chore(SAML2): update implementation to remove usage of deprecated openSAML4.x API

8 files changed, 37 insertions, 37 deletions

diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/metadata/IPvpMetadataBuilderConfiguration.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/metadata/IPvpMetadataBuilderConfiguration.java
index 3d9125fe..6e718385 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/metadata/IPvpMetadataBuilderConfiguration.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/metadata/IPvpMetadataBuilderConfiguration.java
@@ -22,15 +22,15 @@ package at.gv.egiz.eaaf.modules.pvp2.api.metadata;
 import java.util.Collection;
 import java.util.List;
 
-import at.gv.egiz.eaaf.modules.pvp2.api.credential.EaafX509Credential;
-import at.gv.egiz.eaaf.modules.pvp2.exception.CredentialsNotAvailableException;
-
 import org.opensaml.saml.saml2.core.Attribute;
 import org.opensaml.saml.saml2.metadata.ContactPerson;
 import org.opensaml.saml.saml2.metadata.Organization;
 import org.opensaml.saml.saml2.metadata.RequestedAttribute;
 import org.opensaml.security.credential.Credential;
 
+import at.gv.egiz.eaaf.modules.pvp2.api.credential.EaafX509Credential;
+import at.gv.egiz.eaaf.modules.pvp2.exception.CredentialsNotAvailableException;
+
 /**
  * PVP Metadata builder configuration.
  *
@@ -43,7 +43,7 @@ public interface IPvpMetadataBuilderConfiguration {
    * Defines a unique name for this PVP Service-provider, which is used for
    * logging.
    *
-   * @return
+   * @return Name of this SAML2 SP
    */
   String getSpNameForLogging();
 
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/PvpMetadataBuilder.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/PvpMetadataBuilder.java
index 05a7360b..da3db0a8 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/PvpMetadataBuilder.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/PvpMetadataBuilder.java
@@ -237,7 +237,7 @@ public class PvpMetadataBuilder {
     } else {
       for (final String format : config.getSpAllowedNameIdTypes()) {
         final NameIDFormat nameIdFormat = Saml2Utils.createSamlObject(NameIDFormat.class);
-        nameIdFormat.setFormat(format);
+        nameIdFormat.setURI(format);
         spSsoDescriptor.getNameIDFormats().add(nameIdFormat);
 
       }
@@ -424,7 +424,7 @@ public class PvpMetadataBuilder {
     // set providable nameID formats
     for (final String format : config.getIdpPossibleNameIdTypes()) {
       final NameIDFormat nameIdFormat = Saml2Utils.createSamlObject(NameIDFormat.class);
-      nameIdFormat.setFormat(format);
+      nameIdFormat.setURI(format);
       idpSsoDescriptor.getNameIDFormats().add(nameIdFormat);
 
     }
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/SamlVerificationEngine.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/SamlVerificationEngine.java
index 2257eba9..60800eb2 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/SamlVerificationEngine.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/SamlVerificationEngine.java
@@ -325,7 +325,7 @@ public class SamlVerificationEngine {
         } else {
           for (final AudienceRestriction el : audienceRest) {
             for (final Audience audience : el.getAudiences()) {
-              if (!urlCompare(spEntityId, audience.getAudienceURI())) {
+              if (!urlCompare(spEntityId, audience.getURI())) {
                 log.info("Assertion with ID:{} 'AudienceRestriction' is not valid.",
                     saml2assertion.getID());
                 isAssertionValid = false;
@@ -520,7 +520,7 @@ public class SamlVerificationEngine {
               samlResp.getIssuer().getValue(),
               samlResp.getStatus().getStatusCode().getValue(),
               samlResp.getStatus().getStatusMessage() != null
-                ? samlResp.getStatus().getStatusMessage().getMessage()
+                ? samlResp.getStatus().getStatusMessage().getValue()
                     : " no status message" });
 
     }
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/CredentialProviderTest.java b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/CredentialProviderTest.java
index c784e392..b44d70e3 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/CredentialProviderTest.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/CredentialProviderTest.java
@@ -3,16 +3,6 @@ package at.gv.egiz.eaaf.modules.pvp2.test;
 import java.security.cert.X509Certificate;
 import java.util.List;
 
-import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException;
-import at.gv.egiz.eaaf.core.exceptions.EaafFactoryException;
-import at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreFactory;
-import at.gv.egiz.eaaf.core.impl.credential.KeyStoreConfiguration;
-import at.gv.egiz.eaaf.core.impl.idp.module.test.DummyAuthConfigMap;
-import at.gv.egiz.eaaf.modules.pvp2.PvpConstants;
-import at.gv.egiz.eaaf.modules.pvp2.api.credential.EaafX509Credential;
-import at.gv.egiz.eaaf.modules.pvp2.exception.CredentialsNotAvailableException;
-import at.gv.egiz.eaaf.modules.pvp2.test.dummy.DummyCredentialProvider;
-
 import org.apache.commons.lang3.RandomStringUtils;
 import org.apache.xml.security.algorithms.JCEMapper;
 import org.junit.Assert;
@@ -26,13 +16,23 @@ import org.springframework.test.annotation.DirtiesContext;
 import org.springframework.test.context.ContextConfiguration;
 import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
 
+import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException;
+import at.gv.egiz.eaaf.core.exceptions.EaafFactoryException;
+import at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreFactory;
+import at.gv.egiz.eaaf.core.impl.credential.KeyStoreConfiguration;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.DummyAuthConfigMap;
+import at.gv.egiz.eaaf.modules.pvp2.PvpConstants;
+import at.gv.egiz.eaaf.modules.pvp2.api.credential.EaafX509Credential;
+import at.gv.egiz.eaaf.modules.pvp2.exception.CredentialsNotAvailableException;
+import at.gv.egiz.eaaf.modules.pvp2.test.dummy.DummyCredentialProvider;
+
 
 @RunWith(SpringJUnit4ClassRunner.class)
 @ContextConfiguration({
     "/spring/test_eaaf_core_map_config.beans.xml",
     "/spring/SpringTest-context_lazy.xml",
     "/spring/eaaf_utils.beans.xml"
-  })
+    })
 public class CredentialProviderTest {
 
   private static final String HSM_FACASE_HOST = "eid.a-sit.at";
diff --git a/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/AbstractPvp2XProtocol.java b/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/AbstractPvp2XProtocol.java
index 63c8c99a..a2611165 100644
--- a/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/AbstractPvp2XProtocol.java
+++ b/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/AbstractPvp2XProtocol.java
@@ -134,11 +134,11 @@ public abstract class AbstractPvp2XProtocol extends AbstractController implement
 
     if (e instanceof NoPassivAuthenticationException) {
       statusCode.setValue(StatusCode.NO_PASSIVE);
-      statusMessage.setMessage(StringEscapeUtils.escapeXml11(e.getLocalizedMessage()));
+      statusMessage.setValue(StringEscapeUtils.escapeXml11(e.getLocalizedMessage()));
 
     } else if (e instanceof NameIdFormatNotSupportedException) {
       statusCode.setValue(StatusCode.INVALID_NAMEID_POLICY);
-      statusMessage.setMessage(StringEscapeUtils.escapeXml11(e.getLocalizedMessage()));
+      statusMessage.setValue(StringEscapeUtils.escapeXml11(e.getLocalizedMessage()));
 
     } else if (e instanceof SloException) {
       // SLOExecpetions only occurs if session information is lost
@@ -149,7 +149,7 @@ public abstract class AbstractPvp2XProtocol extends AbstractController implement
       statusCode.setValue(ex.getStatusCodeValue());
       final String statusMessageValue = ex.getStatusMessageValue();
       if (statusMessageValue != null) {
-        statusMessage.setMessage(StringEscapeUtils.escapeXml11(statusMessageValue));
+        statusMessage.setValue(StringEscapeUtils.escapeXml11(statusMessageValue));
         
       }
       
@@ -157,7 +157,7 @@ public abstract class AbstractPvp2XProtocol extends AbstractController implement
 
     } else {
       statusCode.setValue(StatusCode.RESPONDER);
-      statusMessage.setMessage(StringEscapeUtils.escapeXml11(e.getLocalizedMessage()));
+      statusMessage.setValue(StringEscapeUtils.escapeXml11(e.getLocalizedMessage()));
       internalErrorCode = statusMessager.getResponseErrorCode(e);
       
     }
@@ -172,7 +172,7 @@ public abstract class AbstractPvp2XProtocol extends AbstractController implement
     }
 
     //set status-message if availabe    
-    if (statusMessage.getMessage() != null) {
+    if (statusMessage.getValue() != null) {
       status.setStatusMessage(statusMessage);
       
     }    
diff --git a/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/builder/Pvp2AssertionBuilder.java b/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/builder/Pvp2AssertionBuilder.java
index 21912592..88ff2206 100644
--- a/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/builder/Pvp2AssertionBuilder.java
+++ b/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/builder/Pvp2AssertionBuilder.java
@@ -107,7 +107,7 @@ public class Pvp2AssertionBuilder implements PvpConstants {
 
     final AuthnContextClassRef authnContextClassRef =
         Saml2Utils.createSamlObject(AuthnContextClassRef.class);
-    authnContextClassRef.setAuthnContextClassRef(qaaLevel);
+    authnContextClassRef.setURI(qaaLevel);
 
     final NameID subjectNameID = Saml2Utils.createSamlObject(NameID.class);
     subjectNameID.setFormat(attrQuery.getSubject().getNameID().getFormat());
@@ -151,7 +151,7 @@ public class Pvp2AssertionBuilder implements PvpConstants {
     // check if authn. request contains LoA
     final RequestedAuthnContext reqAuthnContext = authnRequest.getRequestedAuthnContext();
     if (reqAuthnContext == null) {
-      authnContextClassRef.setAuthnContextClassRef(authData.getEidasQaaLevel());
+      authnContextClassRef.setURI(authData.getEidasQaaLevel());
 
     } else {
       // authn. request requests LoA levels. To LoA validation
@@ -169,12 +169,12 @@ public class Pvp2AssertionBuilder implements PvpConstants {
       if (reqAuthnContextClassRefIt.size() == 0) {
         QaaLevelVerifier.verifyQaaLevel(authData.getEidasQaaLevel(), oaParam.getRequiredLoA(),
             loaMatchingMode);
-        authnContextClassRef.setAuthnContextClassRef(authData.getEidasQaaLevel());
+        authnContextClassRef.setURI(authData.getEidasQaaLevel());
 
       } else {
         final List<String> eidasLoaFromRequest = new ArrayList<>();
         for (final AuthnContextClassRef authnClassRef : reqAuthnContextClassRefIt) {
-          final String qaa_uri = authnClassRef.getAuthnContextClassRef();
+          final String qaa_uri = authnClassRef.getURI();
 
           if (!qaa_uri.trim().startsWith(EaafConstants.EIDAS_LOA_PREFIX)) {
             if (loaLevelMapper != null) {
@@ -202,7 +202,7 @@ public class Pvp2AssertionBuilder implements PvpConstants {
         // verifiy LoAs from request to authentication LoA
         QaaLevelVerifier.verifyQaaLevel(authData.getEidasQaaLevel(), eidasLoaFromRequest,
             loaMatchingMode);
-        authnContextClassRef.setAuthnContextClassRef(authData.getEidasQaaLevel());
+        authnContextClassRef.setURI(authData.getEidasQaaLevel());
 
       }
     }
@@ -309,12 +309,12 @@ public class Pvp2AssertionBuilder implements PvpConstants {
       if (metadataNameIdFormats != null) {
 
         for (final NameIDFormat el : metadataNameIdFormats) {
-          if (NameIDType.PERSISTENT.equals(el.getFormat())) {
+          if (NameIDType.PERSISTENT.equals(el.getURI())) {
             nameIdFormat = NameIDType.PERSISTENT;
             break;
 
-          } else if (NameIDType.TRANSIENT.equals(el.getFormat())
-              || NameIDType.UNSPECIFIED.equals(el.getFormat())) {
+          } else if (NameIDType.TRANSIENT.equals(el.getURI())
+              || NameIDType.UNSPECIFIED.equals(el.getURI())) {
             break;
           }
 
@@ -442,7 +442,7 @@ public class Pvp2AssertionBuilder implements PvpConstants {
         Saml2Utils.createSamlObject(AudienceRestriction.class);
     final Audience audience = Saml2Utils.createSamlObject(Audience.class);
 
-    audience.setAudienceURI(entityID);
+    audience.setURI(entityID);
     audienceRestriction.getAudiences().add(audience);
     conditions.setNotBefore(date);
     conditions.setNotOnOrAfter(isValidTo);
diff --git a/eaaf_modules/eaaf_module_pvp2_sp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/sp/impl/PvpAuthnRequestBuilder.java b/eaaf_modules/eaaf_module_pvp2_sp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/sp/impl/PvpAuthnRequestBuilder.java
index c48a0fd4..bac90451 100644
--- a/eaaf_modules/eaaf_module_pvp2_sp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/sp/impl/PvpAuthnRequestBuilder.java
+++ b/eaaf_modules/eaaf_module_pvp2_sp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/sp/impl/PvpAuthnRequestBuilder.java
@@ -185,7 +185,7 @@ public class PvpAuthnRequestBuilder {
       final AuthnContextClassRef authnClassRef =
           Saml2Utils.createSamlObject(AuthnContextClassRef.class);
 
-      authnClassRef.setAuthnContextClassRef(config.getAuthnContextClassRef());
+      authnClassRef.setURI(config.getAuthnContextClassRef());
 
       if (config.getAuthnContextComparison() == null) {
         reqAuthContext.setComparison(AuthnContextComparisonTypeEnumeration.MINIMUM);
@@ -244,7 +244,7 @@ public class PvpAuthnRequestBuilder {
     if (StringUtils.isNotEmpty(config.getScopeRequesterId())) {
       final Scoping scope = Saml2Utils.createSamlObject(Scoping.class);
       final RequesterID requesterId = Saml2Utils.createSamlObject(RequesterID.class);
-      requesterId.setRequesterID(config.getScopeRequesterId());
+      requesterId.setURI(config.getScopeRequesterId());
       scope.getRequesterIDs().add(requesterId);
       authReq.setScoping(scope);
 
diff --git a/eaaf_modules/eaaf_module_pvp2_sp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/sp/impl/utils/AssertionAttributeExtractor.java b/eaaf_modules/eaaf_module_pvp2_sp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/sp/impl/utils/AssertionAttributeExtractor.java
index d59012a5..f87096fb 100644
--- a/eaaf_modules/eaaf_module_pvp2_sp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/sp/impl/utils/AssertionAttributeExtractor.java
+++ b/eaaf_modules/eaaf_module_pvp2_sp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/sp/impl/utils/AssertionAttributeExtractor.java
@@ -265,8 +265,8 @@ public class AssertionAttributeExtractor {
         && authn.getAuthnContext().getAuthnContextClassRef() != null) {
       final AuthnContextClassRef qaaClass = authn.getAuthnContext().getAuthnContextClassRef();
 
-      if (StringUtils.isNotEmpty(qaaClass.getAuthnContextClassRef())) {
-        return qaaClass.getAuthnContextClassRef();
+      if (StringUtils.isNotEmpty(qaaClass.getURI())) {
+        return qaaClass.getURI();
       } else {
         throw new AssertionAttributeExtractorExeption("AuthnContextClassRef (QAALevel)");
       }