summaryrefslogtreecommitdiff
path: root/eaaf_core/src
diff options
context:
space:
mode:
authorChristof Rabensteiner <christof.rabensteiner@iaik.tugraz.at>2019-06-19 08:55:49 +0200
committerChristof Rabensteiner <christof.rabensteiner@iaik.tugraz.at>2019-06-19 08:55:49 +0200
commit1bad320e50f66e44fcb23f0c8d242809f8077520 (patch)
tree2c65c6f9ca55c95c2327bdd39474cfab35f73d46 /eaaf_core/src
parent5d306c41c0033f330413cf2b18db9f1137d51980 (diff)
parent470ac2c6234a0bac1e973fd3c1f49e1d9da41be4 (diff)
downloadEAAF-Components-1bad320e50f66e44fcb23f0c8d242809f8077520.tar.gz
EAAF-Components-1bad320e50f66e44fcb23f0c8d242809f8077520.tar.bz2
EAAF-Components-1bad320e50f66e44fcb23f0c8d242809f8077520.zip
Merge branch 'master' into moa-sig-dependency-fixup
Diffstat (limited to 'eaaf_core/src')
-rw-r--r--eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/gui/AbstractGUIFormBuilderConfiguration.java13
-rw-r--r--eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/gui/AbstractVelocityGUIFormBuilderImpl.java4
-rw-r--r--eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/EidAuthenticationData.java121
-rw-r--r--eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/builder/AbstractAuthenticationDataBuilder.java3
-rw-r--r--eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java35
-rw-r--r--eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/EIDCcsURL.java44
-rw-r--r--eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/EIDEIDTokenBuilder.java69
-rw-r--r--eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/EIDSignerCertificate.java80
-rw-r--r--eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/EidIdentityStatusLevelAttributeBuiler.java47
-rw-r--r--eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/conf/AbstractConfigurationImpl.java28
-rw-r--r--eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/conf/AbstractSpringBootConfigurationImpl.java21
-rw-r--r--eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/AbstractController.java2
-rw-r--r--eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/utils/HttpClientFactory.java4
-rw-r--r--eaaf_core/src/main/resources/META-INF/services/at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder4
-rw-r--r--eaaf_core/src/main/resources/eaaf_core.beans.xml3
-rw-r--r--eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/module/test/DummyConfiguration.java39
16 files changed, 459 insertions, 58 deletions
diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/gui/AbstractGUIFormBuilderConfiguration.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/gui/AbstractGUIFormBuilderConfiguration.java
index 51b4e0b4..c9c2ec0b 100644
--- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/gui/AbstractGUIFormBuilderConfiguration.java
+++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/gui/AbstractGUIFormBuilderConfiguration.java
@@ -103,9 +103,9 @@ public abstract class AbstractGUIFormBuilderConfiguration implements IGUIBuilder
@Override
public final Map<String, Object> getViewParameters() {
//set generic parameters
- setViewParameter(PARAM_GROUP_FORM, PARAM_AUTHCONTEXT, this.authURL);
- setViewParameter(PARAM_GROUP_FORM, PARAM_FORMSUBMITENDPOINT, this.formSubmitEndpoint);
- setViewParameter(PARAM_GROUP_FORM, PARAM_VIEWNAME, this.viewName);
+ setViewParameter(getFromGroup(), PARAM_AUTHCONTEXT, this.authURL);
+ setViewParameter(getFromGroup(), PARAM_FORMSUBMITENDPOINT, this.formSubmitEndpoint);
+ setViewParameter(getFromGroup(), PARAM_VIEWNAME, this.viewName);
//get parameters from detail implementation
putSpecificViewParameters();
@@ -126,6 +126,13 @@ public abstract class AbstractGUIFormBuilderConfiguration implements IGUIBuilder
*
*/
abstract protected void putSpecificViewParameters();
+
+ /**
+ * Get the Group for generic form elements
+ *
+ * @return groupName or <code>null</code> if no groups are used
+ */
+ abstract protected String getFromGroup();
@SuppressWarnings("unchecked")
protected void setViewParameter(String group, String key, Object value) {
diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/gui/AbstractVelocityGUIFormBuilderImpl.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/gui/AbstractVelocityGUIFormBuilderImpl.java
index 65e13b5a..b9c16538 100644
--- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/gui/AbstractVelocityGUIFormBuilderImpl.java
+++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/gui/AbstractVelocityGUIFormBuilderImpl.java
@@ -77,7 +77,7 @@ public abstract class AbstractVelocityGUIFormBuilderImpl implements IVelocityGui
public final void build(HttpServletRequest httpReq, HttpServletResponse httpResp, IGUIBuilderConfiguration config,
String loggerName) throws GUIBuildException {
if (config instanceof IVelocityGUIBuilderConfiguration)
- build(httpReq, httpResp, config, loggerName);
+ build(httpReq, httpResp, (IVelocityGUIBuilderConfiguration)config, loggerName);
else
throw new IllegalStateException(this.getClass().getName() + " needs a " + IVelocityGUIBuilderConfiguration.class.getName());
@@ -88,7 +88,7 @@ public abstract class AbstractVelocityGUIFormBuilderImpl implements IVelocityGui
public final void build(HttpServletRequest httpReq, HttpServletResponse httpResp, IGUIBuilderConfiguration config,
String contentType, String loggerName) throws GUIBuildException {
if (config instanceof IVelocityGUIBuilderConfiguration)
- build(httpReq, httpResp, config, loggerName);
+ build(httpReq, httpResp, (IVelocityGUIBuilderConfiguration)config, contentType, loggerName);
else
throw new IllegalStateException(this.getClass().getName() + " needs a " + IVelocityGUIBuilderConfiguration.class.getName());
diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/EidAuthenticationData.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/EidAuthenticationData.java
new file mode 100644
index 00000000..86728c05
--- /dev/null
+++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/EidAuthenticationData.java
@@ -0,0 +1,121 @@
+package at.gv.egiz.eaaf.core.impl.idp;
+
+import java.security.cert.CertificateEncodingException;
+import java.security.cert.X509Certificate;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.lang.NonNull;
+import org.springframework.util.Assert;
+
+import at.gv.egiz.eaaf.core.api.data.PVPAttributeDefinitions.EID_IDENTITY_STATUS_LEVEL_VALUES;
+import at.gv.egiz.eaaf.core.api.idp.IEidAuthData;
+
+public class EidAuthenticationData extends AuthenticationData implements IEidAuthData {
+ private static final Logger log = LoggerFactory.getLogger(EidAuthenticationData.class);
+
+
+ private static final long serialVersionUID = -7106142572904327044L;
+
+ private byte[] eIDToken;
+ private byte[] signerCertificate;
+ private EID_IDENTITY_STATUS_LEVEL_VALUES eidStatus;
+ private String vdaEndpointUrl;
+ private boolean useMandate = false;
+
+ @Override
+ public byte[] getSignerCertificate() {
+ return this.signerCertificate;
+ }
+
+ @Override
+ public byte[] getEIDToken() {
+ return this.eIDToken;
+ }
+
+ @Override
+ public EID_IDENTITY_STATUS_LEVEL_VALUES getEIDStatus() {
+ return this.eidStatus;
+
+ }
+
+ @Override
+ public boolean isUseMandate() {
+ return useMandate;
+ }
+
+ @Override
+ public String getVdaEndPointUrl() {
+ return vdaEndpointUrl;
+
+ }
+
+ /**
+ * Set the status of the E-ID identity
+ *
+ * @param eidStatus
+ */
+ public void setEidStatus(EID_IDENTITY_STATUS_LEVEL_VALUES eidStatus) {
+ this.eidStatus = eidStatus;
+ }
+
+ /**
+ * Set Online IdentityLink to AuthenticationData
+ *
+ * @param eIDToken
+ */
+ public void seteIDToken(final byte[] eIDToken) {
+ this.eIDToken = eIDToken;
+
+ }
+
+ /**
+ * Set the signing certificate that was used to sign the user consent
+ *
+ * @param signerCertificate
+ */
+ public void setSignerCertificate(@NonNull final X509Certificate signerCertificate) {
+ Assert.notNull(signerCertificate, "Signer certificate is null");
+ try {
+ this.signerCertificate = signerCertificate.getEncoded();
+
+ } catch (final CertificateEncodingException e) {
+ log.warn("Can NOT serialized signer-certificate", e);
+ log.warn("Signer certificate will be ignored");
+
+ }
+ }
+
+ /**
+ * Set the signing certificate that was used to sign the user consent
+ *
+ * @param signerCertificate
+ */
+ public void setSignerCertificate(final byte[] signerCertificate) {
+ this.signerCertificate = signerCertificate;
+
+ }
+
+ /**
+ * Set flag that mandates are used in this process
+ *
+ * @param useMandate true if mandates was used, otherwise false
+ */
+ public void setUseMandate(boolean useMandate) {
+ this.useMandate = useMandate;
+ }
+
+
+ /**
+ * Set URL of the EndPoint that was used on VDA for authentication
+ *
+ * @param vdaEndpointUrl
+ */
+ public void setVdaEndpointUrl(String vdaEndpointUrl) {
+ this.vdaEndpointUrl = vdaEndpointUrl;
+ }
+
+
+
+
+}
diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/builder/AbstractAuthenticationDataBuilder.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/builder/AbstractAuthenticationDataBuilder.java
index 2482d65f..47b1ecf9 100644
--- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/builder/AbstractAuthenticationDataBuilder.java
+++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/builder/AbstractAuthenticationDataBuilder.java
@@ -172,7 +172,6 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati
internalAuthData.setDateOfBirth(authProcessData.getGenericDataFromSession(ExtendedPVPAttributeDefinitions.BIRTHDATE_NAME, String.class));
internalAuthData.setEncSourceId(authProcessData.getGenericDataFromSession(ExtendedPVPAttributeDefinitions.EID_ENCRYPTED_SOURCEID_NAME, String.class));
internalAuthData.setEncSourceIdType(authProcessData.getGenericDataFromSession(ExtendedPVPAttributeDefinitions.EID_ENCRYPTED_SOURCEID_TYPE_NAME, String.class));
-
//####################################################
//set QAA level
@@ -574,7 +573,7 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati
* but there it is not neccesary. We fix this problem in 3.4.3, but the fix can be deactivated
* for dependency reasons.
*/
- if (basicConfig.getBasicMOAIDConfigurationBoolean(CONFIG_PROP_ENABLE_IDL_ATTRIBUTE_ESCAPEING, false)) {
+ if (basicConfig.getBasicConfigurationBoolean(CONFIG_PROP_ENABLE_IDL_ATTRIBUTE_ESCAPEING, false)) {
authData.setGivenName(identityLink.getGivenName().replaceAll("'", "&#39;"));
authData.setFamilyName(identityLink.getFamilyName().replaceAll("'", "&#39;"));
diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java
index 6f416414..0aa7ff89 100644
--- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java
+++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java
@@ -48,7 +48,7 @@ import at.gv.egiz.eaaf.core.api.IStatusMessenger;
import at.gv.egiz.eaaf.core.api.data.EAAFConstants;
import at.gv.egiz.eaaf.core.api.gui.IGUIBuilderConfiguration;
import at.gv.egiz.eaaf.core.api.gui.IGUIBuilderConfigurationFactory;
-import at.gv.egiz.eaaf.core.api.gui.ISpringMVCGUIFormBuilder;
+import at.gv.egiz.eaaf.core.api.gui.IGUIFormBuilder;
import at.gv.egiz.eaaf.core.api.gui.ModifyableGuiBuilderConfiguration;
import at.gv.egiz.eaaf.core.api.idp.IAction;
import at.gv.egiz.eaaf.core.api.idp.IAuthData;
@@ -83,7 +83,6 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer
@Autowired(required=true) private ITransactionStorage transactionStorage;
@Autowired(required=true) private IAuthenticationManager authmanager;
@Autowired(required=true) private IAuthenticationDataBuilder authDataBuilder;
- @Autowired(required=true) private ISpringMVCGUIFormBuilder guiBuilder;
@Autowired(required=true) private IGUIBuilderConfigurationFactory guiConfigFactory;
@Autowired(required=true) private IStatusMessenger statusMessager;
@Autowired(required=true) private IRequestStorage requestStorage;
@@ -93,6 +92,9 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer
@Autowired private IStatisticLogger statisticLogger;
@Autowired private IRevisionLogger revisionsLogger;
+
+ private IGUIFormBuilder guiBuilder;
+
/* (non-Javadoc)
* @see at.gv.egiz.eaaf.core.impl.idp.auth.services.IProtocolAuthenticationService#performAuthentication(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, at.gv.egiz.eaaf.core.api.IRequest)
*/
@@ -257,6 +259,11 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer
}
+
+ public void setGuiBuilder(IGUIFormBuilder guiBuilder) {
+ this.guiBuilder = guiBuilder;
+ }
+
/**
* Finalize the requested protocol operation
*
@@ -366,16 +373,6 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer
}
}
- private void writeBadRequestErrorResponse(final HttpServletRequest req, final HttpServletResponse resp, final EAAFException e) throws IOException {
- final String code = statusMessager.mapInternalErrorToExternalError(((InvalidProtocolRequestException)e).getErrorId());
- final String descr = StringEscapeUtils.escapeHtml4(StringEscapeUtils.escapeEcmaScript(e.getMessage()));
- resp.setContentType(EAAFConstants.CONTENTTYPE_HTML_UTF8);
- resp.sendError(HttpServletResponse.SC_BAD_REQUEST, "Protocol validation FAILED!" +
- "(Errorcode=" + code +
- " | Description=" + descr + ")");
-
- }
-
private void writeHTMLErrorResponse(@NonNull final HttpServletRequest httpReq, @NonNull final HttpServletResponse httpResp,
@NonNull final String msg, @NonNull final String errorCode, @Nullable final Object[] params, @NonNull final Exception error) throws IOException, EAAFException {
@@ -457,11 +454,21 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer
statisticLogger.logErrorOperation(ex, ex.getErrorRequest());
//write error message
- writeBadRequestErrorResponse(req, resp, (EAAFException) e);
+ //writeBadRequestErrorResponse(req, resp, (EAAFException) e);
+ writeHTMLErrorResponse(req, resp,
+ e.getMessage(),
+ statusMessager.getResponseErrorCode(e),
+ null,
+ e);
} else if (e instanceof InvalidProtocolRequestException) {
//send error response
- writeBadRequestErrorResponse(req, resp, (EAAFException) e);
+ //writeBadRequestErrorResponse(req, resp, (EAAFException) e);
+ writeHTMLErrorResponse(req, resp,
+ e.getMessage(),
+ statusMessager.getResponseErrorCode(e),
+ null,
+ e);
} else if (e instanceof ConfigurationException) {
//send HTML formated error message
diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/EIDCcsURL.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/EIDCcsURL.java
new file mode 100644
index 00000000..ec0f5d0c
--- /dev/null
+++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/EIDCcsURL.java
@@ -0,0 +1,44 @@
+package at.gv.egiz.eaaf.core.impl.idp.builder.attributes;
+
+import org.apache.commons.lang3.StringUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator;
+import at.gv.egiz.eaaf.core.api.idp.IAuthData;
+import at.gv.egiz.eaaf.core.api.idp.IEidAuthData;
+import at.gv.egiz.eaaf.core.api.idp.IPVPAttributeBuilder;
+import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
+import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException;
+import at.gv.egiz.eaaf.core.exceptions.UnavailableAttributeException;
+
+@PVPMETADATA
+public class EIDCcsURL implements IPVPAttributeBuilder {
+ private static final Logger log = LoggerFactory.getLogger(EID_CCS_URL_NAME);
+
+ @Override
+ public String getName() {
+ return EID_CCS_URL_NAME;
+ }
+
+ @Override
+ public <ATT> ATT build(ISPConfiguration oaParam, IAuthData authData,
+ IAttributeGenerator<ATT> g) throws AttributeBuilderException {
+ if (authData instanceof IEidAuthData) {
+ final String bkuurl = ((IEidAuthData)authData).getVdaEndPointUrl();
+ if (StringUtils.isNotEmpty(bkuurl))
+ return g.buildStringAttribute(EID_CCS_URL_FRIENDLY_NAME, EID_CCS_URL_NAME, bkuurl);
+
+
+ } else
+ log.info(EID_CCS_URL_FRIENDLY_NAME + " is only available in MOA-ID context");
+
+ throw new UnavailableAttributeException(EID_CCS_URL_NAME);
+ }
+
+ @Override
+ public <ATT> ATT buildEmpty(IAttributeGenerator<ATT> g) {
+ return g.buildEmptyAttribute(EID_CCS_URL_FRIENDLY_NAME, EID_CCS_URL_NAME);
+ }
+
+}
diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/EIDEIDTokenBuilder.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/EIDEIDTokenBuilder.java
new file mode 100644
index 00000000..698393ea
--- /dev/null
+++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/EIDEIDTokenBuilder.java
@@ -0,0 +1,69 @@
+/*******************************************************************************
+ * Copyright 2019 Graz University of Technology
+ * EAAF-Core Components has been developed in a cooperation between EGIZ,
+ * A-SIT Plus, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
+package at.gv.egiz.eaaf.core.impl.idp.builder.attributes;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.util.Base64Utils;
+
+import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator;
+import at.gv.egiz.eaaf.core.api.idp.IAuthData;
+import at.gv.egiz.eaaf.core.api.idp.IEidAuthData;
+import at.gv.egiz.eaaf.core.api.idp.IPVPAttributeBuilder;
+import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
+import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException;
+import at.gv.egiz.eaaf.core.exceptions.UnavailableAttributeException;
+
+@PVPMETADATA
+public class EIDEIDTokenBuilder implements IPVPAttributeBuilder {
+ private static final Logger log = LoggerFactory.getLogger(EIDEIDTokenBuilder.class);
+
+
+ @Override
+ public String getName() {
+ return EID_E_ID_TOKEN_NAME;
+ }
+
+ @Override
+ public <ATT> ATT build(final ISPConfiguration oaParam, final IAuthData authData,
+ final IAttributeGenerator<ATT> g) throws AttributeBuilderException {
+
+ if (authData instanceof IEidAuthData) {
+ if (((IEidAuthData)authData).getEIDToken() == null)
+ throw new UnavailableAttributeException(EID_E_ID_TOKEN_NAME);
+
+ return g.buildStringAttribute(EID_E_ID_TOKEN_FRIENDLY_NAME,
+ EID_E_ID_TOKEN_NAME, Base64Utils.encodeToString(((IEidAuthData)authData).getEIDToken()));
+ } else
+ log.info(EID_E_ID_TOKEN_FRIENDLY_NAME + " is only available in AuthHandler context");
+
+ throw new UnavailableAttributeException(EID_E_ID_TOKEN_NAME);
+ }
+
+ @Override
+ public <ATT> ATT buildEmpty(final IAttributeGenerator<ATT> g) {
+ return g.buildEmptyAttribute(EID_E_ID_TOKEN_FRIENDLY_NAME,
+ EID_E_ID_TOKEN_NAME);
+ }
+
+}
diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/EIDSignerCertificate.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/EIDSignerCertificate.java
new file mode 100644
index 00000000..bab521b4
--- /dev/null
+++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/EIDSignerCertificate.java
@@ -0,0 +1,80 @@
+/*******************************************************************************
+ * Copyright 2019 Graz University of Technology
+ * EAAF-Core Components has been developed in a cooperation between EGIZ,
+ * A-SIT Plus, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
+package at.gv.egiz.eaaf.core.impl.idp.builder.attributes;
+
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.util.Base64Utils;
+
+import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator;
+import at.gv.egiz.eaaf.core.api.idp.IAuthData;
+import at.gv.egiz.eaaf.core.api.idp.IEidAuthData;
+import at.gv.egiz.eaaf.core.api.idp.IPVPAttributeBuilder;
+import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
+import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException;
+import at.gv.egiz.eaaf.core.exceptions.UnavailableAttributeException;
+
+@PVPMETADATA
+public class EIDSignerCertificate implements IPVPAttributeBuilder {
+ private static final Logger log = LoggerFactory.getLogger(EIDSignerCertificate.class);
+
+ @Override
+ public String getName() {
+ return EID_SIGNER_CERTIFICATE_NAME;
+ }
+
+ @Override
+ public <ATT> ATT build(final ISPConfiguration oaParam, final IAuthData authData,
+ final IAttributeGenerator<ATT> g) throws AttributeBuilderException {
+
+ if (authData instanceof IEidAuthData) {
+ try {
+
+ final byte[] signerCertificate = ((IEidAuthData)authData).getSignerCertificate();
+ if (signerCertificate != null) {
+ return g.buildStringAttribute(EID_SIGNER_CERTIFICATE_FRIENDLY_NAME, EID_SIGNER_CERTIFICATE_NAME,
+ Base64Utils.encodeToString(signerCertificate));
+
+ } else
+ log.info(EID_SIGNER_CERTIFICATE_FRIENDLY_NAME + " is only available in MOA-ID context");
+
+ } catch (final Exception e) {
+ log.info("Signer certificate BASE64 encoding error");
+
+ }
+
+ } else
+ log.info(EID_SIGNER_CERTIFICATE_FRIENDLY_NAME + " is only available in AuthHandler context");
+
+
+ throw new UnavailableAttributeException(EID_SIGNER_CERTIFICATE_NAME);
+
+ }
+
+ @Override
+ public <ATT> ATT buildEmpty(final IAttributeGenerator<ATT> g) {
+ return g.buildEmptyAttribute(EID_SIGNER_CERTIFICATE_FRIENDLY_NAME, EID_SIGNER_CERTIFICATE_NAME);
+ }
+
+}
diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/EidIdentityStatusLevelAttributeBuiler.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/EidIdentityStatusLevelAttributeBuiler.java
new file mode 100644
index 00000000..6a8de559
--- /dev/null
+++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/EidIdentityStatusLevelAttributeBuiler.java
@@ -0,0 +1,47 @@
+package at.gv.egiz.eaaf.core.impl.idp.builder.attributes;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator;
+import at.gv.egiz.eaaf.core.api.idp.IAuthData;
+import at.gv.egiz.eaaf.core.api.idp.IEidAuthData;
+import at.gv.egiz.eaaf.core.api.idp.IPVPAttributeBuilder;
+import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
+import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException;
+import at.gv.egiz.eaaf.core.exceptions.UnavailableAttributeException;
+
+@PVPMETADATA
+public class EidIdentityStatusLevelAttributeBuiler implements IPVPAttributeBuilder {
+ private static final Logger log = LoggerFactory.getLogger(EidIdentityStatusLevelAttributeBuiler.class);
+
+ @Override
+ public String getName() {
+ return EID_IDENTITY_STATUS_LEVEL_NAME;
+ }
+
+ @Override
+ public <ATT> ATT build(ISPConfiguration oaParam, IAuthData authData, IAttributeGenerator<ATT> g)
+ throws AttributeBuilderException {
+
+ if (authData instanceof IEidAuthData) {
+ if (((IEidAuthData)authData).getEIDStatus() == null)
+ throw new UnavailableAttributeException(getName());
+
+ return g.buildStringAttribute(getFriendlyName(),
+ getName(), ((IEidAuthData)authData).getEIDStatus().getURI());
+ } else
+ log.info(getFriendlyName() + " is only available in EAAF context");
+
+ throw new UnavailableAttributeException(getName());
+ }
+
+ @Override
+ public <ATT> ATT buildEmpty(IAttributeGenerator<ATT> g) {
+ return g.buildEmptyAttribute(getFriendlyName(), getName());
+ }
+
+ private String getFriendlyName() {
+ return EID_IDENTITY_STATUS_LEVEL_FRIENDLY_NAME;
+ }
+}
diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/conf/AbstractConfigurationImpl.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/conf/AbstractConfigurationImpl.java
index af009b10..55662326 100644
--- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/conf/AbstractConfigurationImpl.java
+++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/conf/AbstractConfigurationImpl.java
@@ -158,19 +158,31 @@ public abstract class AbstractConfigurationImpl implements IExtendedConfiguratio
return defaultValue;
}
+
@Override
- public Map<String, String> getBasicMOAIDConfigurationWithPrefix(String prefix) {
- return KeyValueUtils.getSubSetWithPrefix(KeyValueUtils.convertPropertiesToMap(properties), addPrefixToKey(prefix));
+ public Boolean getBasicConfigurationBoolean(String key) {
+ final String value = getBasicConfiguration(key);
+ if (value != null)
+ return Boolean.parseBoolean(value);
+ else
+ return null;
}
+
@Override
- public boolean getBasicMOAIDConfigurationBoolean(String key, boolean defaultValue) {
- final String value = getBasicConfiguration(key);
- if (StringUtils.isNotEmpty(value))
- return Boolean.valueOf(value.trim());
-
- return defaultValue;
+ public boolean getBasicConfigurationBoolean(String key, boolean defaultValue) {
+ final Boolean result = getBasicConfigurationBoolean(key);
+ if (result != null)
+ return result;
+ else
+ return defaultValue;
+
+ }
+
+ @Override
+ public Map<String, String> getBasicConfigurationWithPrefix(String prefix) {
+ return KeyValueUtils.getSubSetWithPrefix(KeyValueUtils.convertPropertiesToMap(properties), addPrefixToKey(prefix));
}
diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/conf/AbstractSpringBootConfigurationImpl.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/conf/AbstractSpringBootConfigurationImpl.java
index 62245331..1a344feb 100644
--- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/conf/AbstractSpringBootConfigurationImpl.java
+++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/conf/AbstractSpringBootConfigurationImpl.java
@@ -88,7 +88,7 @@ public abstract class AbstractSpringBootConfigurationImpl implements IConfigurat
}
@Override
- public Map<String, String> getBasicMOAIDConfigurationWithPrefix(String prefix) {
+ public Map<String, String> getBasicConfigurationWithPrefix(String prefix) {
final Map<String, String> configProps = getPropertiesStartingWith((ConfigurableEnvironment) env, addPrefixToKey(prefix));
return KeyValueUtils.removePrefixFromKeys(configProps, addPrefixToKey(prefix) + ".");
@@ -96,17 +96,24 @@ public abstract class AbstractSpringBootConfigurationImpl implements IConfigurat
}
@Override
- public boolean getBasicMOAIDConfigurationBoolean(String key, boolean defaultValue) {
- final String value = getBasicConfiguration(key);
+ public Boolean getBasicConfigurationBoolean(String key) {
+ final String value = getBasicConfiguration(key);
if (StringUtils.isNotEmpty(value))
return Boolean.valueOf(value.trim());
-
- return defaultValue;
-
+ else
+ return null;
}
-
@Override
+ public boolean getBasicConfigurationBoolean(String key, boolean defaultValue) {
+ final Boolean value = getBasicConfigurationBoolean(key);
+ if (value != null)
+ return value;
+ else
+ return defaultValue;
+ }
+
+ @Override
public URI getConfigurationRootDirectory() {
try {
return new URI(env.getRequiredProperty(addPrefixToKey(PROP_CONFIG_ROOT_DIR)));
diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/AbstractController.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/AbstractController.java
index 1da8036c..5ad44801 100644
--- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/AbstractController.java
+++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/AbstractController.java
@@ -72,7 +72,7 @@ public abstract class AbstractController {
@Autowired protected IRevisionLogger revisionsLogger;
@ExceptionHandler({EAAFException.class})
- public void MOAIDExceptionHandler(final HttpServletRequest req, final HttpServletResponse resp, final Exception e) throws IOException {
+ public void EAAFExceptionHandler(final HttpServletRequest req, final HttpServletResponse resp, final Exception e) throws IOException {
try {
protAuthService.handleErrorNoRedirect(e, req, resp, true);
diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/utils/HttpClientFactory.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/utils/HttpClientFactory.java
index a5b79f6a..926b2bd5 100644
--- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/utils/HttpClientFactory.java
+++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/utils/HttpClientFactory.java
@@ -75,7 +75,7 @@ public class HttpClientFactory {
httpClientBuilder.setDefaultRequestConfig(requestConfig);
//set pool connection if requested
- if (basicConfig.getBasicMOAIDConfigurationBoolean(
+ if (basicConfig.getBasicConfigurationBoolean(
PROP_CONFIG_CLIENT_HTTP_CONNECTION_POOL_USE,
true)) {
final PoolingHttpClientConnectionManager pool = new PoolingHttpClientConnectionManager();
@@ -97,7 +97,7 @@ public class HttpClientFactory {
log.trace("Initializing SSL Context ... ");
final SSLContext sslContext = SSLContext.getDefault();
HostnameVerifier hostnameVerifier = null;
- if (basicConfig.getBasicMOAIDConfigurationBoolean(
+ if (basicConfig.getBasicConfigurationBoolean(
PROP_CONFIG_CLIENT_HTTP_SSL_HOSTNAMEVERIFIER_TRUSTALL,
false)) {
hostnameVerifier = new NoopHostnameVerifier();
diff --git a/eaaf_core/src/main/resources/META-INF/services/at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder b/eaaf_core/src/main/resources/META-INF/services/at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder
index 2decf67c..7b977193 100644
--- a/eaaf_core/src/main/resources/META-INF/services/at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder
+++ b/eaaf_core/src/main/resources/META-INF/services/at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder
@@ -9,3 +9,7 @@ at.gv.egiz.eaaf.core.impl.idp.builder.attributes.EIDeIDASQAALevelAttributeBuilde
at.gv.egiz.eaaf.core.impl.idp.builder.attributes.BPKAttributeBuilder
at.gv.egiz.eaaf.core.impl.idp.builder.attributes.EIDSectorForIDAttributeBuilder
at.gv.egiz.eaaf.core.impl.idp.builder.attributes.EIDIdentityLinkBuilder
+at.gv.egiz.eaaf.core.impl.idp.builder.attributes.EIDEIDTokenBuilder
+at.gv.egiz.eaaf.core.impl.idp.builder.attributes.EIDSignerCertificate
+at.gv.egiz.eaaf.core.impl.idp.builder.attributes.EidIdentityStatusLevelAttributeBuiler
+at.gv.egiz.eaaf.core.impl.idp.builder.attributes.EIDCcsURL \ No newline at end of file
diff --git a/eaaf_core/src/main/resources/eaaf_core.beans.xml b/eaaf_core/src/main/resources/eaaf_core.beans.xml
index e750a49f..27b0f381 100644
--- a/eaaf_core/src/main/resources/eaaf_core.beans.xml
+++ b/eaaf_core/src/main/resources/eaaf_core.beans.xml
@@ -12,9 +12,6 @@
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd
http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd">
- <bean id="eaafProtocolAuthenticationService"
- class="at.gv.egiz.eaaf.core.impl.idp.auth.services.ProtocolAuthenticationService" />
-
<bean id="httpClientFactory"
class="at.gv.egiz.eaaf.core.impl.utils.HttpClientFactory" />
diff --git a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/module/test/DummyConfiguration.java b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/module/test/DummyConfiguration.java
index 880582cd..ffb921ce 100644
--- a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/module/test/DummyConfiguration.java
+++ b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/module/test/DummyConfiguration.java
@@ -27,25 +27,11 @@ public class DummyConfiguration implements IConfiguration {
}
@Override
- public Map<String, String> getBasicMOAIDConfigurationWithPrefix(String prefix) {
+ public Map<String, String> getBasicConfigurationWithPrefix(String prefix) {
// TODO Auto-generated method stub
return null;
}
-
- @Override
- public boolean getBasicMOAIDConfigurationBoolean(String key, boolean defaultValue) {
- if (AbstractAuthenticationDataBuilder.CONFIG_PROP_ENABLE_IDL_ATTRIBUTE_ESCAPEING.equals(key)) {
- if (isIDLEscapingEnabled == null)
- return defaultValue;
- else
- return isIDLEscapingEnabled;
-
- }
-
-
- return false;
- }
-
+
@Override
public ISPConfiguration getServiceProviderConfiguration(String uniqueID) throws EAAFConfigurationException {
// TODO Auto-generated method stub
@@ -74,4 +60,25 @@ public class DummyConfiguration implements IConfiguration {
public void setIsIDLEscapingEnabled(Boolean isIDLEscapingEnabled) {
this.isIDLEscapingEnabled = isIDLEscapingEnabled;
}
+
+ @Override
+ public Boolean getBasicConfigurationBoolean(String key) {
+ return null;
+
+ }
+
+ @Override
+ public boolean getBasicConfigurationBoolean(String key, boolean defaultValue) {
+ if (AbstractAuthenticationDataBuilder.CONFIG_PROP_ENABLE_IDL_ATTRIBUTE_ESCAPEING.equals(key)) {
+ if (isIDLEscapingEnabled == null)
+ return defaultValue;
+ else
+ return isIDLEscapingEnabled;
+
+ }
+
+
+ return false;
+
+ }
}