refactor to OpenSAML 4.x

author: Thomas Lenz <thomas.lenz@egiz.gv.at> 2020-04-08 16:23:51 +0200
committer: Thomas Lenz <thomas.lenz@egiz.gv.at> 2020-04-08 16:23:51 +0200
commit: f220f54579f5975586b4dcd7634668815c208eda (patch)
tree: e57d292efc3b520f35e613285f2355bebb1d5e47 /eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding
parent: bfaeb328b295a9508e351068b5061de4efb47645 (diff)
download: EAAF-Components-f220f54579f5975586b4dcd7634668815c208eda.tar.gz
EAAF-Components-f220f54579f5975586b4dcd7634668815c208eda.tar.bz2
EAAF-Components-f220f54579f5975586b4dcd7634668815c208eda.zip
4 files changed, 68 insertions, 75 deletions
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/AbstractBinding.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/AbstractBinding.java
index 3543d85a..80697ee9 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/AbstractBinding.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/AbstractBinding.java
@@ -2,29 +2,12 @@ package at.gv.egiz.eaaf.modules.pvp2.impl.binding;
 
 import javax.xml.namespace.QName;
 
-import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
-import at.gv.egiz.eaaf.modules.pvp2.api.credential.EaafX509Credential;
-import at.gv.egiz.eaaf.modules.pvp2.api.message.InboundMessageInterface;
-import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvp2MetadataProvider;
-import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2Exception;
-import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2InternalErrorException;
-import at.gv.egiz.eaaf.modules.pvp2.exception.SamlBindingException;
-import at.gv.egiz.eaaf.modules.pvp2.exception.SamlMessageValidationException;
-import at.gv.egiz.eaaf.modules.pvp2.exception.SamlSigningException;
-import at.gv.egiz.eaaf.modules.pvp2.impl.message.InboundMessage;
-import at.gv.egiz.eaaf.modules.pvp2.impl.message.PvpSProfileRequest;
-import at.gv.egiz.eaaf.modules.pvp2.impl.message.PvpSProfileResponse;
-import at.gv.egiz.eaaf.modules.pvp2.impl.utils.Saml2Utils;
-import at.gv.egiz.eaaf.modules.pvp2.impl.validation.TrustEngineFactory;
-import at.gv.egiz.eaaf.modules.pvp2.impl.verification.PvpSamlMessageHandlerChain;
-
 import org.opensaml.core.config.ConfigurationService;
 import org.opensaml.messaging.context.BaseContext;
 import org.opensaml.messaging.context.MessageContext;
 import org.opensaml.messaging.decoder.MessageDecodingException;
 import org.opensaml.messaging.decoder.servlet.HttpServletRequestMessageDecoder;
 import org.opensaml.messaging.handler.MessageHandlerException;
-import org.opensaml.saml.common.SAMLObject;
 import org.opensaml.saml.common.SignableSAMLObject;
 import org.opensaml.saml.common.binding.SAMLBindingSupport;
 import org.opensaml.saml.common.binding.encoding.SAMLMessageEncoder;
@@ -48,6 +31,22 @@ import com.google.common.base.Optional;
 import com.google.common.base.Predicates;
 import com.google.common.base.Throwables;
 import com.google.common.collect.FluentIterable;
+
+import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
+import at.gv.egiz.eaaf.modules.pvp2.api.credential.EaafX509Credential;
+import at.gv.egiz.eaaf.modules.pvp2.api.message.InboundMessageInterface;
+import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvp2MetadataProvider;
+import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2Exception;
+import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2InternalErrorException;
+import at.gv.egiz.eaaf.modules.pvp2.exception.SamlBindingException;
+import at.gv.egiz.eaaf.modules.pvp2.exception.SamlMessageValidationException;
+import at.gv.egiz.eaaf.modules.pvp2.exception.SamlSigningException;
+import at.gv.egiz.eaaf.modules.pvp2.impl.message.InboundMessage;
+import at.gv.egiz.eaaf.modules.pvp2.impl.message.PvpSProfileRequest;
+import at.gv.egiz.eaaf.modules.pvp2.impl.message.PvpSProfileResponse;
+import at.gv.egiz.eaaf.modules.pvp2.impl.utils.Saml2Utils;
+import at.gv.egiz.eaaf.modules.pvp2.impl.validation.TrustEngineFactory;
+import at.gv.egiz.eaaf.modules.pvp2.impl.verification.PvpSamlMessageHandlerChain;
 import lombok.extern.slf4j.Slf4j;
 import net.shibboleth.utilities.java.support.component.ComponentInitializationException;
 
@@ -65,8 +64,8 @@ public abstract class AbstractBinding {
 
   public abstract String getSaml2BindingName();
 
-  protected MessageContext<SAMLObject> internalMessageDecode(
-      HttpServletRequestMessageDecoder<SAMLObject> decoder,
+  protected MessageContext internalMessageDecode(
+      HttpServletRequestMessageDecoder decoder,
       String binding) throws Pvp2Exception {
     try {
       decoder.initialize();
@@ -97,9 +96,9 @@ public abstract class AbstractBinding {
 
   }
 
-  protected MessageContext<SAMLObject> buildBasicMessageContext(
+  protected MessageContext buildBasicMessageContext(
       SAMLMessageEncoder encoder, SignableSAMLObject response) {
-    final MessageContext<SAMLObject> messageContext = new MessageContext<>();
+    final MessageContext messageContext = new MessageContext();
     messageContext.setMessage(response);
     encoder.setMessageContext(messageContext);
     return messageContext;
@@ -139,7 +138,7 @@ public abstract class AbstractBinding {
 
   }
 
-  protected void injectInboundMessageContexts(MessageContext<SAMLObject> messageContext,
+  protected void injectInboundMessageContexts(MessageContext messageContext,
       IPvp2MetadataProvider metadataProvider, QName peerEntityRole) throws Pvp2InternalErrorException {
     final SAMLPeerEntityContext peerEntityContext = new SAMLPeerEntityContext();
     peerEntityContext.setRole(peerEntityRole);
@@ -164,7 +163,7 @@ public abstract class AbstractBinding {
   }
 
   protected void performMessageValidation(PvpSamlMessageHandlerChain messageValidatorChain,
-      MessageContext<SAMLObject> messageContext) throws Pvp2Exception {
+      MessageContext messageContext) throws Pvp2Exception {
     try {
       messageValidatorChain.initialize();
       messageValidatorChain.invoke(messageContext);
@@ -191,7 +190,7 @@ public abstract class AbstractBinding {
   }
 
   protected InboundMessageInterface performMessageDecodePostProcessing(
-      MessageContext<SAMLObject> messageContext, boolean isVerified) {
+      MessageContext messageContext, boolean isVerified) {
     InboundMessage msg = null;
     if (messageContext.getMessage() instanceof RequestAbstractType) {
       final RequestAbstractType inboundMessage =
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/PostBinding.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/PostBinding.java
index c679de20..829f771a 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/PostBinding.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/PostBinding.java
@@ -23,6 +23,17 @@ import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import javax.xml.namespace.QName;
 
+import org.opensaml.messaging.context.MessageContext;
+import org.opensaml.saml.common.binding.SAMLBindingSupport;
+import org.opensaml.saml.common.binding.impl.CheckMessageVersionHandler;
+import org.opensaml.saml.common.binding.security.impl.MessageLifetimeSecurityHandler;
+import org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler;
+import org.opensaml.saml.common.messaging.SAMLMessageSecuritySupport;
+import org.opensaml.saml.common.xml.SAMLConstants;
+import org.opensaml.saml.saml2.core.RequestAbstractType;
+import org.opensaml.saml.saml2.core.StatusResponseType;
+import org.springframework.beans.factory.annotation.Autowired;
+
 import at.gv.egiz.eaaf.core.api.IRequest;
 import at.gv.egiz.eaaf.core.api.gui.IGuiBuilderConfigurationFactory;
 import at.gv.egiz.eaaf.core.api.gui.IVelocityGuiBuilderConfiguration;
@@ -41,19 +52,6 @@ import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.EaafHttpPostDecoder;
 import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.HttpPostEncoderWithOwnTemplate;
 import at.gv.egiz.eaaf.modules.pvp2.impl.verification.EaafSamlProtocolMessageXmlSignatureSecurityHandler;
 import at.gv.egiz.eaaf.modules.pvp2.impl.verification.PvpSamlMessageHandlerChain;
-
-import org.opensaml.messaging.context.MessageContext;
-import org.opensaml.saml.common.SAMLObject;
-import org.opensaml.saml.common.binding.SAMLBindingSupport;
-import org.opensaml.saml.common.binding.impl.CheckMessageVersionHandler;
-import org.opensaml.saml.common.binding.security.impl.MessageLifetimeSecurityHandler;
-import org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler;
-import org.opensaml.saml.common.messaging.SAMLMessageSecuritySupport;
-import org.opensaml.saml.common.xml.SAMLConstants;
-import org.opensaml.saml.saml2.core.RequestAbstractType;
-import org.opensaml.saml.saml2.core.StatusResponseType;
-import org.springframework.beans.factory.annotation.Autowired;
-
 import lombok.extern.slf4j.Slf4j;
 import net.shibboleth.utilities.java.support.net.URIComparator;
 
@@ -85,7 +83,7 @@ public class PostBinding extends AbstractBinding implements IDecoder, IEncoder {
       encoder.setHttpServletResponse(httpResp);
 
       // inject message context
-      final MessageContext<SAMLObject> messageContext = buildBasicMessageContext(encoder, request);
+      final MessageContext messageContext = buildBasicMessageContext(encoder, request);
 
       // inject signing context
       messageContext.addSubcontext(injectSigningInfos(credentials));
@@ -131,7 +129,7 @@ public class PostBinding extends AbstractBinding implements IDecoder, IEncoder {
       encoder.setHttpServletResponse(httpResp);
 
       // inject message context
-      final MessageContext<SAMLObject> messageContext = buildBasicMessageContext(encoder, response);
+      final MessageContext messageContext = buildBasicMessageContext(encoder, response);
 
       // inject signing context
       messageContext.addSubcontext(injectSigningInfos(credentials));
@@ -165,7 +163,7 @@ public class PostBinding extends AbstractBinding implements IDecoder, IEncoder {
       throws Pvp2Exception {
 
     final EaafHttpPostDecoder decode = new EaafHttpPostDecoder(req);
-    final MessageContext<SAMLObject> messageContext = internalMessageDecode(decode, PvpConstants.POST);
+    final MessageContext messageContext = internalMessageDecode(decode, PvpConstants.POST);
 
     // check if PVP2 AuthnRequest is signed
     if (!SAMLBindingSupport.isMessageSigned(messageContext)) {
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/RedirectBinding.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/RedirectBinding.java
index f62f8a11..c66c773e 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/RedirectBinding.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/RedirectBinding.java
@@ -23,6 +23,18 @@ import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import javax.xml.namespace.QName;
 
+import org.opensaml.messaging.context.MessageContext;
+import org.opensaml.saml.common.binding.SAMLBindingSupport;
+import org.opensaml.saml.common.binding.impl.CheckMessageVersionHandler;
+import org.opensaml.saml.common.binding.security.impl.MessageLifetimeSecurityHandler;
+import org.opensaml.saml.common.messaging.context.SAMLBindingContext;
+import org.opensaml.saml.common.xml.SAMLConstants;
+import org.opensaml.saml.saml2.binding.encoding.impl.HTTPRedirectDeflateEncoder;
+import org.opensaml.saml.saml2.core.RequestAbstractType;
+import org.opensaml.saml.saml2.core.StatusResponseType;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
 import at.gv.egiz.eaaf.core.api.IRequest;
 import at.gv.egiz.eaaf.modules.pvp2.PvpConstants;
 import at.gv.egiz.eaaf.modules.pvp2.api.binding.IDecoder;
@@ -36,20 +48,6 @@ import at.gv.egiz.eaaf.modules.pvp2.exception.SamlBindingException;
 import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.EaafHttpRedirectDeflateDecoder;
 import at.gv.egiz.eaaf.modules.pvp2.impl.verification.EaafSaml2HttpRedirectDeflateSignatureSecurityHandler;
 import at.gv.egiz.eaaf.modules.pvp2.impl.verification.PvpSamlMessageHandlerChain;
-
-import org.opensaml.messaging.context.MessageContext;
-import org.opensaml.saml.common.SAMLObject;
-import org.opensaml.saml.common.binding.SAMLBindingSupport;
-import org.opensaml.saml.common.binding.impl.CheckMessageVersionHandler;
-import org.opensaml.saml.common.binding.security.impl.MessageLifetimeSecurityHandler;
-import org.opensaml.saml.common.messaging.context.SAMLBindingContext;
-import org.opensaml.saml.common.xml.SAMLConstants;
-import org.opensaml.saml.saml2.binding.encoding.impl.HTTPRedirectDeflateEncoder;
-import org.opensaml.saml.saml2.core.RequestAbstractType;
-import org.opensaml.saml.saml2.core.StatusResponseType;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
 import net.shibboleth.utilities.java.support.net.URIComparator;
 
 public class RedirectBinding extends AbstractBinding implements IDecoder, IEncoder {
@@ -67,7 +65,7 @@ public class RedirectBinding extends AbstractBinding implements IDecoder, IEncod
       final HTTPRedirectDeflateEncoder encoder = new HTTPRedirectDeflateEncoder();
       encoder.setHttpServletResponse(resp);
 
-      final MessageContext<SAMLObject> messageContext = buildBasicMessageContext(encoder, request);
+      final MessageContext messageContext = buildBasicMessageContext(encoder, request);
 
       // set endpoint url
       messageContext.addSubcontext(injectEndpointInfos(request, targetLocation));
@@ -104,7 +102,7 @@ public class RedirectBinding extends AbstractBinding implements IDecoder, IEncod
       final HTTPRedirectDeflateEncoder encoder = new HTTPRedirectDeflateEncoder();
       encoder.setHttpServletResponse(resp);
 
-      final MessageContext<SAMLObject> messageContext = buildBasicMessageContext(encoder, response);
+      final MessageContext messageContext = buildBasicMessageContext(encoder, response);
 
       // set endpoint url
       messageContext.addSubcontext(injectEndpointInfos(response, targetLocation));
@@ -136,7 +134,7 @@ public class RedirectBinding extends AbstractBinding implements IDecoder, IEncod
       throws Pvp2Exception {
 
     final EaafHttpRedirectDeflateDecoder decode = new EaafHttpRedirectDeflateDecoder(req);
-    final MessageContext<SAMLObject> messageContext = internalMessageDecode(decode, PvpConstants.REDIRECT);
+    final MessageContext messageContext = internalMessageDecode(decode, PvpConstants.REDIRECT);
 
     final SAMLBindingContext bindingContext = messageContext.getSubcontext(SAMLBindingContext.class, true);
     if (!bindingContext.hasBindingSignature()) {
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/SoapBinding.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/SoapBinding.java
index 49e93f0a..cd651a1e 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/SoapBinding.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/SoapBinding.java
@@ -23,6 +23,20 @@ import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import javax.xml.namespace.QName;
 
+import org.opensaml.messaging.context.MessageContext;
+import org.opensaml.saml.common.binding.SAMLBindingSupport;
+import org.opensaml.saml.common.binding.impl.CheckMessageVersionHandler;
+import org.opensaml.saml.common.binding.impl.SAMLProtocolAndRoleHandler;
+import org.opensaml.saml.common.binding.impl.SAMLSOAPDecoderBodyHandler;
+import org.opensaml.saml.common.binding.security.impl.MessageLifetimeSecurityHandler;
+import org.opensaml.saml.common.messaging.SAMLMessageSecuritySupport;
+import org.opensaml.saml.common.xml.SAMLConstants;
+import org.opensaml.saml.saml2.binding.decoding.impl.HTTPSOAP11Decoder;
+import org.opensaml.saml.saml2.binding.encoding.impl.HTTPSOAP11Encoder;
+import org.opensaml.saml.saml2.core.RequestAbstractType;
+import org.opensaml.saml.saml2.core.StatusResponseType;
+import org.opensaml.soap.messaging.context.SOAP11Context;
+
 import at.gv.egiz.eaaf.core.api.IRequest;
 import at.gv.egiz.eaaf.modules.pvp2.PvpConstants;
 import at.gv.egiz.eaaf.modules.pvp2.api.binding.IDecoder;
@@ -38,22 +52,6 @@ import at.gv.egiz.eaaf.modules.pvp2.impl.utils.Saml2Utils;
 import at.gv.egiz.eaaf.modules.pvp2.impl.verification.EaafMessageContextInitializationHandler;
 import at.gv.egiz.eaaf.modules.pvp2.impl.verification.EaafSamlProtocolMessageXmlSignatureSecurityHandler;
 import at.gv.egiz.eaaf.modules.pvp2.impl.verification.PvpSamlMessageHandlerChain;
-
-import org.opensaml.messaging.context.MessageContext;
-import org.opensaml.saml.common.SAMLObject;
-import org.opensaml.saml.common.binding.SAMLBindingSupport;
-import org.opensaml.saml.common.binding.impl.CheckMessageVersionHandler;
-import org.opensaml.saml.common.binding.impl.SAMLProtocolAndRoleHandler;
-import org.opensaml.saml.common.binding.impl.SAMLSOAPDecoderBodyHandler;
-import org.opensaml.saml.common.binding.security.impl.MessageLifetimeSecurityHandler;
-import org.opensaml.saml.common.messaging.SAMLMessageSecuritySupport;
-import org.opensaml.saml.common.xml.SAMLConstants;
-import org.opensaml.saml.saml2.binding.decoding.impl.HTTPSOAP11Decoder;
-import org.opensaml.saml.saml2.binding.encoding.impl.HTTPSOAP11Encoder;
-import org.opensaml.saml.saml2.core.RequestAbstractType;
-import org.opensaml.saml.saml2.core.StatusResponseType;
-import org.opensaml.soap.messaging.context.SOAP11Context;
-
 import lombok.extern.slf4j.Slf4j;
 import net.shibboleth.utilities.java.support.component.ComponentInitializationException;
 import net.shibboleth.utilities.java.support.net.URIComparator;
@@ -72,7 +70,7 @@ public class SoapBinding extends AbstractBinding implements IDecoder, IEncoder {
 
     injectMessageHandlerChain(soapDecoder, metadataProvider, peerEntityRole);
 
-    final MessageContext<SAMLObject> messageContext =
+    final MessageContext messageContext =
         internalMessageDecode(soapDecoder, PvpConstants.SOAP);
 
     // check if PVP2 AuthnRequest is signed
@@ -141,7 +139,7 @@ public class SoapBinding extends AbstractBinding implements IDecoder, IEncoder {
       encoder.setHttpServletResponse(resp);
 
       // inject message context
-      final MessageContext<SAMLObject> messageContext = buildBasicMessageContext(encoder, response);
+      final MessageContext messageContext = buildBasicMessageContext(encoder, response);
 
       //inject SOAP enveloped
       final SOAP11Context soap11Context = new SOAP11Context();
author	Thomas Lenz <thomas.lenz@egiz.gv.at>	2020-04-08 16:23:51 +0200
committer	Thomas Lenz <thomas.lenz@egiz.gv.at>	2020-04-08 16:23:51 +0200
commit	f220f54579f5975586b4dcd7634668815c208eda (patch)
tree	e57d292efc3b520f35e613285f2355bebb1d5e47 /eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding
parent	bfaeb328b295a9508e351068b5061de4efb47645 (diff)
download	EAAF-Components-f220f54579f5975586b4dcd7634668815c208eda.tar.gz EAAF-Components-f220f54579f5975586b4dcd7634668815c208eda.tar.bz2 EAAF-Components-f220f54579f5975586b4dcd7634668815c208eda.zip