGREQUESTID, - pendingReq.getPendingRequestId()); + reqParameters.put(EaafConstants.PARAM_HTTP_TARGET_PENDINGREQUESTID, pendingReq.getPendingRequestId()); final ObjectNode callReqParams = SL20JsonBuilderUtils.createCallCommandParameters( new DataUrlBuilder().buildDataUrl(pendingReq.getAuthUrl(), getResumeEndPoint(), null), SL20Constants.SL20_COMMAND_PARAM_GENERAL_CALL_METHOD_GET, false, reqParameters); - final ObjectNode callCommand = SL20JsonBuilderUtils - .createCommand(SL20Constants.SL20_COMMAND_IDENTIFIER_CALL, callReqParams); + final ObjectNode callCommand = SL20JsonBuilderUtils.createCommand(SL20Constants.SL20_COMMAND_IDENTIFIER_CALL, + callReqParams); // build first redirect command for app - final ObjectNode redirectOneParams = SL20JsonBuilderUtils.createRedirectCommandParameters( - generateIpcRedirectUrlForDebugging(), callCommand, null, true); + final ObjectNode redirectOneParams = SL20JsonBuilderUtils + .createRedirectCommandParameters(generateIpcRedirectUrlForDebugging(), callCommand, null, true); final ObjectNode redirectOneCommand = SL20JsonBuilderUtils .createCommand(SL20Constants.SL20_COMMAND_IDENTIFIER_REDIRECT, redirectOneParams); // build second redirect command for IDP - final ObjectNode redirectTwoParams = SL20JsonBuilderUtils.createRedirectCommandParameters( - new DataUrlBuilder().buildDataUrl(pendingReq.getAuthUrl(), getResumeEndPoint(), - pendingReq.getPendingRequestId()), + final ObjectNode redirectTwoParams = SL20JsonBuilderUtils.createRedirectCommandParameters(new DataUrlBuilder() + .buildDataUrl(pendingReq.getAuthUrl(), getResumeEndPoint(), pendingReq.getPendingRequestId()), redirectOneCommand, null, false); final ObjectNode redirectTwoCommand = SL20JsonBuilderUtils .createCommand(SL20Constants.SL20_COMMAND_IDENTIFIER_REDIRECT, redirectTwoParams); // build generic SL2.0 response container - final String transactionId = - SL20JsonExtractorUtils.getStringValue(sl20ReqObj, SL20Constants.SL20_TRANSACTIONID, false); - final ObjectNode respContainer = SL20JsonBuilderUtils.createGenericRequest( - UUID.randomUUID().toString(), transactionId, redirectTwoCommand, null); - - if (request.getHeader(SL20Constants.HTTP_HEADER_SL20_CLIENT_TYPE) != null - && request.getHeader(SL20Constants.HTTP_HEADER_SL20_CLIENT_TYPE) - .equals(SL20Constants.HTTP_HEADER_VALUE_NATIVE)) { + final String transactionId = SL20JsonExtractorUtils.getStringValue(sl20ReqObj, SL20Constants.SL20_TRANSACTIONID, + false); + final ObjectNode respContainer = SL20JsonBuilderUtils.createGenericRequest(UUID.randomUUID().toString(), + transactionId, redirectTwoCommand, null); + + if (request.getHeader(SL20Constants.HTTP_HEADER_SL20_CLIENT_TYPE) != null && request + .getHeader(SL20Constants.HTTP_HEADER_SL20_CLIENT_TYPE).equals(SL20Constants.HTTP_HEADER_VALUE_NATIVE)) { log.debug("Client request containts 'native client' header ... "); log.trace("SL20 response to VDA: " + respContainer); final StringWriter writer = new StringWriter(); @@ -288,21 +275,16 @@ public abstract class AbstractReceiveQualEidTask extends AbstractAuthServletTask response.setContentType(ContentType.APPLICATION_JSON.toString()); response.getOutputStream().write(content); - } else { - log.info("SL2.0 DataURL communication needs http header: '" - + SL20Constants.HTTP_HEADER_SL20_CLIENT_TYPE + "'"); + log.info("SL2.0 DataURL communication needs http header: '" + SL20Constants.HTTP_HEADER_SL20_CLIENT_TYPE + "'"); log.debug("Client request containts is no native client ... "); - final URIBuilder clientRedirectUri = - new URIBuilder(new DataUrlBuilder().buildDataUrl(pendingReq.getAuthUrl(), - getResumeEndPoint(), pendingReq.getPendingRequestId())); - response.setStatus(Integer - .parseInt(authConfig.getBasicConfiguration(Constants.CONFIG_PROP_HTTP_REDIRECT_CODE, - Constants.CONFIG_PROP_HTTP_REDIRECT_CODE_DEFAULT_VALUE))); + final URIBuilder clientRedirectUri = new URIBuilder(new DataUrlBuilder().buildDataUrl(pendingReq.getAuthUrl(), + getResumeEndPoint(), pendingReq.getPendingRequestId())); + response.setStatus(Integer.parseInt(authConfig.getBasicConfiguration(Constants.CONFIG_PROP_HTTP_REDIRECT_CODE, + Constants.CONFIG_PROP_HTTP_REDIRECT_CODE_DEFAULT_VALUE))); response.setHeader("Location", clientRedirectUri.build().toString()); - // throw new SL20Exception("sl20.06", // new Object[] {"SL2.0 DataURL communication needs http header: '" + // SL20Constants.HTTP_HEADER_SL20_CLIENT_TYPE + "'"}); @@ -317,15 +299,12 @@ public abstract class AbstractReceiveQualEidTask extends AbstractAuthServletTask */ private String generateIpcRedirectUrlForDebugging() { - - String ipcRedirectUrlConfig = - authConfig.getBasicConfiguration(Constants.CONFIG_PROP_IPC_RETURN_URL); + String ipcRedirectUrlConfig = authConfig.getBasicConfiguration(Constants.CONFIG_PROP_IPC_RETURN_URL); if (StringUtils.isNotEmpty(ipcRedirectUrlConfig)) { if (ipcRedirectUrlConfig.contains(PATTERN_PENDING_REQ_ID)) { log.trace("Find 'pendingReqId' pattern in IPC redirect URL. Update url ... "); ipcRedirectUrlConfig = ipcRedirectUrlConfig.replaceAll("#PENDINGREQID#", - EAAFConstants.PARAM_HTTP_TARGET_PENDINGREQUESTID + "=" - + pendingReq.getPendingRequestId()); + EaafConstants.PARAM_HTTP_TARGET_PENDINGREQUESTID + "=" + pendingReq.getPendingRequestId()); } @@ -336,5 +315,4 @@ public abstract class AbstractReceiveQualEidTask extends AbstractAuthServletTask } - } diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/IJoseTools.java b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/IJoseTools.java index 9d444802..6ee53a9d 100644 --- a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/IJoseTools.java +++ b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/IJoseTools.java @@ -5,14 +5,18 @@ import java.security.KeyStore; import java.security.KeyStoreException; import java.security.cert.X509Certificate; import java.util.List; + import javax.annotation.Nonnull; -import at.gv.egiz.eaaf.modules.auth.sl20.data.VerificationResult; -import at.gv.egiz.eaaf.modules.auth.sl20.exceptions.SL20Exception; -import at.gv.egiz.eaaf.modules.auth.sl20.exceptions.SlCommandoBuildException; + import org.jose4j.jwa.AlgorithmConstraints; import org.jose4j.lang.JoseException; + import com.fasterxml.jackson.databind.JsonNode; +import at.gv.egiz.eaaf.modules.auth.sl20.data.VerificationResult; +import at.gv.egiz.eaaf.modules.auth.sl20.exceptions.SL20Exception; +import at.gv.egiz.eaaf.modules.auth.sl20.exceptions.SlCommandoBuildException; + public interface IJoseTools { /** @@ -31,39 +35,36 @@ public interface IJoseTools { * @throws SL20Exception In case of a signature validation error */ @Nonnull - VerificationResult validateSignature(@Nonnull String serializedContent) - throws SL20Exception; + VerificationResult validateSignature(@Nonnull String serializedContent) throws SL20Exception; /** * Validate a JWS signature. * * @param serializedContent JWS in serialized form - * @param trustedCerts trusted X509 certificates - * @param constraints signature verification constraints + * @param trustedCerts trusted X509 certificates + * @param constraints signature verification constraints * @return Signature-verification result * @throws JoseException In case of a signature verification error - * @throws IOException In case of a general IO error + * @throws IOException In case of a general IO error */ @Nonnull - VerificationResult validateSignature(@Nonnull String serializedContent, - @Nonnull List<X509Certificate> trustedCerts, @Nonnull AlgorithmConstraints constraints) - throws JoseException, IOException; + VerificationResult validateSignature(@Nonnull String serializedContent, @Nonnull List<X509Certificate> trustedCerts, + @Nonnull AlgorithmConstraints constraints) throws JoseException, IOException; /** * Validate a JWS signature. * * @param serializedContent JWS in serialized form - * @param trustStore with trusted X509 certificates - * @param algconstraints signature verification constraints + * @param trustStore with trusted X509 certificates + * @param algconstraints signature verification constraints * @return Signature-verification result - * @throws JoseException In case of a signature verification error - * @throws IOException In case of a general IO error + * @throws JoseException In case of a signature verification error + * @throws IOException In case of a general IO error * @throws KeyStoreException In case of TrustStore error */ @Nonnull - VerificationResult validateSignature(@Nonnull String serializedContent, - @Nonnull KeyStore trustStore, @Nonnull AlgorithmConstraints algconstraints) - throws JoseException, IOException, KeyStoreException; + VerificationResult validateSignature(@Nonnull String serializedContent, @Nonnull KeyStore trustStore, + @Nonnull AlgorithmConstraints algconstraints) throws JoseException, IOException, KeyStoreException; /** * Get the encryption certificate for SL2.0 End-to-End encryption. diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/JsonMapper.java b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/JsonMapper.java index f38203d2..2387a9f2 100644 --- a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/JsonMapper.java +++ b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/JsonMapper.java @@ -35,7 +35,7 @@ public class JsonMapper implements IJsonMapper { /** * The constructor. - * + * * @param prettyPrint enables or disables the default pretty printer */ public JsonMapper(@NonNull final boolean prettyPrint) { @@ -54,10 +54,9 @@ public class JsonMapper implements IJsonMapper { } - /* * (non-Javadoc) - * + * * @at.gv.egiz.eaaf.core.api.utils.IJsonMapper#getMapper() */ public ObjectMapper getMapper() { @@ -65,10 +64,9 @@ public class JsonMapper implements IJsonMapper { } - /* * (non-Javadoc) - * + * * @see at.gv.egiz.eaaf.core.api.utils.IJsonMapper#serialize(java.lang.Object) */ @Override @@ -86,12 +84,12 @@ public class JsonMapper implements IJsonMapper { /* * (non-Javadoc) - * - * @see at.gv.egiz.eaaf.core.api.utils.IJsonMapper#deserialize(java.lang.String, java.lang.Class) + * + * @see at.gv.egiz.eaaf.core.api.utils.IJsonMapper#deserialize(java.lang.String, + * java.lang.Class) */ @Override - public <T> Object deserialize(final String value, final Class<T> clazz) - throws EaafJsonMapperException { + public <T> Object deserialize(final String value, final Class<T> clazz) throws EaafJsonMapperException { try { if (clazz != null) { if (clazz.isAssignableFrom(TypeReference.class)) { @@ -115,8 +113,7 @@ public class JsonMapper implements IJsonMapper { } @Override - public <T> Object deserialize(final InputStream is, final Class<T> clazz) - throws EaafJsonMapperException { + public <T> Object deserialize(final InputStream is, final Class<T> clazz) throws EaafJsonMapperException { try { if (clazz != null) { if (clazz.isAssignableFrom(TypeReference.class)) { diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/JsonSecurityUtils.java b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/JsonSecurityUtils.java index 6ec56825..0d2c1815 100644 --- a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/JsonSecurityUtils.java +++ b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/JsonSecurityUtils.java @@ -70,8 +70,7 @@ public class JsonSecurityUtils implements IJoseTools { log.info("Initialize SL2.0 authentication security constrains ... "); try { if (getKeyStoreFilePath() != null) { - final KeyStore keyStore = - KeyStoreUtils.loadKeyStore(getKeyStoreFilePath(), getKeyStorePassword()); + final KeyStore keyStore = KeyStoreUtils.loadKeyStore(getKeyStoreFilePath(), getKeyStorePassword()); // load signing key signPrivKey = keyStore.getKey(getSigningKeyAlias(), getSigningKeyPassword().toCharArray()); @@ -88,11 +87,9 @@ public class JsonSecurityUtils implements IJoseTools { // load encryption key try { - encPrivKey = - keyStore.getKey(getEncryptionKeyAlias(), getEncryptionKeyPassword().toCharArray()); + encPrivKey = keyStore.getKey(getEncryptionKeyAlias(), getEncryptionKeyPassword().toCharArray()); if (encPrivKey != null) { - final Certificate[] certChainEncryption = - keyStore.getCertificateChain(getEncryptionKeyAlias()); + final Certificate[] certChainEncryption = keyStore.getCertificateChain(getEncryptionKeyAlias()); encCertChain = new X509Certificate[certChainEncryption.length]; for (int i = 0; i < certChainEncryption.length; i++) { if (certChainEncryption[i] instanceof X509Certificate) { @@ -106,8 +103,8 @@ public class JsonSecurityUtils implements IJoseTools { } } catch (final Exception e) { - log.warn("No encryption key for SL2.0 found. End-to-End encryption is not used. Reason: " - + e.getMessage(), e); + log.warn("No encryption key for SL2.0 found. End-to-End encryption is not used. Reason: " + e.getMessage(), + e); } @@ -117,13 +114,13 @@ public class JsonSecurityUtils implements IJoseTools { // some short validation if (signPrivKey == null || !(signPrivKey instanceof PrivateKey)) { log.info("Can NOT open privateKey for SL2.0 signing. KeyStore=" + getKeyStoreFilePath()); - throw new SL20Exception("sl20.03", new Object[] {"Can NOT open private key for signing"}); + throw new SL20Exception("sl20.03", new Object[] { "Can NOT open private key for signing" }); } if (signCertChain == null || signCertChain.length == 0) { log.info("NO certificate for SL2.0 signing. KeyStore=" + getKeyStoreFilePath()); - throw new SL20Exception("sl20.03", new Object[] {"NO certificate for SL2.0 signing"}); + throw new SL20Exception("sl20.03", new Object[] { "NO certificate for SL2.0 signing" }); } @@ -133,9 +130,9 @@ public class JsonSecurityUtils implements IJoseTools { log.info("NO SL2.0 authentication security configuration. Initialization was skipped"); } - } catch (RuntimeException e) { - throw e; - + } catch (final RuntimeException e) { + throw e; + } catch (final Exception e) { log.error("SL2.0 security constrains initialization FAILED.", e); @@ -173,9 +170,8 @@ public class JsonSecurityUtils implements IJoseTools { } @Override - public VerificationResult validateSignature(final String serializedContent, - final KeyStore trustStore, final AlgorithmConstraints algconstraints) - throws JoseException, IOException, KeyStoreException { + public VerificationResult validateSignature(final String serializedContent, final KeyStore trustStore, + final AlgorithmConstraints algconstraints) throws JoseException, IOException, KeyStoreException { final List<X509Certificate> trustedCertificates = readCertsFromKeyStore(trustStore); return validateSignature(serializedContent, trustedCertificates, algconstraints); @@ -184,8 +180,8 @@ public class JsonSecurityUtils implements IJoseTools { @Override @NonNull public VerificationResult validateSignature(@Nonnull final String serializedContent, - @Nonnull final List<X509Certificate> trustedCerts, - @Nonnull final AlgorithmConstraints constraints) throws JoseException, IOException { + @Nonnull final List<X509Certificate> trustedCerts, @Nonnull final AlgorithmConstraints constraints) + throws JoseException, IOException { final JsonWebSignature jws = new JsonWebSignature(); // set payload jws.setCompactSerialization(serializedContent); @@ -219,20 +215,16 @@ public class JsonSecurityUtils implements IJoseTools { } else if (StringUtils.isNotEmpty(x5t256)) { log.debug("Found x5t256 fingerprint in JOSE header .... "); - final X509VerificationKeyResolver x509VerificationKeyResolver = - new X509VerificationKeyResolver(trustedCerts); - selectedKey = - x509VerificationKeyResolver.resolveKey(jws, Collections.<JsonWebStructure>emptyList()); + final X509VerificationKeyResolver x509VerificationKeyResolver = new X509VerificationKeyResolver(trustedCerts); + selectedKey = x509VerificationKeyResolver.resolveKey(jws, Collections.<JsonWebStructure>emptyList()); } else { - throw new JoseException( - "JWS contains NO signature certificate or NO certificate fingerprint"); + throw new JoseException("JWS contains NO signature certificate or NO certificate fingerprint"); } if (selectedKey == null) { - throw new JoseException( - "Can NOT select verification key for JWS. Signature verification FAILED"); + throw new JoseException("Can NOT select verification key for JWS. Signature verification FAILED"); } @@ -240,23 +232,19 @@ public class JsonSecurityUtils implements IJoseTools { jws.setKey(selectedKey); // load payLoad - return new VerificationResult(mapper.getMapper().readTree(jws.getPayload()), null, - jws.verifySignature()); - + return new VerificationResult(mapper.getMapper().readTree(jws.getPayload()), null, jws.verifySignature()); } @Override @Nonnull - public VerificationResult validateSignature(@Nonnull final String serializedContent) - throws SL20Exception { + public VerificationResult validateSignature(@Nonnull final String serializedContent) throws SL20Exception { try { final AlgorithmConstraints algConstraints = new AlgorithmConstraints(ConstraintType.WHITELIST, SL20Constants.SL20_ALGORITHM_WHITELIST_SIGNING .toArray(new String[SL20Constants.SL20_ALGORITHM_WHITELIST_SIGNING.size()])); - final VerificationResult result = - validateSignature(serializedContent, trustedCerts, algConstraints); + final VerificationResult result = validateSignature(serializedContent, trustedCerts, algConstraints); if (!result.isValidSigned()) { log.info("JWS signature invalide. Stopping authentication process ..."); @@ -270,7 +258,7 @@ public class JsonSecurityUtils implements IJoseTools { } catch (JoseException | JsonParseException e) { log.warn("SL2.0 commando signature validation FAILED", e); - throw new SL20SecurityException(new Object[] {e.getMessage()}, e); + throw new SL20SecurityException(new Object[] { e.getMessage() }, e); } catch (final IOException e) { log.warn("Decrypted SL2.0 result can not be parsed.", e); @@ -280,24 +268,22 @@ public class JsonSecurityUtils implements IJoseTools { } - @Override public JsonNode decryptPayload(final String compactSerialization) throws SL20Exception { try { final JsonWebEncryption receiverJwe = new JsonWebEncryption(); // set security constrains - receiverJwe.setAlgorithmConstraints(new AlgorithmConstraints(ConstraintType.WHITELIST, - SL20Constants.SL20_ALGORITHM_WHITELIST_KEYENCRYPTION + receiverJwe.setAlgorithmConstraints( + new AlgorithmConstraints(ConstraintType.WHITELIST, SL20Constants.SL20_ALGORITHM_WHITELIST_KEYENCRYPTION .toArray(new String[SL20Constants.SL20_ALGORITHM_WHITELIST_KEYENCRYPTION.size()]))); - receiverJwe.setContentEncryptionAlgorithmConstraints(new AlgorithmConstraints( - ConstraintType.WHITELIST, SL20Constants.SL20_ALGORITHM_WHITELIST_ENCRYPTION + receiverJwe.setContentEncryptionAlgorithmConstraints( + new AlgorithmConstraints(ConstraintType.WHITELIST, SL20Constants.SL20_ALGORITHM_WHITELIST_ENCRYPTION .toArray(new String[SL20Constants.SL20_ALGORITHM_WHITELIST_ENCRYPTION.size()]))); // set payload receiverJwe.setCompactSerialization(compactSerialization); - // validate key from header against key from config final List<X509Certificate> x5cCerts = receiverJwe.getCertificateChainHeaderValue(); final String x5t256 = receiverJwe.getX509CertSha256ThumbprintHeaderValue(); @@ -307,16 +293,16 @@ public class JsonSecurityUtils implements IJoseTools { final List<X509Certificate> sortedX5cCerts = X509Utils.sortCertificates(x5cCerts); if (!sortedX5cCerts.get(0).equals(encCertChain[0])) { - log.info("Certificate from JOSE header does NOT match encryption certificate"); + log.info("Certificate from JOSE header does NOT match encryption certificate"); try { - + log.debug("JOSE certificate: {}", Base64Utils.encode(sortedX5cCerts.get(0).getEncoded())); } catch (final CertificateEncodingException e) { e.printStackTrace(); } throw new SL20Exception("sl20.05", - new Object[] {"Certificate from JOSE header does NOT match encryption certificate"}); + new Object[] { "Certificate from JOSE header does NOT match encryption certificate" }); } } else if (StringUtils.isNotEmpty(x5t256)) { @@ -326,13 +312,12 @@ public class JsonSecurityUtils implements IJoseTools { log.info("X5t256 from JOSE header does NOT match encryption certificate"); log.debug("X5t256 from JOSE header: " + x5t256 + " Encrytption cert: " + certFingerPrint); throw new SL20Exception("sl20.05", - new Object[] {"X5t256 from JOSE header does NOT match encryption certificate"}); + new Object[] { "X5t256 from JOSE header does NOT match encryption certificate" }); } } else { - log.info( - "Signed SL2.0 response contains NO signature certificate or NO certificate fingerprint"); + log.info("Signed SL2.0 response contains NO signature certificate or NO certificate fingerprint"); throw new SlCommandoParserException( "Signed SL2.0 response contains NO signature certificate or NO certificate fingerprint"); @@ -341,13 +326,12 @@ public class JsonSecurityUtils implements IJoseTools { // set key receiverJwe.setKey(encPrivKey); - // decrypt payload return mapper.getMapper().readTree(receiverJwe.getPlaintextString()); } catch (final JoseException e) { log.warn("SL2.0 result decryption FAILED", e); - throw new SL20SecurityException(new Object[] {e.getMessage()}, e); + throw new SL20SecurityException(new Object[] { e.getMessage() }, e); } catch (final JsonParseException e) { log.warn("Decrypted SL2.0 result is NOT a valid JSON.", e); @@ -360,8 +344,6 @@ public class JsonSecurityUtils implements IJoseTools { } - - @Override public X509Certificate getEncryptionCertificate() { // TODO: maybe update after SL2.0 update on encryption certificate parts @@ -373,14 +355,12 @@ public class JsonSecurityUtils implements IJoseTools { } private String getKeyStoreFilePath() throws EaafConfigurationException, MalformedURLException { - return FileUtils.makeAbsoluteUrl( - authConfig.getBasicConfiguration(Constants.CONFIG_PROP_SECURITY_KEYSTORE_PATH), + return FileUtils.makeAbsoluteUrl(authConfig.getBasicConfiguration(Constants.CONFIG_PROP_SECURITY_KEYSTORE_PATH), authConfig.getConfigurationRootDirectory()); } private String getKeyStorePassword() { - String value = - authConfig.getBasicConfiguration(Constants.CONFIG_PROP_SECURITY_KEYSTORE_PASSWORD); + String value = authConfig.getBasicConfiguration(Constants.CONFIG_PROP_SECURITY_KEYSTORE_PASSWORD); if (value != null) { value = value.trim(); } @@ -390,8 +370,7 @@ public class JsonSecurityUtils implements IJoseTools { } private String getSigningKeyAlias() { - String value = authConfig - .getBasicConfiguration(Constants.CONFIG_PROP_SECURITY_KEYSTORE_KEY_SIGN_ALIAS).trim(); + String value = authConfig.getBasicConfiguration(Constants.CONFIG_PROP_SECURITY_KEYSTORE_KEY_SIGN_ALIAS).trim(); if (value != null) { value = value.trim(); } @@ -400,8 +379,7 @@ public class JsonSecurityUtils implements IJoseTools { } private String getSigningKeyPassword() { - String value = authConfig - .getBasicConfiguration(Constants.CONFIG_PROP_SECURITY_KEYSTORE_KEY_SIGN_PASSWORD).trim(); + String value = authConfig.getBasicConfiguration(Constants.CONFIG_PROP_SECURITY_KEYSTORE_KEY_SIGN_PASSWORD).trim(); if (value != null) { value = value.trim(); } @@ -410,8 +388,8 @@ public class JsonSecurityUtils implements IJoseTools { } private String getEncryptionKeyAlias() { - String value = authConfig - .getBasicConfiguration(Constants.CONFIG_PROP_SECURITY_KEYSTORE_KEY_ENCRYPTION_ALIAS).trim(); + String value = authConfig.getBasicConfiguration(Constants.CONFIG_PROP_SECURITY_KEYSTORE_KEY_ENCRYPTION_ALIAS) + .trim(); if (value != null) { value = value.trim(); } @@ -420,8 +398,7 @@ public class JsonSecurityUtils implements IJoseTools { } private String getEncryptionKeyPassword() { - String value = authConfig - .getBasicConfiguration(Constants.CONFIG_PROP_SECURITY_KEYSTORE_KEY_ENCRYPTION_PASSWORD) + String value = authConfig.getBasicConfiguration(Constants.CONFIG_PROP_SECURITY_KEYSTORE_KEY_ENCRYPTION_PASSWORD) .trim(); if (value != null) { value = value.trim(); @@ -431,8 +408,7 @@ public class JsonSecurityUtils implements IJoseTools { } @Nonnull - private List<X509Certificate> readCertsFromKeyStore(@Nonnull final KeyStore keyStore) - throws KeyStoreException { + private List<X509Certificate> readCertsFromKeyStore(@Nonnull final KeyStore keyStore) throws KeyStoreException { final List<X509Certificate> result = new ArrayList<>(); final Enumeration<String> aliases = keyStore.aliases(); @@ -444,8 +420,7 @@ public class JsonSecurityUtils implements IJoseTools { if (cert != null && cert instanceof X509Certificate) { result.add((X509Certificate) cert); } else { - log.info("Can not process entry: {}. Reason: {}", el, - cert != null ? cert.getType() : "cert is null"); + log.info("Can not process entry: {}. Reason: {}", el, cert != null ? cert.getType() : "cert is null"); } } diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20Constants.java b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20Constants.java index d3726546..d1793b0e 100644 --- a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20Constants.java +++ b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20Constants.java @@ -24,7 +24,6 @@ public class SL20Constants { public static final String HTTP_HEADER_SL20_RESP = "X-SL20Operation"; - // ******************************************************************************************* // JSON signing and encryption headers public static final String JSON_ALGORITHM = "alg"; @@ -39,22 +38,19 @@ public class SL20Constants { AlgorithmIdentifiers.ECDSA_USING_P256_CURVE_AND_SHA256; public static final String JSON_ALGORITHM_SIGNING_ES512 = AlgorithmIdentifiers.ECDSA_USING_P521_CURVE_AND_SHA512; - public static final String JSON_ALGORITHM_SIGNING_PS256 = - AlgorithmIdentifiers.RSA_PSS_USING_SHA256; - public static final String JSON_ALGORITHM_SIGNING_PS512 = - AlgorithmIdentifiers.RSA_PSS_USING_SHA512; + public static final String JSON_ALGORITHM_SIGNING_PS256 = AlgorithmIdentifiers.RSA_PSS_USING_SHA256; + public static final String JSON_ALGORITHM_SIGNING_PS512 = AlgorithmIdentifiers.RSA_PSS_USING_SHA512; - public static final List<String> SL20_ALGORITHM_WHITELIST_SIGNING = Collections.unmodifiableList(Arrays.asList( - JSON_ALGORITHM_SIGNING_RS256, JSON_ALGORITHM_SIGNING_RS512, JSON_ALGORITHM_SIGNING_ES256, - JSON_ALGORITHM_SIGNING_ES512, JSON_ALGORITHM_SIGNING_PS256, JSON_ALGORITHM_SIGNING_PS512)); + public static final List<String> SL20_ALGORITHM_WHITELIST_SIGNING = Collections.unmodifiableList( + Arrays.asList(JSON_ALGORITHM_SIGNING_RS256, JSON_ALGORITHM_SIGNING_RS512, JSON_ALGORITHM_SIGNING_ES256, + JSON_ALGORITHM_SIGNING_ES512, JSON_ALGORITHM_SIGNING_PS256, JSON_ALGORITHM_SIGNING_PS512)); - public static final String JSON_ALGORITHM_ENC_KEY_RSAOAEP = - KeyManagementAlgorithmIdentifiers.RSA_OAEP; + public static final String JSON_ALGORITHM_ENC_KEY_RSAOAEP = KeyManagementAlgorithmIdentifiers.RSA_OAEP; public static final String JSON_ALGORITHM_ENC_KEY_RSAOAEP256 = KeyManagementAlgorithmIdentifiers.RSA_OAEP_256; - public static final List<String> SL20_ALGORITHM_WHITELIST_KEYENCRYPTION = - Collections.unmodifiableList(Arrays.asList(JSON_ALGORITHM_ENC_KEY_RSAOAEP, JSON_ALGORITHM_ENC_KEY_RSAOAEP256)); + public static final List<String> SL20_ALGORITHM_WHITELIST_KEYENCRYPTION = Collections + .unmodifiableList(Arrays.asList(JSON_ALGORITHM_ENC_KEY_RSAOAEP, JSON_ALGORITHM_ENC_KEY_RSAOAEP256)); public static final String JSON_ALGORITHM_ENC_PAYLOAD_A128CBCHS256 = ContentEncryptionAlgorithmIdentifiers.AES_128_CBC_HMAC_SHA_256; @@ -65,10 +61,10 @@ public class SL20Constants { public static final String JSON_ALGORITHM_ENC_PAYLOAD_A256GCM = ContentEncryptionAlgorithmIdentifiers.AES_256_GCM; - public static final List<String> SL20_ALGORITHM_WHITELIST_ENCRYPTION = Collections.unmodifiableList(Arrays.asList( - JSON_ALGORITHM_ENC_PAYLOAD_A128CBCHS256, JSON_ALGORITHM_ENC_PAYLOAD_A256CBCHS512, - JSON_ALGORITHM_ENC_PAYLOAD_A128GCM, JSON_ALGORITHM_ENC_PAYLOAD_A256GCM)); - + public static final List<String> SL20_ALGORITHM_WHITELIST_ENCRYPTION = Collections + .unmodifiableList(Arrays.asList(JSON_ALGORITHM_ENC_PAYLOAD_A128CBCHS256, + JSON_ALGORITHM_ENC_PAYLOAD_A256CBCHS512, + JSON_ALGORITHM_ENC_PAYLOAD_A128GCM, JSON_ALGORITHM_ENC_PAYLOAD_A256GCM)); // ********************************************************************************************* // Object identifier for generic transport container @@ -96,12 +92,12 @@ public class SL20Constants { @Deprecated public static final String SL20_COMMAND_IDENTIFIER_QUALIFIEDEID = "qualifiedeID"; public static final String SL20_COMMAND_IDENTIFIER_QUALIFIEDEIDCONSENT = "qualifiedEIDConsent"; - // public static final String SL20_COMMAND_IDENTIFIER_QUALIFIEDSIG = "qualifiedSig"; + // public static final String SL20_COMMAND_IDENTIFIER_QUALIFIEDSIG = + // "qualifiedSig"; public static final String SL20_COMMAND_IDENTIFIER_GETCERTIFICATE = "getCertificate"; public static final String SL20_COMMAND_IDENTIFIER_CREATE_SIG_CADES = "createCAdES"; - public static final String SL20_COMMAND_IDENTIFIER_BINDING_CREATE_KEY = "createBindingKey"; public static final String SL20_COMMAND_IDENTIFIER_BINDING_STORE_CERT = "storeBindingCert"; @@ -124,13 +120,11 @@ public class SL20Constants { public static final String SL20_COMMAND_PARAM_GENERAL_REDIRECT_IPCREDIRECT = "IPCRedirect"; // Call command - public static final String SL20_COMMAND_PARAM_GENERAL_CALL_URL = - SL20_COMMAND_PARAM_GENERAL_REDIRECT_URL; + public static final String SL20_COMMAND_PARAM_GENERAL_CALL_URL = SL20_COMMAND_PARAM_GENERAL_REDIRECT_URL; public static final String SL20_COMMAND_PARAM_GENERAL_CALL_METHOD = "method"; public static final String SL20_COMMAND_PARAM_GENERAL_CALL_METHOD_GET = "get"; public static final String SL20_COMMAND_PARAM_GENERAL_CALL_METHOD_POST = "post"; - public static final String SL20_COMMAND_PARAM_GENERAL_CALL_INCLUDETRANSACTIONID = - "includeTransactionID"; + public static final String SL20_COMMAND_PARAM_GENERAL_CALL_INCLUDETRANSACTIONID = "includeTransactionID"; public static final String SL20_COMMAND_PARAM_GENERAL_CALL_REQPARAMETER = "reqParams"; // error command @@ -144,8 +138,7 @@ public class SL20Constants { @Deprecated public static final String SL20_COMMAND_PARAM_EID_ATTRIBUTES = "attributes"; @Deprecated - public static final String SL20_COMMAND_PARAM_EID_ATTRIBUTES_MANDATEREFVALUE = - "MANDATE-REFERENCE-VALUE"; + public static final String SL20_COMMAND_PARAM_EID_ATTRIBUTES_MANDATEREFVALUE = "MANDATE-REFERENCE-VALUE"; @Deprecated public static final String SL20_COMMAND_PARAM_EID_ATTRIBUTES_SPUNIQUEID = "SP-UNIQUEID"; @Deprecated @@ -176,11 +169,9 @@ public class SL20Constants { // public static final String SL20_COMMAND_PARAM_QUALSIG_X5CENC = // SL20_COMMAND_PARAM_GENERAL_RESPONSEENCRYPTIONCERTIFICATE; - // getCertificate public static final String SL20_COMMAND_PARAM_GETCERTIFICATE_KEYID = "keyId"; - public static final String SL20_COMMAND_PARAM_GETCERTIFICATE_DATAURL = - SL20_COMMAND_PARAM_GENERAL_DATAURL; + public static final String SL20_COMMAND_PARAM_GETCERTIFICATE_DATAURL = SL20_COMMAND_PARAM_GENERAL_DATAURL; public static final String SL20_COMMAND_PARAM_GETCERTIFICATE_X5CENC = SL20_COMMAND_PARAM_GENERAL_RESPONSEENCRYPTIONCERTIFICATE; public static final String SL20_COMMAND_PARAM_GETCERTIFICATE_JWKCENC = @@ -191,13 +182,10 @@ public class SL20Constants { public static final String SL20_COMMAND_PARAM_CREATE_SIG_CADES_KEYID = "keyId"; public static final String SL20_COMMAND_PARAM_CREATE_SIG_CADES_CONTENT = "content"; public static final String SL20_COMMAND_PARAM_CREATE_SIG_CADES_MIMETYPE = "mimeType"; - public static final String SL20_COMMAND_PARAM_CREATE_SIG_CADES_PADES_COMBATIBILTY = - "padesComatibility"; - public static final String SL20_COMMAND_PARAM_CREATE_SIG_CADES_EXCLUDEBYTERANGE = - "excludedByteRange"; + public static final String SL20_COMMAND_PARAM_CREATE_SIG_CADES_PADES_COMBATIBILTY = "padesComatibility"; + public static final String SL20_COMMAND_PARAM_CREATE_SIG_CADES_EXCLUDEBYTERANGE = "excludedByteRange"; public static final String SL20_COMMAND_PARAM_CREATE_SIG_CADES_CADESLEVEL = "cadesLevel"; - public static final String SL20_COMMAND_PARAM_CREATE_SIG_CADES_DATAURL = - SL20_COMMAND_PARAM_GENERAL_DATAURL; + public static final String SL20_COMMAND_PARAM_CREATE_SIG_CADES_DATAURL = SL20_COMMAND_PARAM_GENERAL_DATAURL; public static final String SL20_COMMAND_PARAM_CREATE_SIG_CADES_X5CENC = SL20_COMMAND_PARAM_GENERAL_RESPONSEENCRYPTIONCERTIFICATE; public static final String SL20_COMMAND_PARAM_CREATE_SIG_CADES_JWKCENC = @@ -211,19 +199,15 @@ public class SL20Constants { public static final String SL20_COMMAND_PARAM_CREATE_SIG_CADES_CADESLEVEL_XL = "cAdES-X-L"; public static final String SL20_COMMAND_PARAM_CREATE_SIG_CADES_CADESLEVEL_A = "cAdES-A"; - - // create binding key command public static final String SL20_COMMAND_PARAM_BINDING_CREATE_KONTOID = "kontoID"; public static final String SL20_COMMAND_PARAM_BINDING_CREATE_SN = "SN"; public static final String SL20_COMMAND_PARAM_BINDING_CREATE_KEYLENGTH = "keyLength"; public static final String SL20_COMMAND_PARAM_BINDING_CREATE_KEYALG = "keyAlg"; public static final String SL20_COMMAND_PARAM_BINDING_CREATE_POLICIES = "policies"; - public static final String SL20_COMMAND_PARAM_BINDING_CREATE_DATAURL = - SL20_COMMAND_PARAM_GENERAL_DATAURL; + public static final String SL20_COMMAND_PARAM_BINDING_CREATE_DATAURL = SL20_COMMAND_PARAM_GENERAL_DATAURL; public static final String SL20_COMMAND_PARAM_BINDING_CREATE_X5CVDATRUST = "x5cVdaTrust"; - public static final String SL20_COMMAND_PARAM_BINDING_CREATE_REQUESTUSERPASSWORD = - "reqUserPassword"; + public static final String SL20_COMMAND_PARAM_BINDING_CREATE_REQUESTUSERPASSWORD = "reqUserPassword"; public static final String SL20_COMMAND_PARAM_BINDING_CREATE_X5CENC = SL20_COMMAND_PARAM_GENERAL_RESPONSEENCRYPTIONCERTIFICATE; @@ -231,23 +215,18 @@ public class SL20Constants { public static final String SL20_COMMAND_PARAM_BINDING_CREATE_KEYALG_SECPR256R1 = "secp256r1"; public static final String SL20_COMMAND_PARAM_BINDING_CREATE_POLICIES_LIFETIME = "lifeTime"; - public static final String SL20_COMMAND_PARAM_BINDING_CREATE_POLICIES_USESECUREELEMENT = - "useSecureElement"; + public static final String SL20_COMMAND_PARAM_BINDING_CREATE_POLICIES_USESECUREELEMENT = "useSecureElement"; public static final String SL20_COMMAND_PARAM_BINDING_CREATE_POLICIES_KEYTIMEOUT = "keyTimeout"; - public static final String SL20_COMMAND_PARAM_BINDING_CREATE_POLICIES_NEEDUSERAUTH = - "needUserAuth"; + public static final String SL20_COMMAND_PARAM_BINDING_CREATE_POLICIES_NEEDUSERAUTH = "needUserAuth"; public static final String SL20_COMMAND_PARAM_BINDING_CREATE_RESULT_APPID = "appID"; public static final String SL20_COMMAND_PARAM_BINDING_CREATE_RESULT_CSR = "csr"; - public static final String SL20_COMMAND_PARAM_BINDING_CREATE_RESULT_KEYATTESTATIONZERTIFICATE = - "attCert"; + public static final String SL20_COMMAND_PARAM_BINDING_CREATE_RESULT_KEYATTESTATIONZERTIFICATE = "attCert"; public static final String SL20_COMMAND_PARAM_BINDING_CREATE_RESULT_USERPASSWORD = "encodedPass"; - // store binding certificate command public static final String SL20_COMMAND_PARAM_BINDING_STORE_CERTIFICATE = "x5c"; - public static final String SL20_COMMAND_PARAM_BINDING_STORE_DATAURL = - SL20_COMMAND_PARAM_GENERAL_DATAURL; + public static final String SL20_COMMAND_PARAM_BINDING_STORE_DATAURL = SL20_COMMAND_PARAM_GENERAL_DATAURL; public static final String SL20_COMMAND_PARAM_BINDING_STORE_RESULT_SUCESS = "success"; public static final String SL20_COMMAND_PARAM_BINDING_STORE_RESULT_SUCESS_VALUE = "OK"; @@ -268,14 +247,12 @@ public class SL20Constants { public static final String SL20_COMMAND_PARAM_AUTH_JWSTOKEN_NONCE = "nonce"; public static final String SL20_COMMAND_PARAM_AUTH_JWSTOKEN_DISPLAYDATA = "displayData"; public static final String SL20_COMMAND_PARAM_AUTH_JWSTOKEN_DISPLAYURL = "displayUrl"; - public static final String SL20_COMMAND_PARAM_AUTH_JWSTOKEN_DATAURL = - SL20_COMMAND_PARAM_GENERAL_DATAURL; + public static final String SL20_COMMAND_PARAM_AUTH_JWSTOKEN_DATAURL = SL20_COMMAND_PARAM_GENERAL_DATAURL; public static final String SL20_COMMAND_PARAM_AUTH_JWSTOKEN_RESULT_NONCE = SL20_COMMAND_PARAM_AUTH_JWSTOKEN_NONCE; // QR-Code authentication public static final String SL20_COMMAND_PARAM_AUTH_QRCODE_QRCODE = "qrCode"; - public static final String SL20_COMMAND_PARAM_AUTH_QRCODE_DATAURL = - SL20_COMMAND_PARAM_GENERAL_DATAURL; + public static final String SL20_COMMAND_PARAM_AUTH_QRCODE_DATAURL = SL20_COMMAND_PARAM_GENERAL_DATAURL; } diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20HttpBindingUtils.java b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20HttpBindingUtils.java index 6a8b96d4..1d7c9646 100644 --- a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20HttpBindingUtils.java +++ b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20HttpBindingUtils.java @@ -3,15 +3,18 @@ package at.gv.egiz.eaaf.modules.auth.sl20.utils; import java.io.IOException; import java.io.StringWriter; import java.net.URISyntaxException; + import javax.annotation.Nonnull; import javax.annotation.Nullable; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; + import org.apache.http.client.utils.URIBuilder; import org.jose4j.base64url.Base64Url; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.http.MediaType; + import com.fasterxml.jackson.databind.JsonNode; public class SL20HttpBindingUtils { @@ -20,26 +23,24 @@ public class SL20HttpBindingUtils { /** * Write SL2.0 response into http-response object * - * @param httpReq Current http request - * @param httpResp Current http response - * @param sl20Forward SL2.0 command that should be written to response - * @param redirectUrl SL2.0 redirect URL in case of SL2.0 redirect command and no native client - * (see SL2.0 specification) - * @param httpCodeRedirect http redirect-code in case of SL2.0 redirect command and no native - * client (see SL2.0 specification) - * @throws IOException In case of an IO error + * @param httpReq Current http request + * @param httpResp Current http response + * @param sl20Forward SL2.0 command that should be written to response + * @param redirectUrl SL2.0 redirect URL in case of SL2.0 redirect command + * and no native client (see SL2.0 specification) + * @param httpCodeRedirect http redirect-code in case of SL2.0 redirect command + * and no native client (see SL2.0 specification) + * @throws IOException In case of an IO error * @throws URISyntaxException In case of a wrong URL */ public static void writeIntoResponse(@Nonnull final HttpServletRequest httpReq, @Nonnull final HttpServletResponse httpResp, @Nonnull final JsonNode sl20Forward, - @Nullable final String redirectUrl, @Nonnull final int httpCodeRedirect) - throws IOException, URISyntaxException { + @Nullable final String redirectUrl, @Nonnull final int httpCodeRedirect) throws IOException, URISyntaxException { // forward SL2.0 command httpResp.addIntHeader(SL20Constants.HTTP_HEADER_SL20_RESP, SL20Constants.CURRENT_SL20_VERSION); - if (httpReq.getHeader(SL20Constants.HTTP_HEADER_SL20_CLIENT_TYPE) != null - && httpReq.getHeader(SL20Constants.HTTP_HEADER_SL20_CLIENT_TYPE) - .equals(SL20Constants.HTTP_HEADER_VALUE_NATIVE)) { + if (httpReq.getHeader(SL20Constants.HTTP_HEADER_SL20_CLIENT_TYPE) != null && httpReq + .getHeader(SL20Constants.HTTP_HEADER_SL20_CLIENT_TYPE).equals(SL20Constants.HTTP_HEADER_VALUE_NATIVE)) { log.debug("Client request containts 'native client' header ... "); final StringWriter writer = new StringWriter(); writer.write(sl20Forward.toString()); diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20JsonBuilderUtils.java b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20JsonBuilderUtils.java index 82a8cf26..eb17781b 100644 --- a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20JsonBuilderUtils.java +++ b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20JsonBuilderUtils.java @@ -8,11 +8,13 @@ import java.util.Base64; import java.util.List; import java.util.Map; import java.util.Map.Entry; -import at.gv.egiz.eaaf.modules.auth.sl20.Constants; -import at.gv.egiz.eaaf.modules.auth.sl20.exceptions.SlCommandoBuildException; + import com.fasterxml.jackson.databind.node.ArrayNode; import com.fasterxml.jackson.databind.node.ObjectNode; +import at.gv.egiz.eaaf.modules.auth.sl20.Constants; +import at.gv.egiz.eaaf.modules.auth.sl20.exceptions.SlCommandoBuildException; + public class SL20JsonBuilderUtils { private static JsonMapper mapper = new JsonMapper(); @@ -20,13 +22,12 @@ public class SL20JsonBuilderUtils { /** * Create command request. * - * @param name Commando name + * @param name Commando name * @param params Commando parameters * @return JSON Object * @throws SlCommandoBuildException In case of a build error */ - public static ObjectNode createCommand(final String name, final ObjectNode params) - throws SlCommandoBuildException { + public static ObjectNode createCommand(final String name, final ObjectNode params) throws SlCommandoBuildException { final ObjectNode command = mapper.getMapper().createObjectNode(); addSingleStringElement(command, SL20Constants.SL20_COMMAND_CONTAINER_NAME, name, true); @@ -38,14 +39,14 @@ public class SL20JsonBuilderUtils { /** * Create signed command request. * - * @param name Commando name + * @param name Commando name * @param params commando parameter * @param signer JWS signer implementation * @return Serialized JWS * @throws SlCommandoBuildException In case of a build error */ - public static String createSignedCommand(final String name, final ObjectNode params, - final IJoseTools signer) throws SlCommandoBuildException { + public static String createSignedCommand(final String name, final ObjectNode params, final IJoseTools signer) + throws SlCommandoBuildException { final ObjectNode command = mapper.getMapper().createObjectNode(); addSingleStringElement(command, SL20Constants.SL20_COMMAND_CONTAINER_NAME, name, true); addSingleJsonElement(command, SL20Constants.SL20_COMMAND_CONTAINER_PARAMS, params, true); @@ -53,17 +54,16 @@ public class SL20JsonBuilderUtils { } - /** * Create encrypted command result. * - * @param result JSON to encrypt + * @param result JSON to encrypt * @param encrypter JWE encrypter implementation * @return Serialized JWE * @throws SlCommandoBuildException In case of a processing error */ - public static String createEncryptedCommandoResult(final ObjectNode result, - final JsonSecurityUtils encrypter) throws SlCommandoBuildException { + public static String createEncryptedCommandoResult(final ObjectNode result, final JsonSecurityUtils encrypter) + throws SlCommandoBuildException { // TODO: add real implementation // create header and footer final String dummyHeader = createJsonEncryptionHeader().toString(); @@ -71,21 +71,20 @@ public class SL20JsonBuilderUtils { final String dummyFooter = createJsonSignedFooter(); try { - return Base64.getUrlEncoder().encodeToString(dummyHeader.getBytes("UTF-8")) + "." - + Base64.getUrlEncoder().encodeToString(payLoad.getBytes("UTF-8")) + "." - + Base64.getUrlEncoder().encodeToString(dummyFooter.getBytes("UTF-8")); - } catch (UnsupportedEncodingException e) { - throw new SlCommandoBuildException("No UTF-8 encoding", e); - } + return Base64.getUrlEncoder().encodeToString(dummyHeader.getBytes("UTF-8")) + "." + + Base64.getUrlEncoder().encodeToString(payLoad.getBytes("UTF-8")) + "." + + Base64.getUrlEncoder().encodeToString(dummyFooter.getBytes("UTF-8")); + } catch (final UnsupportedEncodingException e) { + throw new SlCommandoBuildException("No UTF-8 encoding", e); + } } - /** * Create command result. * - * @param name Commando name - * @param result commande result + * @param name Commando name + * @param result commande result * @param encryptedResult encrypted commando result * @return Result json * @throws SlCommandoBuildException In case of an error @@ -103,16 +102,15 @@ public class SL20JsonBuilderUtils { /** * Create signed command result. * - * @param name commando name - * @param result commando result + * @param name commando name + * @param result commando result * @param encryptedResult encrypted commando result * @return JWS in serialized form * @throws SlCommandoBuildException in case of an error - + * */ public static String createSignedCommandResponse(final String name, final ObjectNode result, - final String encryptedResult, final JsonSecurityUtils signer) - throws SlCommandoBuildException { + final String encryptedResult, final JsonSecurityUtils signer) throws SlCommandoBuildException { final ObjectNode command = mapper.getMapper().createObjectNode(); addSingleStringElement(command, SL20Constants.SL20_COMMAND_CONTAINER_NAME, name, true); addOnlyOnceOfTwo(command, SL20Constants.SL20_COMMAND_CONTAINER_RESULT, @@ -125,36 +123,34 @@ public class SL20JsonBuilderUtils { final String dummyFooter = createJsonSignedFooter(); try { - return Base64.getUrlEncoder().encodeToString(dummyHeader.getBytes("UTF-8")) + "." - + Base64.getUrlEncoder().encodeToString(encodedCommand.getBytes("UTF-8")) + "." - + Base64.getUrlEncoder().encodeToString(dummyFooter.getBytes("UTF-8")); - - } catch (UnsupportedEncodingException e) { - throw new SlCommandoBuildException("No UTF-8 encoding", e); - } + return Base64.getUrlEncoder().encodeToString(dummyHeader.getBytes("UTF-8")) + "." + + Base64.getUrlEncoder().encodeToString(encodedCommand.getBytes("UTF-8")) + "." + + Base64.getUrlEncoder().encodeToString(dummyFooter.getBytes("UTF-8")); + + } catch (final UnsupportedEncodingException e) { + throw new SlCommandoBuildException("No UTF-8 encoding", e); + } } /** * Create parameters for Redirect command. * - * @param url redirect URL - * @param command embedded command + * @param url redirect URL + * @param command embedded command * @param signedCommand Signed embedded command - * @param ipcRedirect IPC redirect flag + * @param ipcRedirect IPC redirect flag * @return result JSON * @throws SlCommandoBuildException In case of an error */ - public static ObjectNode createRedirectCommandParameters(final String url, - final ObjectNode command, final ObjectNode signedCommand, final Boolean ipcRedirect) - throws SlCommandoBuildException { + public static ObjectNode createRedirectCommandParameters(final String url, final ObjectNode command, + final ObjectNode signedCommand, final Boolean ipcRedirect) throws SlCommandoBuildException { final ObjectNode redirectReqParams = mapper.getMapper().createObjectNode(); addOnlyOnceOfTwo(redirectReqParams, SL20Constants.SL20_COMMAND_PARAM_GENERAL_REDIRECT_COMMAND, SL20Constants.SL20_COMMAND_PARAM_GENERAL_REDIRECT_SIGNEDCOMMAND, command, signedCommand); - addSingleStringElement(redirectReqParams, SL20Constants.SL20_COMMAND_PARAM_GENERAL_REDIRECT_URL, - url, false); - addSingleBooleanElement(redirectReqParams, - SL20Constants.SL20_COMMAND_PARAM_GENERAL_REDIRECT_IPCREDIRECT, ipcRedirect, false); + addSingleStringElement(redirectReqParams, SL20Constants.SL20_COMMAND_PARAM_GENERAL_REDIRECT_URL, url, false); + addSingleBooleanElement(redirectReqParams, SL20Constants.SL20_COMMAND_PARAM_GENERAL_REDIRECT_IPCREDIRECT, + ipcRedirect, false); return redirectReqParams; } @@ -162,26 +158,21 @@ public class SL20JsonBuilderUtils { /** * Create parameters for Call command. * - * @param url http URL for Call command - * @param method http method used by call commando result + * @param url http URL for Call command + * @param method http method used by call commando result * @param includeTransactionId TransactionId - * @param reqParameters Request parameters on CALL command + * @param reqParameters Request parameters on CALL command * @return JSON * @throws SlCommandoBuildException In case of an error */ public static ObjectNode createCallCommandParameters(final String url, final String method, - final Boolean includeTransactionId, final Map<String, String> reqParameters) - throws SlCommandoBuildException { + final Boolean includeTransactionId, final Map<String, String> reqParameters) throws SlCommandoBuildException { final ObjectNode callReqParams = mapper.getMapper().createObjectNode(); - addSingleStringElement(callReqParams, SL20Constants.SL20_COMMAND_PARAM_GENERAL_CALL_URL, url, - true); - addSingleStringElement(callReqParams, SL20Constants.SL20_COMMAND_PARAM_GENERAL_CALL_METHOD, - method, true); - addSingleBooleanElement(callReqParams, - SL20Constants.SL20_COMMAND_PARAM_GENERAL_CALL_INCLUDETRANSACTIONID, includeTransactionId, - false); - addArrayOfStringElements(callReqParams, - SL20Constants.SL20_COMMAND_PARAM_GENERAL_CALL_REQPARAMETER, reqParameters); + addSingleStringElement(callReqParams, SL20Constants.SL20_COMMAND_PARAM_GENERAL_CALL_URL, url, true); + addSingleStringElement(callReqParams, SL20Constants.SL20_COMMAND_PARAM_GENERAL_CALL_METHOD, method, true); + addSingleBooleanElement(callReqParams, SL20Constants.SL20_COMMAND_PARAM_GENERAL_CALL_INCLUDETRANSACTIONID, + includeTransactionId, false); + addArrayOfStringElements(callReqParams, SL20Constants.SL20_COMMAND_PARAM_GENERAL_CALL_REQPARAMETER, reqParameters); return callReqParams; } @@ -190,17 +181,15 @@ public class SL20JsonBuilderUtils { * Create result for Error command. * * @param errorCode Error-Code - * @param errorMsg Error-message + * @param errorMsg Error-message * @return JSON * @throws SlCommandoBuildException In case of an error */ public static ObjectNode createErrorCommandResult(final String errorCode, final String errorMsg) throws SlCommandoBuildException { final ObjectNode result = mapper.getMapper().createObjectNode(); - addSingleStringElement(result, SL20Constants.SL20_COMMAND_PARAM_GENERAL_RESPONSE_ERRORCODE, - errorCode, true); - addSingleStringElement(result, SL20Constants.SL20_COMMAND_PARAM_GENERAL_RESPONSE_ERRORMESSAGE, - errorMsg, true); + addSingleStringElement(result, SL20Constants.SL20_COMMAND_PARAM_GENERAL_RESPONSE_ERRORCODE, errorCode, true); + addSingleStringElement(result, SL20Constants.SL20_COMMAND_PARAM_GENERAL_RESPONSE_ERRORMESSAGE, errorMsg, true); return result; } @@ -208,20 +197,21 @@ public class SL20JsonBuilderUtils { /** * Create parameters for qualifiedeID command. * - * @param consentTemplateId Identifier of the template that is used for consent visualization - * @param consent Consent that has to be signed by user - * @param dataUrl DataURL for result - * @param x5cEnc Response encryption certificate + * @param consentTemplateId Identifier of the template that is used for consent + * visualization + * @param consent Consent that has to be signed by user + * @param dataUrl DataURL for result + * @param x5cEnc Response encryption certificate * @return JSON - * @throws CertificateEncodingException In case of a encryption certificate encoding problem - * @throws SlCommandoBuildException In case of a generel error + * @throws CertificateEncodingException In case of a encryption certificate + * encoding problem + * @throws SlCommandoBuildException In case of a generel error */ - public static ObjectNode createQualifiedeEidConsent(final String consentTemplateId, - final byte[] consent, final String dataUrl, final X509Certificate x5cEnc) + public static ObjectNode createQualifiedeEidConsent(final String consentTemplateId, final byte[] consent, + final String dataUrl, final X509Certificate x5cEnc) throws CertificateEncodingException, SlCommandoBuildException { final ObjectNode params = mapper.getMapper().createObjectNode(); - addSingleStringElement(params, SL20Constants.SL20_COMMAND_PARAM_EID_CONSENTTEMPLATEID, - consentTemplateId, true); + addSingleStringElement(params, SL20Constants.SL20_COMMAND_PARAM_EID_CONSENTTEMPLATEID, consentTemplateId, true); addSingleByteElement(params, SL20Constants.SL20_COMMAND_PARAM_EID_CONSENT, consent, true); addSingleStringElement(params, SL20Constants.SL20_COMMAND_PARAM_EID_DATAURL, dataUrl, true); addSingleCertificateElement(params, SL20Constants.SL20_COMMAND_PARAM_EID_X5CENC, x5cEnc, false); @@ -229,28 +219,26 @@ public class SL20JsonBuilderUtils { } - /** * Create parameters for qualifiedeID command. * - * @param authBlockId AuthBlock transformation Id - * @param dataUrl DataURL for result - * @param additionalReqParameters additional parameters - * @param x5cEnc Response encryption certificate + * @param authBlockId AuthBlock transformation Id + * @param dataUrl DataURL for result + * @param additionalReqParameters additional parameters + * @param x5cEnc Response encryption certificate * @return JSON - * @throws CertificateEncodingException In case of a encryption certificate encoding problem - * @throws SlCommandoBuildException In case of a generel error + * @throws CertificateEncodingException In case of a encryption certificate + * encoding problem + * @throws SlCommandoBuildException In case of a generel error */ @Deprecated - public static ObjectNode createQualifiedEidCommandParameters(final String authBlockId, - final String dataUrl, final Map<String, String> additionalReqParameters, - final X509Certificate x5cEnc) throws CertificateEncodingException, SlCommandoBuildException { + public static ObjectNode createQualifiedEidCommandParameters(final String authBlockId, final String dataUrl, + final Map<String, String> additionalReqParameters, final X509Certificate x5cEnc) + throws CertificateEncodingException, SlCommandoBuildException { final ObjectNode params = mapper.getMapper().createObjectNode(); - addSingleStringElement(params, SL20Constants.SL20_COMMAND_PARAM_EID_AUTHBLOCKID, authBlockId, - true); + addSingleStringElement(params, SL20Constants.SL20_COMMAND_PARAM_EID_AUTHBLOCKID, authBlockId, true); addSingleStringElement(params, SL20Constants.SL20_COMMAND_PARAM_EID_DATAURL, dataUrl, true); - addArrayOfStringElements(params, SL20Constants.SL20_COMMAND_PARAM_EID_ATTRIBUTES, - additionalReqParameters); + addArrayOfStringElements(params, SL20Constants.SL20_COMMAND_PARAM_EID_ATTRIBUTES, additionalReqParameters); addSingleCertificateElement(params, SL20Constants.SL20_COMMAND_PARAM_EID_X5CENC, x5cEnc, false); return params; @@ -259,10 +247,10 @@ public class SL20JsonBuilderUtils { /** * Create result for qualifiedeID command. * - * @param idl IdentityLink + * @param idl IdentityLink * @param authBlock AuthBlock - * @param ccsUrl VDA URL - * @param loa LoA + * @param ccsUrl VDA URL + * @param loa LoA * @return JSON * @throws SlCommandoBuildException In case of an error */ @@ -270,57 +258,45 @@ public class SL20JsonBuilderUtils { final String ccsUrl, final String loa) throws SlCommandoBuildException { final ObjectNode result = mapper.getMapper().createObjectNode(); addSingleByteElement(result, SL20Constants.SL20_COMMAND_PARAM_EID_RESULT_IDL, idl, true); - addSingleByteElement(result, SL20Constants.SL20_COMMAND_PARAM_EID_RESULT_AUTHBLOCK, authBlock, - true); - addSingleStringElement(result, SL20Constants.SL20_COMMAND_PARAM_EID_RESULT_CCSURL, ccsUrl, - true); + addSingleByteElement(result, SL20Constants.SL20_COMMAND_PARAM_EID_RESULT_AUTHBLOCK, authBlock, true); + addSingleStringElement(result, SL20Constants.SL20_COMMAND_PARAM_EID_RESULT_CCSURL, ccsUrl, true); addSingleStringElement(result, SL20Constants.SL20_COMMAND_PARAM_EID_RESULT_LOA, loa, true); return result; } - /** * Create Binding-Key command parameters. * - * @param kontoId KontoId - * @param subjectName SubjectName - * @param keySize KeySize - * @param keyAlg Key-algorithm - * @param policies Key policy - * @param dataUrl DataURL - * @param x5cVdaTrust trusted certificate from VDA + * @param kontoId KontoId + * @param subjectName SubjectName + * @param keySize KeySize + * @param keyAlg Key-algorithm + * @param policies Key policy + * @param dataUrl DataURL + * @param x5cVdaTrust trusted certificate from VDA * @param reqUserPassword User passwort initialize request - * @param x5cEnc Result encryption certificate + * @param x5cEnc Result encryption certificate * @return JSON - * @throws SlCommandoBuildException in case of an errr + * @throws SlCommandoBuildException in case of an errr * @throws CertificateEncodingException In case of a certificate error */ - public static ObjectNode createBindingKeyCommandParams(final String kontoId, - final String subjectName, final int keySize, final String keyAlg, - final Map<String, String> policies, final String dataUrl, final X509Certificate x5cVdaTrust, - final Boolean reqUserPassword, final X509Certificate x5cEnc) + public static ObjectNode createBindingKeyCommandParams(final String kontoId, final String subjectName, + final int keySize, final String keyAlg, final Map<String, String> policies, final String dataUrl, + final X509Certificate x5cVdaTrust, final Boolean reqUserPassword, final X509Certificate x5cEnc) throws SlCommandoBuildException, CertificateEncodingException { final ObjectNode params = mapper.getMapper().createObjectNode(); - addSingleStringElement(params, SL20Constants.SL20_COMMAND_PARAM_BINDING_CREATE_KONTOID, kontoId, - true); - addSingleStringElement(params, SL20Constants.SL20_COMMAND_PARAM_BINDING_CREATE_SN, subjectName, - true); - addSingleNumberElement(params, SL20Constants.SL20_COMMAND_PARAM_BINDING_CREATE_KEYLENGTH, - keySize, true); - addSingleStringElement(params, SL20Constants.SL20_COMMAND_PARAM_BINDING_CREATE_KEYALG, keyAlg, - true); - addArrayOfStringElements(params, SL20Constants.SL20_COMMAND_PARAM_BINDING_CREATE_POLICIES, - policies); - addSingleStringElement(params, SL20Constants.SL20_COMMAND_PARAM_BINDING_CREATE_DATAURL, dataUrl, - true); - addSingleCertificateElement(params, SL20Constants.SL20_COMMAND_PARAM_BINDING_CREATE_X5CVDATRUST, - x5cVdaTrust, false); - addSingleBooleanElement(params, - SL20Constants.SL20_COMMAND_PARAM_BINDING_CREATE_REQUESTUSERPASSWORD, reqUserPassword, + addSingleStringElement(params, SL20Constants.SL20_COMMAND_PARAM_BINDING_CREATE_KONTOID, kontoId, true); + addSingleStringElement(params, SL20Constants.SL20_COMMAND_PARAM_BINDING_CREATE_SN, subjectName, true); + addSingleNumberElement(params, SL20Constants.SL20_COMMAND_PARAM_BINDING_CREATE_KEYLENGTH, keySize, true); + addSingleStringElement(params, SL20Constants.SL20_COMMAND_PARAM_BINDING_CREATE_KEYALG, keyAlg, true); + addArrayOfStringElements(params, SL20Constants.SL20_COMMAND_PARAM_BINDING_CREATE_POLICIES, policies); + addSingleStringElement(params, SL20Constants.SL20_COMMAND_PARAM_BINDING_CREATE_DATAURL, dataUrl, true); + addSingleCertificateElement(params, SL20Constants.SL20_COMMAND_PARAM_BINDING_CREATE_X5CVDATRUST, x5cVdaTrust, false); - addSingleCertificateElement(params, SL20Constants.SL20_COMMAND_PARAM_BINDING_CREATE_X5CENC, - x5cEnc, false); + addSingleBooleanElement(params, SL20Constants.SL20_COMMAND_PARAM_BINDING_CREATE_REQUESTUSERPASSWORD, + reqUserPassword, false); + addSingleCertificateElement(params, SL20Constants.SL20_COMMAND_PARAM_BINDING_CREATE_X5CENC, x5cEnc, false); return params; } @@ -328,27 +304,24 @@ public class SL20JsonBuilderUtils { /** * Create Binding-Key command result. * - * @param appId AppId - * @param csr CSR - * @param attCert Key-Attestation certificate + * @param appId AppId + * @param csr CSR + * @param attCert Key-Attestation certificate * @param password user's password * @return JSON - * @throws SlCommandoBuildException In case of an error - * @throws CertificateEncodingException In case of a certificate processing error + * @throws SlCommandoBuildException In case of an error + * @throws CertificateEncodingException In case of a certificate processing + * error */ public static ObjectNode createBindingKeyCommandResult(final String appId, final byte[] csr, final X509Certificate attCert, final byte[] password) throws SlCommandoBuildException, CertificateEncodingException { final ObjectNode result = mapper.getMapper().createObjectNode(); - addSingleStringElement(result, SL20Constants.SL20_COMMAND_PARAM_BINDING_CREATE_RESULT_APPID, - appId, true); - addSingleByteElement(result, SL20Constants.SL20_COMMAND_PARAM_BINDING_CREATE_RESULT_CSR, csr, - true); + addSingleStringElement(result, SL20Constants.SL20_COMMAND_PARAM_BINDING_CREATE_RESULT_APPID, appId, true); + addSingleByteElement(result, SL20Constants.SL20_COMMAND_PARAM_BINDING_CREATE_RESULT_CSR, csr, true); addSingleCertificateElement(result, - SL20Constants.SL20_COMMAND_PARAM_BINDING_CREATE_RESULT_KEYATTESTATIONZERTIFICATE, attCert, - false); - addSingleByteElement(result, - SL20Constants.SL20_COMMAND_PARAM_BINDING_CREATE_RESULT_USERPASSWORD, password, false); + SL20Constants.SL20_COMMAND_PARAM_BINDING_CREATE_RESULT_KEYATTESTATIONZERTIFICATE, attCert, false); + addSingleByteElement(result, SL20Constants.SL20_COMMAND_PARAM_BINDING_CREATE_RESULT_USERPASSWORD, password, false); return result; } @@ -356,19 +329,18 @@ public class SL20JsonBuilderUtils { /** * Create Store Binding-Certificate command parameters. * - * @param cert Certificate + * @param cert Certificate * @param dataUrl DATA URL * @return JSON - * @throws CertificateEncodingException In case of a certificate processing error - * @throws SlCommandoBuildException In case of a error + * @throws CertificateEncodingException In case of a certificate processing + * error + * @throws SlCommandoBuildException In case of a error */ - public static ObjectNode createStoreBindingCertCommandParams(final X509Certificate cert, - final String dataUrl) throws CertificateEncodingException, SlCommandoBuildException { + public static ObjectNode createStoreBindingCertCommandParams(final X509Certificate cert, final String dataUrl) + throws CertificateEncodingException, SlCommandoBuildException { final ObjectNode params = mapper.getMapper().createObjectNode(); - addSingleCertificateElement(params, SL20Constants.SL20_COMMAND_PARAM_BINDING_STORE_CERTIFICATE, - cert, true); - addSingleStringElement(params, SL20Constants.SL20_COMMAND_PARAM_BINDING_STORE_DATAURL, dataUrl, - true); + addSingleCertificateElement(params, SL20Constants.SL20_COMMAND_PARAM_BINDING_STORE_CERTIFICATE, cert, true); + addSingleStringElement(params, SL20Constants.SL20_COMMAND_PARAM_BINDING_STORE_DATAURL, dataUrl, true); return params; } @@ -379,8 +351,7 @@ public class SL20JsonBuilderUtils { * @return JSON * @throws SlCommandoBuildException In case of an error */ - public static ObjectNode createStoreBindingCertCommandSuccessResult() - throws SlCommandoBuildException { + public static ObjectNode createStoreBindingCertCommandSuccessResult() throws SlCommandoBuildException { final ObjectNode result = mapper.getMapper().createObjectNode(); addSingleStringElement(result, SL20Constants.SL20_COMMAND_PARAM_BINDING_STORE_RESULT_SUCESS, SL20Constants.SL20_COMMAND_PARAM_BINDING_STORE_RESULT_SUCESS_VALUE, true); @@ -388,27 +359,23 @@ public class SL20JsonBuilderUtils { } - /** * Create idAndPassword command parameters. * - * @param keyAlg key algorithm + * @param keyAlg key algorithm * @param dataUrl DATA Url - * @param x5cEnc result encryption certificate + * @param x5cEnc result encryption certificate * @return JSON - * @throws SlCommandoBuildException In case of an error - * @throws CertificateEncodingException In case of a certificate processing error + * @throws SlCommandoBuildException In case of an error + * @throws CertificateEncodingException In case of a certificate processing + * error */ - public static ObjectNode createIdAndPasswordCommandParameters(final String keyAlg, - final String dataUrl, final X509Certificate x5cEnc) - throws SlCommandoBuildException, CertificateEncodingException { + public static ObjectNode createIdAndPasswordCommandParameters(final String keyAlg, final String dataUrl, + final X509Certificate x5cEnc) throws SlCommandoBuildException, CertificateEncodingException { final ObjectNode params = mapper.getMapper().createObjectNode(); - addSingleStringElement(params, SL20Constants.SL20_COMMAND_PARAM_AUTH_IDANDPASSWORD_KEYALG, - keyAlg, true); - addSingleStringElement(params, SL20Constants.SL20_COMMAND_PARAM_AUTH_IDANDPASSWORD_DATAURL, - dataUrl, true); - addSingleCertificateElement(params, SL20Constants.SL20_COMMAND_PARAM_AUTH_IDANDPASSWORD_X5CENC, - x5cEnc, false); + addSingleStringElement(params, SL20Constants.SL20_COMMAND_PARAM_AUTH_IDANDPASSWORD_KEYALG, keyAlg, true); + addSingleStringElement(params, SL20Constants.SL20_COMMAND_PARAM_AUTH_IDANDPASSWORD_DATAURL, dataUrl, true); + addSingleCertificateElement(params, SL20Constants.SL20_COMMAND_PARAM_AUTH_IDANDPASSWORD_X5CENC, x5cEnc, false); return params; } @@ -416,18 +383,17 @@ public class SL20JsonBuilderUtils { /** * Create idAndPassword command result. * - * @param kontoId User's Id + * @param kontoId User's Id * @param password User's password * @return JSON * @throws SlCommandoBuildException In case of an error */ - public static ObjectNode createIdAndPasswordCommandResult(final String kontoId, - final byte[] password) throws SlCommandoBuildException { + public static ObjectNode createIdAndPasswordCommandResult(final String kontoId, final byte[] password) + throws SlCommandoBuildException { final ObjectNode result = mapper.getMapper().createObjectNode(); - addSingleStringElement(result, - SL20Constants.SL20_COMMAND_PARAM_AUTH_IDANDPASSWORD_RESULT_KONTOID, kontoId, true); - addSingleByteElement(result, - SL20Constants.SL20_COMMAND_PARAM_AUTH_IDANDPASSWORD_RESULT_USERPASSWORD, password, true); + addSingleStringElement(result, SL20Constants.SL20_COMMAND_PARAM_AUTH_IDANDPASSWORD_RESULT_KONTOID, kontoId, true); + addSingleByteElement(result, SL20Constants.SL20_COMMAND_PARAM_AUTH_IDANDPASSWORD_RESULT_USERPASSWORD, password, + true); return result; } @@ -435,25 +401,20 @@ public class SL20JsonBuilderUtils { /** * Create JWS Token Authentication command. * - * @param nonce nonce that should be signed - * @param dataUrl Data URL + * @param nonce nonce that should be signed + * @param dataUrl Data URL * @param displayData Data that should be displayed * @param displayUrl URL to data that should be displayed * @return JSON * @throws SlCommandoBuildException In case of an error */ public static ObjectNode createJwsTokenAuthCommandParams(final String nonce, final String dataUrl, - final List<String> displayData, final List<String> displayUrl) - throws SlCommandoBuildException { + final List<String> displayData, final List<String> displayUrl) throws SlCommandoBuildException { final ObjectNode params = mapper.getMapper().createObjectNode(); - addSingleStringElement(params, SL20Constants.SL20_COMMAND_PARAM_AUTH_JWSTOKEN_NONCE, nonce, - true); - addSingleStringElement(params, SL20Constants.SL20_COMMAND_PARAM_AUTH_JWSTOKEN_DATAURL, dataUrl, - true); - addArrayOfStrings(params, SL20Constants.SL20_COMMAND_PARAM_AUTH_JWSTOKEN_DISPLAYDATA, - displayData); - addArrayOfStrings(params, SL20Constants.SL20_COMMAND_PARAM_AUTH_JWSTOKEN_DISPLAYURL, - displayUrl); + addSingleStringElement(params, SL20Constants.SL20_COMMAND_PARAM_AUTH_JWSTOKEN_NONCE, nonce, true); + addSingleStringElement(params, SL20Constants.SL20_COMMAND_PARAM_AUTH_JWSTOKEN_DATAURL, dataUrl, true); + addArrayOfStrings(params, SL20Constants.SL20_COMMAND_PARAM_AUTH_JWSTOKEN_DISPLAYDATA, displayData); + addArrayOfStrings(params, SL20Constants.SL20_COMMAND_PARAM_AUTH_JWSTOKEN_DISPLAYURL, displayUrl); return params; } @@ -465,22 +426,19 @@ public class SL20JsonBuilderUtils { * @return JSON * @throws SlCommandoBuildException In case of an error */ - public static ObjectNode createJwsTokenAuthCommandResult(final String nonce) - throws SlCommandoBuildException { + public static ObjectNode createJwsTokenAuthCommandResult(final String nonce) throws SlCommandoBuildException { final ObjectNode result = mapper.getMapper().createObjectNode(); - addSingleStringElement(result, SL20Constants.SL20_COMMAND_PARAM_AUTH_JWSTOKEN_RESULT_NONCE, - nonce, true); + addSingleStringElement(result, SL20Constants.SL20_COMMAND_PARAM_AUTH_JWSTOKEN_RESULT_NONCE, nonce, true); return result; } - /** * Create Generic Request Container. * - * @param reqId RequestId + * @param reqId RequestId * @param transactionId TransactionId - * @param payLoad unsigned payload + * @param payLoad unsigned payload * @param signedPayload Signed payload * @return JSON * @throws SlCommandoBuildException In case of an error @@ -488,12 +446,10 @@ public class SL20JsonBuilderUtils { public static ObjectNode createGenericRequest(final String reqId, final String transactionId, final ObjectNode payLoad, final String signedPayload) throws SlCommandoBuildException { final ObjectNode req = mapper.getMapper().createObjectNode(); - addSingleIntegerElement(req, SL20Constants.SL20_VERSION, SL20Constants.CURRENT_SL20_VERSION, - true); + addSingleIntegerElement(req, SL20Constants.SL20_VERSION, SL20Constants.CURRENT_SL20_VERSION, true); addSingleStringElement(req, SL20Constants.SL20_REQID, reqId, true); addSingleStringElement(req, SL20Constants.SL20_TRANSACTIONID, transactionId, false); - addOnlyOnceOfTwo(req, SL20Constants.SL20_PAYLOAD, SL20Constants.SL20_SIGNEDPAYLOAD, payLoad, - signedPayload); + addOnlyOnceOfTwo(req, SL20Constants.SL20_PAYLOAD, SL20Constants.SL20_SIGNEDPAYLOAD, payLoad, signedPayload); return req; } @@ -501,32 +457,29 @@ public class SL20JsonBuilderUtils { /** * Create Generic Response Container. * - * @param respId Response Id - * @param inResponseTo RequestId to this response + * @param respId Response Id + * @param inResponseTo RequestId to this response * @param transactionId transactionId - * @param payLoad Unsigned payload + * @param payLoad Unsigned payload * @param signedPayload Signed payload * @return JSON * @throws SlCommandoBuildException In case of an error */ - public static final ObjectNode createGenericResponse(final String respId, - final String inResponseTo, final String transactionId, final ObjectNode payLoad, - final String signedPayload) throws SlCommandoBuildException { + public static final ObjectNode createGenericResponse(final String respId, final String inResponseTo, + final String transactionId, final ObjectNode payLoad, final String signedPayload) + throws SlCommandoBuildException { final ObjectNode req = mapper.getMapper().createObjectNode(); - addSingleIntegerElement(req, SL20Constants.SL20_VERSION, SL20Constants.CURRENT_SL20_VERSION, - true); + addSingleIntegerElement(req, SL20Constants.SL20_VERSION, SL20Constants.CURRENT_SL20_VERSION, true); addSingleStringElement(req, SL20Constants.SL20_RESPID, respId, true); addSingleStringElement(req, SL20Constants.SL20_INRESPTO, inResponseTo, false); addSingleStringElement(req, SL20Constants.SL20_TRANSACTIONID, transactionId, false); - addOnlyOnceOfTwo(req, SL20Constants.SL20_PAYLOAD, SL20Constants.SL20_SIGNEDPAYLOAD, payLoad, - signedPayload); + addOnlyOnceOfTwo(req, SL20Constants.SL20_PAYLOAD, SL20Constants.SL20_SIGNEDPAYLOAD, payLoad, signedPayload); return req; } - private static void addOnlyOnceOfTwo(final ObjectNode parent, final String firstKeyId, - final String secondKeyId, final ObjectNode first, final ObjectNode second) - throws SlCommandoBuildException { + private static void addOnlyOnceOfTwo(final ObjectNode parent, final String firstKeyId, final String secondKeyId, + final ObjectNode first, final ObjectNode second) throws SlCommandoBuildException { if (first == null && second == null) { throw new SlCommandoBuildException(firstKeyId + " and " + secondKeyId + " is NULL"); } else if (first != null && second != null) { @@ -542,18 +495,18 @@ public class SL20JsonBuilderUtils { /** * Add one element of two possible elements <br> - * This method adds either the first element or the second element to parent JSON, but never both. + * This method adds either the first element or the second element to parent + * JSON, but never both. * - * @param parent Parent JSON element - * @param firstKeyId first element Id + * @param parent Parent JSON element + * @param firstKeyId first element Id * @param secondKeyId second element Id - * @param first first element - * @param second second element + * @param first first element + * @param second second element * @throws SlCommandoBuildException In case of an error. */ - public static void addOnlyOnceOfTwo(final ObjectNode parent, final String firstKeyId, - final String secondKeyId, final ObjectNode first, final String second) - throws SlCommandoBuildException { + public static void addOnlyOnceOfTwo(final ObjectNode parent, final String firstKeyId, final String secondKeyId, + final ObjectNode first, final String second) throws SlCommandoBuildException { if (first == null && (second == null || second.isEmpty())) { throw new SlCommandoBuildException(firstKeyId + " and " + secondKeyId + " is NULL"); } else if (first != null && second != null) { @@ -567,34 +520,25 @@ public class SL20JsonBuilderUtils { } } - - // TODO!!!! - private static ObjectNode createJsonSignedHeader() - throws SlCommandoBuildException { + private static ObjectNode createJsonSignedHeader() throws SlCommandoBuildException { final ObjectNode header = mapper.getMapper().createObjectNode(); - addSingleStringElement(header, SL20Constants.JSON_ALGORITHM, - SL20Constants.JSON_ALGORITHM_SIGNING_RS256, true); - addSingleStringElement(header, SL20Constants.JSON_CONTENTTYPE, - SL20Constants.SL20_CONTENTTYPE_SIGNED_COMMAND, true); - addArrayOfStrings(header, SL20Constants.JSON_X509_CERTIFICATE, - Arrays.asList(Constants.DUMMY_SIGNING_CERT)); + addSingleStringElement(header, SL20Constants.JSON_ALGORITHM, SL20Constants.JSON_ALGORITHM_SIGNING_RS256, true); + addSingleStringElement(header, SL20Constants.JSON_CONTENTTYPE, SL20Constants.SL20_CONTENTTYPE_SIGNED_COMMAND, true); + addArrayOfStrings(header, SL20Constants.JSON_X509_CERTIFICATE, Arrays.asList(Constants.DUMMY_SIGNING_CERT)); return header; } // TODO!!!! - private static ObjectNode createJsonEncryptionHeader() - throws SlCommandoBuildException { + private static ObjectNode createJsonEncryptionHeader() throws SlCommandoBuildException { final ObjectNode header = mapper.getMapper().createObjectNode(); - addSingleStringElement(header, SL20Constants.JSON_ALGORITHM, - SL20Constants.JSON_ALGORITHM_ENC_KEY_RSAOAEP, true); + addSingleStringElement(header, SL20Constants.JSON_ALGORITHM, SL20Constants.JSON_ALGORITHM_ENC_KEY_RSAOAEP, true); addSingleStringElement(header, SL20Constants.JSON_ENCRYPTION_PAYLOAD, SL20Constants.JSON_ALGORITHM_ENC_PAYLOAD_A128CBCHS256, true); - addSingleStringElement(header, SL20Constants.JSON_CONTENTTYPE, - SL20Constants.SL20_CONTENTTYPE_ENCRYPTED_RESULT, true); - addSingleStringElement(header, SL20Constants.JSON_X509_FINGERPRINT, - Constants.DUMMY_SIGNING_CERT_FINGERPRINT, true); + addSingleStringElement(header, SL20Constants.JSON_CONTENTTYPE, SL20Constants.SL20_CONTENTTYPE_ENCRYPTED_RESULT, + true); + addSingleStringElement(header, SL20Constants.JSON_X509_FINGERPRINT, Constants.DUMMY_SIGNING_CERT_FINGERPRINT, true); return header; } @@ -605,14 +549,11 @@ public class SL20JsonBuilderUtils { + " AAuHIm4Bh-0Qc_lF5YKt_O8W2Fp5jujGbds9uJdbF9CUAr7t1dnZcAcQjbKBYNX4\n" + " BAynRFdiuB--f_nZLgrnbyTyWzO75vRK5h6xBArLIARNPvkSjtQBMHlb1L07Qe7K\n" + " 0GarZRmB_eSN9383LcOLn6_dO--xi12jzDwusC-eOkHWEsqtFZESc6BfI7noOPqv\n" - + " hJ1phCnvWh6IeYI2w9QOYEUipUTI8np6LbgGY9Fs98rqVt5AXLIhWkWywlVmtVrB\n" - + " p0igcN_IoypGlUPQGe77Rw"; + + " hJ1phCnvWh6IeYI2w9QOYEUipUTI8np6LbgGY9Fs98rqVt5AXLIhWkWywlVmtVrB\n" + " p0igcN_IoypGlUPQGe77Rw"; } - - - private static void addArrayOfStrings(final ObjectNode parent, final String keyId, - final List<String> values) throws SlCommandoBuildException { + private static void addArrayOfStrings(final ObjectNode parent, final String keyId, final List<String> values) + throws SlCommandoBuildException { validateParentAndKey(parent, keyId); if (values != null) { final ArrayNode callReqParamsArray = mapper.getMapper().createArrayNode(); @@ -624,7 +565,6 @@ public class SL20JsonBuilderUtils { } } - private static void addArrayOfStringElements(final ObjectNode parent, final String keyId, final Map<String, String> keyValuePairs) throws SlCommandoBuildException { validateParentAndKey(parent, keyId); @@ -652,10 +592,8 @@ public class SL20JsonBuilderUtils { } - - - private static void addSingleByteElement(final ObjectNode parent, final String keyId, - final byte[] value, final boolean isRequired) throws SlCommandoBuildException { + private static void addSingleByteElement(final ObjectNode parent, final String keyId, final byte[] value, + final boolean isRequired) throws SlCommandoBuildException { validateParentAndKey(parent, keyId); if (isRequired && value == null) { @@ -666,8 +604,8 @@ public class SL20JsonBuilderUtils { } - private static void addSingleBooleanElement(final ObjectNode parent, final String keyId, - final Boolean value, final boolean isRequired) throws SlCommandoBuildException { + private static void addSingleBooleanElement(final ObjectNode parent, final String keyId, final Boolean value, + final boolean isRequired) throws SlCommandoBuildException { validateParentAndKey(parent, keyId); if (isRequired && value == null) { @@ -678,8 +616,8 @@ public class SL20JsonBuilderUtils { } - private static void addSingleNumberElement(final ObjectNode parent, final String keyId, - final Integer value, final boolean isRequired) throws SlCommandoBuildException { + private static void addSingleNumberElement(final ObjectNode parent, final String keyId, final Integer value, + final boolean isRequired) throws SlCommandoBuildException { validateParentAndKey(parent, keyId); if (isRequired && value == null) { @@ -690,8 +628,8 @@ public class SL20JsonBuilderUtils { } - private static void addSingleStringElement(final ObjectNode parent, final String keyId, - final String value, final boolean isRequired) throws SlCommandoBuildException { + private static void addSingleStringElement(final ObjectNode parent, final String keyId, final String value, + final boolean isRequired) throws SlCommandoBuildException { validateParentAndKey(parent, keyId); if (isRequired && (value == null || value.isEmpty())) { @@ -702,8 +640,8 @@ public class SL20JsonBuilderUtils { } - private static void addSingleIntegerElement(final ObjectNode parent, final String keyId, - final Integer value, final boolean isRequired) throws SlCommandoBuildException { + private static void addSingleIntegerElement(final ObjectNode parent, final String keyId, final Integer value, + final boolean isRequired) throws SlCommandoBuildException { validateParentAndKey(parent, keyId); if (isRequired && value == null) { @@ -714,8 +652,8 @@ public class SL20JsonBuilderUtils { } - private static void addSingleJsonElement(final ObjectNode parent, final String keyId, - final ObjectNode element, final boolean isRequired) throws SlCommandoBuildException { + private static void addSingleJsonElement(final ObjectNode parent, final String keyId, final ObjectNode element, + final boolean isRequired) throws SlCommandoBuildException { validateParentAndKey(parent, keyId); if (isRequired && element == null) { @@ -726,8 +664,6 @@ public class SL20JsonBuilderUtils { } - - private static void validateParentAndKey(final ObjectNode parent, final String keyId) throws SlCommandoBuildException { if (parent == null) { diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20JsonExtractorUtils.java b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20JsonExtractorUtils.java index d4e1490d..eb6de461 100644 --- a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20JsonExtractorUtils.java +++ b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20JsonExtractorUtils.java @@ -7,9 +7,7 @@ import java.util.Iterator; import java.util.List; import java.util.Map; import java.util.Map.Entry; -import at.gv.egiz.eaaf.modules.auth.sl20.data.VerificationResult; -import at.gv.egiz.eaaf.modules.auth.sl20.exceptions.SL20Exception; -import at.gv.egiz.eaaf.modules.auth.sl20.exceptions.SlCommandoParserException; + import org.apache.http.Header; import org.apache.http.HttpEntity; import org.apache.http.HttpResponse; @@ -18,25 +16,29 @@ import org.apache.http.util.EntityUtils; import org.jose4j.base64url.Base64Url; import org.slf4j.Logger; import org.slf4j.LoggerFactory; + import com.fasterxml.jackson.databind.JsonNode; import com.fasterxml.jackson.databind.node.ObjectNode; +import at.gv.egiz.eaaf.modules.auth.sl20.data.VerificationResult; +import at.gv.egiz.eaaf.modules.auth.sl20.exceptions.SL20Exception; +import at.gv.egiz.eaaf.modules.auth.sl20.exceptions.SlCommandoParserException; + public class SL20JsonExtractorUtils { private static final Logger log = LoggerFactory.getLogger(SL20JsonExtractorUtils.class); private static JsonMapper mapper = new JsonMapper(); - /** * Extract String value from JSON. * - * @param input JSON - * @param keyID Element identifier + * @param input JSON + * @param keyID Element identifier * @param isRequired true, if the element must not null * @return Value of this element * @throws SlCommandoParserException In case an error */ - public static String getStringValue(final JsonNode input, final String keyID, - final boolean isRequired) throws SlCommandoParserException { + public static String getStringValue(final JsonNode input, final String keyID, final boolean isRequired) + throws SlCommandoParserException { try { final JsonNode internal = getAndCheck(input, keyID, isRequired); @@ -58,14 +60,14 @@ public class SL20JsonExtractorUtils { /** * Extract Boolean value from JSON. * - * @param input JSON - * @param keyID Element identifier + * @param input JSON + * @param keyID Element identifier * @param isRequired true, if the element must not null * @return Boolean * @throws SlCommandoParserException In case of an error */ - public static boolean getBooleanValue(final ObjectNode input, final String keyID, - final boolean isRequired, final boolean defaultValue) throws SlCommandoParserException { + public static boolean getBooleanValue(final ObjectNode input, final String keyID, final boolean isRequired, + final boolean defaultValue) throws SlCommandoParserException { try { final JsonNode internal = getAndCheck(input, keyID, isRequired); @@ -87,14 +89,14 @@ public class SL20JsonExtractorUtils { /** * Extract JSONObject value from JSON. * - * @param input JSON - * @param keyID Element identifier + * @param input JSON + * @param keyID Element identifier * @param isRequired true, if the element must not null * @return JSON node * @throws SlCommandoParserException In case of an error */ - public static JsonNode getJsonObjectValue(final JsonNode input, final String keyID, - final boolean isRequired) throws SlCommandoParserException { + public static JsonNode getJsonObjectValue(final JsonNode input, final String keyID, final boolean isRequired) + throws SlCommandoParserException { try { final JsonNode internal = getAndCheck(input, keyID, isRequired); @@ -120,8 +122,7 @@ public class SL20JsonExtractorUtils { * @return List of Elements in this node * @throws SlCommandoParserException In case of an error */ - public static List<String> getListOfStringElements(final JsonNode input) - throws SlCommandoParserException { + public static List<String> getListOfStringElements(final JsonNode input) throws SlCommandoParserException { final List<String> result = new ArrayList<>(); if (input != null) { if (input.isArray()) { @@ -149,8 +150,8 @@ public class SL20JsonExtractorUtils { /** * Extract Map of Key/Value pairs from a JSON Element. * - * @param input parent JSON object - * @param keyID KeyId of the child that should be parsed + * @param input parent JSON object + * @param keyID KeyId of the child that should be parsed * @param isRequired true, if the element must not null * @return Map of element pairs * @throws SlCommandoParserException In case of an error @@ -169,8 +170,7 @@ public class SL20JsonExtractorUtils { * @return Map of element pairs * @throws SlCommandoParserException in case of an error */ - public static Map<String, String> getMapOfStringElements(final JsonNode input) - throws SlCommandoParserException { + public static Map<String, String> getMapOfStringElements(final JsonNode input) throws SlCommandoParserException { final Map<String, String> result = new HashMap<>(); if (input != null) { @@ -196,13 +196,11 @@ public class SL20JsonExtractorUtils { return result; } - private static void entitySetToMap(final Map<String, String> result, - final Iterator<Entry<String, JsonNode>> entry) { + private static void entitySetToMap(final Map<String, String> result, final Iterator<Entry<String, JsonNode>> entry) { while (entry.hasNext()) { final Entry<String, JsonNode> el = entry.next(); if (result.containsKey(el.getKey())) { - log.info("Attr. Map already contains Element with Key: " + el.getKey() - + ". Overwrite element ... "); + log.info("Attr. Map already contains Element with Key: " + el.getKey() + ". Overwrite element ... "); } result.put(el.getKey(), el.getValue().asText()); @@ -211,12 +209,11 @@ public class SL20JsonExtractorUtils { } - /** * Extract Security-Layer 2.0 result from response object. * - * @param command SL2.0 command - * @param decrypter JWS decrypter implementation + * @param command SL2.0 command + * @param decrypter JWS decrypter implementation * @param mustBeEncrypted if <code>true</code>, the result must be encrypted * @return decrypted JSON * @throws SL20Exception In case of an error @@ -224,8 +221,7 @@ public class SL20JsonExtractorUtils { public static JsonNode extractSL20Result(final JsonNode command, final IJoseTools decrypter, final boolean mustBeEncrypted) throws SL20Exception { final JsonNode result = command.get(SL20Constants.SL20_COMMAND_CONTAINER_RESULT); - final JsonNode encryptedResult = - command.get(SL20Constants.SL20_COMMAND_CONTAINER_ENCRYPTEDRESULT); + final JsonNode encryptedResult = command.get(SL20Constants.SL20_COMMAND_CONTAINER_ENCRYPTEDRESULT); if (result == null && encryptedResult == null) { throw new SlCommandoParserException("NO result OR encryptedResult FOUND."); @@ -238,8 +234,7 @@ public class SL20JsonExtractorUtils { } catch (final Exception e) { log.info("Can NOT decrypt SL20 result. Reason:" + e.getMessage()); if (!mustBeEncrypted) { - log.warn( - "Decrypted results are disabled by configuration. Parse result in plain if it is possible"); + log.warn("Decrypted results are disabled by configuration. Parse result in plain if it is possible"); // dummy code try { @@ -267,7 +262,6 @@ public class SL20JsonExtractorUtils { throw new SlCommandoParserException("Internal build error"); } - } /** @@ -278,8 +272,8 @@ public class SL20JsonExtractorUtils { * @return Signature verification result that contains the payLoad * @throws SlCommandoParserException In case of an error */ - public static VerificationResult extractSL20PayLoad(final JsonNode container, - final IJoseTools joseTools, final boolean mustBeSigned) throws SL20Exception { + public static VerificationResult extractSL20PayLoad(final JsonNode container, final IJoseTools joseTools, + final boolean mustBeSigned) throws SL20Exception { final JsonNode sl20Payload = container.get(SL20Constants.SL20_PAYLOAD); final JsonNode sl20SignedPayload = container.get(SL20Constants.SL20_SIGNEDPAYLOAD); @@ -301,10 +295,8 @@ public class SL20JsonExtractorUtils { throw new SlCommandoParserException("Internal build error"); } - } - /** * Extract generic transport container from httpResponse. * @@ -312,19 +304,16 @@ public class SL20JsonExtractorUtils { * @return JSON with SL2.0 response * @throws SlCommandoParserException In case of an error */ - public static JsonNode getSL20ContainerFromResponse(final HttpResponse httpResp) - throws SlCommandoParserException { + public static JsonNode getSL20ContainerFromResponse(final HttpResponse httpResp) throws SlCommandoParserException { try { JsonNode sl20Resp = null; - if (httpResp.getStatusLine().getStatusCode() == 303 - || httpResp.getStatusLine().getStatusCode() == 307) { + if (httpResp.getStatusLine().getStatusCode() == 303 || httpResp.getStatusLine().getStatusCode() == 307) { final Header[] locationHeader = httpResp.getHeaders("Location"); if (locationHeader == null) { throw new SlCommandoParserException("Find Redirect statuscode but not Location header"); } - final String sl20RespString = - new URIBuilder(locationHeader[0].getValue()).getQueryParams().get(0).getValue(); + final String sl20RespString = new URIBuilder(locationHeader[0].getValue()).getQueryParams().get(0).getValue(); sl20Resp = mapper.getMapper().readTree(Base64Url.decode(sl20RespString)); } else if (httpResp.getStatusLine().getStatusCode() == 200) { @@ -333,16 +322,15 @@ public class SL20JsonExtractorUtils { } if (!httpResp.getEntity().getContentType().getValue().startsWith("application/json")) { - throw new SlCommandoParserException("SL20 response with a wrong ContentType: " - + httpResp.getEntity().getContentType().getValue()); + throw new SlCommandoParserException( + "SL20 response with a wrong ContentType: " + httpResp.getEntity().getContentType().getValue()); } sl20Resp = parseSL20ResultFromResponse(httpResp.getEntity()); - } else if (httpResp.getStatusLine().getStatusCode() == 500 - || httpResp.getStatusLine().getStatusCode() == 401 + } else if (httpResp.getStatusLine().getStatusCode() == 500 || httpResp.getStatusLine().getStatusCode() == 401 || httpResp.getStatusLine().getStatusCode() == 400) { - log.info("SL20 response with http-code: " + httpResp.getStatusLine().getStatusCode() - + ". Search for error message"); + log.info( + "SL20 response with http-code: " + httpResp.getStatusLine().getStatusCode() + ". Search for error message"); try { sl20Resp = parseSL20ResultFromResponse(httpResp.getEntity()); @@ -354,8 +342,6 @@ public class SL20JsonExtractorUtils { } - - } else { throw new SlCommandoParserException( "SL20 response with http-code: " + httpResp.getStatusLine().getStatusCode()); @@ -365,8 +351,7 @@ public class SL20JsonExtractorUtils { return sl20Resp; } catch (final Exception e) { - throw new SlCommandoParserException("SL20 response parsing FAILED! Reason: " + e.getMessage(), - e); + throw new SlCommandoParserException("SL20 response parsing FAILED! Reason: " + e.getMessage(), e); } } @@ -384,21 +369,18 @@ public class SL20JsonExtractorUtils { throw new SlCommandoParserException("SL2.0 can NOT parse to a JSON object"); } - } else { throw new SlCommandoParserException("Can NOT find content in http response"); } } - - private static JsonNode getAndCheck(final JsonNode input, final String keyID, - final boolean isRequired) throws SlCommandoParserException { + private static JsonNode getAndCheck(final JsonNode input, final String keyID, final boolean isRequired) + throws SlCommandoParserException { final JsonNode internal = input.get(keyID); if (internal == null && isRequired) { - throw new SlCommandoParserException( - "REQUIRED Element with keyId: " + keyID + " does not exist"); + throw new SlCommandoParserException("REQUIRED Element with keyId: " + keyID + " does not exist"); } return internal; diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/ISignatureVerificationService.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/ISignatureVerificationService.java index 155bfadd..67e9e29d 100644 --- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/ISignatureVerificationService.java +++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/ISignatureVerificationService.java @@ -1,8 +1,9 @@ package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api; import java.util.List; -import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data.ICMSSignatureVerificationResponse; -import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data.IXMLSignatureVerificationResponse; + +import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data.ICmsSignatureVerificationResponse; +import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data.IXmlSignatureVerificationResponse; import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions.MoaSigServiceException; public interface ISignatureVerificationService { @@ -10,80 +11,89 @@ public interface ISignatureVerificationService { /** * Verify a CAdES or CMS signature. <br> * <br> - * <i>This method only validates the first CMS or CAdES signature if more than one signature - * exists</i> + * <i>This method only validates the first CMS or CAdES signature if more than + * one signature exists</i> * - * @param signature Enveloped CMS or CAdES signature + * @param signature Enveloped CMS or CAdES signature * @param trustProfileID Id of the Trust-Profile from MOA-Sig configuration - * @return @link {@link ICMSSignatureVerificationResponse}, or null if no signature was found + * @return @link {@link ICmsSignatureVerificationResponse}, or null if no + * signature was found * @throws MoaSigServiceException on signatue-verification error */ - ICMSSignatureVerificationResponse verifyCmsSignature(byte[] signature, String trustProfileID) + ICmsSignatureVerificationResponse verifyCmsSignature(byte[] signature, String trustProfileID) throws MoaSigServiceException; - - /** * Verify a XML or XAdES signature. <br> * <br> - * <i>This method only validates the first XML or XAdES signature if more than one signature - * exists</i> + * <i>This method only validates the first XML or XAdES signature if more than + * one signature exists</i> * - * @param signature Serialized XML or XAdES signature + * @param signature Serialized XML or XAdES signature * @param trustProfileID Id of the Trust-Profile from MOA-Sig configuration - * @return @link {@link IXMLSignatureVerificationResponse}, or null if no signature was found + * @return @link {@link IXmlSignatureVerificationResponse}, or null if no + * signature was found * @throws MoaSigServiceException on signatue-verification error */ - IXMLSignatureVerificationResponse verifyXmlSignature(byte[] signature, String trustProfileID) + IXmlSignatureVerificationResponse verifyXmlSignature(byte[] signature, String trustProfileID) throws MoaSigServiceException; /** * Verify a XML or XAdES signature. <br> * <br> - * <i>This method only validates the first XML or XAdES signature if more than one signature - * exists</i> + * <i>This method only validates the first XML or XAdES signature if more than + * one signature exists</i> * - * @param signature Serialized XML or XAdES signature - * @param trustProfileID Id of the Trust-Profile from MOA-Sig configuration - * @param verifyTransformsInfoProfileID {@link List} of XML Transformations that should be used - * for signature-verification - * @return @link {@link IXMLSignatureVerificationResponse}, or null if no signature was found + * @param signature Serialized XML or XAdES signature + * @param trustProfileID Id of the Trust-Profile from MOA-Sig + * configuration + * @param verifyTransformsInfoProfileID {@link List} of XML Transformations that + * should be used for + * signature-verification + * @return @link {@link IXmlSignatureVerificationResponse}, or null if no + * signature was found * @throws MoaSigServiceException on signatue-verification error */ - IXMLSignatureVerificationResponse verifyXmlSignature(byte[] signature, String trustProfileID, + IXmlSignatureVerificationResponse verifyXmlSignature(byte[] signature, String trustProfileID, List<String> verifyTransformsInfoProfileID) throws MoaSigServiceException; - /** * Verify a XML or XAdES signature. <br> * <br> - * <i>This method only validates the first XML or XAdES signature if more than one signature - * exists</i> + * <i>This method only validates the first XML or XAdES signature if more than + * one signature exists</i> * - * @param signature Serialized XML or XAdES signature - * @param trustProfileID Id of the Trust-Profile from MOA-Sig configuration - * @param signatureLocationXpath Xpath that points to location of Signature element - * @return @link {@link IXMLSignatureVerificationResponse}, or null if no signature was found + * @param signature Serialized XML or XAdES signature + * @param trustProfileID Id of the Trust-Profile from MOA-Sig + * configuration + * @param signatureLocationXpath Xpath that points to location of Signature + * element + * @return @link {@link IXmlSignatureVerificationResponse}, or null if no + * signature was found * @throws MoaSigServiceException on signatue-verification error */ - IXMLSignatureVerificationResponse verifyXmlSignature(byte[] signature, String trustProfileID, + IXmlSignatureVerificationResponse verifyXmlSignature(byte[] signature, String trustProfileID, String signatureLocationXpath) throws MoaSigServiceException; /** * Verify a XML or XAdES signature. <br> * <br> - * <i>This method only validates the first XML or XAdES signature if more than one signature - * exists</i> + * <i>This method only validates the first XML or XAdES signature if more than + * one signature exists</i> * - * @param signature Serialized XML or XAdES signature - * @param trustProfileID Id of the Trust-Profile from MOA-Sig configuration - * @param verifyTransformsInfoProfileID {@link List} of XML Transformations that should be used - * for signature-verification - * @param signatureLocationXpath Xpath that points to location of Signature element - * @return @link {@link IXMLSignatureVerificationResponse}, or null if no signature was found + * @param signature Serialized XML or XAdES signature + * @param trustProfileID Id of the Trust-Profile from MOA-Sig + * configuration + * @param verifyTransformsInfoProfileID {@link List} of XML Transformations that + * should be used for + * signature-verification + * @param signatureLocationXpath Xpath that points to location of + * Signature element + * @return @link {@link IXmlSignatureVerificationResponse}, or null if no + * signature was found * @throws MoaSigServiceException on signatue-verification error */ - IXMLSignatureVerificationResponse verifyXmlSignature(byte[] signature, String trustProfileID, + IXmlSignatureVerificationResponse verifyXmlSignature(byte[] signature, String trustProfileID, List<String> verifyTransformsInfoProfileID, String signatureLocationXpath) throws MoaSigServiceException; diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/ICMSSignatureVerificationResponse.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/ICmsSignatureVerificationResponse.java index 57426751..5e7a4564 100644 --- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/ICMSSignatureVerificationResponse.java +++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/ICmsSignatureVerificationResponse.java @@ -1,5 +1,5 @@ package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data; -public interface ICMSSignatureVerificationResponse extends IGenericSignatureVerificationResponse { +public interface ICmsSignatureVerificationResponse extends IGenericSignatureVerificationResponse { } diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/IGenericSignatureVerificationResponse.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/IGenericSignatureVerificationResponse.java index 13a9b08f..8ebd90be 100644 --- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/IGenericSignatureVerificationResponse.java +++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/IGenericSignatureVerificationResponse.java @@ -1,18 +1,17 @@ package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data; -import iaik.x509.X509Certificate; import java.util.Date; import org.springframework.lang.Nullable; import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions.MoaSigServiceException; - +import iaik.x509.X509Certificate; public interface IGenericSignatureVerificationResponse { /** - * Returns the signing time - * + * Returns the signing time. + * * @return Signing time, or null if signature contains no time information */ @Nullable @@ -20,53 +19,53 @@ public interface IGenericSignatureVerificationResponse { /** * Returns the signatureCheckCode. - * + * * @return int */ int getSignatureCheckCode(); /** * Returns the certificateCheckCode. - * + * * @return int */ int getCertificateCheckCode(); /** * Returns the qualifiedCertificate. - * + * * @return boolean */ boolean isQualifiedCertificate(); /** * Returns the X509 certificate. - * + * * @return X509Certificate, or null if no certificate information exists * @throws MoaSigServiceException if X509 certificate can not be deserialized */ @Nullable X509Certificate getX509Certificate() throws MoaSigServiceException; - /** - * Returns the X509 certificate in serialized form - * - * @return Serialized X509 certificate, or null if no certificate information exists + * Returns the X509 certificate in serialized form. + * + * @return Serialized X509 certificate, or null if no certificate information + * exists */ @Nullable byte[] getX509CertificateEncoded(); /** * Returns the publicAuthority. - * + * * @return boolean */ boolean isPublicAuthority(); /** * Returns the publicAuthorityCode. - * + * * @return String OID, or null if no OID exists */ @Nullable diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/ISchemaRessourceProvider.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/ISchemaRessourceProvider.java index 49940ca5..17d5fa59 100644 --- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/ISchemaRessourceProvider.java +++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/ISchemaRessourceProvider.java @@ -4,7 +4,7 @@ import java.io.InputStream; import java.util.Map; /** - * Inject additional XML schemes into MOA-Sig + * Inject additional XML schemes into MOA-Sig. * * @author tlenz * @@ -12,10 +12,10 @@ import java.util.Map; public interface ISchemaRessourceProvider { /** - * Get a Map of additional XML schemes that should be injected into MOA-Sig - * - * @return A Set of {@link Entry} consist of Name of the Scheme and XML scheme as - * {@link InputStream} + * Get a Map of additional XML schemes that should be injected into MOA-Sig. + * + * @return A Set of {@link Entry} consist of Name of the Scheme and XML scheme + * as {@link InputStream} */ Map<String, InputStream> getSchemas(); } diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/IXMLSignatureVerificationResponse.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/IXmlSignatureVerificationResponse.java index 6273bb9e..5b766917 100644 --- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/IXMLSignatureVerificationResponse.java +++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/IXmlSignatureVerificationResponse.java @@ -1,34 +1,33 @@ package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data; /** + * XML signature verification result. + * * @author tlenz * */ -public interface IXMLSignatureVerificationResponse extends IGenericSignatureVerificationResponse { - +public interface IXmlSignatureVerificationResponse extends IGenericSignatureVerificationResponse { /** * Returns the xmlDSIGManifestCheckCode. - * + * * @return int */ - int getXmlDSIGManifestCheckCode(); + int getXmlDsigManifestCheckCode(); /** * Returns the xmlDsigSubjectName. - * + * * @return String */ String getXmlDsigSubjectName(); - /** * Returns the xmlDSIGManigest. - * + * * @return boolean */ - boolean isXmlDSIGManigest(); - + boolean isXmlDsigManigest(); /** * Returns the the resulting code of the signature manifest check. diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/AbstractSignatureService.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/AbstractSignatureService.java index cbf80c39..d2cab2ef 100644 --- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/AbstractSignatureService.java +++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/AbstractSignatureService.java @@ -3,6 +3,12 @@ package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl; import javax.xml.parsers.DocumentBuilder; import javax.xml.parsers.DocumentBuilderFactory; import javax.xml.parsers.ParserConfigurationException; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.beans.factory.annotation.Autowired; +import org.w3c.dom.Document; + import at.gv.egovernment.moa.spss.server.config.ConfigurationException; import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider; import at.gv.egovernment.moa.spss.server.iaik.config.IaikConfigurator; @@ -10,10 +16,6 @@ import at.gv.egovernment.moa.spss.server.transaction.TransactionContext; import at.gv.egovernment.moa.spss.server.transaction.TransactionContextManager; import at.gv.egovernment.moaspss.logging.LoggingContext; import at.gv.egovernment.moaspss.logging.LoggingContextManager; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.springframework.beans.factory.annotation.Autowired; -import org.w3c.dom.Document; public abstract class AbstractSignatureService { private static final Logger log = LoggerFactory.getLogger(AbstractSignatureService.class); @@ -22,8 +24,9 @@ public abstract class AbstractSignatureService { MoaSigInitializer moaSigConfig; /** - * Get a new {@link Document} from {@link DocumentBuilder} in synchronized form, because - * {@link DocumentBuilderFactory} and {@link DocumentBuilder} are not thread-safe. + * Get a new {@link Document} from {@link DocumentBuilder} in synchronized form, + * because {@link DocumentBuilderFactory} and {@link DocumentBuilder} are not + * thread-safe. * * @return {@link Document} * @throws ParserConfigurationException In case of an error @@ -35,11 +38,11 @@ public abstract class AbstractSignatureService { } /** - * Set up the thread-local context information needed for calling the various <code>Invoker</code> - * classes. + * Set up the thread-local context information needed for calling the various + * <code>Invoker</code> classes. * - * @throws ConfigurationException An error occurred setting up the configuration in the - * <code>TransactionContext</code>. + * @throws ConfigurationException An error occurred setting up the configuration + * in the <code>TransactionContext</code>. */ protected final void setUpContexts(final String transactionID) throws ConfigurationException { final TransactionContextManager txMgr = TransactionContextManager.getInstance(); diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/MoaSigInitializer.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/MoaSigInitializer.java index f0ee4612..77bbc88b 100644 --- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/MoaSigInitializer.java +++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/MoaSigInitializer.java @@ -6,8 +6,14 @@ import java.security.Provider; import java.security.Security; import java.util.Iterator; import java.util.Map.Entry; + import javax.annotation.Nonnull; import javax.annotation.PostConstruct; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.beans.factory.annotation.Autowired; + import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data.ISchemaRessourceProvider; import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions.MoaSigServiceConfigurationException; import at.gv.egovernment.moa.spss.MOAException; @@ -15,9 +21,6 @@ import at.gv.egovernment.moa.spss.api.Configurator; import at.gv.egovernment.moaspss.logging.LoggingContext; import at.gv.egovernment.moaspss.logging.LoggingContextManager; import at.gv.egovernment.moaspss.util.DOMUtils; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.springframework.beans.factory.annotation.Autowired; import iaik.asn1.structures.AlgorithmID; import iaik.security.ec.provider.ECCelerate; import iaik.security.provider.IAIK; @@ -30,7 +33,6 @@ public class MoaSigInitializer { private Configurator moaSigConfigurator; - /** * Get MOA-Sig configuration object. * @@ -76,7 +78,6 @@ public class MoaSigInitializer { } - // Inject additional XML schemes if (schemas != null && schemas.length > 0) { log.debug("Infjecting additional XML schemes ... "); @@ -100,30 +101,29 @@ public class MoaSigInitializer { moaSigConfigurator = Configurator.getInstance(); - } catch (final MOAException e) { log.error("MOA-SP initialization FAILED!", e.getWrapped()); throw new MoaSigServiceConfigurationException("service.moasig.04", - new Object[] {e.toString()}, e); + new Object[] { e.toString() }, e); } - } private static void fixJava8_141ProblemWithSslAlgorithms() { log.info("Change AlgorithmIDs to fix problems with Java8 >= 141 ..."); - // new AlgorithmID("1.2.840.113549.1.1.4", "md5WithRSAEncryption", new String[] { "MD5withRSA", + // new AlgorithmID("1.2.840.113549.1.1.4", "md5WithRSAEncryption", new String[] + // { "MD5withRSA", // "MD5/RSA", }, null, true); new AlgorithmID("1.2.840.113549.1.1.5", "sha1WithRSAEncryption", - new String[] {"SHA1withRSA", "SHA1/RSA", "SHA-1/RSA", "SHA/RSA",}, null, true); + new String[] { "SHA1withRSA", "SHA1/RSA", "SHA-1/RSA", "SHA/RSA", }, null, true); new AlgorithmID("1.2.840.113549.1.1.14", "sha224WithRSAEncryption", - new String[] {"SHA224withRSA", "SHA224/RSA", "SHA-224/RSA",}, null, true); + new String[] { "SHA224withRSA", "SHA224/RSA", "SHA-224/RSA", }, null, true); new AlgorithmID("1.2.840.113549.1.1.11", "sha256WithRSAEncryption", - new String[] {"SHA256withRSA", "SHA256/RSA", "SHA-256/RSA",}, null, true); + new String[] { "SHA256withRSA", "SHA256/RSA", "SHA-256/RSA", }, null, true); new AlgorithmID("1.2.840.113549.1.1.12", "sha384WithRSAEncryption", - new String[] {"SHA384withRSA", "SHA384/RSA", "SHA-384/RSA",}, null, true); + new String[] { "SHA384withRSA", "SHA384/RSA", "SHA-384/RSA", }, null, true); new AlgorithmID("1.2.840.113549.1.1.13", "sha512WithRSAEncryption", - new String[] {"SHA512withRSA", "SHA512/RSA", "SHA-512/RSA"}, null, true); + new String[] { "SHA512withRSA", "SHA512/RSA", "SHA-512/RSA" }, null, true); log.info("Change AlgorithmIDs finished"); } diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/MoaSigSpringResourceProvider.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/MoaSigSpringResourceProvider.java index c8275264..d09b26de 100644 --- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/MoaSigSpringResourceProvider.java +++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/MoaSigSpringResourceProvider.java @@ -11,7 +11,7 @@ public class MoaSigSpringResourceProvider implements SpringResourceProvider { public Resource[] getResourcesToLoad() { final ClassPathResource moaSigConfig = new ClassPathResource("/moa-sig-service.beans.xml", MoaSigSpringResourceProvider.class); - return new Resource[] {moaSigConfig}; + return new Resource[] { moaSigConfig }; } @Override diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/SignatureCreationService.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/SignatureCreationService.java index 338e77d8..559af62a 100644 --- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/SignatureCreationService.java +++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/SignatureCreationService.java @@ -18,17 +18,14 @@ public class SignatureCreationService extends AbstractSignatureService private XMLSignatureCreationInvoker xadesInvoker; private CMSSignatureCreationInvoker cadesInvoker; - - @PostConstruct protected void internalInitializer() { log.debug("Instanzing SignatureCreationService implementation ... "); xadesInvoker = XMLSignatureCreationInvoker.getInstance(); cadesInvoker = CMSSignatureCreationInvoker.getInstance(); - log.trace("XML_impl: {} , CMS_imp: {}", - xadesInvoker.getClass().getName(), cadesInvoker.getClass().getName()); + log.trace("XML_impl: {} , CMS_imp: {}", + xadesInvoker.getClass().getName(), cadesInvoker.getClass().getName()); log.info("MOA-Sig signature-creation service initialized"); - } diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/SignatureVerificationService.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/SignatureVerificationService.java index 3dbda391..8fc4086e 100644 --- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/SignatureVerificationService.java +++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/SignatureVerificationService.java @@ -3,10 +3,21 @@ package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl; import java.io.ByteArrayInputStream; import java.security.cert.CertificateEncodingException; import java.util.List; + import javax.annotation.PostConstruct; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.lang.Nullable; +import org.springframework.stereotype.Service; +import org.springframework.util.Base64Utils; +import org.w3c.dom.Document; +import org.w3c.dom.Element; +import org.w3c.dom.Node; + import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.ISignatureVerificationService; -import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data.ICMSSignatureVerificationResponse; -import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data.IXMLSignatureVerificationResponse; +import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data.ICmsSignatureVerificationResponse; +import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data.IXmlSignatureVerificationResponse; import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions.MoaSigServiceBuilderException; import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions.MoaSigServiceException; import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.parser.VerifyXmlSignatureResponseParser; @@ -22,15 +33,6 @@ import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureResponse; import at.gv.egovernment.moa.spss.server.invoke.CMSSignatureVerificationInvoker; import at.gv.egovernment.moa.spss.server.invoke.XMLSignatureVerificationInvoker; import at.gv.egovernment.moaspss.util.Constants; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.springframework.lang.Nullable; -import org.springframework.stereotype.Service; -import org.springframework.util.Base64Utils; -import org.w3c.dom.Document; -import org.w3c.dom.Element; -import org.w3c.dom.Node; - /** * MOA-Sig based signature verification implementation. @@ -54,12 +56,12 @@ public class SignatureVerificationService extends AbstractSignatureService /* * (non-Javadoc) * - * @see at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.ISignatureVerificationService# - * verifyCMSSignature(byte[], java.lang.String) + * @see at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl. + * ISignatureVerificationService# verifyCMSSignature(byte[], java.lang.String) */ @Override @Nullable - public ICMSSignatureVerificationResponse verifyCmsSignature(final byte[] signature, + public ICmsSignatureVerificationResponse verifyCmsSignature(final byte[] signature, final String trustProfileID) throws MoaSigServiceException { try { // setup context @@ -74,12 +76,12 @@ public class SignatureVerificationService extends AbstractSignatureService } catch (final MOAException e) { log.warn("CMS signature verification has an error.", e); - throw new MoaSigServiceException("service.03", new Object[] {e.toString()}, e); + throw new MoaSigServiceException("service.03", new Object[] { e.toString() }, e); } catch (final CertificateEncodingException e) { log.warn("Can NOT serialize X509 certificate from CMS/CAdES signature-verification response", e); - throw new MoaSigServiceException("service.03", new Object[] {e.toString()}, e); + throw new MoaSigServiceException("service.03", new Object[] { e.toString() }, e); } finally { tearDownContexts(); @@ -91,11 +93,11 @@ public class SignatureVerificationService extends AbstractSignatureService /* * (non-Javadoc) * - * @see at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.ISignatureVerificationService# - * verifyXMLSignature(byte[], java.lang.String) + * @see at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl. + * ISignatureVerificationService# verifyXMLSignature(byte[], java.lang.String) */ @Override - public IXMLSignatureVerificationResponse verifyXmlSignature(final byte[] signature, + public IXmlSignatureVerificationResponse verifyXmlSignature(final byte[] signature, final String trustProfileID) throws MoaSigServiceException { return verifyXmlSignature(signature, trustProfileID, null, DEFAULT_XPATH_SIGNATURE_LOCATION); @@ -104,11 +106,12 @@ public class SignatureVerificationService extends AbstractSignatureService /* * (non-Javadoc) * - * @see at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.ISignatureVerificationService# - * verifyXMLSignature(byte[], java.lang.String, java.util.List) + * @see at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl. + * ISignatureVerificationService# verifyXMLSignature(byte[], java.lang.String, + * java.util.List) */ @Override - public IXMLSignatureVerificationResponse verifyXmlSignature(final byte[] signature, + public IXmlSignatureVerificationResponse verifyXmlSignature(final byte[] signature, final String trustProfileID, final List<String> verifyTransformsInfoProfileID) throws MoaSigServiceException { return verifyXmlSignature(signature, trustProfileID, verifyTransformsInfoProfileID, @@ -118,11 +121,12 @@ public class SignatureVerificationService extends AbstractSignatureService /* * (non-Javadoc) * - * @see at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.ISignatureVerificationService# - * verifyXMLSignature(byte[], java.lang.String, java.lang.String) + * @see at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl. + * ISignatureVerificationService# verifyXMLSignature(byte[], java.lang.String, + * java.lang.String) */ @Override - public IXMLSignatureVerificationResponse verifyXmlSignature(final byte[] signature, + public IXmlSignatureVerificationResponse verifyXmlSignature(final byte[] signature, final String trustProfileID, final String signatureLocationXpath) throws MoaSigServiceException { return verifyXmlSignature(signature, trustProfileID, null, signatureLocationXpath); @@ -131,11 +135,12 @@ public class SignatureVerificationService extends AbstractSignatureService /* * (non-Javadoc) * - * @see at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.ISignatureVerificationService# - * verifyXMLSignature(byte[], java.lang.String, java.util.List, java.lang.String) + * @see at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl. + * ISignatureVerificationService# verifyXMLSignature(byte[], java.lang.String, + * java.util.List, java.lang.String) */ @Override - public IXMLSignatureVerificationResponse verifyXmlSignature(final byte[] signature, + public IXmlSignatureVerificationResponse verifyXmlSignature(final byte[] signature, final String trustProfileID, final List<String> verifyTransformsInfoProfileID, final String xpathSignatureLocation) throws MoaSigServiceException { try { @@ -153,7 +158,7 @@ public class SignatureVerificationService extends AbstractSignatureService final Document result = new VerifyXMLSignatureResponseBuilder(true).build(vsresponse); // parses the <IXMLSignatureVerificationResponse> - final IXMLSignatureVerificationResponse verifyXmlSignatureResponse = + final IXmlSignatureVerificationResponse verifyXmlSignatureResponse = new VerifyXmlSignatureResponseParser(result.getDocumentElement()).parseData(); return verifyXmlSignatureResponse; @@ -164,7 +169,7 @@ public class SignatureVerificationService extends AbstractSignatureService } catch (final MOAException e) { log.warn("MOA-Sig signature-verification has an internal error." + " MsgCode: " + e.getMessageId() + " Msg: " + e.getMessage(), e); - throw new MoaSigServiceException("service.moasig.03", new Object[] {e.getMessage()}, e); + throw new MoaSigServiceException("service.moasig.03", new Object[] { e.getMessage() }, e); } finally { tearDownContexts(); @@ -172,7 +177,7 @@ public class SignatureVerificationService extends AbstractSignatureService } } - private ICMSSignatureVerificationResponse parseCmsVerificationResult( + private ICmsSignatureVerificationResponse parseCmsVerificationResult( final VerifyCMSSignatureResponse cmsSigVerifyResp) throws CertificateEncodingException { if (cmsSigVerifyResp.getResponseElements() == null @@ -190,8 +195,8 @@ public class SignatureVerificationService extends AbstractSignatureService final VerifyCMSSignatureResponseElement firstSig = (VerifyCMSSignatureResponseElement) cmsSigVerifyResp.getResponseElements().get(0); - final at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.data.VerifyCMSSignatureResponse result = - new at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.data.VerifyCMSSignatureResponse(); + final at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.data.VerifyCmsSignatureResponse result = + new at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.data.VerifyCmsSignatureResponse(); // parse results into response container result.setSignatureCheckCode(firstSig.getSignatureCheck().getCode()); @@ -216,14 +221,16 @@ public class SignatureVerificationService extends AbstractSignatureService /** * Build a VerifyCMS-Siganture request for MOA-Sig. <br> * <br> - * This builder only generates verification-request for enveloped CMS or CAdES signatures <br> + * This builder only generates verification-request for enveloped CMS or CAdES + * signatures <br> * This * - * @param signature CMS or CAdES signature - * @param trustProfileID trustProfileID MOA-Sig Trust-Profile - * @param isPdfSignature Make CAdES signature as part of an PAdES document - * @param performExtendedValidation To extended validation. See MOA-Sig documentation for detailed - * information + * @param signature CMS or CAdES signature + * @param trustProfileID trustProfileID MOA-Sig Trust-Profile + * @param isPdfSignature Make CAdES signature as part of an PAdES + * document + * @param performExtendedValidation To extended validation. See MOA-Sig + * documentation for detailed information * @return */ private VerifyCMSSignatureRequest buildVerfifyCmsRequest(final byte[] signature, @@ -245,11 +252,12 @@ public class SignatureVerificationService extends AbstractSignatureService /** * Build a VerifyXML-Signature request for MOA-Sig. * - * @param signature Serialized XML signature - * @param trustProfileID MOA-Sig Trust-Profile - * @param verifyTransformsInfoProfileID {@link List} of Transformation-Profiles used for - * validation - * @param xpathSignatureLocation Xpath that points to location of Signature element + * @param signature Serialized XML signature + * @param trustProfileID MOA-Sig Trust-Profile + * @param verifyTransformsInfoProfileID {@link List} of Transformation-Profiles + * used for validation + * @param xpathSignatureLocation Xpath that points to location of + * Signature element * @return MOA-Sig verification request element * @throws MoaSigServiceBuilderException In case of an error */ @@ -266,7 +274,6 @@ public class SignatureVerificationService extends AbstractSignatureService Constants.DSIG_NS_URI); requestDoc_.appendChild(requestElem_); - // build the request final Element verifiySignatureInfoElem = requestDoc_.createElementNS(MOA_NS_URI, "VerifySignatureInfo"); @@ -331,19 +338,18 @@ public class SignatureVerificationService extends AbstractSignatureService } catch (final Throwable t) { log.warn("Can NOT build VerifyXML-Signature request for MOA-Sig", t); - throw new MoaSigServiceBuilderException("service.moasig.03", new Object[] {t.getMessage()}, + throw new MoaSigServiceBuilderException("service.moasig.03", new Object[] { t.getMessage() }, t); } } - - @PostConstruct protected void internalInitializer() { log.debug("Instanzing SignatureVerificationService implementation ... "); - // svs = at.gv.egovernment.moa.spss.api.SignatureVerificationService.getInstance(); + // svs = + // at.gv.egovernment.moa.spss.api.SignatureVerificationService.getInstance(); cadesInvoker = CMSSignatureVerificationInvoker.getInstance(); xadesInvocer = XMLSignatureVerificationInvoker.getInstance(); log.info("MOA-Sig signature-verification service initialized"); diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/data/GenericSignatureVerificationResponse.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/data/GenericSignatureVerificationResponse.java index 18ee6edb..0485f31f 100644 --- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/data/GenericSignatureVerificationResponse.java +++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/data/GenericSignatureVerificationResponse.java @@ -2,7 +2,6 @@ package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.data; import java.io.Serializable; import java.security.cert.CertificateException; -import iaik.x509.X509Certificate; import java.util.Date; import org.slf4j.Logger; @@ -11,6 +10,7 @@ import org.slf4j.LoggerFactory; import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data.IGenericSignatureVerificationResponse; import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions.MoaSigServiceException; import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions.MoaSigServiceParserException; +import iaik.x509.X509Certificate; public class GenericSignatureVerificationResponse implements IGenericSignatureVerificationResponse, Serializable { @@ -19,32 +19,31 @@ public class GenericSignatureVerificationResponse private static final Logger log = LoggerFactory.getLogger(GenericSignatureVerificationResponse.class); - - /** The signing time */ + /** The signing time. */ private Date signingDateTime; - /** The signatureCheckCode to be stored */ + /** The signatureCheckCode to be stored. */ private int signatureCheckCode; - /** The certificateCheckCode to be stored */ + /** The certificateCheckCode to be stored. */ private int certificateCheckCode; - /** The publicAuthority to be stored */ + /** The publicAuthority to be stored. */ private boolean publicAuthority; - /** The publicAuthorityCode to be stored */ + /** The publicAuthorityCode to be stored. */ private String publicAuthorityCode; - /** The qualifiedCertificate to be stored */ + /** The qualifiedCertificate to be stored. */ private boolean qualifiedCertificate; private byte[] x509CertificateEncoded; @Override public Date getSigningDateTime() { - if (this.signingDateTime != null) { - return new Date(this.signingDateTime.getTime()); - } + if (this.signingDateTime != null) { + return new Date(this.signingDateTime.getTime()); + } return null; } @@ -87,11 +86,11 @@ public class GenericSignatureVerificationResponse @Override public byte[] getX509CertificateEncoded() { - if (this.x509CertificateEncoded != null) { - return this.x509CertificateEncoded.clone(); - - } - return null; + if (this.x509CertificateEncoded != null) { + return this.x509CertificateEncoded.clone(); + + } + return null; } @@ -107,10 +106,15 @@ public class GenericSignatureVerificationResponse } + /** + * Set signature creation timestramp. + * + * @param signingDateTime timestamp + */ public void setSigningDateTime(final Date signingDateTime) { - if (signingDateTime != null) { - this.signingDateTime = new Date(signingDateTime.getTime()); - } + if (signingDateTime != null) { + this.signingDateTime = new Date(signingDateTime.getTime()); + } } public void setSignatureCheckCode(final int signatureCheckCode) { @@ -133,13 +137,16 @@ public class GenericSignatureVerificationResponse this.qualifiedCertificate = qualifiedCertificate; } + /** + * Set encoded signer certificate. + * + * @param x509CertificateEncoded signer cerificate + */ public void setX509CertificateEncoded(final byte[] x509CertificateEncoded) { - if (x509CertificateEncoded != null) { - this.x509CertificateEncoded = x509CertificateEncoded.clone(); - - } - } - + if (x509CertificateEncoded != null) { + this.x509CertificateEncoded = x509CertificateEncoded.clone(); + } + } } diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/data/VerifyCMSSignatureResponse.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/data/VerifyCmsSignatureResponse.java index 0583a29e..ed679828 100644 --- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/data/VerifyCMSSignatureResponse.java +++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/data/VerifyCmsSignatureResponse.java @@ -1,9 +1,9 @@ package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.data; -import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data.ICMSSignatureVerificationResponse; +import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data.ICmsSignatureVerificationResponse; -public class VerifyCMSSignatureResponse extends GenericSignatureVerificationResponse - implements ICMSSignatureVerificationResponse { +public class VerifyCmsSignatureResponse extends GenericSignatureVerificationResponse + implements ICmsSignatureVerificationResponse { private static final long serialVersionUID = 708260904158070696L; diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/data/VerifyXMLSignatureResponse.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/data/VerifyXMLSignatureResponse.java deleted file mode 100644 index 003d2c46..00000000 --- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/data/VerifyXMLSignatureResponse.java +++ /dev/null @@ -1,119 +0,0 @@ -package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.data; - -import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data.IXMLSignatureVerificationResponse; - -/** - * - * - * @author tlenz - * - */ - -public class VerifyXMLSignatureResponse extends GenericSignatureVerificationResponse - implements IXMLSignatureVerificationResponse { - - private static final long serialVersionUID = 8386070769565711601L; - - /** The xmlDsigSubjectName to be stored */ - private String xmlDsigSubjectName; - - /** The xmlDSIGManifestCheckCode to be stored */ - private int xmlDSIGManifestCheckCode; - /** The xmlDSIGManigest to be stored */ - private boolean xmlDSIGManigest; - - /** - * The result of the signature manifest check. The default value <code>-1</code> indicates that - * the signature manifest has not been checked. - */ - private int signatureManifestCheckCode = -1; - - - /* - * (non-Javadoc) - * - * @see - * at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse#getXmlDSIGManifestCheckCode() - */ - @Override - public int getXmlDSIGManifestCheckCode() { - return xmlDSIGManifestCheckCode; - } - - /* - * (non-Javadoc) - * - * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse#getXmlDsigSubjectName() - */ - @Override - public String getXmlDsigSubjectName() { - return xmlDsigSubjectName; - } - - - /* - * (non-Javadoc) - * - * @see - * at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse#setXmlDSIGManifestCheckCode( - * int) - */ - public void setXmlDSIGManifestCheckCode(final int xmlDSIGManifestCheckCode) { - this.xmlDSIGManifestCheckCode = xmlDSIGManifestCheckCode; - } - - /* - * (non-Javadoc) - * - * @see - * at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse#setXmlDsigSubjectName(java.lang - * .String) - */ - public void setXmlDsigSubjectName(final String xmlDsigSubjectName) { - this.xmlDsigSubjectName = xmlDsigSubjectName; - } - - - /* - * (non-Javadoc) - * - * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse#isXmlDSIGManigest() - */ - @Override - public boolean isXmlDSIGManigest() { - return xmlDSIGManigest; - } - - /* - * (non-Javadoc) - * - * @see - * at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse#setXmlDSIGManigest(boolean) - */ - public void setXmlDSIGManigest(final boolean xmlDSIGManigest) { - this.xmlDSIGManigest = xmlDSIGManigest; - } - - /* - * (non-Javadoc) - * - * @see - * at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse#getSignatureManifestCheckCode() - */ - @Override - public int getSignatureManifestCheckCode() { - return signatureManifestCheckCode; - } - - /* - * (non-Javadoc) - * - * @see - * at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse#setSignatureManifestCheckCode( - * int) - */ - public void setSignatureManifestCheckCode(final int signatureManifestCheckCode) { - this.signatureManifestCheckCode = signatureManifestCheckCode; - } - -} diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/data/VerifyXmlSignatureResponse.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/data/VerifyXmlSignatureResponse.java new file mode 100644 index 00000000..4b0632b1 --- /dev/null +++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/data/VerifyXmlSignatureResponse.java @@ -0,0 +1,115 @@ +package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.data; + +import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data.IXmlSignatureVerificationResponse; + +/** + * MOA-Sig signature verification response for XML based signatures. + * + * @author tlenz + * + */ + +public class VerifyXmlSignatureResponse extends GenericSignatureVerificationResponse + implements IXmlSignatureVerificationResponse { + + private static final long serialVersionUID = 8386070769565711601L; + + /** The xmlDsigSubjectName to be stored. */ + private String xmlDsigSubjectName; + + /** The xmlDSIGManifestCheckCode to be stored. */ + private int xmlDsigManifestCheckCode; + /** The xmlDSIGManigest to be stored. */ + private boolean xmlDsigManigest; + + /** + * The result of the signature manifest check. The default value <code>-1</code> + * indicates that the signature manifest has not been checked. + */ + private int signatureManifestCheckCode = -1; + + /* + * (non-Javadoc) + * + * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse# + * getXmlDSIGManifestCheckCode() + */ + @Override + public int getXmlDsigManifestCheckCode() { + return xmlDsigManifestCheckCode; + } + + /* + * (non-Javadoc) + * + * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse# + * getXmlDsigSubjectName() + */ + @Override + public String getXmlDsigSubjectName() { + return xmlDsigSubjectName; + } + + /* + * (non-Javadoc) + * + * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse# + * setXmlDSIGManifestCheckCode( int) + */ + public void setXmlDsigManifestCheckCode(final int xmlDsigManifestCheckCode) { + this.xmlDsigManifestCheckCode = xmlDsigManifestCheckCode; + } + + /* + * (non-Javadoc) + * + * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse# + * setXmlDsigSubjectName(java.lang .String) + */ + public void setXmlDsigSubjectName(final String xmlDsigSubjectName) { + this.xmlDsigSubjectName = xmlDsigSubjectName; + } + + /* + * (non-Javadoc) + * + * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse# + * isXmlDSIGManigest() + */ + @Override + public boolean isXmlDsigManigest() { + return xmlDsigManigest; + } + + /* + * (non-Javadoc) + * + * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse# + * setXmlDSIGManigest(boolean) + */ + public void setXmlDsigManigest(final boolean xmlDsigManigest) { + this.xmlDsigManigest = xmlDsigManigest; + } + + /* + * (non-Javadoc) + * + * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse# + * getSignatureManifestCheckCode() + */ + @Override + public int getSignatureManifestCheckCode() { + return signatureManifestCheckCode; + } + + /* + * (non-Javadoc) + * + * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse# + * setSignatureManifestCheckCode( int) + */ + public void setSignatureManifestCheckCode(final int signatureManifestCheckCode) { + this.signatureManifestCheckCode = signatureManifestCheckCode; + } + +} diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/parser/VerifyXmlSignatureResponseParser.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/parser/VerifyXmlSignatureResponseParser.java index aa094f1e..231cb94f 100644 --- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/parser/VerifyXmlSignatureResponseParser.java +++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/parser/VerifyXmlSignatureResponseParser.java @@ -2,23 +2,24 @@ package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.parser; import java.io.ByteArrayInputStream; import java.io.InputStream; -import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data.IXMLSignatureVerificationResponse; -import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions.MoaSigServiceException; -import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions.MoaSigServiceParserException; -import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.data.VerifyXMLSignatureResponse; -import at.gv.egovernment.moaspss.util.Constants; -import at.gv.egovernment.moaspss.util.DOMUtils; -import at.gv.egovernment.moaspss.util.XPathUtils; + import org.joda.time.DateTime; import org.joda.time.format.ISODateTimeFormat; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.lang.NonNull; import org.w3c.dom.Element; + +import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data.IXmlSignatureVerificationResponse; +import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions.MoaSigServiceException; +import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions.MoaSigServiceParserException; +import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.data.VerifyXmlSignatureResponse; +import at.gv.egovernment.moaspss.util.Constants; +import at.gv.egovernment.moaspss.util.DOMUtils; +import at.gv.egovernment.moaspss.util.XPathUtils; import iaik.utils.Base64InputStream; import iaik.x509.X509Certificate; - public class VerifyXmlSignatureResponseParser { private static final Logger log = LoggerFactory.getLogger(VerifyXmlSignatureResponseParser.class); @@ -63,13 +64,15 @@ public class VerifyXmlSignatureResponseParser { private static final String SIGNING_TIME_XPATH = ROOT + MOA + "SigningTime"; - - /** This is the root element of the XML-Document provided by the Security Layer Card. */ + /** + * This is the root element of the XML-Document provided by the Security Layer + * Card. + */ private Element verifyXmlSignatureResponse; /** - * Constructor for VerifyXMLSignatureResponseParser. A DOM-representation of the incoming String - * will be created + * Constructor for VerifyXMLSignatureResponseParser. A DOM-representation of the + * incoming String will be created * * @param xmlResponse <code><InfoboxReadResponse></code> as String * @throws MoaSigServiceParserException on any parsing error @@ -82,14 +85,14 @@ public class VerifyXmlSignatureResponseParser { } catch (final Throwable t) { log.warn("Can not parse MOA-Sig response.", t); - throw new MoaSigServiceParserException("service.moasig.02", new Object[] {t.toString()}, t); + throw new MoaSigServiceParserException("service.moasig.02", new Object[] { t.toString() }, t); } } /** - * Constructor for VerifyXMLSignatureResponseParser. A DOM-representation of the incoming - * Inputstream will be created + * Constructor for VerifyXMLSignatureResponseParser. A DOM-representation of the + * incoming Inputstream will be created * * @param xmlResponse <code><InfoboxReadResponse></code> as InputStream * @throws MoaSigServiceParserException on any parsing error @@ -101,14 +104,14 @@ public class VerifyXmlSignatureResponseParser { } catch (final Throwable t) { log.warn("Can not parse MOA-Sig response.", t); - throw new MoaSigServiceParserException("service.moasig.02", new Object[] {t.toString()}, t); + throw new MoaSigServiceParserException("service.moasig.02", new Object[] { t.toString() }, t); } } /** - * Constructor for VerifyXMLSignatureResponseParser. The incoming Element will be used for further - * operations + * Constructor for VerifyXMLSignatureResponseParser. The incoming Element will + * be used for further operations * * @param xmlResponse <code><InfoboxReadResponse></code> as Element */ @@ -118,15 +121,16 @@ public class VerifyXmlSignatureResponseParser { } /** - * Parse MOA-Sig signatur-verification result into {@link IXMLSignatureVerificationResponse}. + * Parse MOA-Sig signatur-verification result into + * {@link IXmlSignatureVerificationResponse}. * - * @return {@link IXMLSignatureVerificationResponse} + * @return {@link IXmlSignatureVerificationResponse} * @throws MoaSigServiceException on any parsing error */ @NonNull - public IXMLSignatureVerificationResponse parseData() throws MoaSigServiceException { + public IXmlSignatureVerificationResponse parseData() throws MoaSigServiceException { try { - final VerifyXMLSignatureResponse respData = new VerifyXMLSignatureResponse(); + final VerifyXmlSignatureResponse respData = new VerifyXmlSignatureResponse(); respData.setXmlDsigSubjectName( XPathUtils.getElementValue(verifyXmlSignatureResponse, DSIG_SUBJECT_NAME_XPATH, "")); final Element e = (Element) XPathUtils.selectSingleNode(verifyXmlSignatureResponse, @@ -151,11 +155,11 @@ public class VerifyXmlSignatureResponseParser { final String xmlDsigCheckCode = XPathUtils.getElementValue(verifyXmlSignatureResponse, XMLDSIG_MANIFEST_CHECK_CODE_XPATH, null); if (xmlDsigCheckCode != null) { - respData.setXmlDSIGManigest(true); - respData.setXmlDSIGManifestCheckCode(Integer.parseInt(xmlDsigCheckCode)); + respData.setXmlDsigManigest(true); + respData.setXmlDsigManifestCheckCode(Integer.parseInt(xmlDsigCheckCode)); } else { - respData.setXmlDSIGManigest(false); + respData.setXmlDsigManigest(false); } @@ -181,10 +185,9 @@ public class VerifyXmlSignatureResponseParser { } catch (final Throwable t) { log.warn("Can not parse MOA-Sig response.", t); - throw new MoaSigServiceParserException("service.moasig.02", new Object[] {t.toString()}, t); + throw new MoaSigServiceParserException("service.moasig.02", new Object[] { t.toString() }, t); } } - } diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/Pvp2SProfileCoreSpringResourceProvider.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/Pvp2SProfileCoreSpringResourceProvider.java index c0482c9d..2779ee1d 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/Pvp2SProfileCoreSpringResourceProvider.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/Pvp2SProfileCoreSpringResourceProvider.java @@ -11,7 +11,7 @@ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express * or implied. See the Licence for the specific language governing permissions and limitations under * the Licence. - * + * * This product combines work with different licenses. See the "NOTICE" text file for details on the * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative * works that you distribute must include a readable copy of the "NOTICE" text file. @@ -42,7 +42,7 @@ public class Pvp2SProfileCoreSpringResourceProvider implements SpringResourcePro final ClassPathResource sl20AuthConfig = new ClassPathResource("/eaaf_pvp.beans.xml", Pvp2SProfileCoreSpringResourceProvider.class); - return new Resource[] {sl20AuthConfig}; + return new Resource[] { sl20AuthConfig }; } } diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/PvpConstants.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/PvpConstants.java index 8bd2f024..b271b46d 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/PvpConstants.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/PvpConstants.java @@ -22,13 +22,16 @@ package at.gv.egiz.eaaf.modules.pvp2; import java.util.ArrayList; import java.util.Collections; import java.util.List; + import javax.xml.namespace.QName; -import at.gv.egiz.eaaf.core.api.data.PVPAttributeDefinitions; -import at.gv.egiz.eaaf.core.impl.data.Trible; + import org.opensaml.xml.encryption.EncryptionConstants; import org.opensaml.xml.signature.SignatureConstants; -public interface PvpConstants extends PVPAttributeDefinitions { +import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions; +import at.gv.egiz.eaaf.core.impl.data.Trible; + +public interface PvpConstants extends PvpAttributeDefinitions { String DEFAULT_SIGNING_METHODE = SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA256; @@ -53,13 +56,14 @@ public interface PvpConstants extends PVPAttributeDefinitions { String SINGLELOGOUT = "SingleLogOut"; /** - * Get required PVP attributes for egovtoken First : PVP attribute name (OID) Second: FriendlyName - * Third: Required. + * Get required PVP attributes for egovtoken First : PVP attribute name (OID) + * Second: FriendlyName Third: Required. * */ List<Trible<String, String, Boolean>> EGOVTOKEN_PVP_ATTRIBUTES = Collections.unmodifiableList(new ArrayList<Trible<String, String, Boolean>>() { private static final long serialVersionUID = 1L; + { // currently supported attributes add(Trible.newInstance(PVP_VERSION_NAME, PVP_VERSION_FRIENDLY_NAME, true)); @@ -73,18 +77,18 @@ public interface PvpConstants extends PVPAttributeDefinitions { add(Trible.newInstance(OU_NAME, OU_FRIENDLY_NAME, false)); add(Trible.newInstance(SECCLASS_NAME, SECCLASS_FRIENDLY_NAME, false)); - } }); /** - * Get required PVP attributes for citizenToken First : PVP attribute name (OID) Second: - * FriendlyName Third: Required. + * Get required PVP attributes for citizenToken First : PVP attribute name (OID) + * Second: FriendlyName Third: Required. * */ List<Trible<String, String, Boolean>> CITIZENTOKEN_PVP_ATTRIBUTES = Collections.unmodifiableList(new ArrayList<Trible<String, String, Boolean>>() { - private static final long serialVersionUID = 1L; + private static final long serialVersionUID = -5947165770657082581L; + { // required attributes - eIDAS minimal-data set add(Trible.newInstance(PVP_VERSION_NAME, PVP_VERSION_FRIENDLY_NAME, true)); @@ -93,7 +97,6 @@ public interface PvpConstants extends PVPAttributeDefinitions { add(Trible.newInstance(BIRTHDATE_NAME, BIRTHDATE_FRIENDLY_NAME, true)); add(Trible.newInstance(BPK_NAME, BPK_FRIENDLY_NAME, true)); - // not required attributes add(Trible.newInstance(EID_CITIZEN_EIDAS_QAA_LEVEL_NAME, EID_CITIZEN_EIDAS_QAA_LEVEL_FRIENDLY_NAME, false)); @@ -123,8 +126,6 @@ public interface PvpConstants extends PVPAttributeDefinitions { add(Trible.newInstance(MANDATE_REFERENCE_VALUE_NAME, MANDATE_REFERENCE_VALUE_FRIENDLY_NAME, false)); - - } }); diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/IPvo2BasicConfiguration.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/IPvo2BasicConfiguration.java index 39c0baff..ec806f07 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/IPvo2BasicConfiguration.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/IPvo2BasicConfiguration.java @@ -20,10 +20,12 @@ package at.gv.egiz.eaaf.modules.pvp2.api; import java.util.List; -import at.gv.egiz.eaaf.core.exceptions.EaafException; + import org.opensaml.saml2.metadata.ContactPerson; import org.opensaml.saml2.metadata.Organization; +import at.gv.egiz.eaaf.core.exceptions.EaafException; + public interface IPvo2BasicConfiguration { String getIdpEntityId(String authUrl) throws EaafException; diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/binding/IDecoder.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/binding/IDecoder.java index 677028a5..89e6a384 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/binding/IDecoder.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/binding/IDecoder.java @@ -21,13 +21,14 @@ package at.gv.egiz.eaaf.modules.pvp2.api.binding; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import at.gv.egiz.eaaf.modules.pvp2.api.message.InboundMessageInterface; -import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2Exception; + import org.opensaml.common.binding.decoding.URIComparator; import org.opensaml.saml2.metadata.provider.MetadataProvider; import org.opensaml.ws.message.decoder.MessageDecodingException; import org.opensaml.xml.security.SecurityException; +import at.gv.egiz.eaaf.modules.pvp2.api.message.InboundMessageInterface; +import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2Exception; public interface IDecoder { InboundMessageInterface decode(HttpServletRequest req, HttpServletResponse resp, diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/binding/IEncoder.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/binding/IEncoder.java index 9d8b0105..fcab5fd8 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/binding/IEncoder.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/binding/IEncoder.java @@ -21,30 +21,32 @@ package at.gv.egiz.eaaf.modules.pvp2.api.binding; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import at.gv.egiz.eaaf.core.api.IRequest; -import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2Exception; + import org.opensaml.saml2.core.RequestAbstractType; import org.opensaml.saml2.core.StatusResponseType; import org.opensaml.ws.message.encoder.MessageEncodingException; import org.opensaml.xml.security.SecurityException; import org.opensaml.xml.security.credential.Credential; +import at.gv.egiz.eaaf.core.api.IRequest; +import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2Exception; + public interface IEncoder { /** * SAML2 Request encoder. * - * @param req The http request - * @param resp The http response - * @param request The SAML2 request object + * @param req The http request + * @param resp The http response + * @param request The SAML2 request object * @param targetLocation URL, where the request should be transmit - * @param relayState token for session handling - * @param credentials Credential to sign the request object - * @param pendingReq Internal MOA-ID request object that contains session-state informations but - * never null + * @param relayState token for session handling + * @param credentials Credential to sign the request object + * @param pendingReq Internal MOA-ID request object that contains + * session-state informations but never null * @throws MessageEncodingException In case of an error - * @throws SecurityException In case of an error - * @throws Pvp2Exception In case of an error + * @throws SecurityException In case of an error + * @throws Pvp2Exception In case of an error */ void encodeRequest(HttpServletRequest req, HttpServletResponse resp, RequestAbstractType request, String targetLocation, String relayState, Credential credentials, @@ -53,16 +55,16 @@ public interface IEncoder { /** * Encoder SAML Response. * - * @param req The http request - * @param resp The http response - * @param response The SAML2 repsonse object + * @param req The http request + * @param resp The http response + * @param response The SAML2 repsonse object * @param targetLocation URL, where the request should be transmit - * @param relayState token for session handling - * @param credentials Credential to sign the response object - * @param pendingReq Internal MOA-ID request object that contains session-state informations but - * never null - * @throws MessageEncodingException In case of an error - * @throws SecurityException In case of an error + * @param relayState token for session handling + * @param credentials Credential to sign the response object + * @param pendingReq Internal MOA-ID request object that contains + * session-state informations but never null + * @throws MessageEncodingException In case of an error + * @throws SecurityException In case of an error */ void encodeRespone(HttpServletRequest req, HttpServletResponse resp, StatusResponseType response, String targetLocation, String relayState, Credential credentials, diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/metadata/IPvpMetadataBuilderConfiguration.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/metadata/IPvpMetadataBuilderConfiguration.java index f06a1684..ab39fefb 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/metadata/IPvpMetadataBuilderConfiguration.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/metadata/IPvpMetadataBuilderConfiguration.java @@ -21,13 +21,15 @@ package at.gv.egiz.eaaf.modules.pvp2.api.metadata; import java.util.Collection; import java.util.List; -import at.gv.egiz.eaaf.modules.pvp2.exception.CredentialsNotAvailableException; + import org.opensaml.saml2.core.Attribute; import org.opensaml.saml2.metadata.ContactPerson; import org.opensaml.saml2.metadata.Organization; import org.opensaml.saml2.metadata.RequestedAttribute; import org.opensaml.xml.security.credential.Credential; +import at.gv.egiz.eaaf.modules.pvp2.exception.CredentialsNotAvailableException; + /** * PVP Metadata builder configuration. * @@ -36,9 +38,9 @@ import org.opensaml.xml.security.credential.Credential; */ public interface IPvpMetadataBuilderConfiguration { - /** - * Defines a unique name for this PVP Service-provider, which is used for logging. + * Defines a unique name for this PVP Service-provider, which is used for + * logging. * * @return */ @@ -73,8 +75,8 @@ public interface IPvpMetadataBuilderConfiguration { boolean buildSpSsoDescriptor(); /** - * Set the PVP entityID for this SAML2 metadata. The entityID must be an URL and must be start - * with the public-URL prefix of the server. + * Set the PVP entityID for this SAML2 metadata. The entityID must be an URL and + * must be start with the public-URL prefix of the server. * * @return PVP entityID postfix as String */ @@ -101,7 +103,6 @@ public interface IPvpMetadataBuilderConfiguration { */ Organization getOrgansiationInformation(); - /** * Set the credential for metadata signing. * @@ -111,11 +112,12 @@ public interface IPvpMetadataBuilderConfiguration { Credential getMetadataSigningCredentials() throws CredentialsNotAvailableException; /** - * Set the credential for request/response signing IDP metadata: this credential is used for SAML2 - * response signing SP metadata: this credential is used for SAML2 response signing. + * Set the credential for request/response signing IDP metadata: this credential + * is used for SAML2 response signing SP metadata: this credential is used for + * SAML2 response signing. * * @return Credentials - * @throws CredentialsNotAvailableException In case of an error + * @throws CredentialsNotAvailableException In case of an error */ Credential getRequestorResponseSigningCredentials() throws CredentialsNotAvailableException; @@ -124,7 +126,7 @@ public interface IPvpMetadataBuilderConfiguration { * Set the credential for response encryption. * * @return Credentials - * @throws CredentialsNotAvailableException In case of an error + * @throws CredentialsNotAvailableException In case of an error */ Credential getEncryptionCredentials() throws CredentialsNotAvailableException; @@ -191,7 +193,6 @@ public interface IPvpMetadataBuilderConfiguration { */ String getSpSloSoapBindingUrl(); - /** * Set all SAML2 attributes which could be provided by this IDP. * diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/metadata/IPvpMetadataConfigurationFactory.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/metadata/IPvpMetadataConfigurationFactory.java index 4207d860..0cf7e293 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/metadata/IPvpMetadataConfigurationFactory.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/metadata/IPvpMetadataConfigurationFactory.java @@ -23,7 +23,6 @@ import at.gv.egiz.eaaf.modules.pvp2.impl.utils.AbstractCredentialProvider; public interface IPvpMetadataConfigurationFactory { - IPvpMetadataBuilderConfiguration generateMetadataBuilderConfiguration(String authUrl, AbstractCredentialProvider pvpIdpCredentials); diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/metadata/IPvpMetadataProvider.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/metadata/IPvpMetadataProvider.java index bc90ff3f..25b2d250 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/metadata/IPvpMetadataProvider.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/metadata/IPvpMetadataProvider.java @@ -11,7 +11,7 @@ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express * or implied. See the Licence for the specific language governing permissions and limitations under * the Licence. - * + * * This product combines work with different licenses. See the "NOTICE" text file for details on the * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative * works that you distribute must include a readable copy of the "NOTICE" text file. diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/reqattr/EaafRequestedAttribute.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/reqattr/EaafRequestedAttribute.java index f44a545d..fe908869 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/reqattr/EaafRequestedAttribute.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/reqattr/EaafRequestedAttribute.java @@ -20,13 +20,16 @@ package at.gv.egiz.eaaf.modules.pvp2.api.reqattr; import java.util.List; + import javax.xml.namespace.QName; -import at.gv.egiz.eaaf.modules.pvp2.PvpConstants; + import org.opensaml.common.SAMLObject; import org.opensaml.xml.AttributeExtensibleXMLObject; import org.opensaml.xml.XMLObject; import org.opensaml.xml.schema.XSBooleanValue; +import at.gv.egiz.eaaf.modules.pvp2.PvpConstants; + public interface EaafRequestedAttribute extends SAMLObject, AttributeExtensibleXMLObject, org.opensaml.saml2.metadata.RequestedAttribute { @@ -36,7 +39,6 @@ public interface EaafRequestedAttribute extends SAMLObject, AttributeExtensibleX /** Local name of the XSI type. */ String TYPE_LOCAL_NAME = "RequestedAttributeAbstractType"; - /** Default element name. */ QName DEFAULT_ELEMENT_NAME = new QName(PvpConstants.EIDAT10_SAML_NS, DEF_LOCAL_NAME, PvpConstants.EIDAT10_PREFIX); @@ -45,8 +47,6 @@ public interface EaafRequestedAttribute extends SAMLObject, AttributeExtensibleX QName TYPE_NAME = new QName(PvpConstants.EIDAT10_SAML_NS, TYPE_LOCAL_NAME, PvpConstants.EIDAT10_PREFIX); - - /** NAME_ATTRIB_NAME attribute name. */ String NAME_ATTRIB_NAME = "Name"; diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/reqattr/EaafRequestedAttributes.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/reqattr/EaafRequestedAttributes.java index 98f118b0..4c168b31 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/reqattr/EaafRequestedAttributes.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/reqattr/EaafRequestedAttributes.java @@ -11,7 +11,7 @@ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express * or implied. See the Licence for the specific language governing permissions and limitations under * the Licence. - * + * * This product combines work with different licenses. See the "NOTICE" text file for details on the * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative * works that you distribute must include a readable copy of the "NOTICE" text file. diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/validation/IAuthnRequestValidator.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/validation/IAuthnRequestValidator.java index 41dcd3b9..90195f1d 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/validation/IAuthnRequestValidator.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/validation/IAuthnRequestValidator.java @@ -20,11 +20,13 @@ package at.gv.egiz.eaaf.modules.pvp2.api.validation; import javax.servlet.http.HttpServletRequest; -import at.gv.egiz.eaaf.core.api.IRequest; -import at.gv.egiz.eaaf.core.exceptions.AuthnRequestValidatorException; + import org.opensaml.saml2.core.AuthnRequest; import org.opensaml.saml2.metadata.SPSSODescriptor; +import at.gv.egiz.eaaf.core.api.IRequest; +import at.gv.egiz.eaaf.core.exceptions.AuthnRequestValidatorException; + public interface IAuthnRequestValidator { void validate(HttpServletRequest httpReq, IRequest pendingReq, AuthnRequest authReq, diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/validation/ISamlValidator.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/validation/ISamlValidator.java index 3cbe59da..3454e890 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/validation/ISamlValidator.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/validation/ISamlValidator.java @@ -11,7 +11,7 @@ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express * or implied. See the Licence for the specific language governing permissions and limitations under * the Licence. - * + * * This product combines work with different licenses. See the "NOTICE" text file for details on the * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative * works that you distribute must include a readable copy of the "NOTICE" text file. diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/AttributQueryException.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/AttributQueryException.java index 82fb2c79..78529e23 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/AttributQueryException.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/AttributQueryException.java @@ -21,7 +21,6 @@ package at.gv.egiz.eaaf.modules.pvp2.exception; public class AttributQueryException extends Pvp2Exception { - private static final long serialVersionUID = -4302422507173728748L; public AttributQueryException(final String messageId, final Object[] parameters) { diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/BindingNotSupportedException.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/BindingNotSupportedException.java index 97971d3a..2273d343 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/BindingNotSupportedException.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/BindingNotSupportedException.java @@ -26,13 +26,8 @@ public class BindingNotSupportedException extends Pvp2Exception { private static final long serialVersionUID = -7227603941387879360L; public BindingNotSupportedException(final String binding) { - super("pvp2.11", new Object[] {binding}); + super("pvp2.11", new Object[] { binding }); this.statusCodeValue = StatusCode.UNSUPPORTED_BINDING_URI; } - - - - - } diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/CredentialsNotAvailableException.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/CredentialsNotAvailableException.java index ae64e134..ede00366 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/CredentialsNotAvailableException.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/CredentialsNotAvailableException.java @@ -34,7 +34,4 @@ public class CredentialsNotAvailableException extends EaafException { super(messageId, parameters, e); } - - - } diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/InvalidDateFormatException.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/InvalidDateFormatException.java index 8ca373c4..538279b5 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/InvalidDateFormatException.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/InvalidDateFormatException.java @@ -30,6 +30,4 @@ public class InvalidDateFormatException extends Pvp2Exception { this.statusCodeValue = StatusCode.REQUESTER_URI; } - - } diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/NameIdFormatNotSupportedException.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/NameIdFormatNotSupportedException.java index b43db603..a5b5ed33 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/NameIdFormatNotSupportedException.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/NameIdFormatNotSupportedException.java @@ -19,9 +19,10 @@ package at.gv.egiz.eaaf.modules.pvp2.exception; -import at.gv.egiz.eaaf.core.exceptions.AuthnRequestValidatorException; import org.opensaml.saml2.core.StatusCode; +import at.gv.egiz.eaaf.core.exceptions.AuthnRequestValidatorException; + public class NameIdFormatNotSupportedException extends AuthnRequestValidatorException { private static final long serialVersionUID = -2270762519437873336L; @@ -32,12 +33,9 @@ public class NameIdFormatNotSupportedException extends AuthnRequestValidatorExce * @param nameIdFormat requested NameIdFormat */ public NameIdFormatNotSupportedException(final String nameIdFormat) { - super("pvp2.12", new Object[] {nameIdFormat}); + super("pvp2.12", new Object[] { nameIdFormat }); statusCodeValue = StatusCode.INVALID_NAMEID_POLICY_URI; } - - - } diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/NoMetadataInformationException.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/NoMetadataInformationException.java index f22d2d17..002a946c 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/NoMetadataInformationException.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/NoMetadataInformationException.java @@ -30,7 +30,4 @@ public class NoMetadataInformationException extends Pvp2Exception { this.statusCodeValue = StatusCode.UNKNOWN_PRINCIPAL_URI; } - - - } diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/Pvp2Exception.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/Pvp2Exception.java index 0ea909e2..dcbda8b5 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/Pvp2Exception.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/Pvp2Exception.java @@ -19,9 +19,10 @@ package at.gv.egiz.eaaf.modules.pvp2.exception; -import at.gv.egiz.eaaf.core.exceptions.EaafException; import org.opensaml.saml2.core.StatusCode; +import at.gv.egiz.eaaf.core.exceptions.EaafException; + public abstract class Pvp2Exception extends EaafException { private static final long serialVersionUID = 7669537952484421069L; @@ -38,7 +39,6 @@ public abstract class Pvp2Exception extends EaafException { this.statusMessageValue = this.getMessage(); } - public String getStatusCodeValue() { return this.statusCodeValue; } @@ -47,9 +47,4 @@ public abstract class Pvp2Exception extends EaafException { return this.statusMessageValue; } - - - - - } diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/Pvp2MetadataException.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/Pvp2MetadataException.java index ab0e8871..5ed7c99d 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/Pvp2MetadataException.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/Pvp2MetadataException.java @@ -11,7 +11,7 @@ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express * or implied. See the Licence for the specific language governing permissions and limitations under * the Licence. - * + * * This product combines work with different licenses. See the "NOTICE" text file for details on the * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative * works that you distribute must include a readable copy of the "NOTICE" text file. diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/QaaNotAllowedException.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/QaaNotAllowedException.java index 9edba3f2..9620a5ea 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/QaaNotAllowedException.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/QaaNotAllowedException.java @@ -21,13 +21,12 @@ package at.gv.egiz.eaaf.modules.pvp2.exception; import org.opensaml.saml2.core.StatusCode; - public class QaaNotAllowedException extends Pvp2Exception { private static final long serialVersionUID = -3964192953884089323L; public QaaNotAllowedException(final String qaaAuth, final String qaaRequest, final String mode) { - super("pvp2.17", new Object[] {qaaAuth, qaaRequest, mode}); + super("pvp2.17", new Object[] { qaaAuth, qaaRequest, mode }); this.statusCodeValue = StatusCode.REQUESTER_URI; } } diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/QaaNotSupportedException.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/QaaNotSupportedException.java index dc48508d..8824ca63 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/QaaNotSupportedException.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/QaaNotSupportedException.java @@ -21,17 +21,13 @@ package at.gv.egiz.eaaf.modules.pvp2.exception; import org.opensaml.saml2.core.StatusCode; - public class QaaNotSupportedException extends Pvp2Exception { private static final long serialVersionUID = -3964192953884089323L; public QaaNotSupportedException(final String qaa) { - super("pvp2.05", new Object[] {qaa}); + super("pvp2.05", new Object[] { qaa }); this.statusCodeValue = StatusCode.REQUESTER_URI; } - - - } diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/SamlMetadataSignatureException.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/SamlMetadataSignatureException.java index ede310f0..e27c5b1d 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/SamlMetadataSignatureException.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/SamlMetadataSignatureException.java @@ -34,7 +34,4 @@ public class SamlMetadataSignatureException extends Pvp2Exception { this.statusCodeValue = StatusCode.REQUESTER_URI; } - - - } diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/SchemaValidationException.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/SchemaValidationException.java index 39cf148b..14ad34a5 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/SchemaValidationException.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/SchemaValidationException.java @@ -23,7 +23,6 @@ public class SchemaValidationException extends Pvp2Exception { private static final long serialVersionUID = 1L; - public SchemaValidationException(final String messageId, final Object[] parameters) { super(messageId, parameters); } diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/SignatureValidationException.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/SignatureValidationException.java index 410686f6..0abfa5b2 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/SignatureValidationException.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/SignatureValidationException.java @@ -38,6 +38,4 @@ public class SignatureValidationException extends FilterException { super(string, e); } - - } diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/PostBinding.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/PostBinding.java index 2734c859..4e642a8a 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/PostBinding.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/PostBinding.java @@ -21,23 +21,7 @@ package at.gv.egiz.eaaf.modules.pvp2.impl.binding; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import at.gv.egiz.eaaf.core.api.IRequest; -import at.gv.egiz.eaaf.core.api.gui.IGuiBuilderConfigurationFactory; -import at.gv.egiz.eaaf.core.api.gui.IVelocityGuiBuilderConfiguration; -import at.gv.egiz.eaaf.core.api.gui.IVelocityGuiFormBuilder; -import at.gv.egiz.eaaf.core.api.idp.IConfiguration; -import at.gv.egiz.eaaf.core.impl.gui.velocity.VelocityProvider; -import at.gv.egiz.eaaf.modules.pvp2.PvpConstants; -import at.gv.egiz.eaaf.modules.pvp2.api.binding.IDecoder; -import at.gv.egiz.eaaf.modules.pvp2.api.binding.IEncoder; -import at.gv.egiz.eaaf.modules.pvp2.api.message.InboundMessageInterface; -import at.gv.egiz.eaaf.modules.pvp2.impl.message.InboundMessage; -import at.gv.egiz.eaaf.modules.pvp2.impl.message.PvpSProfileRequest; -import at.gv.egiz.eaaf.modules.pvp2.impl.message.PvpSProfileResponse; -import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.HttpPostEncoderWithOwnTemplate; -import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafDefaultSaml2Bootstrap; -import at.gv.egiz.eaaf.modules.pvp2.impl.validation.TrustEngineFactory; -import at.gv.egiz.eaaf.modules.pvp2.impl.verification.PvpSignedRequestPolicyRule; + import org.apache.commons.lang3.StringUtils; import org.opensaml.common.SAMLObject; import org.opensaml.common.binding.BasicSAMLMessageContext; @@ -66,6 +50,24 @@ import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; +import at.gv.egiz.eaaf.core.api.IRequest; +import at.gv.egiz.eaaf.core.api.gui.IGuiBuilderConfigurationFactory; +import at.gv.egiz.eaaf.core.api.gui.IVelocityGuiBuilderConfiguration; +import at.gv.egiz.eaaf.core.api.gui.IVelocityGuiFormBuilder; +import at.gv.egiz.eaaf.core.api.idp.IConfiguration; +import at.gv.egiz.eaaf.core.impl.gui.velocity.VelocityProvider; +import at.gv.egiz.eaaf.modules.pvp2.PvpConstants; +import at.gv.egiz.eaaf.modules.pvp2.api.binding.IDecoder; +import at.gv.egiz.eaaf.modules.pvp2.api.binding.IEncoder; +import at.gv.egiz.eaaf.modules.pvp2.api.message.InboundMessageInterface; +import at.gv.egiz.eaaf.modules.pvp2.impl.message.InboundMessage; +import at.gv.egiz.eaaf.modules.pvp2.impl.message.PvpSProfileRequest; +import at.gv.egiz.eaaf.modules.pvp2.impl.message.PvpSProfileResponse; +import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.HttpPostEncoderWithOwnTemplate; +import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafDefaultSaml2Bootstrap; +import at.gv.egiz.eaaf.modules.pvp2.impl.validation.TrustEngineFactory; +import at.gv.egiz.eaaf.modules.pvp2.impl.verification.PvpSignedRequestPolicyRule; + @Service("PVPPOSTBinding") public class PostBinding implements IDecoder, IEncoder { private static final Logger log = LoggerFactory.getLogger(PostBinding.class); @@ -220,7 +222,6 @@ public class PostBinding implements IDecoder, IEncoder { } } - msg.setVerified(true); msg.setRelayState(messageContext.getRelayState()); diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/RedirectBinding.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/RedirectBinding.java index 7b8525ce..eca1a072 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/RedirectBinding.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/RedirectBinding.java @@ -21,18 +21,7 @@ package at.gv.egiz.eaaf.modules.pvp2.impl.binding; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import at.gv.egiz.eaaf.core.api.IRequest; -import at.gv.egiz.eaaf.modules.pvp2.PvpConstants; -import at.gv.egiz.eaaf.modules.pvp2.api.binding.IDecoder; -import at.gv.egiz.eaaf.modules.pvp2.api.binding.IEncoder; -import at.gv.egiz.eaaf.modules.pvp2.api.message.InboundMessageInterface; -import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IRefreshableMetadataProvider; -import at.gv.egiz.eaaf.modules.pvp2.impl.message.InboundMessage; -import at.gv.egiz.eaaf.modules.pvp2.impl.message.PvpSProfileRequest; -import at.gv.egiz.eaaf.modules.pvp2.impl.message.PvpSProfileResponse; -import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafDefaultSaml2Bootstrap; -import at.gv.egiz.eaaf.modules.pvp2.impl.validation.TrustEngineFactory; -import at.gv.egiz.eaaf.modules.pvp2.impl.verification.PvpAuthRequestSignedRole; + import org.apache.commons.lang3.StringUtils; import org.opensaml.common.SAMLObject; import org.opensaml.common.binding.BasicSAMLMessageContext; @@ -62,6 +51,19 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.stereotype.Service; +import at.gv.egiz.eaaf.core.api.IRequest; +import at.gv.egiz.eaaf.modules.pvp2.PvpConstants; +import at.gv.egiz.eaaf.modules.pvp2.api.binding.IDecoder; +import at.gv.egiz.eaaf.modules.pvp2.api.binding.IEncoder; +import at.gv.egiz.eaaf.modules.pvp2.api.message.InboundMessageInterface; +import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IRefreshableMetadataProvider; +import at.gv.egiz.eaaf.modules.pvp2.impl.message.InboundMessage; +import at.gv.egiz.eaaf.modules.pvp2.impl.message.PvpSProfileRequest; +import at.gv.egiz.eaaf.modules.pvp2.impl.message.PvpSProfileResponse; +import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafDefaultSaml2Bootstrap; +import at.gv.egiz.eaaf.modules.pvp2.impl.validation.TrustEngineFactory; +import at.gv.egiz.eaaf.modules.pvp2.impl.verification.PvpAuthRequestSignedRole; + @Service("PVPRedirectBinding") public class RedirectBinding implements IDecoder, IEncoder { @@ -203,7 +205,6 @@ public class RedirectBinding implements IDecoder, IEncoder { (RequestAbstractType) messageContext.getInboundMessage(); msg = new PvpSProfileRequest(inboundMessage, getSaml2BindingName()); - } else if (messageContext.getInboundMessage() instanceof StatusResponseType) { final StatusResponseType inboundMessage = (StatusResponseType) messageContext.getInboundMessage(); diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/SoapBinding.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/SoapBinding.java index 2e19f259..f56078e5 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/SoapBinding.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/SoapBinding.java @@ -20,17 +20,10 @@ package at.gv.egiz.eaaf.modules.pvp2.impl.binding; import java.util.List; + import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import at.gv.egiz.eaaf.core.api.IRequest; -import at.gv.egiz.eaaf.modules.pvp2.PvpConstants; -import at.gv.egiz.eaaf.modules.pvp2.api.binding.IDecoder; -import at.gv.egiz.eaaf.modules.pvp2.api.binding.IEncoder; -import at.gv.egiz.eaaf.modules.pvp2.api.message.InboundMessageInterface; -import at.gv.egiz.eaaf.modules.pvp2.exception.AttributQueryException; -import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2Exception; -import at.gv.egiz.eaaf.modules.pvp2.impl.message.PvpSProfileRequest; -import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafDefaultSaml2Bootstrap; + import org.apache.commons.lang3.StringUtils; import org.opensaml.common.SAMLObject; import org.opensaml.common.binding.BasicSAMLMessageContext; @@ -56,6 +49,16 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.stereotype.Service; +import at.gv.egiz.eaaf.core.api.IRequest; +import at.gv.egiz.eaaf.modules.pvp2.PvpConstants; +import at.gv.egiz.eaaf.modules.pvp2.api.binding.IDecoder; +import at.gv.egiz.eaaf.modules.pvp2.api.binding.IEncoder; +import at.gv.egiz.eaaf.modules.pvp2.api.message.InboundMessageInterface; +import at.gv.egiz.eaaf.modules.pvp2.exception.AttributQueryException; +import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2Exception; +import at.gv.egiz.eaaf.modules.pvp2.impl.message.PvpSProfileRequest; +import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafDefaultSaml2Bootstrap; + @Service("PVPSOAPBinding") public class SoapBinding implements IDecoder, IEncoder { diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/CitizenTokenBuilder.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/CitizenTokenBuilder.java index 9765f520..8c7fa2fc 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/CitizenTokenBuilder.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/CitizenTokenBuilder.java @@ -19,7 +19,6 @@ package at.gv.egiz.eaaf.modules.pvp2.impl.builder; -import at.gv.egiz.eaaf.modules.pvp2.impl.utils.Saml2Utils; import org.opensaml.saml2.core.Attribute; import org.opensaml.saml2.core.AttributeValue; import org.opensaml.xml.Configuration; @@ -29,6 +28,8 @@ import org.opensaml.xml.schema.XSString; import org.opensaml.xml.schema.impl.XSIntegerBuilder; import org.opensaml.xml.schema.impl.XSStringBuilder; +import at.gv.egiz.eaaf.modules.pvp2.impl.utils.Saml2Utils; + /** * Build all attributes from PVP2 citizen-token. * @@ -71,7 +72,7 @@ public class CitizenTokenBuilder { * Build simple attribute. * * @param friendlyName attribute friendly-name - * @param value Attributevalue + * @param value Attributevalue * @return XML attribute */ public static Attribute buildStringAttribute(final String friendlyName, final String name, @@ -87,7 +88,7 @@ public class CitizenTokenBuilder { * Build simple attribute. * * @param friendlyName attribute friendly-name - * @param value Attributevalue + * @param value Attributevalue * @return XML attribute */ public static Attribute buildIntegerAttribute(final String friendlyName, final String name, diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/PvpAttributeBuilder.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/PvpAttributeBuilder.java index 73ba73c7..39d2a493 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/PvpAttributeBuilder.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/PvpAttributeBuilder.java @@ -25,10 +25,16 @@ import java.util.HashMap; import java.util.Iterator; import java.util.List; import java.util.ServiceLoader; + +import org.opensaml.saml2.core.Attribute; +import org.opensaml.saml2.metadata.RequestedAttribute; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + import at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder; import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator; import at.gv.egiz.eaaf.core.api.idp.IAuthData; -import at.gv.egiz.eaaf.core.api.idp.IspConfiguration; +import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration; import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException; import at.gv.egiz.eaaf.core.exceptions.InvalidDateFormatAttributeException; import at.gv.egiz.eaaf.core.exceptions.UnavailableAttributeException; @@ -36,10 +42,6 @@ import at.gv.egiz.eaaf.core.impl.idp.builder.attributes.PvpMetadata; import at.gv.egiz.eaaf.modules.pvp2.exception.InvalidDateFormatException; import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2Exception; import at.gv.egiz.eaaf.modules.pvp2.impl.utils.Saml2Utils; -import org.opensaml.saml2.core.Attribute; -import org.opensaml.saml2.metadata.RequestedAttribute; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; public class PvpAttributeBuilder { @@ -78,7 +80,6 @@ public class PvpAttributeBuilder { } - /** * Get a specific attribute builder. * @@ -94,7 +95,7 @@ public class PvpAttributeBuilder { /** * Build an SAML2 attribute. * - * @param name attribute name + * @param name attribute name * @param value attribute value * @return SAML2 attribute */ @@ -110,14 +111,14 @@ public class PvpAttributeBuilder { /** * Build a SAML2 attribute. * - * @param name attribute name - * @param oaParam Service-Provider configuration + * @param name attribute name + * @param oaParam Service-Provider configuration * @param authData serice-provider specific authentication data * @return SAML2 attribute - * @throws Pvp2Exception In case of a general error + * @throws Pvp2Exception In case of a general error * @throws AttributeBuilderException In case of an attribute builder error */ - public static Attribute buildAttribute(final String name, final IspConfiguration oaParam, + public static Attribute buildAttribute(final String name, final ISpConfiguration oaParam, final IAuthData authData) throws Pvp2Exception, AttributeBuilderException { if (builders.containsKey(name)) { try { @@ -151,10 +152,6 @@ public class PvpAttributeBuilder { return null; } - - - - /** * Return all attributes that has a {@link PvpMetadata} annotation. * @@ -182,9 +179,9 @@ public class PvpAttributeBuilder { /** * Build a requested attribute. * - * @param name attribute name + * @param name attribute name * @param friendlyName attribute friendlyname - * @param required is attribute mandatory + * @param required is attribute mandatory * @return SAML2 requested attribute */ public static RequestedAttribute buildReqAttribute(final String name, final String friendlyName, @@ -200,13 +197,15 @@ public class PvpAttributeBuilder { /** * Build a set of PVP Response-Attributes <br> * <br> - * <b>INFO:</b> If a specific attribute can not be build, a info is logged, but no execpetion is - * thrown. Therefore, the return List must not include all requested attributes. + * <b>INFO:</b> If a specific attribute can not be build, a info is logged, but + * no execpetion is thrown. Therefore, the return List must not include all + * requested attributes. * - * @param authData AuthenticationData <code>IAuthData</code> which is used to build the attribute - * values, but never <code>null</code> - * @param reqAttributenName List of PVP attribute names which are requested, but never - * <code>null</code> + * @param authData AuthenticationData <code>IAuthData</code> which is + * used to build the attribute values, but never + * <code>null</code> + * @param reqAttributenName List of PVP attribute names which are requested, but + * never <code>null</code> * @return List of PVP attributes, but never <code>null</code> */ public static List<Attribute> buildSetOfResponseAttributes(final IAuthData authData, @@ -240,5 +239,4 @@ public class PvpAttributeBuilder { return attrList; } - } diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/PvpMetadataBuilder.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/PvpMetadataBuilder.java index 1efa8745..b543a5dc 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/PvpMetadataBuilder.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/PvpMetadataBuilder.java @@ -23,6 +23,7 @@ import java.io.IOException; import java.io.StringWriter; import java.util.Collection; import java.util.List; + import javax.xml.parsers.DocumentBuilder; import javax.xml.parsers.DocumentBuilderFactory; import javax.xml.parsers.ParserConfigurationException; @@ -32,11 +33,7 @@ import javax.xml.transform.TransformerFactory; import javax.xml.transform.TransformerFactoryConfigurationError; import javax.xml.transform.dom.DOMSource; import javax.xml.transform.stream.StreamResult; -import at.gv.egiz.eaaf.core.exceptions.EaafException; -import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvpMetadataBuilderConfiguration; -import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafDefaultSaml2Bootstrap; -import at.gv.egiz.eaaf.modules.pvp2.impl.utils.AbstractCredentialProvider; -import at.gv.egiz.eaaf.modules.pvp2.impl.utils.Saml2Utils; + import org.apache.commons.httpclient.auth.CredentialsNotAvailableException; import org.apache.commons.lang3.StringUtils; import org.joda.time.DateTime; @@ -73,6 +70,12 @@ import org.slf4j.LoggerFactory; import org.springframework.stereotype.Service; import org.w3c.dom.Document; +import at.gv.egiz.eaaf.core.exceptions.EaafException; +import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvpMetadataBuilderConfiguration; +import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafDefaultSaml2Bootstrap; +import at.gv.egiz.eaaf.modules.pvp2.impl.utils.AbstractCredentialProvider; +import at.gv.egiz.eaaf.modules.pvp2.impl.utils.Saml2Utils; + /** * PVP metadata builder implementation. * @@ -98,21 +101,20 @@ public class PvpMetadataBuilder { } - /** * Build PVP 2.1 conform SAML2 metadata. * * @param config PVPMetadataBuilder configuration* * @return PVP metadata as XML String - * @throws SecurityException In case of an error - * @throws ConfigurationException In case of an error - * @throws CredentialsNotAvailableException In case of an error + * @throws SecurityException In case of an error + * @throws ConfigurationException In case of an error + * @throws CredentialsNotAvailableException In case of an error * @throws TransformerFactoryConfigurationError In case of an error - * @throws MarshallingException In case of an error - * @throws TransformerException In case of an error - * @throws ParserConfigurationException In case of an error - * @throws IOException In case of an error - * @throws SignatureException In case of an error + * @throws MarshallingException In case of an error + * @throws TransformerException In case of an error + * @throws ParserConfigurationException In case of an error + * @throws IOException In case of an error + * @throws SignatureException In case of an error */ public String buildPvpMetadata(final IPvpMetadataBuilderConfiguration config) throws CredentialsNotAvailableException, EaafException, SecurityException, @@ -165,7 +167,6 @@ public class PvpMetadataBuilder { builder = factory.newDocumentBuilder(); final Document document = builder.newDocument(); - // build entities descriptor if (config.buildEntitiesDescriptorAsRootElement()) { final EntitiesDescriptor entitiesDescriptor = @@ -179,7 +180,6 @@ public class PvpMetadataBuilder { EaafDefaultSaml2Bootstrap.initializeDefaultPvpConfiguration(); entitiesDescriptor.setSignature(signature); - // marshall document final Marshaller out = org.opensaml.xml.Configuration.getMarshallerFactory().getMarshaller(entitiesDescriptor); @@ -191,8 +191,6 @@ public class PvpMetadataBuilder { entityDescriptor.setSignature(signature); - - // marshall document final Marshaller out = org.opensaml.xml.Configuration.getMarshallerFactory().getMarshaller(entityDescriptor); @@ -215,7 +213,6 @@ public class PvpMetadataBuilder { return sw.toString(); } - private RoleDescriptor generateSpMetadata(final IPvpMetadataBuilderConfiguration config) throws CredentialsNotAvailableException, SecurityException, EaafException { final SPSSODescriptor spSsoDescriptor = Saml2Utils.createSamlObject(SPSSODescriptor.class); @@ -268,7 +265,6 @@ public class PvpMetadataBuilder { } } - // add POST-Binding assertion consumer services if (StringUtils.isNotEmpty(config.getSpAssertionConsumerServicePostBindingUrl())) { final AssertionConsumerService postassertionConsumerService = @@ -332,7 +328,6 @@ public class PvpMetadataBuilder { } - // add required attributes final Collection<RequestedAttribute> reqSpAttr = config.getSpRequiredAttributes(); final AttributeConsumingService attributeService = @@ -382,7 +377,8 @@ public class PvpMetadataBuilder { idpSsoDescriptor.addSupportedProtocol(SAMLConstants.SAML20P_NS); - // set ass default value, because PVP 2.x specification defines this feature as MUST + // set ass default value, because PVP 2.x specification defines this feature as + // MUST idpSsoDescriptor.setWantAuthnRequestsSigned(config.wantAuthnRequestSigned()); // add WebSSO descriptor for POST-Binding diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/SamlAttributeGenerator.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/SamlAttributeGenerator.java index 559a3959..d697f3d4 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/SamlAttributeGenerator.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/SamlAttributeGenerator.java @@ -19,8 +19,6 @@ package at.gv.egiz.eaaf.modules.pvp2.impl.builder; -import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator; -import at.gv.egiz.eaaf.modules.pvp2.impl.utils.Saml2Utils; import org.opensaml.saml2.core.Attribute; import org.opensaml.saml2.core.AttributeValue; import org.opensaml.xml.Configuration; @@ -30,6 +28,9 @@ import org.opensaml.xml.schema.XSString; import org.opensaml.xml.schema.impl.XSIntegerBuilder; import org.opensaml.xml.schema.impl.XSStringBuilder; +import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator; +import at.gv.egiz.eaaf.modules.pvp2.impl.utils.Saml2Utils; + public class SamlAttributeGenerator implements IAttributeGenerator<Attribute> { private XMLObject buildAttributeStringValue(final String value) { diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/reqattr/EaafRequestExtensionBuilder.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/reqattr/EaafRequestExtensionBuilder.java index d8ea35a0..25cbc6ef 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/reqattr/EaafRequestExtensionBuilder.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/reqattr/EaafRequestExtensionBuilder.java @@ -11,7 +11,7 @@ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express * or implied. See the Licence for the specific language governing permissions and limitations under * the Licence. - * + * * This product combines work with different licenses. See the "NOTICE" text file for details on the * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative * works that you distribute must include a readable copy of the "NOTICE" text file. @@ -33,7 +33,8 @@ public class EaafRequestExtensionBuilder extends AbstractSAMLObjectBuilder<Exten } @Override - public Extensions buildObject(final String namespaceUri, final String localName, final String namespacePrefix) { + public Extensions buildObject(final String namespaceUri, final String localName, + final String namespacePrefix) { return new EaafExtensionImplementation(namespaceUri, localName, namespacePrefix); } diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/reqattr/EaafRequestedAttributeBuilder.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/reqattr/EaafRequestedAttributeBuilder.java index 4f91f267..81d8d192 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/reqattr/EaafRequestedAttributeBuilder.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/reqattr/EaafRequestedAttributeBuilder.java @@ -19,9 +19,10 @@ package at.gv.egiz.eaaf.modules.pvp2.impl.builder.reqattr; +import org.opensaml.common.impl.AbstractSAMLObjectBuilder; + import at.gv.egiz.eaaf.modules.pvp2.api.reqattr.EaafRequestedAttribute; import at.gv.egiz.eaaf.modules.pvp2.impl.reqattr.EaafRequestedAttributeImpl; -import org.opensaml.common.impl.AbstractSAMLObjectBuilder; public class EaafRequestedAttributeBuilder extends AbstractSAMLObjectBuilder<EaafRequestedAttribute> { diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/reqattr/EaafRequestedAttributeMarshaller.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/reqattr/EaafRequestedAttributeMarshaller.java index a370818e..749310f2 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/reqattr/EaafRequestedAttributeMarshaller.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/reqattr/EaafRequestedAttributeMarshaller.java @@ -20,8 +20,9 @@ package at.gv.egiz.eaaf.modules.pvp2.impl.builder.reqattr; import java.util.Map.Entry; + import javax.xml.namespace.QName; -import at.gv.egiz.eaaf.modules.pvp2.api.reqattr.EaafRequestedAttribute; + import org.opensaml.common.impl.AbstractSAMLObjectMarshaller; import org.opensaml.xml.XMLObject; import org.opensaml.xml.io.MarshallingException; @@ -29,6 +30,8 @@ import org.opensaml.xml.util.XMLHelper; import org.w3c.dom.Attr; import org.w3c.dom.Element; +import at.gv.egiz.eaaf.modules.pvp2.api.reqattr.EaafRequestedAttribute; + public class EaafRequestedAttributeMarshaller extends AbstractSAMLObjectMarshaller { @Override protected final void marshallAttributes(final XMLObject samlElement, final Element domElement) diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/reqattr/EaafRequestedAttributeUnmarshaller.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/reqattr/EaafRequestedAttributeUnmarshaller.java index 25baed16..35532e77 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/reqattr/EaafRequestedAttributeUnmarshaller.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/reqattr/EaafRequestedAttributeUnmarshaller.java @@ -11,7 +11,7 @@ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express * or implied. See the Licence for the specific language governing permissions and limitations under * the Licence. - * + * * This product combines work with different licenses. See the "NOTICE" text file for details on the * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative * works that you distribute must include a readable copy of the "NOTICE" text file. diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/reqattr/EaafRequestedAttributesBuilder.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/reqattr/EaafRequestedAttributesBuilder.java index 1f68747f..db08f87f 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/reqattr/EaafRequestedAttributesBuilder.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/reqattr/EaafRequestedAttributesBuilder.java @@ -11,7 +11,7 @@ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express * or implied. See the Licence for the specific language governing permissions and limitations under * the Licence. - * + * * This product combines work with different licenses. See the "NOTICE" text file for details on the * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative * works that you distribute must include a readable copy of the "NOTICE" text file. diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/reqattr/EaafRequestedAttributesMarshaller.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/reqattr/EaafRequestedAttributesMarshaller.java index 2fff64b3..8aa70e5a 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/reqattr/EaafRequestedAttributesMarshaller.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/reqattr/EaafRequestedAttributesMarshaller.java @@ -11,7 +11,7 @@ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express * or implied. See the Licence for the specific language governing permissions and limitations under * the Licence. - * + * * This product combines work with different licenses. See the "NOTICE" text file for details on the * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative * works that you distribute must include a readable copy of the "NOTICE" text file. diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/reqattr/EaafRequestedAttributesUnmarshaller.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/reqattr/EaafRequestedAttributesUnmarshaller.java index b2cf7a82..f616bbb0 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/reqattr/EaafRequestedAttributesUnmarshaller.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/reqattr/EaafRequestedAttributesUnmarshaller.java @@ -19,12 +19,13 @@ package at.gv.egiz.eaaf.modules.pvp2.impl.builder.reqattr; -import at.gv.egiz.eaaf.modules.pvp2.api.reqattr.EaafRequestedAttribute; -import at.gv.egiz.eaaf.modules.pvp2.api.reqattr.EaafRequestedAttributes; import org.opensaml.common.impl.AbstractSAMLObjectUnmarshaller; import org.opensaml.xml.XMLObject; import org.opensaml.xml.io.UnmarshallingException; +import at.gv.egiz.eaaf.modules.pvp2.api.reqattr.EaafRequestedAttribute; +import at.gv.egiz.eaaf.modules.pvp2.api.reqattr.EaafRequestedAttributes; + public class EaafRequestedAttributesUnmarshaller extends AbstractSAMLObjectUnmarshaller { @Override protected final void processChildElement(final XMLObject parentObject, diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/message/InboundMessage.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/message/InboundMessage.java index c21524dd..cd22bba7 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/message/InboundMessage.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/message/InboundMessage.java @@ -25,10 +25,6 @@ import java.io.Serializable; import javax.xml.parsers.ParserConfigurationException; import javax.xml.transform.TransformerException; -import at.gv.egiz.eaaf.core.impl.utils.DomUtils; -import at.gv.egiz.eaaf.modules.pvp2.api.message.InboundMessageInterface; -import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvpMetadataProvider; -import at.gv.egiz.eaaf.modules.pvp2.exception.NoMetadataInformationException; import org.opensaml.saml2.metadata.EntityDescriptor; import org.opensaml.saml2.metadata.provider.MetadataProviderException; import org.slf4j.Logger; @@ -36,6 +32,11 @@ import org.slf4j.LoggerFactory; import org.w3c.dom.Element; import org.xml.sax.SAXException; +import at.gv.egiz.eaaf.core.impl.utils.DomUtils; +import at.gv.egiz.eaaf.modules.pvp2.api.message.InboundMessageInterface; +import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvpMetadataProvider; +import at.gv.egiz.eaaf.modules.pvp2.exception.NoMetadataInformationException; + public class InboundMessage implements InboundMessageInterface, Serializable { private static final Logger log = LoggerFactory.getLogger(InboundMessage.class); @@ -100,18 +101,19 @@ public class InboundMessage implements InboundMessageInterface, Serializable { public void setSamlMessage(final Element msg) { this.samlMessage = msg; try { - this.serializedSamlMessage = DomUtils.serializeNode(msg); - - } catch (TransformerException | IOException e) { - log.warn("Can not serialize message",e ); - - } + this.serializedSamlMessage = DomUtils.serializeNode(msg); + + } catch (TransformerException | IOException e) { + log.warn("Can not serialize message", e); + + } } /* * (non-Javadoc) * - * @see at.gv.egovernment.moa.id.protocols.pvp2x.messages.PVP21InboundMessage#getRelayState() + * @see at.gv.egovernment.moa.id.protocols.pvp2x.messages.PVP21InboundMessage# + * getRelayState() */ @Override public String getRelayState() { @@ -121,7 +123,8 @@ public class InboundMessage implements InboundMessageInterface, Serializable { /* * (non-Javadoc) * - * @see at.gv.egovernment.moa.id.protocols.pvp2x.messages.PVP21InboundMessage#getEntityID() + * @see at.gv.egovernment.moa.id.protocols.pvp2x.messages.PVP21InboundMessage# + * getEntityID() */ @Override public String getEntityID() { @@ -131,7 +134,8 @@ public class InboundMessage implements InboundMessageInterface, Serializable { /* * (non-Javadoc) * - * @see at.gv.egovernment.moa.id.protocols.pvp2x.messages.PVP21InboundMessage#isVerified() + * @see at.gv.egovernment.moa.id.protocols.pvp2x.messages.PVP21InboundMessage# + * isVerified() */ @Override public boolean isVerified() { @@ -141,24 +145,25 @@ public class InboundMessage implements InboundMessageInterface, Serializable { /* * (non-Javadoc) * - * @see at.gv.egovernment.moa.id.protocols.pvp2x.messages.PVP21InboundMessage#getInboundMessage() + * @see at.gv.egovernment.moa.id.protocols.pvp2x.messages.PVP21InboundMessage# + * getInboundMessage() */ @Override public Element getInboundMessage() { - if (this.samlMessage != null) { - return samlMessage; - - } else { - try { - return (Element) DomUtils.parseDocument(serializedSamlMessage, false, null, null); - - } catch (SAXException | IOException | ParserConfigurationException e) { - throw new RuntimeException(e); - - } - - } - + if (this.samlMessage != null) { + return samlMessage; + + } else { + try { + return (Element) DomUtils.parseDocument(serializedSamlMessage, false, null, null); + + } catch (SAXException | IOException | ParserConfigurationException e) { + throw new RuntimeException(e); + + } + + } + } } diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/message/PvpSProfileRequest.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/message/PvpSProfileRequest.java index dce2dd04..8a2cce3e 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/message/PvpSProfileRequest.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/message/PvpSProfileRequest.java @@ -19,7 +19,6 @@ package at.gv.egiz.eaaf.modules.pvp2.impl.message; - import org.opensaml.xml.io.Unmarshaller; import org.opensaml.xml.io.UnmarshallerFactory; import org.opensaml.xml.io.UnmarshallingException; @@ -38,7 +37,7 @@ public class PvpSProfileRequest extends InboundMessage { * PVP2 S-Profil request DAO. * * @param inboundMessage SAML2 request object - * @param binding Used SAML2 binding + * @param binding Used SAML2 binding */ public PvpSProfileRequest(final SignableXMLObject inboundMessage, final String binding) { setSamlMessage(inboundMessage.getDOM()); diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata/AbstractChainingMetadataProvider.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata/AbstractChainingMetadataProvider.java index 8a6105bc..4a9bb89a 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata/AbstractChainingMetadataProvider.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata/AbstractChainingMetadataProvider.java @@ -28,12 +28,9 @@ import java.util.Iterator; import java.util.List; import java.util.Map; import java.util.Timer; + import javax.xml.namespace.QName; -import at.gv.egiz.components.spring.api.IDestroyableObject; -import at.gv.egiz.eaaf.core.api.IGarbageCollectorProcessing; -import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException; -import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvpMetadataProvider; -import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IRefreshableMetadataProvider; + import org.apache.commons.lang3.StringUtils; import org.opensaml.saml2.metadata.EntitiesDescriptor; import org.opensaml.saml2.metadata.EntityDescriptor; @@ -48,6 +45,12 @@ import org.opensaml.xml.XMLObject; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import at.gv.egiz.components.spring.api.IDestroyableObject; +import at.gv.egiz.eaaf.core.api.IGarbageCollectorProcessing; +import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException; +import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvpMetadataProvider; +import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IRefreshableMetadataProvider; + public abstract class AbstractChainingMetadataProvider extends SimpleMetadataProvider implements ObservableMetadataProvider, IGarbageCollectorProcessing, IRefreshableMetadataProvider, IDestroyableObject, IPvpMetadataProvider { @@ -58,7 +61,6 @@ public abstract class AbstractChainingMetadataProvider extends SimpleMetadataPro private static Object mutex = new Object(); private Timer timer = null; - public AbstractChainingMetadataProvider() { internalProvider = new ChainingMetadataProvider(); @@ -72,12 +74,16 @@ public abstract class AbstractChainingMetadataProvider extends SimpleMetadataPro /* * (non-Javadoc) * - * @see at.gv.egovernment.moa.id.config.auth.IGarbageCollectorProcessing#runGarbageCollector() + * @see at.gv.egovernment.moa.id.config.auth.IGarbageCollectorProcessing# + * runGarbageCollector() */ @Override public void runGarbageCollector() { synchronized (mutex) { - /* add new Metadataprovider or remove Metadataprovider which are not in use any more. */ + /* + * add new Metadataprovider or remove Metadataprovider which are not in use any + * more. + */ try { log.trace("Check consistence of PVP2X metadata"); addAndRemoveMetadataProvider(); @@ -110,7 +116,6 @@ public abstract class AbstractChainingMetadataProvider extends SimpleMetadataPro } - // reload metadata provider final String metadataUrl = getMetadataUrl(entityID); if (StringUtils.isNotEmpty(metadataUrl)) { @@ -195,12 +200,11 @@ public abstract class AbstractChainingMetadataProvider extends SimpleMetadataPro } } - /* * (non-Javadoc) * - * @see - * at.gv.egovernment.moa.id.protocols.pvp2x.metadata.IEAAFMetadataProvider#requireValidMetadata() + * @see at.gv.egovernment.moa.id.protocols.pvp2x.metadata.IEAAFMetadataProvider# + * requireValidMetadata() */ @Override public boolean requireValidMetadata() { @@ -210,9 +214,8 @@ public abstract class AbstractChainingMetadataProvider extends SimpleMetadataPro /* * (non-Javadoc) * - * @see - * at.gv.egovernment.moa.id.protocols.pvp2x.metadata.IEAAFMetadataProvider#setRequireValidMetadata - * (boolean) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.metadata.IEAAFMetadataProvider# + * setRequireValidMetadata (boolean) */ @Override public void setRequireValidMetadata(final boolean requireValidMetadata) { @@ -222,8 +225,8 @@ public abstract class AbstractChainingMetadataProvider extends SimpleMetadataPro /* * (non-Javadoc) * - * @see - * at.gv.egovernment.moa.id.protocols.pvp2x.metadata.IEAAFMetadataProvider#getMetadataFilter() + * @see at.gv.egovernment.moa.id.protocols.pvp2x.metadata.IEAAFMetadataProvider# + * getMetadataFilter() */ @Override public MetadataFilter getMetadataFilter() { @@ -233,9 +236,8 @@ public abstract class AbstractChainingMetadataProvider extends SimpleMetadataPro /* * (non-Javadoc) * - * @see - * at.gv.egovernment.moa.id.protocols.pvp2x.metadata.IEAAFMetadataProvider#setMetadataFilter(org. - * opensaml.saml2.metadata.provider.MetadataFilter) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.metadata.IEAAFMetadataProvider# + * setMetadataFilter(org. opensaml.saml2.metadata.provider.MetadataFilter) */ @Override public void setMetadataFilter(final MetadataFilter newFilter) throws MetadataProviderException { @@ -245,7 +247,8 @@ public abstract class AbstractChainingMetadataProvider extends SimpleMetadataPro /* * (non-Javadoc) * - * @see at.gv.egovernment.moa.id.protocols.pvp2x.metadata.IEAAFMetadataProvider#getMetadata() + * @see at.gv.egovernment.moa.id.protocols.pvp2x.metadata.IEAAFMetadataProvider# + * getMetadata() */ @Override public XMLObject getMetadata() throws MetadataProviderException { @@ -255,9 +258,8 @@ public abstract class AbstractChainingMetadataProvider extends SimpleMetadataPro /* * (non-Javadoc) * - * @see - * at.gv.egovernment.moa.id.protocols.pvp2x.metadata.IEAAFMetadataProvider#getEntitiesDescriptor( - * java.lang.String) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.metadata.IEAAFMetadataProvider# + * getEntitiesDescriptor( java.lang.String) */ @Override public EntitiesDescriptor getEntitiesDescriptor(final String entitiesID) @@ -290,9 +292,8 @@ public abstract class AbstractChainingMetadataProvider extends SimpleMetadataPro /* * (non-Javadoc) * - * @see - * at.gv.egovernment.moa.id.protocols.pvp2x.metadata.IEAAFMetadataProvider#getEntityDescriptor( - * java.lang.String) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.metadata.IEAAFMetadataProvider# + * getEntityDescriptor( java.lang.String) */ @Override public EntityDescriptor getEntityDescriptor(final String entityID) @@ -327,8 +328,8 @@ public abstract class AbstractChainingMetadataProvider extends SimpleMetadataPro /* * (non-Javadoc) * - * @see at.gv.egovernment.moa.id.protocols.pvp2x.metadata.IEAAFMetadataProvider#getRole(java.lang. - * String, javax.xml.namespace.QName) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.metadata.IEAAFMetadataProvider# + * getRole(java.lang. String, javax.xml.namespace.QName) */ @Override public List<RoleDescriptor> getRole(final String entityID, final QName roleName) @@ -344,8 +345,8 @@ public abstract class AbstractChainingMetadataProvider extends SimpleMetadataPro /* * (non-Javadoc) * - * @see at.gv.egovernment.moa.id.protocols.pvp2x.metadata.IEAAFMetadataProvider#getRole(java.lang. - * String, javax.xml.namespace.QName, java.lang.String) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.metadata.IEAAFMetadataProvider# + * getRole(java.lang. String, javax.xml.namespace.QName, java.lang.String) */ @Override public RoleDescriptor getRole(final String entityID, final QName roleName, @@ -361,14 +362,15 @@ public abstract class AbstractChainingMetadataProvider extends SimpleMetadataPro /* * (non-Javadoc) * - * @see org.opensaml.saml2.metadata.provider.ObservableMetadataProvider#getObservers() + * @see + * org.opensaml.saml2.metadata.provider.ObservableMetadataProvider#getObservers( + * ) */ @Override public List<Observer> getObservers() { return ((ChainingMetadataProvider) internalProvider).getObservers(); } - /** * Get the URL to metadata for a specific entityID. * @@ -384,9 +386,9 @@ public abstract class AbstractChainingMetadataProvider extends SimpleMetadataPro * @param entityId EntityId * @return MetadataProvider * @throws EaafConfigurationException In case of an error - * @throws IOException In case of an error - * @throws CertificateException In case of an error - * @throws ConfigurationException In case of an error + * @throws IOException In case of an error + * @throws CertificateException In case of an error + * @throws ConfigurationException In case of an error */ protected abstract MetadataProvider createNewMetadataProvider(String entityId) throws EaafConfigurationException, IOException, CertificateException; @@ -399,7 +401,6 @@ public abstract class AbstractChainingMetadataProvider extends SimpleMetadataPro protected abstract List<String> getAllMetadataUrlsFromConfiguration() throws EaafConfigurationException; - protected void emitChangeEvent() { if (getObservers() == null || getObservers().size() == 0) { return; @@ -447,9 +448,10 @@ public abstract class AbstractChainingMetadataProvider extends SimpleMetadataPro final Map<String, HTTPMetadataProvider> loadedproviders = getAllActuallyLoadedProviders(); /* - * TODO: maybe add metadata provider destroy after timeout. But could be a problem if one - * Metadataprovider load an EntitiesDescriptor with more the multiple EntityDescriptors. If - * one of this EntityDesciptors are expired the full EntitiesDescriptor is removed. + * TODO: maybe add metadata provider destroy after timeout. But could be a + * problem if one Metadataprovider load an EntitiesDescriptor with more the + * multiple EntityDescriptors. If one of this EntityDesciptors are expired the + * full EntitiesDescriptor is removed. * * Timeout requires a better solution in this case! */ @@ -464,7 +466,7 @@ public abstract class AbstractChainingMetadataProvider extends SimpleMetadataPro final String metadataurl = metadataUrlInterator.next(); try { if (StringUtils.isNotEmpty(metadataurl) - && loadedproviders.containsKey(metadataurl)) { + && loadedproviders.containsKey(metadataurl)) { // SAML2 SP is actually loaded, to nothing providersinuse.put(metadataurl, loadedproviders.get(metadataurl)); loadedproviders.remove(metadataurl); @@ -477,7 +479,8 @@ public abstract class AbstractChainingMetadataProvider extends SimpleMetadataPro } } - // remove all actually loaded MetadataProviders with are not in ConfigurationDB any more + // remove all actually loaded MetadataProviders with are not in ConfigurationDB + // any more final Collection<HTTPMetadataProvider> notusedproviders = loadedproviders.values(); for (final HTTPMetadataProvider provider : notusedproviders) { final String metadataurl = provider.getMetadataURI(); diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata/MetadataFilterChain.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata/MetadataFilterChain.java index 04c1dcb8..ebc057df 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata/MetadataFilterChain.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata/MetadataFilterChain.java @@ -21,13 +21,13 @@ package at.gv.egiz.eaaf.modules.pvp2.impl.metadata; import java.util.ArrayList; import java.util.List; + import org.opensaml.saml2.metadata.provider.FilterException; import org.opensaml.saml2.metadata.provider.MetadataFilter; import org.opensaml.xml.XMLObject; import org.slf4j.Logger; import org.slf4j.LoggerFactory; - /** * Metadata filter-chain implementation. * @@ -37,7 +37,6 @@ import org.slf4j.LoggerFactory; public class MetadataFilterChain implements MetadataFilter { private static final Logger log = LoggerFactory.getLogger(MetadataFilterChain.class); - private final List<MetadataFilter> filters = new ArrayList<>(); /** @@ -58,11 +57,12 @@ public class MetadataFilterChain implements MetadataFilter { filters.add(filter); } - /* * (non-Javadoc) * - * @see org.opensaml.saml2.metadata.provider.MetadataFilter#doFilter(org.opensaml.xml.XMLObject) + * @see + * org.opensaml.saml2.metadata.provider.MetadataFilter#doFilter(org.opensaml.xml + * .XMLObject) */ @Override public void doFilter(final XMLObject arg0) throws FilterException { diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata/SimpleMetadataProvider.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata/SimpleMetadataProvider.java index 67dd1d35..d63950cb 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata/SimpleMetadataProvider.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata/SimpleMetadataProvider.java @@ -22,11 +22,9 @@ package at.gv.egiz.eaaf.modules.pvp2.impl.metadata; import java.io.File; import java.net.MalformedURLException; import java.util.Timer; + import javax.net.ssl.SSLHandshakeException; -import at.gv.egiz.eaaf.core.api.idp.IConfiguration; -import at.gv.egiz.eaaf.core.impl.utils.FileUtils; -import at.gv.egiz.eaaf.modules.pvp2.exception.SchemaValidationException; -import at.gv.egiz.eaaf.modules.pvp2.exception.SignatureValidationException; + import org.apache.commons.httpclient.HttpClient; import org.opensaml.saml2.metadata.provider.FilesystemMetadataProvider; import org.opensaml.saml2.metadata.provider.HTTPMetadataProvider; @@ -37,6 +35,11 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; +import at.gv.egiz.eaaf.core.api.idp.IConfiguration; +import at.gv.egiz.eaaf.core.impl.utils.FileUtils; +import at.gv.egiz.eaaf.modules.pvp2.exception.SchemaValidationException; +import at.gv.egiz.eaaf.modules.pvp2.exception.SignatureValidationException; + /** * Simple SAML2 metadata provider. * @@ -50,23 +53,26 @@ public abstract class SimpleMetadataProvider implements MetadataProvider { private static final String URI_PREFIX_HTTPS = "https:"; private static final String URI_PREFIX_FILE = "file:"; - @Autowired protected IConfiguration authConfig; - /** * Create a single SAML2 metadata provider. * - * @param metadataLocation where the metadata should be loaded, but never null. If the location - * starts with http(s):, than a http based metadata provider is used. If the location - * starts with file:, than a filesystem based metadata provider is used - * @param filter Filters, which should be used to validate the metadata - * @param idForLogging Id, which is used for Logging - * @param timer {@link Timer} which is used to schedule metadata refresh operations - * @param httpClient Apache commons 3.x http client + * @param metadataLocation where the metadata should be loaded, but never null. + * If the location starts with http(s):, than a http + * based metadata provider is used. If the location + * starts with file:, than a filesystem based metadata + * provider is used + * @param filter Filters, which should be used to validate the + * metadata + * @param idForLogging Id, which is used for Logging + * @param timer {@link Timer} which is used to schedule metadata + * refresh operations + * @param httpClient Apache commons 3.x http client * - * @return SAML2 Metadata Provider, or null if the metadata provider can not initialized + * @return SAML2 Metadata Provider, or null if the metadata provider can not + * initialized */ protected MetadataProvider createNewSimpleMetadataProvider(final String metadataLocation, final MetadataFilter filter, final String idForLogging, final Timer timer, @@ -100,7 +106,6 @@ public abstract class SimpleMetadataProvider implements MetadataProvider { } - } catch (final MalformedURLException e) { log.warn("SAML2 metadata URL is invalid: " + metadataLocation, e); @@ -113,14 +118,14 @@ public abstract class SimpleMetadataProvider implements MetadataProvider { } - /** * Create a single SAML2 filesystem based metadata provider. * * @param metadataFile File, where the metadata should be loaded - * @param filter Filters, which should be used to validate the metadata + * @param filter Filters, which should be used to validate the metadata * @param idForLogging Id, which is used for Logging - * @param timer {@link Timer} which is used to schedule metadata refresh operations + * @param timer {@link Timer} which is used to schedule metadata refresh + * operations * @param pool * * @return SAML2 Metadata Provider @@ -148,7 +153,6 @@ public abstract class SimpleMetadataProvider implements MetadataProvider { log.warn("Failed to load Metadata file for " + idForLogging + "[ " + "File: " + metadataFile.getAbsolutePath() + " Msg: " + e.getMessage() + " ]", e); - log.warn("Can not initialize SAML2 metadata provider from filesystem: " + metadataFile.getAbsolutePath() + " Reason: " + e.getMessage(), e); @@ -162,15 +166,14 @@ public abstract class SimpleMetadataProvider implements MetadataProvider { } - - /** * Create a single SAML2 HTTP metadata provider. * - * @param metadataUrl URL, where the metadata should be loaded - * @param filter Filters, which should be used to validate the metadata + * @param metadataUrl URL, where the metadata should be loaded + * @param filter Filters, which should be used to validate the metadata * @param idForLogging Id, which is used for Logging - * @param timer {@link Timer} which is used to schedule metadata refresh operations + * @param timer {@link Timer} which is used to schedule metadata refresh + * operations * @param pool * * @return SAML2 Metadata Provider @@ -220,7 +223,6 @@ public abstract class SimpleMetadataProvider implements MetadataProvider { // timer.cancel(); // } - } return null; diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/EaafKeyStoreX509CredentialAdapter.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/EaafKeyStoreX509CredentialAdapter.java index a6d2508d..92d8f4b9 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/EaafKeyStoreX509CredentialAdapter.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/EaafKeyStoreX509CredentialAdapter.java @@ -20,8 +20,8 @@ package at.gv.egiz.eaaf.modules.pvp2.impl.opensaml; import java.security.KeyStore; -import org.opensaml.xml.security.x509.X509Credential; +import org.opensaml.xml.security.x509.X509Credential; /** * OpenSAML2 KeyStore adapter. @@ -35,8 +35,8 @@ public class EaafKeyStoreX509CredentialAdapter /** * Get an OpenSAML2 keystore. * - * @param store Java KeyStore - * @param alias Key alias + * @param store Java KeyStore + * @param alias Key alias * @param password key Password */ public EaafKeyStoreX509CredentialAdapter(final KeyStore store, final String alias, @@ -49,5 +49,4 @@ public class EaafKeyStoreX509CredentialAdapter return X509Credential.class; } - } diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/HttpPostEncoderWithOwnTemplate.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/HttpPostEncoderWithOwnTemplate.java index 957def02..404b4e8e 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/HttpPostEncoderWithOwnTemplate.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/HttpPostEncoderWithOwnTemplate.java @@ -25,8 +25,7 @@ import java.io.InputStream; import java.io.InputStreamReader; import java.io.OutputStreamWriter; import java.io.Writer; -import at.gv.egiz.eaaf.core.api.gui.IVelocityGuiBuilderConfiguration; -import at.gv.egiz.eaaf.core.api.gui.IVelocityGuiFormBuilder; + import org.apache.velocity.VelocityContext; import org.apache.velocity.app.VelocityEngine; import org.opensaml.common.binding.SAMLMessageContext; @@ -37,6 +36,9 @@ import org.opensaml.ws.transport.http.HTTPTransportUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import at.gv.egiz.eaaf.core.api.gui.IVelocityGuiBuilderConfiguration; +import at.gv.egiz.eaaf.core.api.gui.IVelocityGuiFormBuilder; + /** * OpenSAML2 Post-Binding encoder that uses dynamic loaded templates. * @@ -46,7 +48,6 @@ import org.slf4j.LoggerFactory; public class HttpPostEncoderWithOwnTemplate extends HTTPPostEncoder { private static final Logger log = LoggerFactory.getLogger(HttpPostEncoderWithOwnTemplate.class); - private final VelocityEngine velocityEngine; private final IVelocityGuiBuilderConfiguration guiConfig; private final IVelocityGuiFormBuilder guiBuilder; @@ -54,9 +55,9 @@ public class HttpPostEncoderWithOwnTemplate extends HTTPPostEncoder { /** * Own Post-Binding encoder. * - * @param guiConfig GUI configuration + * @param guiConfig GUI configuration * @param guiBuilder GUI builder implementation - * @param engine velocity engine + * @param engine velocity engine */ public HttpPostEncoderWithOwnTemplate(final IVelocityGuiBuilderConfiguration guiConfig, final IVelocityGuiFormBuilder guiBuilder, final VelocityEngine engine) { @@ -68,12 +69,14 @@ public class HttpPostEncoderWithOwnTemplate extends HTTPPostEncoder { } /** - * Base64 and POST encodes the outbound message and writes it to the outbound transport. + * Base64 and POST encodes the outbound message and writes it to the outbound + * transport. * * @param messageContext current message context - * @param endpointUrl endpoint URL to which to encode message + * @param endpointUrl endpoint URL to which to encode message * - * @throws MessageEncodingException thrown if there is a problem encoding the message + * @throws MessageEncodingException thrown if there is a problem encoding the + * message */ @Override protected void postEncode(final SAMLMessageContext messageContext, final String endpointUrl) diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/StringRedirectDeflateEncoder.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/StringRedirectDeflateEncoder.java index 2def1446..8838daec 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/StringRedirectDeflateEncoder.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/StringRedirectDeflateEncoder.java @@ -19,7 +19,6 @@ package at.gv.egiz.eaaf.modules.pvp2.impl.opensaml; -import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafDefaultSaml2Bootstrap; import org.opensaml.common.binding.SAMLMessageContext; import org.opensaml.saml2.binding.encoding.HTTPRedirectDeflateEncoder; import org.opensaml.ws.message.MessageContext; @@ -27,6 +26,8 @@ import org.opensaml.ws.message.encoder.MessageEncodingException; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafDefaultSaml2Bootstrap; + /** * Create deflate encoded SAML2 redirect-binding informations. * @@ -71,5 +72,4 @@ public class StringRedirectDeflateEncoder extends HTTPRedirectDeflateEncoder { return redirectUrl; } - } diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/initialize/EaafDefaultSaml2Bootstrap.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/initialize/EaafDefaultSaml2Bootstrap.java index 9db8e5e7..9625b591 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/initialize/EaafDefaultSaml2Bootstrap.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/initialize/EaafDefaultSaml2Bootstrap.java @@ -19,6 +19,9 @@ package at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize; +import org.opensaml.DefaultBootstrap; +import org.opensaml.xml.ConfigurationException; + import at.gv.egiz.eaaf.modules.pvp2.api.reqattr.EaafRequestedAttribute; import at.gv.egiz.eaaf.modules.pvp2.api.reqattr.EaafRequestedAttributes; import at.gv.egiz.eaaf.modules.pvp2.impl.builder.reqattr.EaafRequestedAttributeBuilder; @@ -27,8 +30,6 @@ import at.gv.egiz.eaaf.modules.pvp2.impl.builder.reqattr.EaafRequestedAttributeU import at.gv.egiz.eaaf.modules.pvp2.impl.builder.reqattr.EaafRequestedAttributesBuilder; import at.gv.egiz.eaaf.modules.pvp2.impl.builder.reqattr.EaafRequestedAttributesMarshaller; import at.gv.egiz.eaaf.modules.pvp2.impl.builder.reqattr.EaafRequestedAttributesUnmarshaller; -import org.opensaml.DefaultBootstrap; -import org.opensaml.xml.ConfigurationException; /** * EAAF specific OpenSAML Initializer. diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/initialize/EaafDefaultSecurityConfigurationBootstrap.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/initialize/EaafDefaultSecurityConfigurationBootstrap.java index a1a7e9d2..f3e50e4e 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/initialize/EaafDefaultSecurityConfigurationBootstrap.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/initialize/EaafDefaultSecurityConfigurationBootstrap.java @@ -84,7 +84,6 @@ public class EaafDefaultSecurityConfigurationBootstrap // use SHA256 instead of SHA1 config.registerSignatureAlgorithmURI("AES", SignatureConstants.ALGO_ID_MAC_HMAC_SHA256); - config.registerSignatureAlgorithmURI("DESede", SignatureConstants.ALGO_ID_MAC_HMAC_SHA256); config.setSignatureCanonicalizationAlgorithm("http://www.w3.org/2001/10/xml-exc-c14n#"); @@ -112,7 +111,6 @@ public class EaafDefaultSecurityConfigurationBootstrap config.registerDataEncryptionAlgorithmURI("AES", Integer.valueOf(256), EncryptionConstants.ALGO_ID_BLOCKCIPHER_AES256_GCM); - config.registerDataEncryptionAlgorithmURI("DESede", Integer.valueOf(168), "http://www.w3.org/2001/04/xmlenc#tripledes-cbc"); config.registerDataEncryptionAlgorithmURI("DESede", Integer.valueOf(192), diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/reqattr/EaafRequestedAttributeImpl.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/reqattr/EaafRequestedAttributeImpl.java index 1ceb5adc..e91ee19c 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/reqattr/EaafRequestedAttributeImpl.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/reqattr/EaafRequestedAttributeImpl.java @@ -22,13 +22,15 @@ package at.gv.egiz.eaaf.modules.pvp2.impl.reqattr; import java.util.ArrayList; import java.util.Collections; import java.util.List; -import at.gv.egiz.eaaf.modules.pvp2.api.reqattr.EaafRequestedAttribute; + import org.opensaml.common.impl.AbstractSAMLObject; import org.opensaml.xml.XMLObject; import org.opensaml.xml.schema.XSBooleanValue; import org.opensaml.xml.util.AttributeMap; import org.opensaml.xml.util.XMLObjectChildrenList; +import at.gv.egiz.eaaf.modules.pvp2.api.reqattr.EaafRequestedAttribute; + public class EaafRequestedAttributeImpl extends AbstractSAMLObject implements EaafRequestedAttribute { @@ -42,9 +44,9 @@ public class EaafRequestedAttributeImpl extends AbstractSAMLObject /** * Build an EAAF specific requested attribute. * - * @param namespaceUri Attribute namespace + * @param namespaceUri Attribute namespace * @param elementLocalName Attribute name - * @param namespacePrefix Attribute namespace prefix + * @param namespacePrefix Attribute namespace prefix */ public EaafRequestedAttributeImpl(final String namespaceUri, final String elementLocalName, final String namespacePrefix) { @@ -86,19 +88,16 @@ public class EaafRequestedAttributeImpl extends AbstractSAMLObject return Collections.unmodifiableList(children); } - @Override public final AttributeMap getUnknownAttributes() { return unknownAttributes; } - @Override public final void setFriendlyName(final String newFriendlyName) { this.friendlyName = prepareForAssignment(this.friendlyName, newFriendlyName); } - @Override public void setIsRequired(final Boolean aboolean) { this.isRequired = String.valueOf(aboolean); @@ -115,19 +114,16 @@ public class EaafRequestedAttributeImpl extends AbstractSAMLObject } - @Override public final void setName(final String newName) { this.name = prepareForAssignment(this.name, newName); } - @Override public final void setNameFormat(final String newNameFormat) { this.nameFormat = prepareForAssignment(this.nameFormat, newNameFormat); } - public final void setUnknownAttributes(final AttributeMap newUnknownAttr) { this.unknownAttributes = newUnknownAttr; } @@ -137,10 +133,6 @@ public class EaafRequestedAttributeImpl extends AbstractSAMLObject return XSBooleanValue.valueOf(isRequired); } - - - - @Override public Boolean isRequired() { return Boolean.parseBoolean(isRequired); diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/reqattr/EaafRequestedAttributesImpl.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/reqattr/EaafRequestedAttributesImpl.java index 3b447538..eefc166b 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/reqattr/EaafRequestedAttributesImpl.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/reqattr/EaafRequestedAttributesImpl.java @@ -22,12 +22,14 @@ package at.gv.egiz.eaaf.modules.pvp2.impl.reqattr; import java.util.ArrayList; import java.util.Collections; import java.util.List; -import at.gv.egiz.eaaf.modules.pvp2.api.reqattr.EaafRequestedAttribute; -import at.gv.egiz.eaaf.modules.pvp2.api.reqattr.EaafRequestedAttributes; + import org.opensaml.common.impl.AbstractSAMLObject; import org.opensaml.xml.XMLObject; import org.opensaml.xml.util.IndexedXMLObjectChildrenList; +import at.gv.egiz.eaaf.modules.pvp2.api.reqattr.EaafRequestedAttribute; +import at.gv.egiz.eaaf.modules.pvp2.api.reqattr.EaafRequestedAttributes; + public class EaafRequestedAttributesImpl extends AbstractSAMLObject implements EaafRequestedAttributes { diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/utils/AbstractCredentialProvider.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/utils/AbstractCredentialProvider.java index ec4009f0..5c9bb6be 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/utils/AbstractCredentialProvider.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/utils/AbstractCredentialProvider.java @@ -23,10 +23,7 @@ import java.security.KeyStore; import java.security.PrivateKey; import java.security.interfaces.ECPrivateKey; import java.security.interfaces.RSAPrivateKey; -import at.gv.egiz.eaaf.core.exceptions.EaafException; -import at.gv.egiz.eaaf.core.impl.utils.KeyStoreUtils; -import at.gv.egiz.eaaf.modules.pvp2.exception.CredentialsNotAvailableException; -import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.EaafKeyStoreX509CredentialAdapter; + import org.apache.commons.lang3.StringUtils; import org.opensaml.xml.security.credential.Credential; import org.opensaml.xml.security.credential.UsageType; @@ -36,6 +33,11 @@ import org.opensaml.xml.signature.SignatureConstants; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import at.gv.egiz.eaaf.core.exceptions.EaafException; +import at.gv.egiz.eaaf.core.impl.utils.KeyStoreUtils; +import at.gv.egiz.eaaf.modules.pvp2.exception.CredentialsNotAvailableException; +import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.EaafKeyStoreX509CredentialAdapter; + public abstract class AbstractCredentialProvider { private static final Logger log = LoggerFactory.getLogger(AbstractCredentialProvider.class); @@ -43,7 +45,8 @@ public abstract class AbstractCredentialProvider { private KeyStore keyStore = null; /** - * Get a friendlyName for this keyStore implementation This friendlyName is used for logging. + * Get a friendlyName for this keyStore implementation This friendlyName is used + * for logging. * * @return keyStore friendlyName */ @@ -106,7 +109,6 @@ public abstract class AbstractCredentialProvider { */ public abstract String getEncryptionKeyPassword(); - /** * Get Credentials to sign metadata. * @@ -128,15 +130,15 @@ public abstract class AbstractCredentialProvider { log.error(getFriendlyName() + " Metadata Signing credentials is not found or contains no PrivateKey."); throw new CredentialsNotAvailableException("config.27", - new Object[] {getFriendlyName() + " Assertion Signing credentials (Alias: " - + getMetadataKeyAlias() + ") is not found or contains no PrivateKey."}); + new Object[] { getFriendlyName() + " Assertion Signing credentials (Alias: " + + getMetadataKeyAlias() + ") is not found or contains no PrivateKey." }); } return credentials; } catch (final Exception e) { log.error("Failed to generate " + getFriendlyName() + " Metadata Signing credentials"); e.printStackTrace(); - throw new CredentialsNotAvailableException("config.27", new Object[] {e.getMessage()}, e); + throw new CredentialsNotAvailableException("config.27", new Object[] { e.getMessage() }, e); } } @@ -160,8 +162,8 @@ public abstract class AbstractCredentialProvider { log.error(getFriendlyName() + " Assertion Signing credentials is not found or contains no PrivateKey."); throw new CredentialsNotAvailableException("config.27", - new Object[] {getFriendlyName() + " Assertion Signing credentials (Alias: " - + getSignatureKeyAlias() + ") is not found or contains no PrivateKey."}); + new Object[] { getFriendlyName() + " Assertion Signing credentials (Alias: " + + getSignatureKeyAlias() + ") is not found or contains no PrivateKey." }); } @@ -169,7 +171,7 @@ public abstract class AbstractCredentialProvider { } catch (final Exception e) { log.error("Failed to generate " + getFriendlyName() + " Assertion Signing credentials"); e.printStackTrace(); - throw new CredentialsNotAvailableException("config.27", new Object[] {e.getMessage()}, e); + throw new CredentialsNotAvailableException("config.27", new Object[] { e.getMessage() }, e); } } @@ -200,8 +202,8 @@ public abstract class AbstractCredentialProvider { log.error(getFriendlyName() + " Assertion Encryption credentials is not found or contains no PrivateKey."); throw new CredentialsNotAvailableException("config.27", - new Object[] {getFriendlyName() + " Assertion Encryption credentials (Alias: " - + getEncryptionKeyAlias() + ") is not found or contains no PrivateKey."}); + new Object[] { getFriendlyName() + " Assertion Encryption credentials (Alias: " + + getEncryptionKeyAlias() + ") is not found or contains no PrivateKey." }); } @@ -210,7 +212,7 @@ public abstract class AbstractCredentialProvider { } catch (final Exception e) { log.error("Failed to generate " + getFriendlyName() + " Assertion Encryption credentials"); e.printStackTrace(); - throw new CredentialsNotAvailableException("config.27", new Object[] {e.getMessage()}, e); + throw new CredentialsNotAvailableException("config.27", new Object[] { e.getMessage() }, e); } } @@ -234,7 +236,6 @@ public abstract class AbstractCredentialProvider { log.warn("Could NOT evaluate the Private-Key type from " + credentials.getEntityId() + " credential."); - } signer.setCanonicalizationAlgorithm(SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS); diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/utils/QaaLevelVerifier.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/utils/QaaLevelVerifier.java index 876fa744..31ffd5a7 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/utils/QaaLevelVerifier.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/utils/QaaLevelVerifier.java @@ -20,14 +20,17 @@ package at.gv.egiz.eaaf.modules.pvp2.impl.utils; import java.util.List; -import at.gv.egiz.eaaf.core.api.data.EAAFConstants; -import at.gv.egiz.eaaf.modules.pvp2.exception.QaaNotAllowedException; + import org.apache.commons.lang3.StringUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import at.gv.egiz.eaaf.core.api.data.EaafConstants; +import at.gv.egiz.eaaf.modules.pvp2.exception.QaaNotAllowedException; + /** - * EAAF LoA Level verifier checks if requested LoA matchs to LoA of authentication. + * EAAF LoA Level verifier checks if requested LoA matchs to LoA of + * authentication. * * * @author tlenz @@ -40,23 +43,23 @@ public class QaaLevelVerifier { private static boolean verifyQaaLevel(final String qaaAuth, final String requiredLoA, final String matchingMode) throws QaaNotAllowedException { // to MINIMUM machting - if (EAAFConstants.EIDAS_LOA_MATCHING_MINIMUM.equals(matchingMode)) { + if (EaafConstants.EIDAS_LOA_MATCHING_MINIMUM.equals(matchingMode)) { log.trace("Perfom LoA matching in 'MINIMUM' mode ... "); - if (EAAFConstants.EIDAS_LOA_LOW.equals(requiredLoA) - && (EAAFConstants.EIDAS_LOA_LOW.equals(qaaAuth) - || EAAFConstants.EIDAS_LOA_SUBSTANTIAL.equals(qaaAuth) - || EAAFConstants.EIDAS_LOA_HIGH.equals(qaaAuth))) { + if (EaafConstants.EIDAS_LOA_LOW.equals(requiredLoA) + && (EaafConstants.EIDAS_LOA_LOW.equals(qaaAuth) + || EaafConstants.EIDAS_LOA_SUBSTANTIAL.equals(qaaAuth) + || EaafConstants.EIDAS_LOA_HIGH.equals(qaaAuth))) { return true; - } else if (EAAFConstants.EIDAS_LOA_SUBSTANTIAL.equals(requiredLoA) - && (EAAFConstants.EIDAS_LOA_SUBSTANTIAL.equals(qaaAuth) - || EAAFConstants.EIDAS_LOA_HIGH.equals(qaaAuth))) { + } else if (EaafConstants.EIDAS_LOA_SUBSTANTIAL.equals(requiredLoA) + && (EaafConstants.EIDAS_LOA_SUBSTANTIAL.equals(qaaAuth) + || EaafConstants.EIDAS_LOA_HIGH.equals(qaaAuth))) { return true; - } else if (EAAFConstants.EIDAS_LOA_HIGH.equals(requiredLoA) - && EAAFConstants.EIDAS_LOA_HIGH.equals(qaaAuth)) { + } else if (EaafConstants.EIDAS_LOA_HIGH.equals(requiredLoA) + && EaafConstants.EIDAS_LOA_HIGH.equals(qaaAuth)) { return true; } - } else if (EAAFConstants.EIDAS_LOA_MATCHING_EXACT.equals(matchingMode)) { + } else if (EaafConstants.EIDAS_LOA_MATCHING_EXACT.equals(matchingMode)) { // to EXACT matching log.trace("Perfom LoA matching in 'EXACT' mode ... "); if (qaaAuth.equals(requiredLoA)) { @@ -78,7 +81,7 @@ public class QaaLevelVerifier { /** * Check LoA level. * - * @param qaaAuth LoA of authentication + * @param qaaAuth LoA of authentication * @param requiredLoAs List of allowed LoA levels * @param matchingMode LoA matching mode * @throws QaaNotAllowedException If LoA does not match diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/utils/Saml2Utils.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/utils/Saml2Utils.java index 8bcc3e74..1a282b55 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/utils/Saml2Utils.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/utils/Saml2Utils.java @@ -21,6 +21,7 @@ package at.gv.egiz.eaaf.modules.pvp2.impl.utils; import java.io.IOException; import java.util.List; + import javax.xml.namespace.QName; import javax.xml.parsers.DocumentBuilder; import javax.xml.parsers.DocumentBuilderFactory; @@ -29,9 +30,7 @@ import javax.xml.transform.TransformerException; import javax.xml.transform.dom.DOMSource; import javax.xml.validation.Schema; import javax.xml.validation.Validator; -import at.gv.egiz.eaaf.core.impl.utils.Random; -import at.gv.egiz.eaaf.modules.pvp2.PvpConstants; -import at.gv.egiz.eaaf.modules.pvp2.api.reqattr.EaafRequestedAttribute; + import org.apache.commons.lang3.StringUtils; import org.opensaml.common.xml.SAMLSchemaBuilder; import org.opensaml.saml2.core.Attribute; @@ -51,6 +50,10 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.w3c.dom.Document; +import at.gv.egiz.eaaf.core.impl.utils.Random; +import at.gv.egiz.eaaf.modules.pvp2.PvpConstants; +import at.gv.egiz.eaaf.modules.pvp2.api.reqattr.EaafRequestedAttribute; + public class Saml2Utils { private static final Logger log = LoggerFactory.getLogger(Saml2Utils.class); @@ -66,13 +69,13 @@ public class Saml2Utils { } catch (final ParserConfigurationException e) { // TODO Auto-generated catch block e.printStackTrace(); - } + } } /** * Create a SAML2 object. * - * @param <T> SAML2 object class + * @param <T> SAML2 object class * @param clazz object class * @return SAML2 object */ @@ -103,14 +106,13 @@ public class Saml2Utils { } - /** * Transform SAML2 Object to Element. * * @param object SAML2 object * @return Element - * @throws IOException In case of an transformation error - * @throws MarshallingException In case of an transformation error + * @throws IOException In case of an transformation error + * @throws MarshallingException In case of an transformation error * @throws TransformerException In case of an transformation error */ public static Document asDomDocument(final XMLObject object) @@ -178,9 +180,9 @@ public class Saml2Utils { /** * Generate EAAF specific requested attribute. * - * @param attr SAML2 attribute definition + * @param attr SAML2 attribute definition * @param isRequired is-mandatory flag - * @param value Attribute value + * @param value Attribute value * @return */ public static EaafRequestedAttribute generateReqAuthnAttributeSimple(final Attribute attr, diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/EaafUriCompare.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/EaafUriCompare.java index fcee2382..ca37d6e5 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/EaafUriCompare.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/EaafUriCompare.java @@ -23,7 +23,6 @@ import org.opensaml.common.binding.decoding.URIComparator; import org.slf4j.Logger; import org.slf4j.LoggerFactory; - public class EaafUriCompare implements URIComparator { private static final Logger log = LoggerFactory.getLogger(EaafUriCompare.class); diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/TrustEngineFactory.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/TrustEngineFactory.java index d8ae95a0..6497ce06 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/TrustEngineFactory.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/TrustEngineFactory.java @@ -21,6 +21,7 @@ package at.gv.egiz.eaaf.modules.pvp2.impl.validation; import java.util.ArrayList; import java.util.List; + import org.opensaml.saml2.metadata.provider.MetadataProvider; import org.opensaml.security.MetadataCredentialResolver; import org.opensaml.xml.security.keyinfo.BasicProviderKeyInfoCredentialResolver; diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/metadata/AbstractMetadataSignatureFilter.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/metadata/AbstractMetadataSignatureFilter.java index 40cbdeb0..d1eb66a3 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/metadata/AbstractMetadataSignatureFilter.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/metadata/AbstractMetadataSignatureFilter.java @@ -22,9 +22,7 @@ package at.gv.egiz.eaaf.modules.pvp2.impl.validation.metadata; import java.util.ArrayList; import java.util.Iterator; import java.util.List; -import at.gv.egiz.eaaf.core.exceptions.EaafException; -import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2MetadataException; -import at.gv.egiz.eaaf.modules.pvp2.exception.SignatureValidationException; + import org.opensaml.saml2.metadata.EntitiesDescriptor; import org.opensaml.saml2.metadata.EntityDescriptor; import org.opensaml.saml2.metadata.provider.MetadataFilter; @@ -32,6 +30,10 @@ import org.opensaml.xml.XMLObject; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import at.gv.egiz.eaaf.core.exceptions.EaafException; +import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2MetadataException; +import at.gv.egiz.eaaf.modules.pvp2.exception.SignatureValidationException; + public abstract class AbstractMetadataSignatureFilter implements MetadataFilter { private static final Logger log = LoggerFactory.getLogger(AbstractMetadataSignatureFilter.class); @@ -42,28 +44,24 @@ public abstract class AbstractMetadataSignatureFilter implements MetadataFilter final EntitiesDescriptor entitiesDescriptor = (EntitiesDescriptor) metadata; if (entitiesDescriptor.getSignature() == null) { throw new Pvp2MetadataException("pvp2.26", - new Object[] {"Root element of metadata file has to be signed"}); + new Object[] { "Root element of metadata file has to be signed" }); } processEntitiesDescriptor(entitiesDescriptor); - if (entitiesDescriptor.getEntityDescriptors().size() == 0) { throw new Pvp2MetadataException("pvp2.26", - new Object[] {"No valid entity in metadata " + entitiesDescriptor.getName()}); + new Object[] { "No valid entity in metadata " + entitiesDescriptor.getName() }); } - } else if (metadata instanceof EntityDescriptor) { final EntityDescriptor entityDescriptor = (EntityDescriptor) metadata; processEntityDescriptorr(entityDescriptor); } else { throw new Pvp2MetadataException("pvp2.26", - new Object[] {"Invalid Metadata file Root element is unknown"}); + new Object[] { "Invalid Metadata file Root element is unknown" }); } - - log.info("Metadata signature policy check done OK"); } catch (final EaafException e) { log.warn("Metadata signature policy check FAILED.", e); @@ -76,7 +74,8 @@ public abstract class AbstractMetadataSignatureFilter implements MetadataFilter * Signature verification of a SAML2 EntityDescriptor element. * * @param desc EntityDescriptor - * @throws Pvp2MetadataException if the signature is not valid or can not verified + * @throws Pvp2MetadataException if the signature is not valid or can not + * verified */ protected abstract void verify(EntityDescriptor desc) throws Pvp2MetadataException; @@ -84,7 +83,8 @@ public abstract class AbstractMetadataSignatureFilter implements MetadataFilter * Signature verification of a SAML2 EntitiesDescriptor element. * * @param desc EntitiesDescriptor - * @throws Pvp2MetadataException if the signature is not valid or can not verified + * @throws Pvp2MetadataException if the signature is not valid or can not + * verified */ protected abstract void verify(EntitiesDescriptor desc) throws Pvp2MetadataException; @@ -92,13 +92,12 @@ public abstract class AbstractMetadataSignatureFilter implements MetadataFilter * Verify a EntityDescriptor element of an EntitiesDescriptor. * * @param entity EntityDescriptor to verify - * @param desc Full EntitiesDescriptor that contains the EntityDescriptor + * @param desc Full EntitiesDescriptor that contains the EntityDescriptor * @throws Pvp2MetadataException In case of an verification error */ protected abstract void verify(EntityDescriptor entity, EntitiesDescriptor desc) throws Pvp2MetadataException; - private void processEntityDescriptorr(final EntityDescriptor desc) throws EaafException { verify(desc); @@ -130,7 +129,6 @@ public abstract class AbstractMetadataSignatureFilter implements MetadataFilter verifiedEntIT.add(entity); log.debug("Metadata for entityID: " + entity.getEntityID() + " valid"); - } catch (final Exception e) { // remove entity of signature can not be verified. log.info("Entity " + entity.getEntityID() + " is removed from metadata " + desc.getName() diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/metadata/PvpEntityCategoryFilter.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/metadata/PvpEntityCategoryFilter.java index 2d81b1f8..797335d8 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/metadata/PvpEntityCategoryFilter.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/metadata/PvpEntityCategoryFilter.java @@ -21,11 +21,7 @@ package at.gv.egiz.eaaf.modules.pvp2.impl.validation.metadata; import java.util.ArrayList; import java.util.List; -import at.gv.egiz.eaaf.core.impl.data.Trible; -import at.gv.egiz.eaaf.modules.pvp2.PvpConstants; -import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2MetadataException; -import at.gv.egiz.eaaf.modules.pvp2.impl.builder.PvpAttributeBuilder; -import at.gv.egiz.eaaf.modules.pvp2.impl.utils.Saml2Utils; + import org.opensaml.common.xml.SAMLConstants; import org.opensaml.saml2.common.Extensions; import org.opensaml.saml2.core.Attribute; @@ -43,8 +39,15 @@ import org.opensaml.xml.XMLObject; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import at.gv.egiz.eaaf.core.impl.data.Trible; +import at.gv.egiz.eaaf.modules.pvp2.PvpConstants; +import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2MetadataException; +import at.gv.egiz.eaaf.modules.pvp2.impl.builder.PvpAttributeBuilder; +import at.gv.egiz.eaaf.modules.pvp2.impl.utils.Saml2Utils; + /** - * Metadata filter that inject requested attributes based on Metadata EntityCategories. + * Metadata filter that inject requested attributes based on Metadata + * EntityCategories. * * @author tlenz * @@ -57,18 +60,20 @@ public class PvpEntityCategoryFilter implements MetadataFilter { /** * Filter to map PVP EntityCategories into a set of single PVP attributes. * - * @param isUsed if true PVP EntityCategories are mapped, otherwise they are ignored + * @param isUsed if true PVP EntityCategories are mapped, otherwise they are + * ignored * */ public PvpEntityCategoryFilter(final boolean isUsed) { this.isUsed = isUsed; } - /* * (non-Javadoc) * - * @see org.opensaml.saml2.metadata.provider.MetadataFilter#doFilter(org.opensaml.xml.XMLObject) + * @see + * org.opensaml.saml2.metadata.provider.MetadataFilter#doFilter(org.opensaml.xml + * .XMLObject) */ @Override public void doFilter(final XMLObject metadata) throws FilterException { @@ -91,14 +96,11 @@ public class PvpEntityCategoryFilter implements MetadataFilter { log.trace("Find EntityDescriptor"); resolveEntityCategoriesToAttributes((EntityDescriptor) metadata); - } else { throw new Pvp2MetadataException("pvp2.26", new Object[] { - "Invalid Metadata file Root element is no Entities- or EntityDescriptor"}); + "Invalid Metadata file Root element is no Entities- or EntityDescriptor" }); } - - } catch (final Exception e) { log.warn("SAML2 Metadata processing FAILED: Can not resolve EntityCategories for metadata: " + entityId, e); @@ -136,7 +138,6 @@ public class PvpEntityCategoryFilter implements MetadataFilter { buildAttributeList(PvpConstants.EGOVTOKEN_PVP_ATTRIBUTES), entityAttrValue); - } else if (PvpConstants.CITIZENTOKEN.equals(entityAttrValue)) { log.debug( "Find 'CITIZENTOKEN' EntityAttribute. Adding single pvp attributes ... "); @@ -176,7 +177,6 @@ public class PvpEntityCategoryFilter implements MetadataFilter { } - private void addAttributesToEntityDescriptor(final EntityDescriptor metadata, final List<RequestedAttribute> attrList, final String entityAttr) { final SPSSODescriptor spSsoDesc = metadata.getSPSSODescriptor(SAMLConstants.SAML20P_NS); @@ -212,7 +212,6 @@ public class PvpEntityCategoryFilter implements MetadataFilter { currentlyReqAttr.add(reqAttr.getName()); } - // check against EntityAttribute List for (final RequestedAttribute entityAttrListEl : attrList) { if (!currentlyReqAttr.contains(entityAttrListEl.getName())) { @@ -245,7 +244,6 @@ public class PvpEntityCategoryFilter implements MetadataFilter { return requestedAttributes; - } } diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/metadata/SchemaValidationFilter.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/metadata/SchemaValidationFilter.java index 3ff78ca8..6dcc3234 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/metadata/SchemaValidationFilter.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/metadata/SchemaValidationFilter.java @@ -22,7 +22,7 @@ package at.gv.egiz.eaaf.modules.pvp2.impl.validation.metadata; import javax.xml.transform.dom.DOMSource; import javax.xml.validation.Schema; import javax.xml.validation.Validator; -import at.gv.egiz.eaaf.modules.pvp2.exception.SchemaValidationException; + import org.opensaml.common.xml.SAMLSchemaBuilder; import org.opensaml.saml2.metadata.provider.FilterException; import org.opensaml.saml2.metadata.provider.MetadataFilter; @@ -31,6 +31,8 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.xml.sax.SAXException; +import at.gv.egiz.eaaf.modules.pvp2.exception.SchemaValidationException; + public class SchemaValidationFilter implements MetadataFilter { private static final Logger log = LoggerFactory.getLogger(SchemaValidationFilter.class); private boolean isActive = true; @@ -43,11 +45,12 @@ public class SchemaValidationFilter implements MetadataFilter { this.isActive = useSchemaValidation; } - /* * (non-Javadoc) * - * @see org.opensaml.saml2.metadata.provider.MetadataFilter#doFilter(org.opensaml.xml.XMLObject) + * @see + * org.opensaml.saml2.metadata.provider.MetadataFilter#doFilter(org.opensaml.xml + * .XMLObject) */ @Override public void doFilter(final XMLObject arg0) throws FilterException { @@ -84,7 +87,7 @@ public class SchemaValidationFilter implements MetadataFilter { } throw new FilterException(new SchemaValidationException("pvp2.26", - new Object[] {"Metadata Schema validation FAILED with message: " + errString})); + new Object[] { "Metadata Schema validation FAILED with message: " + errString })); } else { log.info("Metadata Schema validation check is DEACTIVATED!"); diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/AbstractRequestSignedSecurityPolicyRule.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/AbstractRequestSignedSecurityPolicyRule.java index fc1b6ea8..6d78b775 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/AbstractRequestSignedSecurityPolicyRule.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/AbstractRequestSignedSecurityPolicyRule.java @@ -23,7 +23,7 @@ import javax.xml.namespace.QName; import javax.xml.transform.dom.DOMSource; import javax.xml.validation.Schema; import javax.xml.validation.Validator; -import at.gv.egiz.eaaf.modules.pvp2.exception.SchemaValidationException; + import org.apache.commons.lang3.StringUtils; import org.opensaml.common.SignableSAMLObject; import org.opensaml.common.xml.SAMLConstants; @@ -45,6 +45,8 @@ import org.slf4j.LoggerFactory; import org.w3c.dom.Element; import org.xml.sax.SAXException; +import at.gv.egiz.eaaf.modules.pvp2.exception.SchemaValidationException; + /** * Signature Policy for SAML2 redirect-binding. * @@ -56,7 +58,6 @@ public abstract class AbstractRequestSignedSecurityPolicyRule implements Securit private static final Logger log = LoggerFactory.getLogger(AbstractRequestSignedSecurityPolicyRule.class); - private SignatureTrustEngine trustEngine = null; private QName peerEntityRole = null; @@ -73,7 +74,6 @@ public abstract class AbstractRequestSignedSecurityPolicyRule implements Securit } - /** * Reload the PVP metadata for a given entity. * @@ -82,14 +82,14 @@ public abstract class AbstractRequestSignedSecurityPolicyRule implements Securit */ protected abstract boolean refreshMetadataProvider(String entityID); - protected abstract SignableSAMLObject getSignedSamlObject(XMLObject inboundData); /* * (non-Javadoc) * * @see - * org.opensaml.ws.security.SecurityPolicyRule#evaluate(org.opensaml.ws.message.MessageContext) + * org.opensaml.ws.security.SecurityPolicyRule#evaluate(org.opensaml.ws.message. + * MessageContext) */ @Override public void evaluate(final MessageContext context) throws SecurityPolicyException { @@ -114,7 +114,6 @@ public abstract class AbstractRequestSignedSecurityPolicyRule implements Securit } - } private void verifySignature(final MessageContext context) throws SecurityPolicyException { @@ -136,8 +135,6 @@ public abstract class AbstractRequestSignedSecurityPolicyRule implements Securit } - - final CriteriaSet criteriaSet = new CriteriaSet(); criteriaSet.add(new EntityIDCriteria(context.getInboundMessageIssuer())); criteriaSet.add(new MetadataCriteria(peerEntityRole, SAMLConstants.SAML20P_NS)); @@ -191,7 +188,7 @@ public abstract class AbstractRequestSignedSecurityPolicyRule implements Securit } - throw new SchemaValidationException("pvp2.22", new Object[] {err}); + throw new SchemaValidationException("pvp2.22", new Object[] { err }); } diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/PvpAuthRequestSignedRole.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/PvpAuthRequestSignedRole.java index 8f042ae2..42d7d6a1 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/PvpAuthRequestSignedRole.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/PvpAuthRequestSignedRole.java @@ -20,6 +20,7 @@ package at.gv.egiz.eaaf.modules.pvp2.impl.verification; import java.util.List; + import org.opensaml.common.binding.SAMLMessageContext; import org.opensaml.saml2.binding.security.SAML2AuthnRequestsSignedRule; import org.opensaml.ws.transport.http.HTTPInTransport; diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/PvpSignedRequestPolicyRule.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/PvpSignedRequestPolicyRule.java index 0d108596..c7a43b0b 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/PvpSignedRequestPolicyRule.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/PvpSignedRequestPolicyRule.java @@ -20,12 +20,14 @@ package at.gv.egiz.eaaf.modules.pvp2.impl.verification; import javax.xml.namespace.QName; -import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IRefreshableMetadataProvider; + import org.opensaml.common.SignableSAMLObject; import org.opensaml.saml2.metadata.provider.MetadataProvider; import org.opensaml.xml.XMLObject; import org.opensaml.xml.signature.SignatureTrustEngine; +import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IRefreshableMetadataProvider; + public class PvpSignedRequestPolicyRule extends AbstractRequestSignedSecurityPolicyRule { private IRefreshableMetadataProvider metadataProvider = null; @@ -34,8 +36,8 @@ public class PvpSignedRequestPolicyRule extends AbstractRequestSignedSecurityPol * EAAF specific signature rule for OpenSAML2 redirect-binding. * * @param metadataProvider SAML2 metadata provider - * @param trustEngine SAML2 TrustEngine - * @param peerEntityRole Role of the Entity + * @param trustEngine SAML2 TrustEngine + * @param peerEntityRole Role of the Entity */ public PvpSignedRequestPolicyRule(final MetadataProvider metadataProvider, final SignatureTrustEngine trustEngine, final QName peerEntityRole) { @@ -49,8 +51,8 @@ public class PvpSignedRequestPolicyRule extends AbstractRequestSignedSecurityPol /* * (non-Javadoc) * - * @see - * at.gv.egovernment.moa.id.protocols.pvp2x.validation.AbstractRequestSignedSecurityPolicyRule# + * @see at.gv.egovernment.moa.id.protocols.pvp2x.validation. + * AbstractRequestSignedSecurityPolicyRule# * refreshMetadataProvider(java.lang.String) */ @Override @@ -66,8 +68,8 @@ public class PvpSignedRequestPolicyRule extends AbstractRequestSignedSecurityPol /* * (non-Javadoc) * - * @see - * at.gv.egovernment.moa.id.protocols.pvp2x.validation.AbstractRequestSignedSecurityPolicyRule# + * @see at.gv.egovernment.moa.id.protocols.pvp2x.validation. + * AbstractRequestSignedSecurityPolicyRule# * getSignedSAMLObject(org.opensaml.xml.XMLObject) */ @Override diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/SamlVerificationEngine.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/SamlVerificationEngine.java index 024c35d8..df91ce53 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/SamlVerificationEngine.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/SamlVerificationEngine.java @@ -24,14 +24,6 @@ import javax.xml.transform.dom.DOMSource; import javax.xml.validation.Schema; import javax.xml.validation.Validator; -import at.gv.egiz.eaaf.core.exceptions.EaafProtocolException; -import at.gv.egiz.eaaf.core.exceptions.InvalidProtocolRequestException; -import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvpMetadataProvider; -import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IRefreshableMetadataProvider; -import at.gv.egiz.eaaf.modules.pvp2.exception.SchemaValidationException; -import at.gv.egiz.eaaf.modules.pvp2.impl.message.InboundMessage; -import at.gv.egiz.eaaf.modules.pvp2.impl.message.PvpSProfileRequest; -import at.gv.egiz.eaaf.modules.pvp2.impl.message.PvpSProfileResponse; import org.apache.commons.lang3.StringUtils; import org.opensaml.common.xml.SAMLConstants; import org.opensaml.common.xml.SAMLSchemaBuilder; @@ -54,20 +46,29 @@ import org.springframework.stereotype.Service; import org.w3c.dom.Element; import org.xml.sax.SAXException; +import at.gv.egiz.eaaf.core.exceptions.EaafProtocolException; +import at.gv.egiz.eaaf.core.exceptions.InvalidProtocolRequestException; +import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvpMetadataProvider; +import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IRefreshableMetadataProvider; +import at.gv.egiz.eaaf.modules.pvp2.exception.SchemaValidationException; +import at.gv.egiz.eaaf.modules.pvp2.impl.message.InboundMessage; +import at.gv.egiz.eaaf.modules.pvp2.impl.message.PvpSProfileRequest; +import at.gv.egiz.eaaf.modules.pvp2.impl.message.PvpSProfileResponse; + @Service("SAMLVerificationEngine") public class SamlVerificationEngine { private static final Logger log = LoggerFactory.getLogger(SamlVerificationEngine.class); - @Autowired(required = true) IPvpMetadataProvider metadataProvider; /** * Verify signature of a signed SAML2 object. * - * @param msg SAML2 message + * @param msg SAML2 message * @param sigTrustEngine TrustEngine - * @throws org.opensaml.xml.security.SecurityException In case of invalid signature + * @throws org.opensaml.xml.security.SecurityException In case of + * invalid signature * @throws Exception In case of a general error */ public void verify(final InboundMessage msg, final SignatureTrustEngine sigTrustEngine) @@ -77,13 +78,13 @@ public class SamlVerificationEngine { && ((PvpSProfileRequest) msg).getSamlRequest() instanceof RequestAbstractType) { verifyRequest((RequestAbstractType) ((PvpSProfileRequest) msg).getSamlRequest(), sigTrustEngine); - } else if (msg instanceof PvpSProfileResponse){ + } else if (msg instanceof PvpSProfileResponse) { verifyIdpResponse(((PvpSProfileResponse) msg).getResponse(), sigTrustEngine); - + } else { - log.warn("SAML2 message type: {} not supported", msg.getClass().getName()); - throw new EaafProtocolException("9999", null); - + log.warn("SAML2 message type: {} not supported", msg.getClass().getName()); + throw new EaafProtocolException("9999", null); + } } catch (final InvalidProtocolRequestException e) { @@ -139,7 +140,7 @@ public class SamlVerificationEngine { throw new InvalidProtocolRequestException("pvp2.21", new Object[] {}); } catch (final SchemaValidationException e) { - throw new InvalidProtocolRequestException("pvp2.22", new Object[] {e.getMessage()}); + throw new InvalidProtocolRequestException("pvp2.22", new Object[] { e.getMessage() }); } @@ -170,7 +171,7 @@ public class SamlVerificationEngine { throw new InvalidProtocolRequestException("pvp2.21", new Object[] {}); } catch (final SchemaValidationException e) { - throw new InvalidProtocolRequestException("pvp2.22", new Object[] {e.getMessage()}); + throw new InvalidProtocolRequestException("pvp2.22", new Object[] { e.getMessage() }); } @@ -218,7 +219,7 @@ public class SamlVerificationEngine { } - throw new SchemaValidationException("pvp2.22", new Object[] {err}); + throw new SchemaValidationException("pvp2.22", new Object[] { err }); } diff --git a/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/api/builder/ISubjectNameIdGenerator.java b/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/api/builder/ISubjectNameIdGenerator.java index e1c21ae7..fd04e38f 100644 --- a/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/api/builder/ISubjectNameIdGenerator.java +++ b/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/api/builder/ISubjectNameIdGenerator.java @@ -20,7 +20,7 @@ package at.gv.egiz.eaaf.modules.pvp2.idp.api.builder; import at.gv.egiz.eaaf.core.api.idp.IAuthData; -import at.gv.egiz.eaaf.core.api.idp.IspConfiguration; +import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration; import at.gv.egiz.eaaf.core.impl.data.Pair; import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2Exception; @@ -34,6 +34,6 @@ public interface ISubjectNameIdGenerator { * @return Pair of subjectNameId and NameIdFormat * @throws Pvp2Exception In case of an error */ - Pair<String, String> generateSubjectNameId(IAuthData authData, IspConfiguration spConfig) + Pair<String, String> generateSubjectNameId(IAuthData authData, ISpConfiguration spConfig) throws Pvp2Exception; } diff --git a/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/AbstractPvp2XProtocol.java b/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/AbstractPvp2XProtocol.java index 8c74c3fb..7ff2fe6a 100644 --- a/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/AbstractPvp2XProtocol.java +++ b/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/AbstractPvp2XProtocol.java @@ -25,7 +25,7 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import at.gv.egiz.components.eventlog.api.EventConstants; import at.gv.egiz.eaaf.core.api.IRequest; -import at.gv.egiz.eaaf.core.api.data.EAAFConstants; +import at.gv.egiz.eaaf.core.api.data.EaafConstants; import at.gv.egiz.eaaf.core.api.idp.IModulInfo; import at.gv.egiz.eaaf.core.api.logging.IRevisionLogger; import at.gv.egiz.eaaf.core.exceptions.AuthnRequestValidatorException; @@ -459,7 +459,7 @@ public abstract class AbstractPvp2XProtocol extends AbstractController implement } - if (authnRequest.getIssueInstant().minusMinutes(EAAFConstants.ALLOWED_TIME_JITTER) + if (authnRequest.getIssueInstant().minusMinutes(EaafConstants.ALLOWED_TIME_JITTER) .isAfterNow()) { log.warn("Unsupported request: No IssueInstant DateTime is not valid anymore."); throw new AuthnRequestValidatorException("pvp2.22", diff --git a/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/AuthenticationAction.java b/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/AuthenticationAction.java index 9378b579..189e6128 100644 --- a/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/AuthenticationAction.java +++ b/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/AuthenticationAction.java @@ -29,7 +29,7 @@ import at.gv.egiz.eaaf.core.api.idp.IConfiguration; import at.gv.egiz.eaaf.core.api.idp.slo.SloInformationInterface; import at.gv.egiz.eaaf.core.api.logging.IRevisionLogger; import at.gv.egiz.eaaf.core.exceptions.EaafException; -import at.gv.egiz.eaaf.core.impl.data.SLOInformationImpl; +import at.gv.egiz.eaaf.core.impl.data.SloInformationImpl; import at.gv.egiz.eaaf.modules.pvp2.api.IPvo2BasicConfiguration; import at.gv.egiz.eaaf.modules.pvp2.api.binding.IEncoder; import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvpMetadataProvider; @@ -106,7 +106,7 @@ public class AuthenticationAction implements IAction { consumerService.setLocation(pvpRequest.getConsumerUrl()); final DateTime date = new DateTime(); - final SLOInformationImpl sloInformation = new SLOInformationImpl(); + final SloInformationImpl sloInformation = new SloInformationImpl(); final String issuerEntityID = pvpBasicConfiguration.getIdpEntityId(pvpRequest.getAuthUrl()); // build Assertion diff --git a/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/builder/Pvp2AssertionBuilder.java b/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/builder/Pvp2AssertionBuilder.java index 79de4567..f57f9db0 100644 --- a/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/builder/Pvp2AssertionBuilder.java +++ b/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/builder/Pvp2AssertionBuilder.java @@ -23,10 +23,10 @@ import java.security.MessageDigest; import java.util.ArrayList; import java.util.Iterator; import java.util.List; -import at.gv.egiz.eaaf.core.api.data.EAAFConstants; +import at.gv.egiz.eaaf.core.api.data.EaafConstants; import at.gv.egiz.eaaf.core.api.data.ILoALevelMapper; import at.gv.egiz.eaaf.core.api.idp.IAuthData; -import at.gv.egiz.eaaf.core.api.idp.IspConfiguration; +import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration; import at.gv.egiz.eaaf.core.api.idp.slo.SloInformationInterface; import at.gv.egiz.eaaf.core.exceptions.UnavailableAttributeException; import at.gv.egiz.eaaf.core.impl.data.Pair; @@ -138,7 +138,7 @@ public class Pvp2AssertionBuilder implements PvpConstants { final AssertionConsumerService assertionConsumerService, final SloInformationInterface sloInformation) throws Pvp2Exception { - final IspConfiguration oaParam = pendingReq.getServiceProviderConfiguration(); + final ISpConfiguration oaParam = pendingReq.getServiceProviderConfiguration(); final AuthnContextClassRef authnContextClassRef = Saml2Utils.createSamlObject(AuthnContextClassRef.class); @@ -153,7 +153,7 @@ public class Pvp2AssertionBuilder implements PvpConstants { reqAuthnContext.getAuthnContextClassRefs(); // get matching mode from authn. request - String loaMatchingMode = EAAFConstants.EIDAS_LOA_MATCHING_MINIMUM; + String loaMatchingMode = EaafConstants.EIDAS_LOA_MATCHING_MINIMUM; if (reqAuthnContext.getComparison() != null && StringUtils.isNotEmpty(reqAuthnContext.getComparison().toString())) { loaMatchingMode = reqAuthnContext.getComparison().toString(); @@ -170,10 +170,10 @@ public class Pvp2AssertionBuilder implements PvpConstants { for (final AuthnContextClassRef authnClassRef : reqAuthnContextClassRefIt) { final String qaa_uri = authnClassRef.getAuthnContextClassRef(); - if (!qaa_uri.trim().startsWith(EAAFConstants.EIDAS_LOA_PREFIX)) { + if (!qaa_uri.trim().startsWith(EaafConstants.EIDAS_LOA_PREFIX)) { if (loaLevelMapper != null) { log.debug("Find no eIDAS LoA in AuthnReq. Start mapping process ... "); - eidasLoaFromRequest.add(loaLevelMapper.mapToeIDASLoA(qaa_uri.trim())); + eidasLoaFromRequest.add(loaLevelMapper.mapToEidasLoa(qaa_uri.trim())); } else { log.debug("AuthnRequest contains no eIDAS LoA. NO LoA mapper FOUND, ignore " + "'" diff --git a/eaaf_modules/eaaf_module_pvp2_sp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/sp/api/IPvpAuthnRequestBuilderConfiguruation.java b/eaaf_modules/eaaf_module_pvp2_sp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/sp/api/IPvpAuthnRequestBuilderConfiguruation.java index 07e9c28d..2e747656 100644 --- a/eaaf_modules/eaaf_module_pvp2_sp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/sp/api/IPvpAuthnRequestBuilderConfiguruation.java +++ b/eaaf_modules/eaaf_module_pvp2_sp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/sp/api/IPvpAuthnRequestBuilderConfiguruation.java @@ -20,12 +20,14 @@ package at.gv.egiz.eaaf.modules.pvp2.sp.api; import java.util.List; -import at.gv.egiz.eaaf.modules.pvp2.api.reqattr.EaafRequestedAttribute; + import org.opensaml.saml2.core.AuthnContextComparisonTypeEnumeration; import org.opensaml.saml2.metadata.EntityDescriptor; import org.opensaml.xml.security.credential.Credential; import org.w3c.dom.Element; +import at.gv.egiz.eaaf.modules.pvp2.api.reqattr.EaafRequestedAttribute; + /** * Configuration of a PVP2 S-Profile authentication-request builder. * @@ -35,7 +37,8 @@ import org.w3c.dom.Element; public interface IPvpAuthnRequestBuilderConfiguruation { /** - * Defines a unique name for this PVP Service-provider, which is used for logging. + * Defines a unique name for this PVP Service-provider, which is used for + * logging. * * @return */ @@ -49,8 +52,8 @@ public interface IPvpAuthnRequestBuilderConfiguruation { Boolean isPassivRequest(); /** - * Define the ID of the AssertionConsumerService, which defines the required attributes in - * service-provider metadata. + * Define the ID of the AssertionConsumerService, which defines the required + * attributes in service-provider metadata. * * @return */ @@ -73,10 +76,10 @@ public interface IPvpAuthnRequestBuilderConfiguruation { /** * Define the AuthnContextClassRefernece of this request. * - *<p> + * <p> * Example: http://www.ref.gv.at/ns/names/agiz/pvp/secclass/0-3 * http://www.stork.gov.eu/1.0/citizenQAALevel/4 - *</p> + * </p> * * @return */ @@ -89,7 +92,6 @@ public interface IPvpAuthnRequestBuilderConfiguruation { */ AuthnContextComparisonTypeEnumeration getAuthnContextComparison(); - /** * Define the credential, which should be used to sign the AuthnRequest. * @@ -97,9 +99,9 @@ public interface IPvpAuthnRequestBuilderConfiguruation { */ Credential getAuthnRequestSigningCredential(); - /** - * Define the SAML2 EntityDescriptor of the IDP, which should receive the AuthnRequest. + * Define the SAML2 EntityDescriptor of the IDP, which should receive the + * AuthnRequest. * * @return Credential, but never null. */ @@ -112,7 +114,6 @@ public interface IPvpAuthnRequestBuilderConfiguruation { */ boolean getNameIdPolicyAllowCreation(); - /** * Set the requested SubjectNameID. * @@ -155,11 +156,11 @@ public interface IPvpAuthnRequestBuilderConfiguruation { * Define the information, which should be added as 'subjectConformationDate' in * 'SubjectConformation' element. * - * @return subjectConformation information or null if no subjectConformation should be set + * @return subjectConformation information or null if no subjectConformation + * should be set */ Element getSubjectConformationDate(); - /** * Get the EntityId of the SP in case of a SAML2 proxy use-case. * @@ -167,7 +168,6 @@ public interface IPvpAuthnRequestBuilderConfiguruation { */ String getScopeRequesterId(); - /** * Get a FriendlyName for the SP that sends the request. * @@ -175,10 +175,11 @@ public interface IPvpAuthnRequestBuilderConfiguruation { */ String getProviderName(); - /** - * Get a Set of SAML2 attributes that are requested by using SAML2 requested attributes. <br> - * <b>Info:</b> Attributes are requested by using eIDAS SAML2 extension for requested attributes + * Get a Set of SAML2 attributes that are requested by using SAML2 requested + * attributes. <br> + * <b>Info:</b> Attributes are requested by using eIDAS SAML2 extension for + * requested attributes * * @return */ diff --git a/eaaf_modules/eaaf_module_pvp2_sp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/sp/exception/AssertionValidationExeption.java b/eaaf_modules/eaaf_module_pvp2_sp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/sp/exception/AssertionValidationExeption.java index 1096c535..03fae599 100644 --- a/eaaf_modules/eaaf_module_pvp2_sp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/sp/exception/AssertionValidationExeption.java +++ b/eaaf_modules/eaaf_module_pvp2_sp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/sp/exception/AssertionValidationExeption.java @@ -21,7 +21,6 @@ package at.gv.egiz.eaaf.modules.pvp2.sp.exception; import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2Exception; - public class AssertionValidationExeption extends Pvp2Exception { private static final long serialVersionUID = -3987805399122286259L; diff --git a/eaaf_modules/eaaf_module_pvp2_sp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/sp/exception/AuthnRequestBuildException.java b/eaaf_modules/eaaf_module_pvp2_sp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/sp/exception/AuthnRequestBuildException.java index 5ad42fb7..251ba759 100644 --- a/eaaf_modules/eaaf_module_pvp2_sp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/sp/exception/AuthnRequestBuildException.java +++ b/eaaf_modules/eaaf_module_pvp2_sp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/sp/exception/AuthnRequestBuildException.java @@ -21,10 +21,8 @@ package at.gv.egiz.eaaf.modules.pvp2.sp.exception; import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2Exception; - public class AuthnRequestBuildException extends Pvp2Exception { - private static final long serialVersionUID = -1375451065455859354L; public AuthnRequestBuildException(final String messageId, final Object[] parameters) { diff --git a/eaaf_modules/eaaf_module_pvp2_sp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/sp/exception/AuthnResponseValidationException.java b/eaaf_modules/eaaf_module_pvp2_sp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/sp/exception/AuthnResponseValidationException.java index d8d7683c..44fbf40f 100644 --- a/eaaf_modules/eaaf_module_pvp2_sp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/sp/exception/AuthnResponseValidationException.java +++ b/eaaf_modules/eaaf_module_pvp2_sp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/sp/exception/AuthnResponseValidationException.java @@ -21,18 +21,16 @@ package at.gv.egiz.eaaf.modules.pvp2.sp.exception; import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2Exception; - public class AuthnResponseValidationException extends Pvp2Exception { - private static final long serialVersionUID = 8023812861029406575L; - public AuthnResponseValidationException(final String messageId, final Object[] parameters) { super(messageId, parameters); } - public AuthnResponseValidationException(final String messageId, final Object[] parameters, final Throwable e) { + public AuthnResponseValidationException(final String messageId, final Object[] parameters, + final Throwable e) { super(messageId, parameters, e); } diff --git a/eaaf_modules/eaaf_module_pvp2_sp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/sp/impl/PvpAuthnRequestBuilder.java b/eaaf_modules/eaaf_module_pvp2_sp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/sp/impl/PvpAuthnRequestBuilder.java index 11b1ecad..9b284c88 100644 --- a/eaaf_modules/eaaf_module_pvp2_sp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/sp/impl/PvpAuthnRequestBuilder.java +++ b/eaaf_modules/eaaf_module_pvp2_sp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/sp/impl/PvpAuthnRequestBuilder.java @@ -21,18 +21,9 @@ package at.gv.egiz.eaaf.modules.pvp2.sp.impl; import java.security.NoSuchAlgorithmException; import java.util.List; + import javax.servlet.http.HttpServletResponse; -import at.gv.egiz.eaaf.core.api.IRequest; -import at.gv.egiz.eaaf.modules.pvp2.api.binding.IEncoder; -import at.gv.egiz.eaaf.modules.pvp2.api.reqattr.EaafRequestedAttribute; -import at.gv.egiz.eaaf.modules.pvp2.api.reqattr.EaafRequestedAttributes; -import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2Exception; -import at.gv.egiz.eaaf.modules.pvp2.impl.binding.PostBinding; -import at.gv.egiz.eaaf.modules.pvp2.impl.binding.RedirectBinding; -import at.gv.egiz.eaaf.modules.pvp2.impl.builder.reqattr.EaafRequestExtensionBuilder; -import at.gv.egiz.eaaf.modules.pvp2.impl.utils.Saml2Utils; -import at.gv.egiz.eaaf.modules.pvp2.sp.api.IPvpAuthnRequestBuilderConfiguruation; -import at.gv.egiz.eaaf.modules.pvp2.sp.exception.AuthnRequestBuildException; + import org.apache.commons.lang3.StringUtils; import org.joda.time.DateTime; import org.opensaml.common.impl.SecureRandomIdentifierGenerator; @@ -61,6 +52,18 @@ import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.ApplicationContext; import org.springframework.stereotype.Service; +import at.gv.egiz.eaaf.core.api.IRequest; +import at.gv.egiz.eaaf.modules.pvp2.api.binding.IEncoder; +import at.gv.egiz.eaaf.modules.pvp2.api.reqattr.EaafRequestedAttribute; +import at.gv.egiz.eaaf.modules.pvp2.api.reqattr.EaafRequestedAttributes; +import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2Exception; +import at.gv.egiz.eaaf.modules.pvp2.impl.binding.PostBinding; +import at.gv.egiz.eaaf.modules.pvp2.impl.binding.RedirectBinding; +import at.gv.egiz.eaaf.modules.pvp2.impl.builder.reqattr.EaafRequestExtensionBuilder; +import at.gv.egiz.eaaf.modules.pvp2.impl.utils.Saml2Utils; +import at.gv.egiz.eaaf.modules.pvp2.sp.api.IPvpAuthnRequestBuilderConfiguruation; +import at.gv.egiz.eaaf.modules.pvp2.sp.exception.AuthnRequestBuildException; + /** * PVP2 S-Profil Authentication-Request builder-implementation. * @@ -71,21 +74,19 @@ import org.springframework.stereotype.Service; public class PvpAuthnRequestBuilder { private static final Logger log = LoggerFactory.getLogger(PvpAuthnRequestBuilder.class); - @Autowired(required = true) ApplicationContext springContext; - /** * Build a PVP2.x specific authentication request * * @param pendingReq Currently processed pendingRequest - * @param config AuthnRequest builder configuration, never null - * @param httpResp http response object + * @param config AuthnRequest builder configuration, never null + * @param httpResp http response object * @throws NoSuchAlgorithmException In case of error - * @throws SecurityException In case of error - * @throws Pvp2Exception In case of error - * @throws MessageEncodingException In case of error + * @throws SecurityException In case of error + * @throws Pvp2Exception In case of error + * @throws MessageEncodingException In case of error */ public void buildAuthnRequest(final IRequest pendingReq, final IPvpAuthnRequestBuilderConfiguruation config, final HttpServletResponse httpResp) @@ -115,13 +116,12 @@ public class PvpAuthnRequestBuilder { log.warn("Building AuthnRequest FAILED: > Requested IDP " + idpEntity.getEntityID() + " does not support POST or Redirect Binding."); throw new AuthnRequestBuildException("sp.pvp2.00", - new Object[] {config.getSpNameForLogging(), idpEntity.getEntityID()}); + new Object[] { config.getSpNameForLogging(), idpEntity.getEntityID() }); } else { authReq.setDestination(endpoint.getLocation()); } - // set basic AuthnRequest information final String reqID = config.getRequestID(); if (StringUtils.isNotEmpty(reqID)) { @@ -217,7 +217,6 @@ public class PvpAuthnRequestBuilder { } - // set ProviderName if (StringUtils.isNotEmpty(config.getProviderName())) { authReq.setProviderName(config.getProviderName()); @@ -254,10 +253,10 @@ public class PvpAuthnRequestBuilder { binding = springContext.getBean("PVPPOSTBinding", PostBinding.class); } else { - log.warn("Binding: {} is not supported", endpoint.getBinding()); - throw new AuthnRequestBuildException("sp.pvp2.00", - new Object[] {config.getSpNameForLogging(), idpEntity.getEntityID()}); - + log.warn("Binding: {} is not supported", endpoint.getBinding()); + throw new AuthnRequestBuildException("sp.pvp2.00", + new Object[] { config.getSpNameForLogging(), idpEntity.getEntityID() }); + } // encode message diff --git a/eaaf_modules/eaaf_module_pvp2_sp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/sp/impl/utils/AssertionAttributeExtractor.java b/eaaf_modules/eaaf_module_pvp2_sp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/sp/impl/utils/AssertionAttributeExtractor.java index 42d1c85e..fa2b9312 100644 --- a/eaaf_modules/eaaf_module_pvp2_sp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/sp/impl/utils/AssertionAttributeExtractor.java +++ b/eaaf_modules/eaaf_module_pvp2_sp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/sp/impl/utils/AssertionAttributeExtractor.java @@ -27,8 +27,7 @@ import java.util.HashMap; import java.util.List; import java.util.Map; import java.util.Set; -import at.gv.egiz.eaaf.modules.pvp2.PvpConstants; -import at.gv.egiz.eaaf.modules.pvp2.sp.exception.AssertionAttributeExtractorExeption; + import org.apache.commons.lang3.StringUtils; import org.opensaml.saml2.core.Assertion; import org.opensaml.saml2.core.Attribute; @@ -42,6 +41,9 @@ import org.opensaml.xml.XMLObject; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import at.gv.egiz.eaaf.modules.pvp2.PvpConstants; +import at.gv.egiz.eaaf.modules.pvp2.sp.exception.AssertionAttributeExtractorExeption; + public class AssertionAttributeExtractor { private static final Logger log = LoggerFactory.getLogger(AssertionAttributeExtractor.class); @@ -61,7 +63,8 @@ public class AssertionAttributeExtractor { /** * Parse the SAML2 Response element and extracts included information. <br> * <br> - * <b>INFO:</b> Actually, only the first SAML2 Assertion of the SAML2 Response is used! + * <b>INFO:</b> Actually, only the first SAML2 Assertion of the SAML2 Response + * is used! * * @param samlResponse SAML2 Response * @throws AssertionAttributeExtractorExeption In case of an error @@ -131,7 +134,8 @@ public class AssertionAttributeExtractor { } /** - * check attributes from assertion with attributeNameList bPK or enc_bPK are always needed. + * check attributes from assertion with attributeNameList bPK or enc_bPK are + * always needed. * * @param attributeNameList List of attributes which are required * @@ -269,14 +273,14 @@ public class AssertionAttributeExtractor { return assertion; } - /** * Get the Assertion validTo period. * - *<p> - * Primarily, the 'SessionNotOnOrAfter' attribute in the SAML2 'AuthnStatment' element is used. If - * this is empty, this method returns value of SAML 'Conditions' element. - *</p> + * <p> + * Primarily, the 'SessionNotOnOrAfter' attribute in the SAML2 'AuthnStatment' + * element is used. If this is empty, this method returns value of SAML + * 'Conditions' element. + * </p> * * @return Date, until this SAML2 assertion is valid */ @@ -298,9 +302,9 @@ public class AssertionAttributeExtractor { /** * Get the Assertion validFrom period. * - *<p> + * <p> * This method returns value of SAML 'Conditions' element. - *</p> + * </p> * * @return Date, after this SAML2 assertion is valid, otherwise null */ @@ -331,21 +335,9 @@ public class AssertionAttributeExtractor { && assertion.getAttributeStatements().size() > 0) { final AttributeStatement attrStat = assertion.getAttributeStatements().get(0); for (final Attribute attr : attrStat.getAttributes()) { -// if (attr.getName().startsWith(PvpConstants.STORK_ATTRIBUTE_PREFIX)) { -// final List<String> storkAttrValues = new ArrayList<>(); -// for (final XMLObject el : attr.getAttributeValues()) { -// storkAttrValues.add(el.getDOM().getTextContent()); -// } - // PersonalAttribute storkAttr = new PersonalAttribute(attr.getName(), - // false, storkAttrValues , "Available"); - // storkAttributes.put(attr.getName(), storkAttr ); - -// } else { - final List<String> attrList = new ArrayList<>(); - for (final XMLObject el : attr.getAttributeValues()) { - attrList.add(el.getDOM().getTextContent()); - // } - + final List<String> attrList = new ArrayList<>(); + for (final XMLObject el : attr.getAttributeValues()) { + attrList.add(el.getDOM().getTextContent()); attributs.put(attr.getName(), attrList); } @@ -485,7 +485,7 @@ <configLocation>checks/egiz_checks.xml</configLocation> <suppressionsLocation>checks/checkstyleSuppress.xml</suppressionsLocation> <failsOnError>false</failsOnError> - <failOnViolation>false</failOnViolation> + <failOnViolation>true</failOnViolation> <violationSeverity>warning</violationSeverity> <includeTestResources>false</includeTestResources> <!-- excludes>**/moaspss_config/**,**/data/**</excludes --> |