to some more code quality tasks

author: Thomas <thomas.lenz@egiz.gv.at> 2019-12-04 22:54:51 +0100
committer: Thomas <thomas.lenz@egiz.gv.at> 2019-12-04 22:54:51 +0100
commit: 95b21a826e5d81fdeabcf4673a9e87047edaec9d (patch)
tree: d8d55da492dd86041c31d68651afa21c80313362 /eaaf_modules/eaaf_module_pvp2_core/src/main
parent: 759ac5f42c6aff901dbeede4fbf1a1d2e08cad0f (diff)
download: EAAF-Components-95b21a826e5d81fdeabcf4673a9e87047edaec9d.tar.gz
EAAF-Components-95b21a826e5d81fdeabcf4673a9e87047edaec9d.tar.bz2
EAAF-Components-95b21a826e5d81fdeabcf4673a9e87047edaec9d.zip
15 files changed, 87 insertions, 64 deletions
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/PvpConstants.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/PvpConstants.java
index e8d42e80..8bd2f024 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/PvpConstants.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/PvpConstants.java
@@ -30,34 +30,34 @@ import org.opensaml.xml.signature.SignatureConstants;
 
 public interface PvpConstants extends PVPAttributeDefinitions {
 
-  public static final String DEFAULT_SIGNING_METHODE =
+  String DEFAULT_SIGNING_METHODE =
       SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA256;
-  public static final String DEFAULT_DIGESTMETHODE = SignatureConstants.ALGO_ID_DIGEST_SHA256;
-  public static final String DEFAULT_SYM_ENCRYPTION_METHODE =
+  String DEFAULT_DIGESTMETHODE = SignatureConstants.ALGO_ID_DIGEST_SHA256;
+  String DEFAULT_SYM_ENCRYPTION_METHODE =
       EncryptionConstants.ALGO_ID_BLOCKCIPHER_AES256;
-  public static final String DEFAULT_ASYM_ENCRYPTION_METHODE =
+  String DEFAULT_ASYM_ENCRYPTION_METHODE =
       EncryptionConstants.ALGO_ID_KEYTRANSPORT_RSAOAEP;
 
-  public static final String ENTITY_CATEGORY_ATTRIBITE = "http://macedir.org/entity-category";
-  public static final String EGOVTOKEN = "http://www.ref.gv.at/ns/names/agiz/pvp/egovtoken";
-  public static final String CITIZENTOKEN = "http://www.ref.gv.at/ns/names/agiz/pvp/citizentoken";
+  String ENTITY_CATEGORY_ATTRIBITE = "http://macedir.org/entity-category";
+  String EGOVTOKEN = "http://www.ref.gv.at/ns/names/agiz/pvp/egovtoken";
+  String CITIZENTOKEN = "http://www.ref.gv.at/ns/names/agiz/pvp/citizentoken";
 
   @Deprecated
-  public static final String STORK_ATTRIBUTE_PREFIX = "http://www.stork.gov.eu/";
+  String STORK_ATTRIBUTE_PREFIX = "http://www.stork.gov.eu/";
 
-  public static final String REDIRECT = "Redirect";
-  public static final String POST = "Post";
-  public static final String SOAP = "Soap";
-  public static final String METADATA = "Metadata";
-  public static final String ATTRIBUTEQUERY = "AttributeQuery";
-  public static final String SINGLELOGOUT = "SingleLogOut";
+  String REDIRECT = "Redirect";
+  String POST = "Post";
+  String SOAP = "Soap";
+  String METADATA = "Metadata";
+  String ATTRIBUTEQUERY = "AttributeQuery";
+  String SINGLELOGOUT = "SingleLogOut";
 
   /**
    * Get required PVP attributes for egovtoken First : PVP attribute name (OID) Second: FriendlyName
    * Third: Required.
    *
    */
-  public static final List<Trible<String, String, Boolean>> EGOVTOKEN_PVP_ATTRIBUTES =
+  List<Trible<String, String, Boolean>> EGOVTOKEN_PVP_ATTRIBUTES =
       Collections.unmodifiableList(new ArrayList<Trible<String, String, Boolean>>() {
         private static final long serialVersionUID = 1L;
         {
@@ -82,7 +82,7 @@ public interface PvpConstants extends PVPAttributeDefinitions {
    * FriendlyName Third: Required.
    *
    */
-  public static final List<Trible<String, String, Boolean>> CITIZENTOKEN_PVP_ATTRIBUTES =
+  List<Trible<String, String, Boolean>> CITIZENTOKEN_PVP_ATTRIBUTES =
       Collections.unmodifiableList(new ArrayList<Trible<String, String, Boolean>>() {
         private static final long serialVersionUID = 1L;
         {
@@ -129,10 +129,10 @@ public interface PvpConstants extends PVPAttributeDefinitions {
       });
 
   // constants for requested SAML2 attribtes by using own namespace
-  public static final String EIDAT10_SAML_NS = "http://eid.gv.at/eID/attributes/saml-extensions";
-  public static final String EIDAT10_PREFIX = "eid";
+  String EIDAT10_SAML_NS = "http://eid.gv.at/eID/attributes/saml-extensions";
+  String EIDAT10_PREFIX = "eid";
 
-  public static final QName EIDAS_REQUESTED_ATTRIBUTE_VALUE_TYPE =
+  QName EIDAS_REQUESTED_ATTRIBUTE_VALUE_TYPE =
       new QName(EIDAT10_SAML_NS, "AttributeValue", EIDAT10_PREFIX);
 
 }
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/binding/IDecoder.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/binding/IDecoder.java
index 27a6532b..677028a5 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/binding/IDecoder.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/binding/IDecoder.java
@@ -30,11 +30,11 @@ import org.opensaml.xml.security.SecurityException;
 
 
 public interface IDecoder {
-  public InboundMessageInterface decode(HttpServletRequest req, HttpServletResponse resp,
+  InboundMessageInterface decode(HttpServletRequest req, HttpServletResponse resp,
       MetadataProvider metadataProvider, boolean isSpEndPoint, URIComparator comparator)
       throws MessageDecodingException, SecurityException, Pvp2Exception;
 
-  public boolean handleDecode(String action, HttpServletRequest req);
+  boolean handleDecode(String action, HttpServletRequest req);
 
-  public String getSaml2BindingName();
+  String getSaml2BindingName();
 }
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/metadata/IRefreshableMetadataProvider.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/metadata/IRefreshableMetadataProvider.java
index 74ee74de..5f69ba62 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/metadata/IRefreshableMetadataProvider.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/metadata/IRefreshableMetadataProvider.java
@@ -33,5 +33,5 @@ public interface IRefreshableMetadataProvider {
    * @param entityID EntityId
    * @return true, if refresh is success, otherwise false
    */
-  public boolean refreshMetadataProvider(String entityID);
+  boolean refreshMetadataProvider(String entityID);
 }
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/Pvp2Exception.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/Pvp2Exception.java
index 93980a73..0ea909e2 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/Pvp2Exception.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/Pvp2Exception.java
@@ -40,11 +40,11 @@ public abstract class Pvp2Exception extends EaafException {
 
 
   public String getStatusCodeValue() {
-    return (this.statusCodeValue);
+    return this.statusCodeValue;
   }
 
   public String getStatusMessageValue() {
-    return (this.statusMessageValue);
+    return this.statusMessageValue;
   }
 
 
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/PostBinding.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/PostBinding.java
index 0933f0a2..2734c859 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/PostBinding.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/PostBinding.java
@@ -229,7 +229,7 @@ public class PostBinding implements IDecoder, IEncoder {
 
   @Override
   public boolean handleDecode(final String action, final HttpServletRequest req) {
-    return (req.getMethod().equals("POST") && action.equals(PvpConstants.POST));
+    return req.getMethod().equals("POST") && action.equals(PvpConstants.POST);
   }
 
   @Override
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/RedirectBinding.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/RedirectBinding.java
index 4e548d57..7b8525ce 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/RedirectBinding.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/RedirectBinding.java
@@ -229,8 +229,8 @@ public class RedirectBinding implements IDecoder, IEncoder {
 
   @Override
   public boolean handleDecode(final String action, final HttpServletRequest req) {
-    return ((action.equals(PvpConstants.REDIRECT) || action.equals(PvpConstants.SINGLELOGOUT))
-        && req.getMethod().equals("GET"));
+    return action.equals(PvpConstants.REDIRECT) || action.equals(PvpConstants.SINGLELOGOUT)
+        && req.getMethod().equals("GET");
   }
 
   @Override
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/SoapBinding.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/SoapBinding.java
index 79a88487..2e19f259 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/SoapBinding.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/SoapBinding.java
@@ -126,8 +126,8 @@ public class SoapBinding implements IDecoder, IEncoder {
 
   @Override
   public boolean handleDecode(final String action, final HttpServletRequest req) {
-    return (req.getMethod().equals("POST")
-        && (action.equals(PvpConstants.SOAP) || action.equals(PvpConstants.ATTRIBUTEQUERY)));
+    return req.getMethod().equals("POST")
+        && action.equals(PvpConstants.SOAP) || action.equals(PvpConstants.ATTRIBUTEQUERY);
   }
 
   @Override
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/message/InboundMessage.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/message/InboundMessage.java
index 107a856e..c21524dd 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/message/InboundMessage.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/message/InboundMessage.java
@@ -19,7 +19,13 @@
 
 package at.gv.egiz.eaaf.modules.pvp2.impl.message;
 
+import java.io.IOException;
 import java.io.Serializable;
+
+import javax.xml.parsers.ParserConfigurationException;
+import javax.xml.transform.TransformerException;
+
+import at.gv.egiz.eaaf.core.impl.utils.DomUtils;
 import at.gv.egiz.eaaf.modules.pvp2.api.message.InboundMessageInterface;
 import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvpMetadataProvider;
 import at.gv.egiz.eaaf.modules.pvp2.exception.NoMetadataInformationException;
@@ -28,17 +34,20 @@ import org.opensaml.saml2.metadata.provider.MetadataProviderException;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.w3c.dom.Element;
+import org.xml.sax.SAXException;
 
 public class InboundMessage implements InboundMessageInterface, Serializable {
   private static final Logger log = LoggerFactory.getLogger(InboundMessage.class);
 
   private static final long serialVersionUID = 2395131650841669663L;
 
-  private Element samlMessage = null;
+  private transient Element samlMessage = null;
   private boolean verified = false;
   private String entityID = null;
   private String relayState = null;
 
+  private String serializedSamlMessage;
+
   /**
    * Get SAML2 metadata for Entity that sends this request.
    *
@@ -90,6 +99,13 @@ public class InboundMessage implements InboundMessageInterface, Serializable {
    */
   public void setSamlMessage(final Element msg) {
     this.samlMessage = msg;
+    try {
+		this.serializedSamlMessage = DomUtils.serializeNode(msg);
+		
+	} catch (TransformerException | IOException e) {
+		log.warn("Can not serialize message",e );
+	
+	}
   }
 
   /*
@@ -129,7 +145,20 @@ public class InboundMessage implements InboundMessageInterface, Serializable {
    */
   @Override
   public Element getInboundMessage() {
-    return samlMessage;
+	if (this.samlMessage != null) {
+		return samlMessage;
+		
+	} else {
+		try {
+			return (Element) DomUtils.parseDocument(serializedSamlMessage, false, null, null);
+			
+		} catch (SAXException | IOException | ParserConfigurationException e) {
+			throw new RuntimeException(e);
+			
+		}
+		
+	}
+			
   }
 
 }
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata/AbstractChainingMetadataProvider.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata/AbstractChainingMetadataProvider.java
index ec81353a..8a6105bc 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata/AbstractChainingMetadataProvider.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata/AbstractChainingMetadataProvider.java
@@ -401,7 +401,7 @@ public abstract class AbstractChainingMetadataProvider extends SimpleMetadataPro
 
 
   protected void emitChangeEvent() {
-    if ((getObservers() == null) || (getObservers().size() == 0)) {
+    if (getObservers() == null || getObservers().size() == 0) {
       return;
     }
 
@@ -463,13 +463,12 @@ public abstract class AbstractChainingMetadataProvider extends SimpleMetadataPro
         while (metadataUrlInterator.hasNext()) {
           final String metadataurl = metadataUrlInterator.next();
           try {
-            if (StringUtils.isNotEmpty(metadataurl)) {
-              if (loadedproviders.containsKey(metadataurl)) {
-                // SAML2 SP is actually loaded, to nothing
-                providersinuse.put(metadataurl, loadedproviders.get(metadataurl));
-                loadedproviders.remove(metadataurl);
+            if (StringUtils.isNotEmpty(metadataurl)
+            	&& loadedproviders.containsKey(metadataurl)) {
+              // SAML2 SP is actually loaded, to nothing
+              providersinuse.put(metadataurl, loadedproviders.get(metadataurl));
+              loadedproviders.remove(metadataurl);
 
-              }
             }
           } catch (final Throwable e) {
             log.error("Failed to add Metadata (unhandled reason: " + e.getMessage(), e);
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/KeyStoreX509CredentialAdapter.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/EaafKeyStoreX509CredentialAdapter.java
index d84b407f..a6d2508d 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/KeyStoreX509CredentialAdapter.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/EaafKeyStoreX509CredentialAdapter.java
@@ -29,7 +29,7 @@ import org.opensaml.xml.security.x509.X509Credential;
  * @author tlenz
  *
  */
-public class KeyStoreX509CredentialAdapter
+public class EaafKeyStoreX509CredentialAdapter
     extends org.opensaml.xml.security.x509.KeyStoreX509CredentialAdapter {
 
   /**
@@ -39,7 +39,7 @@ public class KeyStoreX509CredentialAdapter
    * @param alias Key alias
    * @param password key Password
    */
-  public KeyStoreX509CredentialAdapter(final KeyStore store, final String alias,
+  public EaafKeyStoreX509CredentialAdapter(final KeyStore store, final String alias,
       final char[] password) {
     super(store, alias, password);
   }
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/HttpPostEncoderWithOwnTemplate.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/HttpPostEncoderWithOwnTemplate.java
index 860eec64..957def02 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/HttpPostEncoderWithOwnTemplate.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/HttpPostEncoderWithOwnTemplate.java
@@ -101,7 +101,7 @@ public class HttpPostEncoderWithOwnTemplate extends HTTPPostEncoder {
       // evaluate template and write content to response
       final Writer out = new OutputStreamWriter(outTransport.getOutgoingStream(), "UTF-8");
       velocityEngine.evaluate(context, out, "SAML2_POST_BINDING",
-          new BufferedReader(new InputStreamReader(is)));
+          new BufferedReader(new InputStreamReader(is, "UTF-8")));
       out.flush();
 
     } catch (final Exception e) {
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/utils/AbstractCredentialProvider.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/utils/AbstractCredentialProvider.java
index ea361f11..ec4009f0 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/utils/AbstractCredentialProvider.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/utils/AbstractCredentialProvider.java
@@ -26,7 +26,7 @@ import java.security.interfaces.RSAPrivateKey;
 import at.gv.egiz.eaaf.core.exceptions.EaafException;
 import at.gv.egiz.eaaf.core.impl.utils.KeyStoreUtils;
 import at.gv.egiz.eaaf.modules.pvp2.exception.CredentialsNotAvailableException;
-import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.KeyStoreX509CredentialAdapter;
+import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.EaafKeyStoreX509CredentialAdapter;
 import org.apache.commons.lang3.StringUtils;
 import org.opensaml.xml.security.credential.Credential;
 import org.opensaml.xml.security.credential.UsageType;
@@ -120,7 +120,7 @@ public abstract class AbstractCredentialProvider {
         keyStore = KeyStoreUtils.loadKeyStore(getKeyStoreFilePath(), getKeyStorePassword());
       }
 
-      final KeyStoreX509CredentialAdapter credentials = new KeyStoreX509CredentialAdapter(keyStore,
+      final EaafKeyStoreX509CredentialAdapter credentials = new EaafKeyStoreX509CredentialAdapter(keyStore,
           getMetadataKeyAlias(), getMetadataKeyPassword().toCharArray());
 
       credentials.setUsageType(UsageType.SIGNING);
@@ -152,7 +152,7 @@ public abstract class AbstractCredentialProvider {
         keyStore = KeyStoreUtils.loadKeyStore(getKeyStoreFilePath(), getKeyStorePassword());
       }
 
-      final KeyStoreX509CredentialAdapter credentials = new KeyStoreX509CredentialAdapter(keyStore,
+      final EaafKeyStoreX509CredentialAdapter credentials = new EaafKeyStoreX509CredentialAdapter(keyStore,
           getSignatureKeyAlias(), getSignatureKeyPassword().toCharArray());
 
       credentials.setUsageType(UsageType.SIGNING);
@@ -191,7 +191,7 @@ public abstract class AbstractCredentialProvider {
         return null;
       }
 
-      final KeyStoreX509CredentialAdapter credentials = new KeyStoreX509CredentialAdapter(keyStore,
+      final EaafKeyStoreX509CredentialAdapter credentials = new EaafKeyStoreX509CredentialAdapter(keyStore,
           getEncryptionKeyAlias(), getEncryptionKeyPassword().toCharArray());
 
       credentials.setUsageType(UsageType.ENCRYPTION);
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/utils/Saml2Utils.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/utils/Saml2Utils.java
index 1c7a9652..8bcc3e74 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/utils/Saml2Utils.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/utils/Saml2Utils.java
@@ -20,7 +20,6 @@
 package at.gv.egiz.eaaf.modules.pvp2.impl.utils;
 
 import java.io.IOException;
-import java.security.NoSuchAlgorithmException;
 import java.util.List;
 import javax.xml.namespace.QName;
 import javax.xml.parsers.DocumentBuilder;
@@ -34,7 +33,6 @@ import at.gv.egiz.eaaf.core.impl.utils.Random;
 import at.gv.egiz.eaaf.modules.pvp2.PvpConstants;
 import at.gv.egiz.eaaf.modules.pvp2.api.reqattr.EaafRequestedAttribute;
 import org.apache.commons.lang3.StringUtils;
-import org.opensaml.common.impl.SecureRandomIdentifierGenerator;
 import org.opensaml.common.xml.SAMLSchemaBuilder;
 import org.opensaml.saml2.core.Attribute;
 import org.opensaml.saml2.core.Status;
@@ -56,8 +54,6 @@ import org.w3c.dom.Document;
 public class Saml2Utils {
   private static final Logger log = LoggerFactory.getLogger(Saml2Utils.class);
 
-  private static SecureRandomIdentifierGenerator idGenerator;
-
   private static DocumentBuilder builder;
 
   static {
@@ -70,15 +66,7 @@ public class Saml2Utils {
     } catch (final ParserConfigurationException e) {
       // TODO Auto-generated catch block
       e.printStackTrace();
-    }
-
-    try {
-      idGenerator = new SecureRandomIdentifierGenerator();
-
-    } catch (final NoSuchAlgorithmException e) {
-      e.printStackTrace();
-
-    }
+    }   
   }
 
   /**
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/PvpAuthRequestSignedRole.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/PvpAuthRequestSignedRole.java
index 4eb711f9..8f042ae2 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/PvpAuthRequestSignedRole.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/PvpAuthRequestSignedRole.java
@@ -46,8 +46,8 @@ public class PvpAuthRequestSignedRole extends SAML2AuthnRequestsSignedRule {
     final List<String> samlReqParam = inTransport.getParameterValues("SAMLRequest");
     final List<String> samlRespParam = inTransport.getParameterValues("SAMLResponse");
     final boolean isValidContent =
-        ((samlReqParam.size() == 1 && !DatatypeHelper.isEmpty(samlReqParam.get(0)))
-            || (samlRespParam.size() == 1 && !DatatypeHelper.isEmpty(samlRespParam.get(0))))
+        (samlReqParam.size() == 1 && !DatatypeHelper.isEmpty(samlReqParam.get(0))
+            || samlRespParam.size() == 1 && !DatatypeHelper.isEmpty(samlRespParam.get(0)))
             && !(samlReqParam.size() == 1 && samlRespParam.size() == 1);
 
     return isValidSigned && isValidSigAlgExists && isValidContent;
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/SamlVerificationEngine.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/SamlVerificationEngine.java
index 64eb5247..024c35d8 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/SamlVerificationEngine.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/SamlVerificationEngine.java
@@ -23,6 +23,8 @@ import javax.xml.namespace.QName;
 import javax.xml.transform.dom.DOMSource;
 import javax.xml.validation.Schema;
 import javax.xml.validation.Validator;
+
+import at.gv.egiz.eaaf.core.exceptions.EaafProtocolException;
 import at.gv.egiz.eaaf.core.exceptions.InvalidProtocolRequestException;
 import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvpMetadataProvider;
 import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IRefreshableMetadataProvider;
@@ -73,10 +75,15 @@ public class SamlVerificationEngine {
     try {
       if (msg instanceof PvpSProfileRequest
           && ((PvpSProfileRequest) msg).getSamlRequest() instanceof RequestAbstractType) {
-        verifyRequest(((RequestAbstractType) ((PvpSProfileRequest) msg).getSamlRequest()),
+        verifyRequest((RequestAbstractType) ((PvpSProfileRequest) msg).getSamlRequest(),
             sigTrustEngine);
-      } else {
+      } else if (msg instanceof PvpSProfileResponse){
         verifyIdpResponse(((PvpSProfileResponse) msg).getResponse(), sigTrustEngine);
+        
+      } else {
+    	  log.warn("SAML2 message type: {} not supported", msg.getClass().getName());
+    	  throw new EaafProtocolException("9999", null);
+    	  
       }
 
     } catch (final InvalidProtocolRequestException e) {
@@ -96,7 +103,7 @@ public class SamlVerificationEngine {
 
         if (msg instanceof PvpSProfileRequest
             && ((PvpSProfileRequest) msg).getSamlRequest() instanceof RequestAbstractType) {
-          verifyRequest(((RequestAbstractType) ((PvpSProfileRequest) msg).getSamlRequest()),
+          verifyRequest((RequestAbstractType) ((PvpSProfileRequest) msg).getSamlRequest(),
               sigTrustEngine);
         } else {
           verifyIdpResponse(((PvpSProfileResponse) msg).getResponse(), sigTrustEngine);
author	Thomas <thomas.lenz@egiz.gv.at>	2019-12-04 22:54:51 +0100
committer	Thomas <thomas.lenz@egiz.gv.at>	2019-12-04 22:54:51 +0100
commit	95b21a826e5d81fdeabcf4673a9e87047edaec9d (patch)
tree	d8d55da492dd86041c31d68651afa21c80313362 /eaaf_modules/eaaf_module_pvp2_core/src/main
parent	759ac5f42c6aff901dbeede4fbf1a1d2e08cad0f (diff)
download	EAAF-Components-95b21a826e5d81fdeabcf4673a9e87047edaec9d.tar.gz EAAF-Components-95b21a826e5d81fdeabcf4673a9e87047edaec9d.tar.bz2 EAAF-Components-95b21a826e5d81fdeabcf4673a9e87047edaec9d.zip