summaryrefslogtreecommitdiff
path: root/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth
diff options
context:
space:
mode:
authorThomas <thomas.lenz@egiz.gv.at>2019-12-05 09:52:48 +0100
committerThomas <thomas.lenz@egiz.gv.at>2019-12-05 09:52:48 +0100
commit3fada6cef21c9b16467177d866df778203b51b4d (patch)
tree8fe8ed37b6ee9fe35a1e035ceba6c68808328415 /eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth
parent95b21a826e5d81fdeabcf4673a9e87047edaec9d (diff)
downloadEAAF-Components-3fada6cef21c9b16467177d866df778203b51b4d.tar.gz
EAAF-Components-3fada6cef21c9b16467177d866df778203b51b4d.tar.bz2
EAAF-Components-3fada6cef21c9b16467177d866df778203b51b4d.zip
some code code-style modifications
active code-quality checks!
Diffstat (limited to 'eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth')
-rw-r--r--eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/AbstractAuthenticationManager.java76
-rw-r--r--eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/RequestStorage.java22
-rw-r--r--eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/builder/AbstractAuthenticationDataBuilder.java257
-rw-r--r--eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/builder/BpkBuilder.java109
-rw-r--r--eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/data/AuthProcessDataWrapper.java90
-rw-r--r--eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/data/IdentityLink.java109
-rw-r--r--eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/data/SimpleIdentityLinkAssertionParser.java92
-rw-r--r--eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/modules/AbstractAuthServletTask.java67
-rw-r--r--eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/modules/ModuleRegistration.java32
-rw-r--r--eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java68
10 files changed, 464 insertions, 458 deletions
diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/AbstractAuthenticationManager.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/AbstractAuthenticationManager.java
index 241b43c9..d2365e4a 100644
--- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/AbstractAuthenticationManager.java
+++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/AbstractAuthenticationManager.java
@@ -24,14 +24,22 @@ import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.List;
+
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+
+import org.apache.commons.lang3.StringUtils;
+import org.apache.commons.text.StringEscapeUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+
import at.gv.egiz.eaaf.core.api.IRequest;
import at.gv.egiz.eaaf.core.api.IRequestStorage;
-import at.gv.egiz.eaaf.core.api.data.EAAFConstants;
+import at.gv.egiz.eaaf.core.api.data.EaafConstants;
import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
-import at.gv.egiz.eaaf.core.api.idp.IspConfiguration;
+import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration;
import at.gv.egiz.eaaf.core.api.idp.auth.IAuthenticationManager;
import at.gv.egiz.eaaf.core.api.idp.auth.ISsoManager;
import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
@@ -46,11 +54,6 @@ import at.gv.egiz.eaaf.core.impl.idp.auth.modules.ModuleRegistration;
import at.gv.egiz.eaaf.core.impl.idp.controller.protocols.RequestImpl;
import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl;
import at.gv.egiz.eaaf.core.impl.utils.TransactionIdUtils;
-import org.apache.commons.lang3.StringUtils;
-import org.apache.commons.text.StringEscapeUtils;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Autowired;
public abstract class AbstractAuthenticationManager implements IAuthenticationManager {
private static final Logger log = LoggerFactory.getLogger(AbstractAuthenticationManager.class);
@@ -73,14 +76,14 @@ public abstract class AbstractAuthenticationManager implements IAuthenticationMa
protected IRevisionLogger revisionsLogger;
@Autowired(required = false)
protected ISsoManager ssoManager;
- @Autowired ModuleRegistration moduleRegistration;
+ @Autowired
+ ModuleRegistration moduleRegistration;
/*
* (non-Javadoc)
*
- * @see
- * at.gv.egiz.eaaf.core.impl.idp.auth.IAuthenticationManager#addParameterNameToWhiteList(java.lang
- * .String)
+ * @see at.gv.egiz.eaaf.core.impl.idp.auth.IAuthenticationManager#
+ * addParameterNameToWhiteList(java.lang .String)
*/
@Override
public final void addParameterNameToWhiteList(final String httpReqParam) {
@@ -93,9 +96,8 @@ public abstract class AbstractAuthenticationManager implements IAuthenticationMa
/*
* (non-Javadoc)
*
- * @see
- * at.gv.egiz.eaaf.core.impl.idp.auth.IAuthenticationManager#addHeaderNameToWhiteList(java.lang.
- * String)
+ * @see at.gv.egiz.eaaf.core.impl.idp.auth.IAuthenticationManager#
+ * addHeaderNameToWhiteList(java.lang. String)
*/
@Override
public final void addHeaderNameToWhiteList(final String httpReqParam) {
@@ -108,9 +110,8 @@ public abstract class AbstractAuthenticationManager implements IAuthenticationMa
/*
* (non-Javadoc)
*
- * @see
- * at.gv.egiz.eaaf.core.impl.idp.auth.IAuthenticationManager#addHeaderNameToWhiteList(java.lang.
- * String)
+ * @see at.gv.egiz.eaaf.core.impl.idp.auth.IAuthenticationManager#
+ * addHeaderNameToWhiteList(java.lang. String)
*/
@Override
public final boolean doAuthentication(final HttpServletRequest httpReq,
@@ -124,7 +125,7 @@ public abstract class AbstractAuthenticationManager implements IAuthenticationMa
}
// load OA configuration from pending request
- final IspConfiguration oaParam = pendingReq.getServiceProviderConfiguration();
+ final ISpConfiguration oaParam = pendingReq.getServiceProviderConfiguration();
// set logging context and log unique OA identifier to revision log
TransactionIdUtils.setServiceProviderId(oaParam.getUniqueIdentifier());
@@ -137,7 +138,6 @@ public abstract class AbstractAuthenticationManager implements IAuthenticationMa
throw new NoPassivAuthenticationException();
}
-
// check Single Sign-On functionality if SSOManager is available
boolean isValidSsoSession = false;
if (ssoManager != null) {
@@ -149,16 +149,15 @@ public abstract class AbstractAuthenticationManager implements IAuthenticationMa
isValidSsoSession = ssoManager.checkAndValidateSsoSession(pendingReq, httpReq, httpResp)
&& pendingReq.needSingleSignOnFunctionality();
-
}
// check if session is already authenticated
- // boolean isSessionAuthenticated = tryPerformAuthentication((RequestImpl) pendingReq,
+ // boolean isSessionAuthenticated = tryPerformAuthentication((RequestImpl)
+ // pendingReq,
// isValidSSOSession);
// boolean isSessionAuthenticated = isValidSSOSession &&
// StringUtils.isNotEmpty(pendingReq.getSSOSessionIdentifier());
-
// force new authentication authentication process
if (pendingReq.forceAuth()) {
startAuthenticationProcess(httpReq, (RequestImpl) pendingReq);
@@ -169,7 +168,6 @@ public abstract class AbstractAuthenticationManager implements IAuthenticationMa
sendSingleSignOnConsentsEvaluation((RequestImpl) pendingReq);
return false;
-
} else if (pendingReq.isPassiv()) {
if (isValidSsoSession
&& StringUtils.isNotEmpty(pendingReq.getInternalSsoSessionIdentifier())) {
@@ -207,7 +205,6 @@ public abstract class AbstractAuthenticationManager implements IAuthenticationMa
log.debug("Close session. Remove pending request ... ");
requestStoreage.removePendingRequest(pendingReq.getPendingRequestId());
-
if (ssoManager != null) {
try {
log.trace("'SSOManager' active. Search for active SSO sessions ... ");
@@ -229,11 +226,11 @@ public abstract class AbstractAuthenticationManager implements IAuthenticationMa
/**
* Populate process execution context and start process engine.
*
- * @param httpReq http request
+ * @param httpReq http request
* @param pendingReq current pending request
* @throws ServletException In case of a servlet error
- * @throws IOException In case of an IO error
- * @throws EaafException In case of EAAF processing error
+ * @throws IOException In case of an IO error
+ * @throws EaafException In case of EAAF processing error
*/
private void startAuthenticationProcess(final HttpServletRequest httpReq,
final RequestImpl pendingReq) throws EaafException {
@@ -245,15 +242,15 @@ public abstract class AbstractAuthenticationManager implements IAuthenticationMa
final ExecutionContext executionContext = new ExecutionContextImpl();
// set oaIdentifeir
- executionContext.put(EAAFConstants.PROCESS_ENGINE_SERVICE_PROVIDER_ENTITYID,
+ executionContext.put(EaafConstants.PROCESS_ENGINE_SERVICE_PROVIDER_ENTITYID,
pendingReq.getServiceProviderConfiguration().getUniqueIdentifier());
// add X509 SSL client certificate if exist
if (httpReq.getAttribute("javax.servlet.request.X509Certificate") != null) {
log.debug("Find SSL-client-certificate on request --> Add it to context");
- executionContext.put(EAAFConstants.PROCESS_ENGINE_SSL_CLIENT_CERTIFICATE,
+ executionContext.put(EaafConstants.PROCESS_ENGINE_SSL_CLIENT_CERTIFICATE,
(X509Certificate[]) httpReq.getAttribute("javax.servlet.request.X509Certificate"));
- pendingReq.setRawDataToTransaction(EAAFConstants.PROCESS_ENGINE_SSL_CLIENT_CERTIFICATE,
+ pendingReq.setRawDataToTransaction(EaafConstants.PROCESS_ENGINE_SSL_CLIENT_CERTIFICATE,
httpReq.getAttribute("javax.servlet.request.X509Certificate"));
}
@@ -287,8 +284,6 @@ public abstract class AbstractAuthenticationManager implements IAuthenticationMa
}
}
-
-
// populate more IDP specific information to execution context
populateExecutionContext(executionContext, pendingReq, httpReq);
@@ -301,8 +296,8 @@ public abstract class AbstractAuthenticationManager implements IAuthenticationMa
* Add additional parameters into context of process-engine.
*
* @param executionContext Process-engine context
- * @param pendingReq Current pending request
- * @param httpReq http request
+ * @param pendingReq Current pending request
+ * @param httpReq http request
*
* @throws EaafException In case of an error
*/
@@ -314,8 +309,8 @@ public abstract class AbstractAuthenticationManager implements IAuthenticationMa
*
* @param pendingReq current pending request
* @throws ServletException In case of a servlet error
- * @throws IOException In case of an IO error
- * @throws EaafException In case of a EAAF processing error
+ * @throws IOException In case of an IO error
+ * @throws EaafException In case of a EAAF processing error
*/
private void sendSingleSignOnConsentsEvaluation(final RequestImpl pendingReq) throws EaafException {
@@ -333,11 +328,10 @@ public abstract class AbstractAuthenticationManager implements IAuthenticationMa
}
-
/**
* Select a specific process and starting process engine.
*
- * @param pendingReq current pending request
+ * @param pendingReq current pending request
* @param executionContext current context for process-engine
* @throws EaafException In case of an process-engine error
*/
@@ -345,7 +339,7 @@ public abstract class AbstractAuthenticationManager implements IAuthenticationMa
final ExecutionContext executionContext) throws EaafException {
try {
// put pending-request ID on execurtionContext
- executionContext.put(EAAFConstants.PROCESS_ENGINE_PENDINGREQUESTID,
+ executionContext.put(EaafConstants.PROCESS_ENGINE_PENDINGREQUESTID,
pendingReq.getPendingRequestId());
// create process instance
@@ -354,7 +348,7 @@ public abstract class AbstractAuthenticationManager implements IAuthenticationMa
if (processDefinitionId == null) {
log.warn("No suitable process found for PendingReqId " + pendingReq.getPendingRequestId());
- throw new EaafException("process.02", new Object[] {pendingReq.getPendingRequestId()});
+ throw new EaafException("process.02", new Object[] { pendingReq.getPendingRequestId() });
}
@@ -383,7 +377,7 @@ public abstract class AbstractAuthenticationManager implements IAuthenticationMa
}
throw new EaafException("process.01",
- new Object[] {pendingReq.getProcessInstanceId(), pendingReq.getPendingRequestId()}, e);
+ new Object[] { pendingReq.getProcessInstanceId(), pendingReq.getPendingRequestId() }, e);
}
}
diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/RequestStorage.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/RequestStorage.java
index 1afa879f..0834aa7c 100644
--- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/RequestStorage.java
+++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/RequestStorage.java
@@ -19,6 +19,12 @@
package at.gv.egiz.eaaf.core.impl.idp.auth;
+import org.apache.commons.lang3.StringUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Service;
+
import at.gv.egiz.eaaf.core.api.IRequest;
import at.gv.egiz.eaaf.core.api.IRequestStorage;
import at.gv.egiz.eaaf.core.api.idp.process.ProcessInstanceStoreDao;
@@ -29,11 +35,6 @@ import at.gv.egiz.eaaf.core.exceptions.EaafStorageException;
import at.gv.egiz.eaaf.core.exceptions.PendingReqIdValidationException;
import at.gv.egiz.eaaf.core.impl.idp.controller.protocols.RequestImpl;
import at.gv.egiz.eaaf.core.impl.utils.TransactionIdUtils;
-import org.apache.commons.lang3.StringUtils;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.stereotype.Service;
@Service("RequestStorage")
public class RequestStorage implements IRequestStorage {
@@ -155,8 +156,8 @@ public class RequestStorage implements IRequestStorage {
* (non-Javadoc)
*
* @see
- * at.gv.egovernment.moa.id.storage.IRequestStorage#changePendingRequestID(at.gv.egovernment.moa.
- * id.moduls.IRequest)
+ * at.gv.egovernment.moa.id.storage.IRequestStorage#changePendingRequestID(at.gv
+ * .egovernment.moa. id.moduls.IRequest)
*/
@Override
public String changePendingRequestID(final IRequest pendingRequest) throws EaafException {
@@ -169,13 +170,13 @@ public class RequestStorage implements IRequestStorage {
.getPendingRequestIdWithOutChecks(pendingRequest.getPendingRequestId());
} catch (final PendingReqIdValidationException e) {
- // it's no problem, because it must be valid before when pending-request was loaded and we
+ // it's no problem, because it must be valid before when pending-request was
+ // loaded and we
// change it now
oldInternalRequestID = e.getInvalidInternalPendingReqId();
}
-
// generate new pendingReqId and get internalPendingReqId
final String newRequestID = pendingReqIdGenerationStrategy.generateExternalPendingRequestId();
log.debug("Change pendingRequestID from " + pendingRequest.getPendingRequestId() + " to "
@@ -189,11 +190,10 @@ public class RequestStorage implements IRequestStorage {
} catch (final PendingReqIdValidationException e) {
throw new EaafException("internal.99",
- new Object[] {"Generate invalid pendingRequestId. Something looks WRONG"}, e);
+ new Object[] { "Generate invalid pendingRequestId. Something looks WRONG" }, e);
}
-
// change Key in cache
transactionStorage.changeKey(oldInternalRequestID, newInternalPendingRequestId,
pendingRequest);
diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/builder/AbstractAuthenticationDataBuilder.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/builder/AbstractAuthenticationDataBuilder.java
index b12658f5..f5c687f1 100644
--- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/builder/AbstractAuthenticationDataBuilder.java
+++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/builder/AbstractAuthenticationDataBuilder.java
@@ -25,14 +25,26 @@ import java.io.InputStream;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Map.Entry;
+
+import org.apache.commons.lang3.StringUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.lang.NonNull;
+import org.springframework.util.Assert;
+import org.springframework.util.Base64Utils;
+import org.w3c.dom.DOMException;
+import org.w3c.dom.Element;
+import org.w3c.dom.Node;
+
import at.gv.egiz.eaaf.core.api.IRequest;
-import at.gv.egiz.eaaf.core.api.data.EAAFConstants;
-import at.gv.egiz.eaaf.core.api.data.ExtendedPVPAttributeDefinitions;
-import at.gv.egiz.eaaf.core.api.data.PVPAttributeDefinitions;
+import at.gv.egiz.eaaf.core.api.data.EaafConstants;
+import at.gv.egiz.eaaf.core.api.data.ExtendedPvpAttributeDefinitions;
+import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions;
import at.gv.egiz.eaaf.core.api.idp.IAuthData;
import at.gv.egiz.eaaf.core.api.idp.IAuthenticationDataBuilder;
import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP;
-import at.gv.egiz.eaaf.core.api.idp.IspConfiguration;
+import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration;
import at.gv.egiz.eaaf.core.api.idp.auth.data.IAuthProcessDataContainer;
import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink;
import at.gv.egiz.eaaf.core.exceptions.EaafAuthenticationException;
@@ -47,17 +59,6 @@ import at.gv.egiz.eaaf.core.impl.idp.AuthenticationData;
import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper;
import at.gv.egiz.eaaf.core.impl.idp.auth.data.SimpleIdentityLinkAssertionParser;
import at.gv.egiz.eaaf.core.impl.utils.XPathUtils;
-import org.apache.commons.lang3.StringUtils;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.lang.NonNull;
-import org.springframework.util.Assert;
-import org.springframework.util.Base64Utils;
-import org.w3c.dom.DOMException;
-import org.w3c.dom.Element;
-import org.w3c.dom.Node;
-
public abstract class AbstractAuthenticationDataBuilder implements IAuthenticationDataBuilder {
private static final Logger log =
@@ -83,7 +84,7 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati
pendingReq.getSessionData(AuthProcessDataWrapper.class);
try {
- if (authProcessData.isEIDProcess()) {
+ if (authProcessData.isEidProcess()) {
log.debug("Building AuthData from new E-ID information ... ");
authData = getAuthDataInstance(pendingReq);
Assert.notNull(authData, "AuthData is null");
@@ -107,7 +108,7 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati
} catch (XPathException | DOMException | EaafException e) {
log.warn("Can not build authentication data from auth. process information");
- throw new EaafAuthenticationException("builder.11", new Object[] {e.getMessage()}, e);
+ throw new EaafAuthenticationException("builder.11", new Object[] { e.getMessage() }, e);
}
@@ -127,8 +128,8 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati
protected abstract IAuthData getAuthDataInstance(IRequest pendingReq) throws EaafException;
/**
- * Build service-specific AuthData by using information from E-ID This builder uses vSZ, MDS and
- * Consent as input information.
+ * Build service-specific AuthData by using information from E-ID This builder
+ * uses vSZ, MDS and Consent as input information.
*
* @param pendingReq current pendingRequest
* @return {@link IAuthData} but never <code>null</code>
@@ -137,13 +138,13 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati
protected abstract void buildServiceSpecificAuthenticationData(IAuthData authData,
IRequest pendingReq) throws EaafException;
-
/**
* Add generic E-ID information into already existing AuthData.
*
- * @param authData AuthData object
- * @param authProcessData Authentication information holder from current pending request
- * @param pendingReq current pending request
+ * @param authData AuthData object
+ * @param authProcessData Authentication information holder from current pending
+ * request
+ * @param pendingReq current pending request
*/
private void buildInternalAuthDataGeneric(@NonNull final IAuthData authData,
@NonNull final IAuthProcessDataContainer authProcessData,
@@ -164,7 +165,8 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati
// TODO: check if it is needed
// if (authProcessData.getGenericSessionDataStorage() != null &&
// !authProcessData.getGenericSessionDataStorage().isEmpty())
- // includedToGenericAuthData = authProcessData.getGenericSessionDataStorage().keySet();
+ // includedToGenericAuthData =
+ // authProcessData.getGenericSessionDataStorage().keySet();
// else
includedToGenericAuthData = new ArrayList<>();
@@ -178,31 +180,28 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati
// ####################################################
// set MDS and vSZ
internalAuthData.setFamilyName(authProcessData
- .getGenericDataFromSession(PVPAttributeDefinitions.PRINCIPAL_NAME_NAME, String.class));
+ .getGenericDataFromSession(PvpAttributeDefinitions.PRINCIPAL_NAME_NAME, String.class));
internalAuthData.setGivenName(authProcessData
- .getGenericDataFromSession(PVPAttributeDefinitions.GIVEN_NAME_NAME, String.class));
+ .getGenericDataFromSession(PvpAttributeDefinitions.GIVEN_NAME_NAME, String.class));
internalAuthData.setDateOfBirth(authProcessData
- .getGenericDataFromSession(PVPAttributeDefinitions.BIRTHDATE_NAME, String.class));
+ .getGenericDataFromSession(PvpAttributeDefinitions.BIRTHDATE_NAME, String.class));
internalAuthData.setEncSourceId(authProcessData.getGenericDataFromSession(
- ExtendedPVPAttributeDefinitions.EID_ENCRYPTED_SOURCEID_NAME, String.class));
+ ExtendedPvpAttributeDefinitions.EID_ENCRYPTED_SOURCEID_NAME, String.class));
internalAuthData.setEncSourceIdType(authProcessData.getGenericDataFromSession(
- ExtendedPVPAttributeDefinitions.EID_ENCRYPTED_SOURCEID_TYPE_NAME, String.class));
+ ExtendedPvpAttributeDefinitions.EID_ENCRYPTED_SOURCEID_TYPE_NAME, String.class));
// ####################################################
// set QAA level
setQaaLevel(internalAuthData, authProcessData);
-
// ####################################################
// set isForeigner flag
setFlagForeigner(internalAuthData, authProcessData);
-
// ####################################################
// set citizen country-code
setCitizenCountryCode(internalAuthData, authProcessData);
-
// set generic authProcessData to authdata
for (final Entry<String, Object> el : authProcessData.getGenericSessionDataStorage()
.entrySet()) {
@@ -220,33 +219,33 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati
}
-
}
/**
* Parse citzen country-code into AuthData.
*
- * @param authData Current authentication data
- * @param authProcessData Authentication information holder from current pending request
+ * @param authData Current authentication data
+ * @param authProcessData Authentication information holder from current pending
+ * request
*/
private void setCitizenCountryCode(final AuthenticationData authData,
final IAuthProcessDataContainer authProcessData) {
- includedToGenericAuthData.remove(PVPAttributeDefinitions.EID_ISSUING_NATION_NAME);
+ includedToGenericAuthData.remove(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME);
final String pvpCccAttr = authProcessData
- .getGenericDataFromSession(PVPAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class);
+ .getGenericDataFromSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class);
if (StringUtils.isNotEmpty(pvpCccAttr)) {
authData.setCiticenCountryCode(pvpCccAttr);
- log.debug("Find PVP-Attr: " + PVPAttributeDefinitions.EID_ISSUING_NATION_FRIENDLY_NAME);
+ log.debug("Find PVP-Attr: " + PvpAttributeDefinitions.EID_ISSUING_NATION_FRIENDLY_NAME);
} else {
if (authData.isForeigner()) {
- //TODO:
+ // TODO:
log.warn("Foreign citizen country NOT set yet!");
} else {
authData.setCiticenCountryCode(basicConfig.getBasicConfiguration(
IConfigurationWithSP.CONFIG_PROPS_AUTH_DEFAULT_COUNTRYCODE,
- EAAFConstants.COUNTRYCODE_AUSTRIA));
+ EaafConstants.COUNTRYCODE_AUSTRIA));
}
}
@@ -256,28 +255,29 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati
/**
* parse QAA Level into AuthData.
*
- * @param authData current authentication data
- * @param authProcessData Authentication information holder from current pending request
- * @param pendingReq current pending request
+ * @param authData current authentication data
+ * @param authProcessData Authentication information holder from current pending
+ * request
+ * @param pendingReq current pending request
*/
private void setQaaLevel(@NonNull final AuthenticationData authData,
@NonNull final IAuthProcessDataContainer authProcessData) {
- includedToGenericAuthData.remove(PVPAttributeDefinitions.EID_CITIZEN_EIDAS_QAA_LEVEL_NAME);
+ includedToGenericAuthData.remove(PvpAttributeDefinitions.EID_CITIZEN_EIDAS_QAA_LEVEL_NAME);
String currentLoA = null;
- if (StringUtils.isNotEmpty(authProcessData.getQAALevel())) {
- currentLoA = authProcessData.getQAALevel();
+ if (StringUtils.isNotEmpty(authProcessData.getQaaLevel())) {
+ currentLoA = authProcessData.getQaaLevel();
} else {
currentLoA = authProcessData.getGenericDataFromSession(
- PVPAttributeDefinitions.EID_CITIZEN_EIDAS_QAA_LEVEL_NAME, String.class);
+ PvpAttributeDefinitions.EID_CITIZEN_EIDAS_QAA_LEVEL_NAME, String.class);
if (StringUtils.isNotEmpty(currentLoA)) {
log.debug(
- "Find PVP-Attr '" + PVPAttributeDefinitions.EID_CITIZEN_EIDAS_QAA_LEVEL_FRIENDLY_NAME
+ "Find PVP-Attr '" + PvpAttributeDefinitions.EID_CITIZEN_EIDAS_QAA_LEVEL_FRIENDLY_NAME
+ "':" + currentLoA + " --> Parse QAA-Level from that attribute.");
}
}
if (StringUtils.isNotEmpty(currentLoA)) {
- if (currentLoA.startsWith(EAAFConstants.EIDAS_LOA_PREFIX)) {
+ if (currentLoA.startsWith(EaafConstants.EIDAS_LOA_PREFIX)) {
authData.setEidasLoa(currentLoA);
} else {
@@ -285,20 +285,19 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati
}
} else {
- log.info("No QAA level found. Set to default level " + EAAFConstants.EIDAS_LOA_LOW);
- authData.setEidasLoa(EAAFConstants.EIDAS_LOA_LOW);
+ log.info("No QAA level found. Set to default level " + EaafConstants.EIDAS_LOA_LOW);
+ authData.setEidasLoa(EaafConstants.EIDAS_LOA_LOW);
}
}
-
private void setFlagForeigner(final AuthenticationData authData,
final IAuthProcessDataContainer authProcessData) {
// TODO: change to new eIDAS-token attribute identifier
if (authProcessData
- .getGenericDataFromSession(PVPAttributeDefinitions.EID_STORK_TOKEN_NAME) != null) {
- log.debug("Find PVP-Attr: " + PVPAttributeDefinitions.EID_STORK_TOKEN_FRIENDLY_NAME
+ .getGenericDataFromSession(PvpAttributeDefinitions.EID_STORK_TOKEN_NAME) != null) {
+ log.debug("Find PVP-Attr: " + PvpAttributeDefinitions.EID_STORK_TOKEN_FRIENDLY_NAME
+ " --> Set 'isForeigner' flag to TRUE");
authData.setForeigner(true);
@@ -309,8 +308,9 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati
}
/**
- * Build authentication data by using information from citizen-card or mobile-phone signature This
- * builder uses IdentityLink, AuthBlock, full MIS mandate as input information.
+ * Build authentication data by using information from citizen-card or
+ * mobile-phone signature This builder uses IdentityLink, AuthBlock, full MIS
+ * mandate as input information.
*
* @param pendingReq current pendingRequest
* @return {@link IAuthData} but never <code>null</code>
@@ -340,7 +340,6 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati
authData.setBaseIdTransferRestrication(
pendingReq.getServiceProviderConfiguration().hasBaseIdTransferRestriction());
-
// ####################################################
// parse user info's from identityLink
IIdentityLink idlFromPvpAttr = null;
@@ -351,10 +350,10 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati
} else {
// identityLink is not direct in MOASession
final String pvpAttrIdl = authProcessData
- .getGenericDataFromSession(PVPAttributeDefinitions.EID_IDENTITY_LINK_NAME, String.class);
+ .getGenericDataFromSession(PvpAttributeDefinitions.EID_IDENTITY_LINK_NAME, String.class);
// find PVP-Attr. which contains the IdentityLink
if (StringUtils.isNotEmpty(pvpAttrIdl)) {
- log.debug("Find PVP-Attr: " + PVPAttributeDefinitions.EID_IDENTITY_LINK_FRIENDLY_NAME
+ log.debug("Find PVP-Attr: " + PvpAttributeDefinitions.EID_IDENTITY_LINK_FRIENDLY_NAME
+ " --> Parse basic user info's from that attribute.");
InputStream idlStream = null;
try {
@@ -373,7 +372,7 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati
} finally {
try {
- includedToGenericAuthData.remove(PVPAttributeDefinitions.EID_IDENTITY_LINK_NAME);
+ includedToGenericAuthData.remove(PvpAttributeDefinitions.EID_IDENTITY_LINK_NAME);
if (idlStream != null) {
idlStream.close();
}
@@ -390,28 +389,28 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati
log.debug(
"No IdentityLink found or not parseable --> Parse basic user info's from single PVP-Attributes.");
authData.setFamilyName(authProcessData
- .getGenericDataFromSession(PVPAttributeDefinitions.PRINCIPAL_NAME_NAME, String.class));
+ .getGenericDataFromSession(PvpAttributeDefinitions.PRINCIPAL_NAME_NAME, String.class));
authData.setGivenName(authProcessData
- .getGenericDataFromSession(PVPAttributeDefinitions.GIVEN_NAME_NAME, String.class));
+ .getGenericDataFromSession(PvpAttributeDefinitions.GIVEN_NAME_NAME, String.class));
authData.setDateOfBirth(authProcessData
- .getGenericDataFromSession(PVPAttributeDefinitions.BIRTHDATE_NAME, String.class));
+ .getGenericDataFromSession(PvpAttributeDefinitions.BIRTHDATE_NAME, String.class));
authData.setIdentificationValue(authProcessData
- .getGenericDataFromSession(PVPAttributeDefinitions.EID_SOURCE_PIN_NAME, String.class));
+ .getGenericDataFromSession(PvpAttributeDefinitions.EID_SOURCE_PIN_NAME, String.class));
authData.setIdentificationType(authProcessData.getGenericDataFromSession(
- PVPAttributeDefinitions.EID_SOURCE_PIN_TYPE_NAME, String.class));
+ PvpAttributeDefinitions.EID_SOURCE_PIN_TYPE_NAME, String.class));
// remove corresponding keys from genericSessionData if exists
- includedToGenericAuthData.remove(PVPAttributeDefinitions.PRINCIPAL_NAME_NAME);
- includedToGenericAuthData.remove(PVPAttributeDefinitions.GIVEN_NAME_NAME);
- includedToGenericAuthData.remove(PVPAttributeDefinitions.BIRTHDATE_NAME);
- includedToGenericAuthData.remove(PVPAttributeDefinitions.EID_SOURCE_PIN_NAME);
- includedToGenericAuthData.remove(PVPAttributeDefinitions.EID_SOURCE_PIN_TYPE_NAME);
+ includedToGenericAuthData.remove(PvpAttributeDefinitions.PRINCIPAL_NAME_NAME);
+ includedToGenericAuthData.remove(PvpAttributeDefinitions.GIVEN_NAME_NAME);
+ includedToGenericAuthData.remove(PvpAttributeDefinitions.BIRTHDATE_NAME);
+ includedToGenericAuthData.remove(PvpAttributeDefinitions.EID_SOURCE_PIN_NAME);
+ includedToGenericAuthData.remove(PvpAttributeDefinitions.EID_SOURCE_PIN_TYPE_NAME);
}
}
if (authData.getIdentificationType() != null
- && !authData.getIdentificationType().equals(EAAFConstants.URN_PREFIX_BASEID)) {
+ && !authData.getIdentificationType().equals(EaafConstants.URN_PREFIX_BASEID)) {
log.trace("IdentificationType is not a baseID --> clear it. ");
authData.setBpk(authData.getIdentificationValue());
authData.setBpkType(authData.getIdentificationType());
@@ -420,22 +419,18 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati
authData.setIdentificationType(null);
}
-
// ####################################################
// set QAA level
setQaaLevel(authData, authProcessData);
-
// ####################################################
// set isForeigner flag
setFlagForeigner(authData, authProcessData);
-
// ####################################################
// set citizen country-code
setCitizenCountryCode(authData, authProcessData);
-
// ####################################################
// set bPK and IdentityLink
final String pvpBpkValue = getBpkValueFromPvpAttribute(authProcessData);
@@ -449,12 +444,12 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati
log.info(
"Can not build authData, because moaSession include no bPK, encrypted bPK or baseID");
throw new EaafBuilderException("builder.08",
- new Object[] {"No " + PVPAttributeDefinitions.BPK_FRIENDLY_NAME + " or "
- + PVPAttributeDefinitions.EID_SOURCE_PIN_FRIENDLY_NAME + " or "
- + PVPAttributeDefinitions.ENC_BPK_LIST_FRIENDLY_NAME},
- "No " + PVPAttributeDefinitions.BPK_FRIENDLY_NAME + " or "
- + PVPAttributeDefinitions.EID_SOURCE_PIN_FRIENDLY_NAME + " or "
- + PVPAttributeDefinitions.ENC_BPK_LIST_FRIENDLY_NAME);
+ new Object[] { "No " + PvpAttributeDefinitions.BPK_FRIENDLY_NAME + " or "
+ + PvpAttributeDefinitions.EID_SOURCE_PIN_FRIENDLY_NAME + " or "
+ + PvpAttributeDefinitions.ENC_BPK_LIST_FRIENDLY_NAME },
+ "No " + PvpAttributeDefinitions.BPK_FRIENDLY_NAME + " or "
+ + PvpAttributeDefinitions.EID_SOURCE_PIN_FRIENDLY_NAME + " or "
+ + PvpAttributeDefinitions.ENC_BPK_LIST_FRIENDLY_NAME);
}
@@ -513,10 +508,10 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati
"Can not build authData, because moaSession include no valid bPK, encrypted bPK or sourceID");
throw new EaafBuilderException("builder.13",
new Object[] {
- pendingReq.getServiceProviderConfiguration().getAreaSpecificTargetIdentifier()},
- "No valid " + PVPAttributeDefinitions.BPK_FRIENDLY_NAME + " or "
- + PVPAttributeDefinitions.EID_SOURCE_PIN_FRIENDLY_NAME + " or "
- + PVPAttributeDefinitions.ENC_BPK_LIST_FRIENDLY_NAME);
+ pendingReq.getServiceProviderConfiguration().getAreaSpecificTargetIdentifier() },
+ "No valid " + PvpAttributeDefinitions.BPK_FRIENDLY_NAME + " or "
+ + PvpAttributeDefinitions.EID_SOURCE_PIN_FRIENDLY_NAME + " or "
+ + PvpAttributeDefinitions.ENC_BPK_LIST_FRIENDLY_NAME);
}
}
@@ -536,7 +531,7 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati
@Deprecated
protected abstract Pair<String, String> getEncryptedBpkFromPvpAttribute(
IAuthProcessDataContainer authProcessDataContainer, AuthenticationData authData,
- IspConfiguration spConfig) throws EaafBuilderException;
+ ISpConfiguration spConfig) throws EaafBuilderException;
// request baseId from SRZ
@Deprecated
@@ -546,13 +541,13 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati
@Deprecated
protected Pair<String, String> buildOAspecificbPK(final IRequest pendingReq,
final AuthenticationData authData) throws EaafBuilderException {
- final IspConfiguration oaParam = pendingReq.getServiceProviderConfiguration();
+ final ISpConfiguration oaParam = pendingReq.getServiceProviderConfiguration();
final String baseID = authData.getIdentificationValue();
final String baseIdType = authData.getIdentificationType();
Pair<String, String> sectorSpecId = null;
- if (EAAFConstants.URN_PREFIX_BASEID.equals(baseIdType)) {
+ if (EaafConstants.URN_PREFIX_BASEID.equals(baseIdType)) {
// SAML1 legacy target parameter work-around
final String spTargetId = oaParam.getAreaSpecificTargetIdentifier();
log.debug("Use OA target identifier '" + spTargetId + "' from configuration");
@@ -575,7 +570,7 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati
}
@Deprecated
- protected IIdentityLink buildOAspecificIdentityLink(final IspConfiguration spConfig,
+ protected IIdentityLink buildOAspecificIdentityLink(final ISpConfiguration spConfig,
final IIdentityLink idl, final String bpk, final String bpkType)
throws EaafConfigurationException, XPathException, DOMException, EaafParserException {
if (spConfig.hasBaseIdTransferRestriction()) {
@@ -607,10 +602,11 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati
*
* @param oaParam Service-Provider configuration, never null
* @param bpkType bPK-Type to check
- * @return true, if bPK-Type matchs to Service-Provider configuration, otherwise false
+ * @return true, if bPK-Type matchs to Service-Provider configuration, otherwise
+ * false
*/
@Deprecated
- protected boolean matchsReceivedBpkToOnlineApplication(final IspConfiguration oaParam,
+ protected boolean matchsReceivedBpkToOnlineApplication(final ISpConfiguration oaParam,
final String bpkType) {
return oaParam.getAreaSpecificTargetIdentifier().equals(bpkType);
@@ -619,9 +615,10 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati
/**
* Parse information from an IdentityLink into AuthData object.
*
- * @param authData current authentication data
- * @param identityLink User's identityLink
- * @param includedGenericSessionData Generic AuthSession Data from PVP attributes
+ * @param authData current authentication data
+ * @param identityLink User's identityLink
+ * @param includedGenericSessionData Generic AuthSession Data from PVP
+ * attributes
*/
@Deprecated
private void parseBasicUserInfosFromIdl(final AuthenticationData authData,
@@ -631,10 +628,11 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati
/*
* GivenNames and FamilyNames with simple Apostrophe were escaped with &#39; in
- * IdentityLinkParser since 5 years. This feature was bug-fix for an SL1.0 AuthBlock problem.
- * However, the authentication attributes (SAML2, eIDAS, OpenID-Connect) also includes this
- * escaped values, but there it is not neccesary. We fix this problem in 3.4.3, but the fix can
- * be deactivated for dependency reasons.
+ * IdentityLinkParser since 5 years. This feature was bug-fix for an SL1.0
+ * AuthBlock problem. However, the authentication attributes (SAML2, eIDAS,
+ * OpenID-Connect) also includes this escaped values, but there it is not
+ * neccesary. We fix this problem in 3.4.3, but the fix can be deactivated for
+ * dependency reasons.
*/
if (basicConfig.getBasicConfigurationBoolean(CONFIG_PROP_ENABLE_IDL_ATTRIBUTE_ESCAPEING,
false)) {
@@ -649,35 +647,37 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati
authData.setDateOfBirth(identityLink.getDateOfBirth());
-
// remove corresponding keys from genericSessionData if exists
- includedGenericSessionData.remove(PVPAttributeDefinitions.PRINCIPAL_NAME_NAME);
- includedGenericSessionData.remove(PVPAttributeDefinitions.GIVEN_NAME_NAME);
- includedGenericSessionData.remove(PVPAttributeDefinitions.BIRTHDATE_NAME);
- includedGenericSessionData.remove(PVPAttributeDefinitions.EID_SOURCE_PIN_NAME);
- includedGenericSessionData.remove(PVPAttributeDefinitions.EID_SOURCE_PIN_TYPE_NAME);
+ includedGenericSessionData.remove(PvpAttributeDefinitions.PRINCIPAL_NAME_NAME);
+ includedGenericSessionData.remove(PvpAttributeDefinitions.GIVEN_NAME_NAME);
+ includedGenericSessionData.remove(PvpAttributeDefinitions.BIRTHDATE_NAME);
+ includedGenericSessionData.remove(PvpAttributeDefinitions.EID_SOURCE_PIN_NAME);
+ includedGenericSessionData.remove(PvpAttributeDefinitions.EID_SOURCE_PIN_TYPE_NAME);
}
/**
- * Get bPK from PVP Attribute 'BPK_NAME', which could be exist in MOASession as 'GenericData'. <br>
+ * Get bPK from PVP Attribute 'BPK_NAME', which could be exist in MOASession as
+ * 'GenericData'. <br>
*
* <pre>
* <code>session.getGenericDataFromSession(PVPConstants.BPK_NAME, String.class)</code>
* </pre>
*
* @param session MOASession, but never null
- * @return bPK, which was received by PVP-Attribute, or <code>null</code> if no attribute exists
+ * @return bPK, which was received by PVP-Attribute, or <code>null</code> if no
+ * attribute exists
*/
@Deprecated
private String getBpkValueFromPvpAttribute(final IAuthProcessDataContainer session) {
String pvpBpkValueAttr =
- session.getGenericDataFromSession(PVPAttributeDefinitions.BPK_NAME, String.class);
+ session.getGenericDataFromSession(PvpAttributeDefinitions.BPK_NAME, String.class);
if (StringUtils.isNotEmpty(pvpBpkValueAttr)) {
- // fix a wrong bPK-value prefix, which was used in some PVP Standardportal implementations
+ // fix a wrong bPK-value prefix, which was used in some PVP Standardportal
+ // implementations
if (pvpBpkValueAttr.startsWith("bPK:")) {
- log.warn("Attribute " + PVPAttributeDefinitions.BPK_NAME
+ log.warn("Attribute " + PvpAttributeDefinitions.BPK_NAME
+ " contains a not standardize prefix! Staring attribute value correction process ...");
pvpBpkValueAttr = pvpBpkValueAttr.substring("bPK:".length());
@@ -685,18 +685,16 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati
final String[] spitted = pvpBpkValueAttr.split(":");
if (spitted.length == 2) {
- log.debug("Find PVP-Attr: " + PVPAttributeDefinitions.BPK_FRIENDLY_NAME);
+ log.debug("Find PVP-Attr: " + PvpAttributeDefinitions.BPK_FRIENDLY_NAME);
return spitted[1];
-
-
} else if (spitted.length > 2) {
- log.warn("Attribute " + PVPAttributeDefinitions.BPK_NAME
+ log.warn("Attribute " + PvpAttributeDefinitions.BPK_NAME
+ " has a wrong encoding and can NOT be USED!" + " Value:" + pvpBpkValueAttr);
return null;
} else {
- log.debug("Find PVP-Attr: " + PVPAttributeDefinitions.BPK_FRIENDLY_NAME
+ log.debug("Find PVP-Attr: " + PvpAttributeDefinitions.BPK_FRIENDLY_NAME
+ " without prefix. Use it as it is");
return spitted[0];
@@ -708,49 +706,52 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati
}
/**
- * Get bPK-Type from PVP Attribute 'EID_SECTOR_FOR_IDENTIFIER_NAME', which could be exist in
- * MOASession as 'GenericData'. <br>
+ * Get bPK-Type from PVP Attribute 'EID_SECTOR_FOR_IDENTIFIER_NAME', which could
+ * be exist in MOASession as 'GenericData'. <br>
*
* <pre>
* <code>session.getGenericDataFromSession(PVPConstants.EID_SECTOR_FOR_IDENTIFIER_NAME, String.class)</code>
* </pre>
*
* @param session MOASession, but never null
- * @return bPKType, which was received by PVP-Attribute, or <code>null</code> if no attribute
- * exists
+ * @return bPKType, which was received by PVP-Attribute, or <code>null</code> if
+ * no attribute exists
*/
@Deprecated
private String getBpkTypeFromPvpAttribute(final IAuthProcessDataContainer session) {
final String pvpBpkTypeAttr = session.getGenericDataFromSession(
- PVPAttributeDefinitions.EID_SECTOR_FOR_IDENTIFIER_NAME, String.class);
+ PvpAttributeDefinitions.EID_SECTOR_FOR_IDENTIFIER_NAME, String.class);
if (StringUtils.isNotEmpty(pvpBpkTypeAttr)) {
- // //fix a wrong bPK-Type encoding, which was used in some PVP Standardportal implementations
+ // //fix a wrong bPK-Type encoding, which was used in some PVP Standardportal
+ // implementations
// if (pvpbPKTypeAttr.startsWith(EAAFConstants.URN_PREFIX_CDID) &&
// !pvpbPKTypeAttr.substring(EAAFConstants.URN_PREFIX_CDID.length(),
// EAAFConstants.URN_PREFIX_CDID.length() + 1).equals("+")) {
- // log.warn("Receive uncorrect encoded bBKType attribute " + pvpbPKTypeAttr + " Starting
+ // log.warn("Receive uncorrect encoded bBKType attribute " + pvpbPKTypeAttr + "
+ // Starting
// attribute value correction ... ");
// pvpbPKTypeAttr = EAAFConstants.URN_PREFIX_CDID + "+" +
// pvpbPKTypeAttr.substring(EAAFConstants.URN_PREFIX_CDID.length() + 1);
//
// }
log.debug(
- "Find PVP-Attr: " + PVPAttributeDefinitions.EID_SECTOR_FOR_IDENTIFIER_FRIENDLY_NAME);
+ "Find PVP-Attr: " + PvpAttributeDefinitions.EID_SECTOR_FOR_IDENTIFIER_FRIENDLY_NAME);
return pvpBpkTypeAttr;
}
return null;
-
/*
- * INFO: This code could be used to extract the bPKType from 'PVPConstants.BPK_NAME', because
- * the prefix of BPK_NAME attribute contains the postfix of the bPKType
+ * INFO: This code could be used to extract the bPKType from
+ * 'PVPConstants.BPK_NAME', because the prefix of BPK_NAME attribute contains
+ * the postfix of the bPKType
*
- * Now, all PVP Standardportals should be able to send 'EID_SECTOR_FOR_IDENTIFIER' PVP
- * attributes
+ * Now, all PVP Standardportals should be able to send
+ * 'EID_SECTOR_FOR_IDENTIFIER' PVP attributes
*/
- // String pvpbPKValueAttr = session.getGenericDataFromSession(PVPConstants.BPK_NAME,
+ // String pvpbPKValueAttr =
+ // session.getGenericDataFromSession(PVPConstants.BPK_NAME,
// String.class);
// String[] spitted = pvpbPKValueAttr.split(":");
// if (MiscUtil.isEmpty(authData.getBPKType())) {
diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/builder/BpkBuilder.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/builder/BpkBuilder.java
index 60c08253..a613bd56 100644
--- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/builder/BpkBuilder.java
+++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/builder/BpkBuilder.java
@@ -16,8 +16,6 @@
* works that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
-
package at.gv.egiz.eaaf.core.impl.idp.auth.builder;
import java.security.InvalidKeyException;
@@ -27,22 +25,26 @@ import java.security.PrivateKey;
import java.security.PublicKey;
import java.text.SimpleDateFormat;
import java.util.Date;
+
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
-import at.gv.egiz.eaaf.core.api.data.EAAFConstants;
-import at.gv.egiz.eaaf.core.exceptions.EaafBuilderException;
-import at.gv.egiz.eaaf.core.impl.data.Pair;
+
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.util.Base64Utils;
+import at.gv.egiz.eaaf.core.api.data.EaafConstants;
+import at.gv.egiz.eaaf.core.exceptions.EaafBuilderException;
+import at.gv.egiz.eaaf.core.impl.data.Pair;
+
/**
* Builder for the bPK, as defined in
- * <code>&quot;Ableitung f&uml;r die bereichsspezifische Personenkennzeichnung&quot;</code> version
- * <code>1.0.1</code> from <code>&quot;reference.e-government.gv.at&quot;</code>.
+ * <code>&quot;Ableitung f&uml;r die bereichsspezifische Personenkennzeichnung&quot;</code>
+ * version <code>1.0.1</code> from
+ * <code>&quot;reference.e-government.gv.at&quot;</code>.
*
*/
public class BpkBuilder {
@@ -51,58 +53,60 @@ public class BpkBuilder {
/**
* Calculates an area specific unique person-identifier from a baseID.
*
- * @param baseID baseId from user but never null
- * @param targetIdentifier target identifier for area specific identifier calculation but never
- * null
- * @return Pair consists of (unique person identifier for this target, targetArea) but never null
+ * @param baseID baseId from user but never null
+ * @param targetIdentifier target identifier for area specific identifier
+ * calculation but never null
+ * @return Pair consists of (unique person identifier for this target,
+ * targetArea) but never null
* @throws EaafBuilderException if some input data are not valid
*/
public static Pair<String, String> generateAreaSpecificPersonIdentifier(final String baseID,
final String targetIdentifier) throws EaafBuilderException {
- return generateAreaSpecificPersonIdentifier(baseID, EAAFConstants.URN_PREFIX_BASEID,
+ return generateAreaSpecificPersonIdentifier(baseID, EaafConstants.URN_PREFIX_BASEID,
targetIdentifier);
}
/**
- * Calculates an area specific unique person-identifier from an unique identifier with a specific
- * type.
+ * Calculates an area specific unique person-identifier from an unique
+ * identifier with a specific type.
*
- * @param baseID baseId from user but never null
- * @param baseIdType Type of the baseID but never null
- * @param targetIdentifier target identifier for area specific identifier calculation but never
- * null
- * @return Pair consists of (unique person identifier for this target, targetArea) but never null
+ * @param baseID baseId from user but never null
+ * @param baseIdType Type of the baseID but never null
+ * @param targetIdentifier target identifier for area specific identifier
+ * calculation but never null
+ * @return Pair consists of (unique person identifier for this target,
+ * targetArea) but never null
* @throws EaafBuilderException if some input data are not valid
*/
public static Pair<String, String> generateAreaSpecificPersonIdentifier(final String baseID,
final String baseIdType, final String targetIdentifier) throws EaafBuilderException {
if (StringUtils.isEmpty(baseID)) {
- throw new EaafBuilderException("builder.00", new Object[] {"baseID is empty or null"},
+ throw new EaafBuilderException("builder.00", new Object[] { "baseID is empty or null" },
"BaseId is empty or null");
}
if (StringUtils.isEmpty(baseIdType)) {
throw new EaafBuilderException("builder.00",
- new Object[] {"the type of baseID is empty or null"}, "Type of baseId is empty or null");
+ new Object[] { "the type of baseID is empty or null" }, "Type of baseId is empty or null");
}
if (StringUtils.isEmpty(targetIdentifier)) {
throw new EaafBuilderException("builder.00",
- new Object[] {"SP specific target identifier is empty or null"},
+ new Object[] { "SP specific target identifier is empty or null" },
"SP specific target identifier is empty or null");
}
- if (baseIdType.equals(EAAFConstants.URN_PREFIX_BASEID)) {
+ if (baseIdType.equals(EaafConstants.URN_PREFIX_BASEID)) {
log.trace("Find baseID. Starting unique identifier caluclation for this target");
- if (targetIdentifier.startsWith(EAAFConstants.URN_PREFIX_CDID)
- || targetIdentifier.startsWith(EAAFConstants.URN_PREFIX_WBPK)) {
+ if (targetIdentifier.startsWith(EaafConstants.URN_PREFIX_CDID)
+ || targetIdentifier.startsWith(EaafConstants.URN_PREFIX_WBPK)) {
log.trace("Calculate bPK, wbPK, or STORK identifier for target: " + targetIdentifier);
return Pair.newInstance(calculatebPKwbPK(baseID + "+" + targetIdentifier),
targetIdentifier);
- } else if (targetIdentifier.startsWith(EAAFConstants.URN_PREFIX_EIDAS)) {
+ } else if (targetIdentifier.startsWith(EaafConstants.URN_PREFIX_EIDAS)) {
log.trace("Calculate eIDAS identifier for target: " + targetIdentifier);
final String[] splittedTarget = targetIdentifier.split("\\+");
final String cititzenCountryCode = splittedTarget[1];
@@ -114,15 +118,14 @@ public class BpkBuilder {
}
return buildEidasIdentifer(baseID, baseIdType, cititzenCountryCode, eidasOutboundCountry);
-
} else {
throw new EaafBuilderException("builder.00",
- new Object[] {"Target identifier: " + targetIdentifier + " is NOT allowed or unknown"},
+ new Object[] { "Target identifier: " + targetIdentifier + " is NOT allowed or unknown" },
"Target identifier: " + targetIdentifier + " is NOT allowed or unknown");
}
} else {
- log.trace("BaseID is not of type " + EAAFConstants.URN_PREFIX_BASEID
+ log.trace("BaseID is not of type " + EaafConstants.URN_PREFIX_BASEID
+ ". Check type against requested target ...");
if (baseIdType.equals(targetIdentifier)) {
log.debug("Unique identifier is already area specific. Is nothing todo");
@@ -132,8 +135,8 @@ public class BpkBuilder {
log.warn("Get unique identifier for target: " + baseIdType + " but target: "
+ targetIdentifier + " is required!");
throw new EaafBuilderException("builder.00",
- new Object[] {"Get unique identifier for target: " + baseIdType + " but target: "
- + targetIdentifier + " is required"},
+ new Object[] { "Get unique identifier for target: " + baseIdType + " but target: "
+ + targetIdentifier + " is required" },
"Get unique identifier for target: " + baseIdType + " but target: " + targetIdentifier
+ " is required");
@@ -141,14 +144,15 @@ public class BpkBuilder {
}
}
-
/**
* Builds the eIDAS from the given parameters.
*
- * @param baseId baseID of the citizen
- * @param baseIdType Type of the baseID
- * @param sourceCountry CountryCode of that country, which build the eIDAs ID
- * @param destinationCountry CountryCode of that country, which receives the eIDAs ID
+ * @param baseId baseID of the citizen
+ * @param baseIdType Type of the baseID
+ * @param sourceCountry CountryCode of that country, which build the eIDAs
+ * ID
+ * @param destinationCountry CountryCode of that country, which receives the
+ * eIDAs ID
*
* @return Pair eIDAs/bPKType in a BASE64 encoding
* @throws EaafBuilderException if some input data are not valid
@@ -160,8 +164,8 @@ public class BpkBuilder {
String bpkType = null;
// check if we have been called by public sector application
- if (baseIdType.startsWith(EAAFConstants.URN_PREFIX_BASEID)) {
- bpkType = EAAFConstants.URN_PREFIX_EIDAS + sourceCountry + "+" + destinationCountry;
+ if (baseIdType.startsWith(EaafConstants.URN_PREFIX_BASEID)) {
+ bpkType = EaafConstants.URN_PREFIX_EIDAS + sourceCountry + "+" + destinationCountry;
log.debug("Building eIDAS identification from: [identValue]+" + bpkType);
bpk = calculatebPKwbPK(baseId + "+" + bpkType);
@@ -173,9 +177,9 @@ public class BpkBuilder {
if (StringUtils.isEmpty(bpk) || StringUtils.isEmpty(sourceCountry)
|| StringUtils.isEmpty(destinationCountry)) {
throw new EaafBuilderException("builder.00",
- new Object[] {"eIDAS-ID",
+ new Object[] { "eIDAS-ID",
"Unvollständige Parameterangaben: identificationValue=" + bpk + ", Zielland="
- + destinationCountry + ", Ursprungsland=" + sourceCountry},
+ + destinationCountry + ", Ursprungsland=" + sourceCountry },
"eIDAS-ID: Unvollständige Parameterangaben: identificationValue=" + bpk + ", Zielland="
+ destinationCountry + ", Ursprungsland=" + sourceCountry);
}
@@ -189,8 +193,8 @@ public class BpkBuilder {
/**
* Create an encrypted bPK.
*
- * @param bpk unencrypted bPK
- * @param target bPK target
+ * @param bpk unencrypted bPK
+ * @param target bPK target
* @param publicKey Public-Key used for encryption
* @return encrypted bPK
* @throws EaafBuilderException In case of an error
@@ -198,8 +202,8 @@ public class BpkBuilder {
public static String encryptBpk(final String bpk, String target, final PublicKey publicKey)
throws EaafBuilderException {
final SimpleDateFormat sdf = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss");
- if (target.startsWith(EAAFConstants.URN_PREFIX_CDID)) {
- target = target.substring(EAAFConstants.URN_PREFIX_CDID.length());
+ if (target.startsWith(EaafConstants.URN_PREFIX_CDID)) {
+ target = target.substring(EaafConstants.URN_PREFIX_CDID.length());
}
final String input =
@@ -210,8 +214,8 @@ public class BpkBuilder {
final byte[] inputBytes = input.getBytes("ISO-8859-1");
result = encrypt(inputBytes, publicKey);
return new String(Base64Utils.encode(result), "ISO-8859-1").replaceAll("\r\n", "");
- // return new String(Base64Utils.encode(result, "ISO-8859-1")).replaceAll("\r\n", "");
-
+ // return new String(Base64Utils.encode(result,
+ // "ISO-8859-1")).replaceAll("\r\n", "");
} catch (final Exception e) {
throw new EaafBuilderException("bPK encryption FAILED", null, e.getMessage(), e);
@@ -223,8 +227,8 @@ public class BpkBuilder {
* Decrypt an encrypted bPK.
*
* @param encryptedBpk encrypted bPK
- * @param target bPK target
- * @param privateKey private-key for decryption
+ * @param target bPK target
+ * @param privateKey private-key for decryption
* @return bPK
* @throws EaafBuilderException In case of an error
*/
@@ -232,7 +236,8 @@ public class BpkBuilder {
final PrivateKey privateKey) throws EaafBuilderException {
String decryptedString;
try {
- // byte[] encryptedBytes = Base64Utils.decode(encryptedBpk, false, "ISO-8859-1");
+ // byte[] encryptedBytes = Base64Utils.decode(encryptedBpk, false,
+ // "ISO-8859-1");
final byte[] encryptedBytes = Base64Utils.decode(encryptedBpk.getBytes("ISO-8859-1"));
final byte[] decryptedBytes = decrypt(encryptedBytes, privateKey);
decryptedString = new String(decryptedBytes, "ISO-8859-1");
@@ -247,8 +252,8 @@ public class BpkBuilder {
tmp = tmp.substring(tmp.indexOf("::") + 2);
final String bPK = tmp.substring(0, tmp.indexOf("::"));
- if (target.startsWith(EAAFConstants.URN_PREFIX_CDID + "+")) {
- target = target.substring((EAAFConstants.URN_PREFIX_CDID + "+").length());
+ if (target.startsWith(EaafConstants.URN_PREFIX_CDID + "+")) {
+ target = target.substring((EaafConstants.URN_PREFIX_CDID + "+").length());
}
if (target.equals(sector)) {
@@ -268,7 +273,7 @@ public class BpkBuilder {
return hashBase64;
} catch (final Exception ex) {
- throw new EaafBuilderException("builder.00", new Object[] {"bPK/wbPK", ex.toString()},
+ throw new EaafBuilderException("builder.00", new Object[] { "bPK/wbPK", ex.toString() },
ex.getMessage(), ex);
}
diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/data/AuthProcessDataWrapper.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/data/AuthProcessDataWrapper.java
index 7c143ca2..a6017789 100644
--- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/data/AuthProcessDataWrapper.java
+++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/data/AuthProcessDataWrapper.java
@@ -1,4 +1,4 @@
-/*******************************************************************************
+/*
* Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a
* cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology.
*
@@ -15,24 +15,23 @@
* This product combines work with different licenses. See the "NOTICE" text file for details on the
* various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative
* works that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
+*/
+
package at.gv.egiz.eaaf.core.impl.idp.auth.data;
import java.util.Date;
import java.util.HashMap;
import java.util.Map;
-import at.gv.egiz.eaaf.core.api.data.EAAFConstants;
+
+import org.apache.commons.lang3.StringUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import at.gv.egiz.eaaf.core.api.data.EaafConstants;
import at.gv.egiz.eaaf.core.api.idp.EaafAuthProcessDataConstants;
import at.gv.egiz.eaaf.core.api.idp.auth.data.IAuthProcessDataContainer;
import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink;
import at.gv.egiz.eaaf.core.exceptions.EaafStorageException;
-import org.apache.commons.lang3.StringUtils;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
public class AuthProcessDataWrapper
implements IAuthProcessDataContainer, EaafAuthProcessDataConstants {
@@ -48,7 +47,8 @@ public class AuthProcessDataWrapper
/*
* (non-Javadoc)
*
- * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getIssueInstant()
+ * @see
+ * at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getIssueInstant()
*/
@Override
public String getIssueInstant() {
@@ -59,7 +59,8 @@ public class AuthProcessDataWrapper
* (non-Javadoc)
*
* @see
- * at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setIssueInstant(java.lang.String)
+ * at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setIssueInstant(
+ * java.lang.String)
*/
@Override
public void setIssueInstant(final String issueInstant) {
@@ -70,7 +71,8 @@ public class AuthProcessDataWrapper
/*
* (non-Javadoc)
*
- * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#isAuthenticated()
+ * @see
+ * at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#isAuthenticated()
*/
@Override
public boolean isAuthenticated() {
@@ -78,11 +80,12 @@ public class AuthProcessDataWrapper
}
-
/*
* (non-Javadoc)
*
- * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setAuthenticated(boolean)
+ * @see
+ * at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setAuthenticated(
+ * boolean)
*/
@Override
public void setAuthenticated(final boolean authenticated) {
@@ -93,7 +96,8 @@ public class AuthProcessDataWrapper
/*
* (non-Javadoc)
*
- * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getIdentityLink()
+ * @see
+ * at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getIdentityLink()
*/
@Override
public IIdentityLink getIdentityLink() {
@@ -101,13 +105,12 @@ public class AuthProcessDataWrapper
}
-
/*
* (non-Javadoc)
*
* @see
- * at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setIdentityLink(at.gv.egovernment.moa
- * .id.auth.data.IdentityLink)
+ * at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setIdentityLink(at.
+ * gv.egovernment.moa .id.auth.data.IdentityLink)
*/
@Override
public void setIdentityLink(final IIdentityLink identityLink) {
@@ -118,7 +121,8 @@ public class AuthProcessDataWrapper
/*
* (non-Javadoc)
*
- * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#isMandateUsed()
+ * @see
+ * at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#isMandateUsed()
*/
@Override
public boolean isMandateUsed() {
@@ -128,7 +132,9 @@ public class AuthProcessDataWrapper
/*
* (non-Javadoc)
*
- * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setUseMandates(boolean)
+ * @see
+ * at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setUseMandates(
+ * boolean)
*/
@Override
public void setUseMandates(final boolean useMandates) {
@@ -142,18 +148,20 @@ public class AuthProcessDataWrapper
* @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getQAALevel()
*/
@Override
- public String getQAALevel() {
+ public String getQaaLevel() {
return wrapStringObject(VALUE_QAALEVEL, null, String.class);
}
/*
* (non-Javadoc)
*
- * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setQAALevel(java.lang.String)
+ * @see
+ * at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setQAALevel(java.
+ * lang.String)
*/
@Override
- public void setQAALevel(final String qAALevel) {
- authProcessData.put(VALUE_QAALEVEL, qAALevel);
+ public void setQaaLevel(final String qaaLevel) {
+ authProcessData.put(VALUE_QAALEVEL, qaaLevel);
}
@@ -170,7 +178,8 @@ public class AuthProcessDataWrapper
/*
* (non-Javadoc)
*
- * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setForeigner(boolean)
+ * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setForeigner(
+ * boolean)
*/
@Override
public void setForeigner(final boolean isForeigner) {
@@ -200,12 +209,12 @@ public class AuthProcessDataWrapper
}
@Override
- public boolean isEIDProcess() {
+ public boolean isEidProcess() {
return wrapStringObject(FLAG_IS_NEW_EID_PROCESS, false, Boolean.class);
}
@Override
- public void setEIDProcess(final boolean value) {
+ public void setEidProcess(final boolean value) {
authProcessData.put(FLAG_IS_NEW_EID_PROCESS, value);
}
@@ -213,22 +222,24 @@ public class AuthProcessDataWrapper
/*
* (non-Javadoc)
*
- * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getSessionCreated()
+ * @see
+ * at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getSessionCreated()
*/
@Override
public Date getSessionCreated() {
- return wrapStringObject(EAAFConstants.AUTH_DATA_CREATED, null, Date.class);
+ return wrapStringObject(EaafConstants.AUTH_DATA_CREATED, null, Date.class);
}
/*
* (non-Javadoc)
*
- * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getGenericSessionDataStorage()
+ * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#
+ * getGenericSessionDataStorage()
*/
@Override
public Map<String, Object> getGenericSessionDataStorage() {
final Map<String, Object> result = new HashMap<>();
- for (final Map.Entry<String,Object> el : authProcessData.entrySet()) {
+ for (final Map.Entry<String, Object> el : authProcessData.entrySet()) {
if (el.getKey().startsWith(GENERIC_PREFIX)) {
result.put(el.getKey().substring(GENERIC_PREFIX.length()), el.getValue());
}
@@ -241,9 +252,8 @@ public class AuthProcessDataWrapper
/*
* (non-Javadoc)
*
- * @see
- * at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getGenericDataFromSession(java.lang.
- * String)
+ * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#
+ * getGenericDataFromSession(java.lang. String)
*/
@Override
public Object getGenericDataFromSession(final String key) {
@@ -253,9 +263,8 @@ public class AuthProcessDataWrapper
/*
* (non-Javadoc)
*
- * @see
- * at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getGenericDataFromSession(java.lang.
- * String, java.lang.Class)
+ * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#
+ * getGenericDataFromSession(java.lang. String, java.lang.Class)
*/
@Override
public <T> T getGenericDataFromSession(final String key, final Class<T> clazz) {
@@ -265,9 +274,8 @@ public class AuthProcessDataWrapper
/*
* (non-Javadoc)
*
- * @see
- * at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setGenericDataToSession(java.lang.
- * String, java.lang.Object)
+ * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#
+ * setGenericDataToSession(java.lang. String, java.lang.Object)
*/
@Override
public void setGenericDataToSession(final String key, final Object object)
diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/data/IdentityLink.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/data/IdentityLink.java
index a1faa0a4..ee1037a1 100644
--- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/data/IdentityLink.java
+++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/data/IdentityLink.java
@@ -1,22 +1,5 @@
-/*******************************************************************************
- * Copyright 2014 Federal Chancellery Austria MOA-ID has been developed in a cooperation between
- * BRZ, the Federal Chancellery Austria - ICT staff unit, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by the European
- * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in
- * compliance with the Licence. You may obtain a copy of the Licence at: http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software distributed under the Licence
- * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
- * or implied. See the Licence for the specific language governing permissions and limitations under
- * the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text file for details on the
- * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative
- * works that you distribute must include a readable copy of the "NOTICE" text file.
- ******************************************************************************/
/*
- * Copyright 2003 Federal Chancellery Austria MOA-ID has been developed in a cooperation between
+ * Copyright 2014 Federal Chancellery Austria MOA-ID has been developed in a cooperation between
* BRZ, the Federal Chancellery Austria - ICT staff unit, and Graz University of Technology.
*
* Licensed under the EUPL, Version 1.1 or - as soon they will be approved by the European
@@ -31,7 +14,7 @@
* This product combines work with different licenses. See the "NOTICE" text file for details on the
* various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative
* works that you distribute must include a readable copy of the "NOTICE" text file.
- */
+*/
package at.gv.egiz.eaaf.core.impl.idp.auth.data;
@@ -40,16 +23,20 @@ import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.Serializable;
import java.security.PublicKey;
+
import javax.xml.transform.TransformerException;
+
+import org.w3c.dom.Element;
+
import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink;
import at.gv.egiz.eaaf.core.impl.utils.DomUtils;
import at.gv.egiz.eaaf.core.impl.utils.XPathUtils;
-import org.w3c.dom.Element;
-
/**
- * Data contained in an identity link issued by BMI, relevant to the MOA ID component. <br>
- * <code>"IdentityLink"</code> is the translation of <code>"Personenbindung"</code>.
+ * Data contained in an identity link issued by BMI, relevant to the MOA ID
+ * component. <br>
+ * <code>"IdentityLink"</code> is the translation of
+ * <code>"Personenbindung"</code>.
*
* @author Paul Ivancsics
* @version $Id$
@@ -59,41 +46,44 @@ public class IdentityLink implements Serializable, IIdentityLink {
private static final long serialVersionUID = 1L;
/**
- * <code>"identificationValue"</code> is the translation of <code>"Stammzahl"</code>.
+ * <code>"identificationValue"</code> is the translation of
+ * <code>"Stammzahl"</code>.
*/
private String identificationValue;
/**
- * <code>"identificationType"</code> type of the identificationValue in the IdentityLink.
+ * <code>"identificationType"</code> type of the identificationValue in the
+ * IdentityLink.
*/
private String identificationType;
/**
- * first name
+ * first name.
*/
private String givenName;
/**
- * family name
+ * family name.
*/
private String familyName;
/**
- * date of birth
+ * date of birth.
*/
private String dateOfBirth;
/**
- * the original saml:Assertion-Element
+ * the original saml:Assertion-Element.
*/
private transient Element samlAssertion;
/**
- * the serializes saml:Assertion
+ * the serializes saml:Assertion.
*/
private String serializedSamlAssertion;
/**
* Element
- * /saml:Assertion/saml:AttributeStatement/saml:Subject/saml:SubjectConfirmation/saml:SubjectConfirmationData/pr:Person
+ * /saml:Assertion/saml:AttributeStatement/saml:Subject
+ * /saml:SubjectConfirmation/saml:SubjectConfirmationData/pr:Person.
*/
private transient Element prPerson = null;
/**
- * we need for each dsig:Reference Element all transformation elements
+ * we need for each dsig:Reference Element all transformation elements.
*/
private transient Element[] dsigReferenceTransforms = null;
@@ -103,14 +93,15 @@ public class IdentityLink implements Serializable, IIdentityLink {
private String issueInstant;
/**
- * we need all public keys stored in the identity link
+ * we need all public keys stored in the identity link.
*/
private PublicKey[] publicKey;
/**
- * Constructor for IdentityLink
+ * Constructor for IdentityLink.
*/
- public IdentityLink() {}
+ public IdentityLink() {
+ }
/*
* (non-Javadoc)
@@ -157,7 +148,8 @@ public class IdentityLink implements Serializable, IIdentityLink {
/*
* (non-Javadoc)
*
- * @see at.gv.egovernment.moa.id.auth.data.IIdentityLink#getIdentificationValue()
+ * @see
+ * at.gv.egovernment.moa.id.auth.data.IIdentityLink#getIdentificationValue()
*/
@Override
public String getIdentificationValue() {
@@ -177,7 +169,9 @@ public class IdentityLink implements Serializable, IIdentityLink {
/*
* (non-Javadoc)
*
- * @see at.gv.egovernment.moa.id.auth.data.IIdentityLink#setDateOfBirth(java.lang.String)
+ * @see
+ * at.gv.egovernment.moa.id.auth.data.IIdentityLink#setDateOfBirth(java.lang.
+ * String)
*/
@Override
public void setDateOfBirth(final String dateOfBirth) {
@@ -187,7 +181,9 @@ public class IdentityLink implements Serializable, IIdentityLink {
/*
* (non-Javadoc)
*
- * @see at.gv.egovernment.moa.id.auth.data.IIdentityLink#setFamilyName(java.lang.String)
+ * @see
+ * at.gv.egovernment.moa.id.auth.data.IIdentityLink#setFamilyName(java.lang.
+ * String)
*/
@Override
public void setFamilyName(final String familyName) {
@@ -197,7 +193,8 @@ public class IdentityLink implements Serializable, IIdentityLink {
/*
* (non-Javadoc)
*
- * @see at.gv.egovernment.moa.id.auth.data.IIdentityLink#setGivenName(java.lang.String)
+ * @see at.gv.egovernment.moa.id.auth.data.IIdentityLink#setGivenName(java.lang.
+ * String)
*/
@Override
public void setGivenName(final String givenName) {
@@ -207,7 +204,9 @@ public class IdentityLink implements Serializable, IIdentityLink {
/*
* (non-Javadoc)
*
- * @see at.gv.egovernment.moa.id.auth.data.IIdentityLink#setIdentificationValue(java.lang.String)
+ * @see
+ * at.gv.egovernment.moa.id.auth.data.IIdentityLink#setIdentificationValue(java.
+ * lang.String)
*/
@Override
public void setIdentificationValue(final String identificationValue) {
@@ -217,7 +216,9 @@ public class IdentityLink implements Serializable, IIdentityLink {
/*
* (non-Javadoc)
*
- * @see at.gv.egovernment.moa.id.auth.data.IIdentityLink#setIdentificationType(java.lang.String)
+ * @see
+ * at.gv.egovernment.moa.id.auth.data.IIdentityLink#setIdentificationType(java.
+ * lang.String)
*/
@Override
public void setIdentificationType(final String identificationType) {
@@ -248,7 +249,8 @@ public class IdentityLink implements Serializable, IIdentityLink {
/*
* (non-Javadoc)
*
- * @see at.gv.egovernment.moa.id.auth.data.IIdentityLink#getSerializedSamlAssertion()
+ * @see
+ * at.gv.egovernment.moa.id.auth.data.IIdentityLink#getSerializedSamlAssertion()
*/
@Override
public String getSerializedSamlAssertion() {
@@ -258,7 +260,9 @@ public class IdentityLink implements Serializable, IIdentityLink {
/*
* (non-Javadoc)
*
- * @see at.gv.egovernment.moa.id.auth.data.IIdentityLink#setSamlAssertion(org.w3c.dom.Element)
+ * @see
+ * at.gv.egovernment.moa.id.auth.data.IIdentityLink#setSamlAssertion(org.w3c.dom
+ * .Element)
*/
@Override
public void setSamlAssertion(final Element samlAssertion)
@@ -270,7 +274,8 @@ public class IdentityLink implements Serializable, IIdentityLink {
/*
* (non-Javadoc)
*
- * @see at.gv.egovernment.moa.id.auth.data.IIdentityLink#getDsigReferenceTransforms()
+ * @see
+ * at.gv.egovernment.moa.id.auth.data.IIdentityLink#getDsigReferenceTransforms()
*/
@Override
public Element[] getDsigReferenceTransforms() {
@@ -287,8 +292,8 @@ public class IdentityLink implements Serializable, IIdentityLink {
* (non-Javadoc)
*
* @see
- * at.gv.egovernment.moa.id.auth.data.IIdentityLink#setDsigReferenceTransforms(org.w3c.dom.Element
- * [])
+ * at.gv.egovernment.moa.id.auth.data.IIdentityLink#setDsigReferenceTransforms(
+ * org.w3c.dom.Element [])
*/
@Override
public void setDsigReferenceTransforms(final Element[] dsigReferenceTransforms) {
@@ -317,7 +322,9 @@ public class IdentityLink implements Serializable, IIdentityLink {
/*
* (non-Javadoc)
*
- * @see at.gv.egovernment.moa.id.auth.data.IIdentityLink#setPublicKey(java.security.PublicKey[])
+ * @see
+ * at.gv.egovernment.moa.id.auth.data.IIdentityLink#setPublicKey(java.security.
+ * PublicKey[])
*/
@Override
public void setPublicKey(final PublicKey[] publicKey) {
@@ -346,7 +353,9 @@ public class IdentityLink implements Serializable, IIdentityLink {
/*
* (non-Javadoc)
*
- * @see at.gv.egovernment.moa.id.auth.data.IIdentityLink#setPrPerson(org.w3c.dom.Element)
+ * @see
+ * at.gv.egovernment.moa.id.auth.data.IIdentityLink#setPrPerson(org.w3c.dom.
+ * Element)
*/
@Override
public void setPrPerson(final Element prPerson) {
@@ -366,7 +375,9 @@ public class IdentityLink implements Serializable, IIdentityLink {
/*
* (non-Javadoc)
*
- * @see at.gv.egovernment.moa.id.auth.data.IIdentityLink#setIssueInstant(java.lang.String)
+ * @see
+ * at.gv.egovernment.moa.id.auth.data.IIdentityLink#setIssueInstant(java.lang.
+ * String)
*/
@Override
public void setIssueInstant(final String issueInstant) {
diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/data/SimpleIdentityLinkAssertionParser.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/data/SimpleIdentityLinkAssertionParser.java
index 220469d3..acb877c2 100644
--- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/data/SimpleIdentityLinkAssertionParser.java
+++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/data/SimpleIdentityLinkAssertionParser.java
@@ -1,22 +1,5 @@
-/*******************************************************************************
- * Copyright 2014 Federal Chancellery Austria MOA-ID has been developed in a cooperation between
- * BRZ, the Federal Chancellery Austria - ICT staff unit, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by the European
- * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in
- * compliance with the Licence. You may obtain a copy of the Licence at: http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software distributed under the Licence
- * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
- * or implied. See the Licence for the specific language governing permissions and limitations under
- * the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text file for details on the
- * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative
- * works that you distribute must include a readable copy of the "NOTICE" text file.
- ******************************************************************************/
/*
- * Copyright 2003 Federal Chancellery Austria MOA-ID has been developed in a cooperation between
+ * Copyright 2014 Federal Chancellery Austria MOA-ID has been developed in a cooperation between
* BRZ, the Federal Chancellery Austria - ICT staff unit, and Graz University of Technology.
*
* Licensed under the EUPL, Version 1.1 or - as soon they will be approved by the European
@@ -31,7 +14,7 @@
* This product combines work with different licenses. See the "NOTICE" text file for details on the
* various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative
* works that you distribute must include a readable copy of the "NOTICE" text file.
- */
+*/
package at.gv.egiz.eaaf.core.impl.idp.auth.data;
@@ -40,17 +23,19 @@ import java.io.ByteArrayInputStream;
import java.io.InputStream;
import java.util.ArrayList;
import java.util.List;
-import at.gv.egiz.eaaf.core.api.data.XMLNamespaceConstants;
+
+import org.springframework.util.Base64Utils;
+import org.w3c.dom.Element;
+import org.w3c.dom.traversal.NodeIterator;
+
+import at.gv.egiz.eaaf.core.api.data.XmlNamespaceConstants;
import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink;
import at.gv.egiz.eaaf.core.exceptions.EaafParserException;
import at.gv.egiz.eaaf.core.impl.utils.DomUtils;
import at.gv.egiz.eaaf.core.impl.utils.XPathUtils;
-import org.springframework.util.Base64Utils;
-import org.w3c.dom.Element;
-import org.w3c.dom.traversal.NodeIterator;
/**
- * Parses MDS from an identity link <code>&lt;saml:Assertion&gt;</code> <br>
+ * Parses MDS from an identity link. <code>&lt;saml:Assertion&gt;</code> <br>
* <b>This IDL parser extract NO key information!</b>
*
*/
@@ -60,56 +45,59 @@ public class SimpleIdentityLinkAssertionParser {
// XPath namespace prefix shortcuts
//
- /** Xpath prefix for reaching PersonData Namespaces */
- private static final String PDATA = XMLNamespaceConstants.PD_PREFIX + ":";
- /** Xpath prefix for reaching SAML Namespaces */
- private static final String SAML = XMLNamespaceConstants.SAML_PREFIX + ":";
- /** Xpath prefix for reaching XML-DSIG Namespaces */
- private static final String DSIG = XMLNamespaceConstants.DSIG_PREFIX + ":";
- /** Xpath expression to the root element */
+ /** Xpath prefix for reaching PersonData Namespaces. */
+ private static final String PDATA = XmlNamespaceConstants.PD_PREFIX + ":";
+ /** Xpath prefix for reaching SAML Namespaces. */
+ private static final String SAML = XmlNamespaceConstants.SAML_PREFIX + ":";
+ /** Xpath prefix for reaching XML-DSIG Namespaces. */
+ private static final String DSIG = XmlNamespaceConstants.DSIG_PREFIX + ":";
+ /** Xpath expression to the root element. */
private static final String ROOT = "";
- /** Xpath expression to the SAMLSubjectConfirmationData element */
+ /** Xpath expression to the SAMLSubjectConfirmationData element. */
private static final String SAML_SUBJECT_CONFIRMATION_DATA_XPATH =
ROOT + SAML + "AttributeStatement/" + SAML + "Subject/" + SAML + "SubjectConfirmation/" + SAML
+ "SubjectConfirmationData";
- /** Xpath expression to the PersonData element */
+ /** Xpath expression to the PersonData element. */
public static final String PERSON_XPATH =
SAML_SUBJECT_CONFIRMATION_DATA_XPATH + "/" + PDATA + "Person";
- /** Xpath expression to the PersonData GivenName element */
+ /** Xpath expression to the PersonData GivenName element. */
public static final String PERSON_GIVEN_NAME_XPATH =
PERSON_XPATH + "/" + PDATA + "Name/" + PDATA + "GivenName";
- /** Xpath expression to the PersonData FamilyName element */
+ /** Xpath expression to the PersonData FamilyName element. */
public static final String PERSON_FAMILY_NAME_XPATH =
PERSON_XPATH + "/" + PDATA + "Name/" + PDATA + "FamilyName";
- /** Xpath expression to the PersonData DateOfBirth element */
+ /** Xpath expression to the PersonData DateOfBirth element. */
public static final String PERSON_DATE_OF_BIRTH_XPATH =
PERSON_XPATH + "/" + PDATA + "DateOfBirth";
- /** Xpath expression to the Identification Value element */
+ /** Xpath expression to the Identification Value element. */
public static final String PERSON_IDENT_VALUE_XPATH =
PERSON_XPATH + "/" + PDATA + "Identification/" + PDATA + "Value";
- /** Xpath expression to the Identification Value element */
+ /** Xpath expression to the Identification Value element. */
public static final String PERSON_IDENT_TYPE_XPATH =
PERSON_XPATH + "/" + PDATA + "Identification/" + PDATA + "Type";
- /** Xpath expression to the DSIG X509Certificate element */
+ /** Xpath expression to the DSIG X509Certificate element. */
private static final String DSIG_CERTIFICATES_XPATH = ROOT + DSIG + "Signature/" + DSIG
+ "KeyInfo/" + DSIG + "X509Data/" + DSIG + "X509Certificate";
- /** Xpath expression to the DSIG Transforms element */
+ /** Xpath expression to the DSIG Transforms element. */
private static final String DSIG_REFERENCE_TRANSFORMATION_XPATH =
ROOT + DSIG + "Signature/" + DSIG + "SignedInfo/" + DSIG + "Reference/" + DSIG + "Transforms";
- /** The IssueInstant attribute of the SAML assertion */
+ /** The IssueInstant attribute of the SAML assertion. */
private static final String ISSUE_INSTANT_ATTR = "IssueInstant";
public static final String ASSERTIONID = "AssertionID";
- /** This is the root element of the XML-Document provided by the Security Layer Card */
+ /**
+ * This is the root element of the XML-Document provided by the Security Layer
+ * Card.
+ */
private Element assertionElem;
/**
- * Constructor for <code>IdentityLinkAssertionParser</code>. A DOM-representation of the incoming
- * String will be created
+ * Constructor for <code>IdentityLinkAssertionParser</code>. A
+ * DOM-representation of the incoming String will be created
*
* @param xmlAssertion <code>&lt;saml:Assertion&gt;</code> as String
* @throws EaafParserException on any parsing error
@@ -120,7 +108,7 @@ public class SimpleIdentityLinkAssertionParser {
assertionElem = DomUtils.parseXmlValidating(s);
} catch (final Throwable t) {
- throw new EaafParserException("parser.01", new Object[] {t.toString()}, t);
+ throw new EaafParserException("parser.01", new Object[] { t.toString() }, t);
}
}
@@ -136,8 +124,8 @@ public class SimpleIdentityLinkAssertionParser {
}
/**
- * Constructor for <code>IdentityLinkAssertionParser</code>. A DOM-representation of the incoming
- * Inputstream will be created
+ * Constructor for <code>IdentityLinkAssertionParser</code>. A
+ * DOM-representation of the incoming Inputstream will be created
*
* @param xmlAssertion <code>&lt;saml:Assertion&gt;</code> as InputStream
* @throws EaafParserException on any parsing error
@@ -148,13 +136,13 @@ public class SimpleIdentityLinkAssertionParser {
assertionElem = DomUtils.parseXmlValidating(xmlAssertion);
} catch (final Throwable t) {
- throw new EaafParserException("parser.01", new Object[] {t.toString()}, t);
+ throw new EaafParserException("parser.01", new Object[] { t.toString() }, t);
}
}
/**
- * Parses the identity link from the <code>&lt;saml:Assertion&gt;</code>
+ * Parses the identity link from the <code>&lt;saml:Assertion&gt;</code>.
*
* @return Identity link
* @throws EaafParserException on any parsing error
@@ -199,7 +187,7 @@ public class SimpleIdentityLinkAssertionParser {
// identityLink.setPublicKey(getPublicKeys());
} catch (final Throwable t) {
- throw new EaafParserException("parser.01", new Object[] {t.toString()}, t);
+ throw new EaafParserException("parser.01", new Object[] { t.toString() }, t);
}
return identityLink;
@@ -207,10 +195,10 @@ public class SimpleIdentityLinkAssertionParser {
/**
* Parses a string array of decoded base64 certificates from the
- * <code>&lt;InfoboxReadResponse&gt;</code> found in the dsig-signature
+ * <code>&lt;InfoboxReadResponse&gt;</code> found in the dsig-signature.
*
* @return String[] with raw-certificates from the dsig-signature keyinfo
- * @throws Exception
+ * @throws Exception In case of an error
*/
public String[] getCertificates() throws Exception {
final List certs = new ArrayList();
diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/modules/AbstractAuthServletTask.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/modules/AbstractAuthServletTask.java
index c785e1cb..3d093a9f 100644
--- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/modules/AbstractAuthServletTask.java
+++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/modules/AbstractAuthServletTask.java
@@ -27,11 +27,24 @@ import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Map.Entry;
+
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+
+import org.apache.commons.fileupload.FileItem;
+import org.apache.commons.fileupload.FileItemFactory;
+import org.apache.commons.fileupload.FileUploadException;
+import org.apache.commons.fileupload.disk.DiskFileItemFactory;
+import org.apache.commons.fileupload.servlet.ServletFileUpload;
+import org.apache.commons.lang3.ArrayUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.core.io.ResourceLoader;
+
import at.gv.egiz.eaaf.core.api.IRequest;
import at.gv.egiz.eaaf.core.api.IRequestStorage;
-import at.gv.egiz.eaaf.core.api.data.EAAFConstants;
+import at.gv.egiz.eaaf.core.api.data.EaafConstants;
import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
import at.gv.egiz.eaaf.core.api.idp.auth.services.IProtocolAuthenticationService;
import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
@@ -41,20 +54,10 @@ import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
import at.gv.egiz.eaaf.core.impl.idp.controller.ProtocolFinalizationController;
import at.gv.egiz.eaaf.core.impl.idp.process.springweb.AbstractTask;
import at.gv.egiz.eaaf.core.impl.utils.DataUrlBuilder;
-import org.apache.commons.fileupload.FileItem;
-import org.apache.commons.fileupload.FileItemFactory;
-import org.apache.commons.fileupload.FileUploadException;
-import org.apache.commons.fileupload.disk.DiskFileItemFactory;
-import org.apache.commons.fileupload.servlet.ServletFileUpload;
-import org.apache.commons.lang3.ArrayUtils;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.core.io.ResourceLoader;
/**
- * Task based counterpart to {@link AuthServlet}, providing the same utility methods (error
- * handling, parameter parsing etc.).
+ * Task based counterpart to {@link AuthServlet}, providing the same utility
+ * methods (error handling, parameter parsing etc.).
* </p>
* The code has been taken from {@link AuthServlet}.
*/
@@ -81,7 +84,6 @@ public abstract class AbstractAuthServletTask extends AbstractTask {
public abstract void execute(ExecutionContext executionContext, HttpServletRequest request,
HttpServletResponse response) throws TaskExecutionException;
-
@Override
protected final IRequest internalExecute(final IRequest pendingReq,
final ExecutionContext executionContext, final HttpServletRequest request,
@@ -90,7 +92,7 @@ public abstract class AbstractAuthServletTask extends AbstractTask {
this.pendingReq = pendingReq;
// add latest pendingRequestId on execution context
- executionContext.put(EAAFConstants.PROCESS_ENGINE_PENDINGREQUESTID,
+ executionContext.put(EaafConstants.PROCESS_ENGINE_PENDINGREQUESTID,
pendingReq.getPendingRequestId());
// execute task specific action
@@ -101,20 +103,22 @@ public abstract class AbstractAuthServletTask extends AbstractTask {
}
/**
- * Redirect the authentication process to protocol specific finalization endpoint.
+ * Redirect the authentication process to protocol specific finalization
+ * endpoint.
*
* @param executionContext
*
- * @param pendingReq Actually processed protocol specific authentication request
- * @param httpResp http response object
- * @throws IOException In case of a general error
+ * @param pendingReq Actually processed protocol specific authentication
+ * request
+ * @param httpResp http response object
+ * @throws IOException In case of a general error
* @throws EaafException In case of an application error
*/
protected void performRedirectToProtocolFinialization(final ExecutionContext executionContext,
final IRequest pendingReq, final HttpServletRequest httpReq,
final HttpServletResponse httpResp) throws EaafException, IOException {
final Object frontChannelRedirectFlagObj =
- executionContext.get(EAAFConstants.PROCESS_ENGINE_REQUIRES_NO_POSTAUTH_REDIRECT);
+ executionContext.get(EaafConstants.PROCESS_ENGINE_REQUIRES_NO_POSTAUTH_REDIRECT);
if (frontChannelRedirectFlagObj != null && frontChannelRedirectFlagObj instanceof Boolean
&& (Boolean) frontChannelRedirectFlagObj) {
log.info("AuthProcess finished. Forward to Protocol finalization.");
@@ -128,15 +132,14 @@ public abstract class AbstractAuthServletTask extends AbstractTask {
}
-
-
}
/**
* Redirect the authentication process to IDP itself.
*
- * @param pendingReq Actually processed protocol specific authentication request
- * @param httpResp http response
+ * @param pendingReq Actually processed protocol specific authentication
+ * request
+ * @param httpResp http response
* @param idpEndPoint Servlet EndPoint that should receive the redirect
*/
protected void performRedirectToItself(final IRequest pendingReq,
@@ -151,16 +154,15 @@ public abstract class AbstractAuthServletTask extends AbstractTask {
}
-
/**
- * Parses the request input stream for parameters, assuming parameters are encoded UTF-8 (no
- * standard exists how browsers should encode them).
+ * Parses the request input stream for parameters, assuming parameters are
+ * encoded UTF-8 (no standard exists how browsers should encode them).
*
* @param req servlet request
*
* @return mapping parameter name -> value
*
- * @throws IOException if parsing request parameters fails.
+ * @throws IOException if parsing request parameters fails.
*
* @throws FileUploadException if parsing request parameters fails.
*/
@@ -215,7 +217,8 @@ public abstract class AbstractAuthServletTask extends AbstractTask {
final Entry<String, String[]> entry = requestParamIt.next();
final String key = entry.getKey();
final String[] values = entry.getValue();
- // take the last value from the value array since the legacy code above also does it this
+ // take the last value from the value array since the legacy code above also
+ // does it this
// way
parameters.put(key, ArrayUtils.isEmpty(values) ? null : values[values.length - 1]);
}
@@ -228,7 +231,7 @@ public abstract class AbstractAuthServletTask extends AbstractTask {
/**
* Reads bytes up to a delimiter, consuming the delimiter.
*
- * @param in input stream
+ * @param in input stream
* @param delimiter delimiter character
* @return String constructed from the read bytes
* @throws IOException In case of a general error
@@ -251,8 +254,8 @@ public abstract class AbstractAuthServletTask extends AbstractTask {
/**
* Adds a parameter to a URL.
*
- * @param url the URL
- * @param paramname parameter name
+ * @param url the URL
+ * @param paramname parameter name
* @param paramvalue parameter value
* @return the URL with parameter added
*/
diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/modules/ModuleRegistration.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/modules/ModuleRegistration.java
index 27aeab03..c4f1b505 100644
--- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/modules/ModuleRegistration.java
+++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/modules/ModuleRegistration.java
@@ -27,12 +27,9 @@ import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.ServiceLoader;
+
import javax.annotation.PostConstruct;
-import at.gv.egiz.eaaf.core.api.IRequest;
-import at.gv.egiz.eaaf.core.api.idp.auth.modules.AuthModule;
-import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
-import at.gv.egiz.eaaf.core.api.idp.process.ProcessEngine;
-import at.gv.egiz.eaaf.core.impl.idp.process.ProcessDefinitionParserException;
+
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -40,13 +37,20 @@ import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.ApplicationContext;
import org.springframework.core.io.Resource;
+import at.gv.egiz.eaaf.core.api.IRequest;
+import at.gv.egiz.eaaf.core.api.idp.auth.modules.AuthModule;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
+import at.gv.egiz.eaaf.core.api.idp.process.ProcessEngine;
+import at.gv.egiz.eaaf.core.impl.idp.process.ProcessDefinitionParserException;
+
/**
- * This class handles registering modules. The modules are detected either with the ServiceLoader
- * mechanism or via Spring. All detected modules are ranked according to their priority.
+ * This class handles registering modules. The modules are detected either with
+ * the ServiceLoader mechanism or via Spring. All detected modules are ranked
+ * according to their priority.
*/
public class ModuleRegistration {
- //private static ModuleRegistration instance = new ModuleRegistration();
+ // private static ModuleRegistration instance = new ModuleRegistration();
private final List<AuthModule> priorizedModules = new ArrayList<>();
@@ -58,10 +62,6 @@ public class ModuleRegistration {
private final Logger log = LoggerFactory.getLogger(getClass());
-// public static ModuleRegistration getInstance() {
-// return ctx.;
-// }
-
private ModuleRegistration() {
}
@@ -77,7 +77,7 @@ public class ModuleRegistration {
// order modules according to their priority
sortModules();
- //instance = this;
+ // instance = this;
}
/**
@@ -142,10 +142,10 @@ public class ModuleRegistration {
}
/**
- * Returns the process description id of the first process, in the highest ranked module, which is
- * able to work with the given execution context.
+ * Returns the process description id of the first process, in the highest
+ * ranked module, which is able to work with the given execution context.
*
- * @param context the {@link ExecutionContext}.
+ * @param context the {@link ExecutionContext}.
* @param pendingReq the current processed {@link IRequest}
* @return the process id or {@code null}
*/
diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java
index a5030851..817c7aa2 100644
--- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java
+++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java
@@ -24,14 +24,27 @@ import java.io.PrintWriter;
import java.io.StringWriter;
import java.util.Arrays;
import java.util.List;
+
import javax.naming.ConfigurationException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+
+import org.apache.commons.lang3.ArrayUtils;
+import org.apache.commons.lang3.StringUtils;
+import org.apache.commons.text.StringEscapeUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.ApplicationContext;
+import org.springframework.lang.NonNull;
+import org.springframework.lang.Nullable;
+import org.springframework.stereotype.Service;
+
import at.gv.egiz.components.eventlog.api.EventConstants;
import at.gv.egiz.eaaf.core.api.IRequest;
import at.gv.egiz.eaaf.core.api.IRequestStorage;
import at.gv.egiz.eaaf.core.api.IStatusMessenger;
-import at.gv.egiz.eaaf.core.api.data.EAAFConstants;
+import at.gv.egiz.eaaf.core.api.data.EaafConstants;
import at.gv.egiz.eaaf.core.api.gui.IGuiBuilderConfiguration;
import at.gv.egiz.eaaf.core.api.gui.IGuiBuilderConfigurationFactory;
import at.gv.egiz.eaaf.core.api.gui.IGuiFormBuilder;
@@ -40,7 +53,7 @@ import at.gv.egiz.eaaf.core.api.idp.IAction;
import at.gv.egiz.eaaf.core.api.idp.IAuthData;
import at.gv.egiz.eaaf.core.api.idp.IAuthenticationDataBuilder;
import at.gv.egiz.eaaf.core.api.idp.IModulInfo;
-import at.gv.egiz.eaaf.core.api.idp.IspConfiguration;
+import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration;
import at.gv.egiz.eaaf.core.api.idp.auth.IAuthenticationManager;
import at.gv.egiz.eaaf.core.api.idp.auth.ISsoManager;
import at.gv.egiz.eaaf.core.api.idp.auth.services.IProtocolAuthenticationService;
@@ -59,16 +72,6 @@ import at.gv.egiz.eaaf.core.exceptions.ProtocolNotActiveException;
import at.gv.egiz.eaaf.core.impl.gui.AbstractGuiFormBuilderConfiguration;
import at.gv.egiz.eaaf.core.impl.idp.controller.protocols.RequestImpl;
import at.gv.egiz.eaaf.core.impl.utils.HttpUtils;
-import org.apache.commons.lang3.ArrayUtils;
-import org.apache.commons.lang3.StringUtils;
-import org.apache.commons.text.StringEscapeUtils;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.context.ApplicationContext;
-import org.springframework.lang.NonNull;
-import org.springframework.lang.Nullable;
-import org.springframework.stereotype.Service;
@Service
public class ProtocolAuthenticationService implements IProtocolAuthenticationService {
@@ -99,13 +102,13 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer
@Autowired
private IRevisionLogger revisionsLogger;
-
private IGuiFormBuilder guiBuilder;
/*
* (non-Javadoc)
*
- * @see at.gv.egiz.eaaf.core.impl.idp.auth.services.IProtocolAuthenticationService#
+ * @see
+ * at.gv.egiz.eaaf.core.impl.idp.auth.services.IProtocolAuthenticationService#
* performAuthentication(javax.servlet.http.HttpServletRequest,
* javax.servlet.http.HttpServletResponse, at.gv.egiz.eaaf.core.api.IRequest)
*/
@@ -121,16 +124,17 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer
.setPendingRequestId(pendingReqIdGenerationStrategy.generateExternalPendingRequestId());
// load Parameters from OnlineApplicationConfiguration
- final IspConfiguration oaParam = pendingReq.getServiceProviderConfiguration();
+ final ISpConfiguration oaParam = pendingReq.getServiceProviderConfiguration();
if (oaParam == null) {
throw new EaafAuthenticationException(
IStatusMessenger.CODES_INTERNAL_ERROR_AUTH_NOSPCONFIG,
- new Object[] {pendingReq.getSpEntityId()});
+ new Object[] { pendingReq.getSpEntityId() });
}
if (authmanager.doAuthentication(req, resp, pendingReq)) {
- // pending request is already authenticated --> protocol-specific postProcessing can start
+ // pending request is already authenticated --> protocol-specific postProcessing
+ // can start
// directly
finalizeAuthentication(req, resp, pendingReq);
@@ -155,7 +159,8 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer
/*
* (non-Javadoc)
*
- * @see at.gv.egiz.eaaf.core.impl.idp.auth.services.IProtocolAuthenticationService#
+ * @see
+ * at.gv.egiz.eaaf.core.impl.idp.auth.services.IProtocolAuthenticationService#
* finalizeAuthentication(javax.servlet.http.HttpServletRequest,
* javax.servlet.http.HttpServletResponse, at.gv.egiz.eaaf.core.api.IRequest)
*/
@@ -210,11 +215,10 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer
// remove pending-request
requestStorage.removePendingRequest(pendingReq.getPendingRequestId());
revisionsLogger.logEvent(EventConstants.TRANSACTION_DESTROYED,
- pendingReq.getUniqueTransactionIdentifier());
+ pendingReq.getUniqueTransactionIdentifier());
}
-
@Override
public void buildProtocolSpecificErrorResponse(final Throwable throwable,
final HttpServletRequest req, final HttpServletResponse resp, final IRequest protocolRequest)
@@ -285,7 +289,6 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer
}
-
public void setGuiBuilder(final IGuiFormBuilder guiBuilder) {
this.guiBuilder = guiBuilder;
}
@@ -293,11 +296,11 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer
/**
* Finalize the requested protocol operation.
*
- * @param httpReq HttpServletRequest
- * @param httpResp HttpServletResponse
+ * @param httpReq HttpServletRequest
+ * @param httpResp HttpServletResponse
* @param protocolRequest Authentication request which is actually in process
- * @param moaSession MOASession object, which is used to generate the protocol specific
- * authentication information
+ * @param moaSession MOASession object, which is used to generate the
+ * protocol specific authentication information
* @throws Exception In case of an error
*/
protected void internalFinalizeAuthenticationProcess(final HttpServletRequest req,
@@ -352,10 +355,10 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer
/**
* Executes the requested protocol action.
*
- * @param httpReq HttpServletRequest
- * @param httpResp HttpServletResponse
+ * @param httpReq HttpServletRequest
+ * @param httpResp HttpServletResponse
* @param protocolRequest Authentication request which is actually in process
- * @param authData Service-provider specific authentication data
+ * @param authData Service-provider specific authentication data
*
* @return Return Single LogOut information or null if protocol supports no SSO
*
@@ -430,7 +433,6 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer
final IGuiBuilderConfiguration config =
guiConfigFactory.getDefaultErrorGui(HttpUtils.extractAuthUrlFromRequest(httpReq));
-
String[] errorCodeParams = null;
if (params == null) {
errorCodeParams = new String[] {};
@@ -446,8 +448,6 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer
}
}
-
-
// add errorcode and errormessage
if (config instanceof ModifyableGuiBuilderConfiguration) {
((ModifyableGuiBuilderConfiguration) config).putCustomParameter(
@@ -471,15 +471,12 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer
"Can not ADD error message, because 'GUIBuilderConfiguration' is not modifieable ");
}
-
-
guiBuilder.build(httpReq, httpResp, config, "Error-Message");
} catch (final GuiBuildException e) {
log.warn("Can not build error-message GUI.", e);
throw new EaafException("9199", null, e);
-
}
}
@@ -496,7 +493,7 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer
throws IOException, EaafException {
if (e instanceof ProtocolNotActiveException) {
resp.getWriter().write(e.getMessage());
- resp.setContentType(EAAFConstants.CONTENTTYPE_HTML_UTF8);
+ resp.setContentType(EaafConstants.CONTENTTYPE_HTML_UTF8);
resp.sendError(HttpServletResponse.SC_FORBIDDEN,
StringEscapeUtils.escapeHtml4(StringEscapeUtils.escapeEcmaScript(e.getMessage())));
@@ -537,5 +534,4 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer
}
-
}