summaryrefslogtreecommitdiff
path: root/eaaf_modules/eaaf_module_auth_sl20/src
diff options
context:
space:
mode:
authorThomas <>2023-08-31 20:37:42 +0200
committerThomas <>2023-08-31 20:37:42 +0200
commite915685e22c7c084f7fd0c4870ff20d3f0194a91 (patch)
tree638deef490a63799ff48ca826ff8702b2efbee2a /eaaf_modules/eaaf_module_auth_sl20/src
parent5acc09000c59c93510567e88cb701919122dc5b2 (diff)
downloadEAAF-Components-e915685e22c7c084f7fd0c4870ff20d3f0194a91.tar.gz
EAAF-Components-e915685e22c7c084f7fd0c4870ff20d3f0194a91.tar.bz2
EAAF-Components-e915685e22c7c084f7fd0c4870ff20d3f0194a91.zip
feat(core): refactor to openSAML 5 for Java 17
Diffstat (limited to 'eaaf_modules/eaaf_module_auth_sl20/src')
-rw-r--r--eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/AbstractSL20AuthenticationModulImpl.java3
-rw-r--r--eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/tasks/AbstractCreateQualEidRequestTask.java15
-rw-r--r--eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/tasks/AbstractReceiveQualEidTask.java7
-rw-r--r--eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/JsonSecurityUtils.java9
-rw-r--r--eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20Constants.java4
-rw-r--r--eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20HttpBindingUtils.java44
-rw-r--r--eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20ResponseUtils.java9
7 files changed, 43 insertions, 48 deletions
diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/AbstractSL20AuthenticationModulImpl.java b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/AbstractSL20AuthenticationModulImpl.java
index d561a0bc..d7d2c90b 100644
--- a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/AbstractSL20AuthenticationModulImpl.java
+++ b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/AbstractSL20AuthenticationModulImpl.java
@@ -3,8 +3,6 @@ package at.gv.egiz.eaaf.modules.auth.sl20;
import java.util.Arrays;
import java.util.List;
-import javax.annotation.PostConstruct;
-
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -17,6 +15,7 @@ import at.gv.egiz.eaaf.core.api.idp.auth.modules.AuthModule;
import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
import at.gv.egiz.eaaf.core.impl.idp.auth.AbstractAuthenticationManager;
import at.gv.egiz.eaaf.modules.auth.sl20.utils.SL20Constants;
+import jakarta.annotation.PostConstruct;
/**
* AuthModule to select a Securtiy-Layer 2.0 based authentication process.
diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/tasks/AbstractCreateQualEidRequestTask.java b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/tasks/AbstractCreateQualEidRequestTask.java
index 9dcfbe75..7e895d89 100644
--- a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/tasks/AbstractCreateQualEidRequestTask.java
+++ b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/tasks/AbstractCreateQualEidRequestTask.java
@@ -11,16 +11,13 @@ import java.util.Locale;
import java.util.Map;
import java.util.concurrent.TimeUnit;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.lang3.time.StopWatch;
-import org.apache.http.NameValuePair;
-import org.apache.http.client.entity.UrlEncodedFormEntity;
-import org.apache.http.client.methods.HttpPost;
-import org.apache.http.client.utils.URIBuilder;
-import org.apache.http.message.BasicNameValuePair;
+import org.apache.hc.client5.http.classic.methods.HttpPost;
+import org.apache.hc.client5.http.entity.UrlEncodedFormEntity;
+import org.apache.hc.core5.http.NameValuePair;
+import org.apache.hc.core5.http.message.BasicNameValuePair;
+import org.apache.hc.core5.net.URIBuilder;
import org.jose4j.base64url.Base64Url;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.i18n.LocaleContextHolder;
@@ -48,6 +45,8 @@ import at.gv.egiz.eaaf.modules.auth.sl20.utils.SL20HttpBindingUtils;
import at.gv.egiz.eaaf.modules.auth.sl20.utils.SL20HttpBindingUtils.Sl20ResponseHolder;
import at.gv.egiz.eaaf.modules.auth.sl20.utils.SL20JsonBuilderUtils;
import at.gv.egiz.eaaf.modules.auth.sl20.utils.SL20JsonExtractorUtils;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
import lombok.extern.slf4j.Slf4j;
@Slf4j
diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/tasks/AbstractReceiveQualEidTask.java b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/tasks/AbstractReceiveQualEidTask.java
index 79d9f8d6..dd3e9ea7 100644
--- a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/tasks/AbstractReceiveQualEidTask.java
+++ b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/tasks/AbstractReceiveQualEidTask.java
@@ -3,10 +3,7 @@ package at.gv.egiz.eaaf.modules.auth.sl20.tasks;
import java.io.IOException;
import java.util.Map;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import org.apache.commons.fileupload.FileUploadException;
+import org.apache.commons.fileupload2.core.FileUploadException;
import org.apache.commons.lang3.StringUtils;
import org.jose4j.base64url.Base64Url;
import org.springframework.beans.factory.annotation.Autowired;
@@ -36,6 +33,8 @@ import at.gv.egiz.eaaf.modules.auth.sl20.utils.JsonMapper;
import at.gv.egiz.eaaf.modules.auth.sl20.utils.SL20Constants;
import at.gv.egiz.eaaf.modules.auth.sl20.utils.SL20JsonExtractorUtils;
import at.gv.egiz.eaaf.modules.auth.sl20.utils.SL20ResponseUtils;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
import lombok.extern.slf4j.Slf4j;
@Slf4j
diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/JsonSecurityUtils.java b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/JsonSecurityUtils.java
index 668ce09a..5e7f926f 100644
--- a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/JsonSecurityUtils.java
+++ b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/JsonSecurityUtils.java
@@ -7,11 +7,11 @@ import java.security.KeyStoreException;
import java.security.Provider;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
+import java.util.Base64;
import java.util.Collections;
import java.util.List;
import javax.annotation.Nonnull;
-import javax.annotation.PostConstruct;
import org.apache.commons.lang3.StringUtils;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
@@ -26,7 +26,6 @@ import org.jose4j.lang.JoseException;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.lang.NonNull;
import org.springframework.stereotype.Service;
-import org.springframework.util.Base64Utils;
import com.fasterxml.jackson.core.JsonParseException;
import com.fasterxml.jackson.databind.JsonNode;
@@ -49,6 +48,7 @@ import at.gv.egiz.eaaf.modules.auth.sl20.exceptions.SL20Exception;
import at.gv.egiz.eaaf.modules.auth.sl20.exceptions.SL20SecurityException;
import at.gv.egiz.eaaf.modules.auth.sl20.exceptions.SlCommandoBuildException;
import at.gv.egiz.eaaf.modules.auth.sl20.exceptions.SlCommandoParserException;
+import jakarta.annotation.PostConstruct;
import lombok.extern.slf4j.Slf4j;
@Service
@@ -243,10 +243,9 @@ public class JsonSecurityUtils implements IJoseTools {
if (!sortedX5cCerts.get(0).equals(encryptionCred.getSecond()[0])) {
log.info("Certificate from JOSE header does NOT match encryption certificate");
-
try {
-
- log.debug("JOSE certificate: {}", Base64Utils.encode(sortedX5cCerts.get(0).getEncoded()));
+ log.debug("JOSE certificate: {}", Base64.getEncoder().encodeToString(
+ sortedX5cCerts.get(0).getEncoded()));
} catch (final CertificateEncodingException e) {
e.printStackTrace();
}
diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20Constants.java b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20Constants.java
index e75410f7..b98b2980 100644
--- a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20Constants.java
+++ b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20Constants.java
@@ -48,9 +48,9 @@ public class SL20Constants {
*/
public static VdaAuthMethod fromString(@Nonnull final String s) {
try {
- return VdaAuthMethod.valueOf(s.toUpperCase());
+ return s != null ? VdaAuthMethod.valueOf(s.toUpperCase()) : VdaAuthMethod.ANY;
- } catch (IllegalArgumentException | NullPointerException e) {
+ } catch (IllegalArgumentException e) {
return VdaAuthMethod.ANY;
}
diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20HttpBindingUtils.java b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20HttpBindingUtils.java
index c45245b1..f9ca7cf8 100644
--- a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20HttpBindingUtils.java
+++ b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20HttpBindingUtils.java
@@ -7,26 +7,26 @@ import java.text.MessageFormat;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import org.apache.http.Header;
-import org.apache.http.HttpEntity;
-import org.apache.http.ParseException;
-import org.apache.http.StatusLine;
-import org.apache.http.client.ResponseHandler;
-import org.apache.http.client.utils.URIBuilder;
-import org.apache.http.entity.ContentType;
-import org.apache.http.util.EntityUtils;
+
+import org.apache.hc.core5.http.ContentType;
+import org.apache.hc.core5.http.Header;
+import org.apache.hc.core5.http.HttpEntity;
+import org.apache.hc.core5.http.io.HttpClientResponseHandler;
+import org.apache.hc.core5.http.io.entity.EntityUtils;
+import org.apache.hc.core5.http.message.StatusLine;
+import org.apache.hc.core5.net.URIBuilder;
import org.jose4j.base64url.Base64Url;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.http.HttpStatus;
import org.springframework.http.MediaType;
+import com.fasterxml.jackson.core.JacksonException;
import com.fasterxml.jackson.databind.JsonNode;
import at.gv.egiz.eaaf.modules.auth.sl20.exceptions.SlCommandoParserException;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
import lombok.Data;
import lombok.Getter;
@@ -48,20 +48,20 @@ public class SL20HttpBindingUtils {
*
* @return {@link Sl20ResponseHolder}
*/
- public static ResponseHandler<Sl20ResponseHolder> sl20ResponseHandler() {
+ public static HttpClientResponseHandler<Sl20ResponseHolder> sl20ResponseHandler() {
return response -> {
try {
- final int httpStatusCode = response.getStatusLine().getStatusCode();
+ final int httpStatusCode = response.getCode();
if (httpStatusCode == HttpStatus.OK.value()) {
if (response.getEntity().getContentType() == null) {
throw new SlCommandoParserException("SL20 response contains NO ContentType");
}
- final ContentType contentType = ContentType.getOrDefault(response.getEntity());
+ final ContentType contentType = ContentType.parse(response.getEntity().getContentType());
if (!ContentType.APPLICATION_JSON.getMimeType().equals(contentType.getMimeType())) {
log.error("SL20 response with statuscode: {} has wrong http ContentType: {}",
- response.getStatusLine(), contentType);
+ response.getCode(), contentType);
throw new SlCommandoParserException(
"SL20 response with a wrong http ContentType: " + contentType);
@@ -69,7 +69,7 @@ public class SL20HttpBindingUtils {
//parse OK response from body
return new Sl20ResponseHolder(parseSL20ResultFromResponse(response.getEntity()),
- response.getStatusLine());
+ new StatusLine(response));
} else if (httpStatusCode == HttpStatus.SEE_OTHER.value()
|| httpStatusCode == HttpStatus.TEMPORARY_REDIRECT.value()) {
@@ -81,24 +81,24 @@ public class SL20HttpBindingUtils {
final String sl20RespString = new URIBuilder(locationHeader[0].getValue()).getQueryParams().get(0).getValue();
return new Sl20ResponseHolder(JsonMapper.getMapper().readTree(Base64Url.decode(sl20RespString)),
- response.getStatusLine());
+ new StatusLine(response));
} else if (
httpStatusCode == HttpStatus.INTERNAL_SERVER_ERROR.value()
|| httpStatusCode == HttpStatus.UNAUTHORIZED.value()
|| httpStatusCode == HttpStatus.BAD_REQUEST.value()) {
log.info("SL20 response with http-code: {}. Search for error message", httpStatusCode);
-
+
String bodyMsg = "_EMPTY_";
try {
//extract JSON body from defined http error-codes
bodyMsg = EntityUtils.toString(response.getEntity());
log.info("SL20 response with http-code: {} and errorMsg: {}", httpStatusCode, bodyMsg);
Sl20ResponseHolder holder = new Sl20ResponseHolder(
- JsonMapper.getMapper().readTree(bodyMsg), response.getStatusLine());
+ JsonMapper.getMapper().readTree(bodyMsg), new StatusLine(response));
return holder;
- } catch (final IOException | ParseException e) {
+ } catch (final JacksonException e) {
log.warn("SL20 response contains no valid JSON. Body msg: {}", bodyMsg, e);
throw new SlCommandoParserException(MessageFormat.format(
"SL20 response with http-code: {} and generic response-processing error: {}",
@@ -115,12 +115,12 @@ public class SL20HttpBindingUtils {
}
} catch (SlCommandoParserException e) {
- Sl20ResponseHolder holder = new Sl20ResponseHolder(null, response.getStatusLine());
+ Sl20ResponseHolder holder = new Sl20ResponseHolder(null, new StatusLine(response));
holder.setError(e);
return holder;
} catch (final Exception e) {
- Sl20ResponseHolder holder = new Sl20ResponseHolder(null, response.getStatusLine());
+ Sl20ResponseHolder holder = new Sl20ResponseHolder(null, new StatusLine(response));
holder.setError(
new SlCommandoParserException("SL20 response parsing FAILED! Reason: " + e.getMessage(), e));
return holder;
diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20ResponseUtils.java b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20ResponseUtils.java
index c3826087..af292964 100644
--- a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20ResponseUtils.java
+++ b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20ResponseUtils.java
@@ -8,12 +8,9 @@ import java.util.HashMap;
import java.util.Map;
import java.util.UUID;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
import org.apache.commons.lang3.StringUtils;
-import org.apache.http.client.utils.URIBuilder;
-import org.apache.http.entity.ContentType;
+import org.apache.hc.core5.http.ContentType;
+import org.apache.hc.core5.net.URIBuilder;
import com.fasterxml.jackson.databind.node.ObjectNode;
@@ -22,6 +19,8 @@ import at.gv.egiz.eaaf.core.api.data.EaafConstants;
import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
import at.gv.egiz.eaaf.modules.auth.sl20.Constants;
import at.gv.egiz.eaaf.modules.auth.sl20.exceptions.SL20Exception;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
import lombok.extern.slf4j.Slf4j;
@Slf4j