diff options
87 files changed, 940 insertions, 808 deletions
diff --git a/checks/egiz_pmd_checks.xml b/checks/egiz_pmd_checks.xml index 51b3956b..08832c6e 100644 --- a/checks/egiz_pmd_checks.xml +++ b/checks/egiz_pmd_checks.xml @@ -32,7 +32,7 @@ under the License. [0] https://pmd.github.io/latest/pmd_userdocs_making_rulesets.html </description> - <rule ref="category/java/bestpractices.xml/AvoidUsingHardCodedIP" /> + <!--rule ref="category/java/bestpractices.xml/AvoidUsingHardCodedIP" /--> <rule ref="category/java/bestpractices.xml/CheckResultSet" /> <rule ref="category/java/bestpractices.xml/UnusedImports" /> <rule ref="category/java/bestpractices.xml/UnusedFormalParameter" /> diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/api/gui/IVelocityGuiFormBuilder.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/api/gui/IVelocityGuiFormBuilder.java index e06140bf..5a7ce49d 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/api/gui/IVelocityGuiFormBuilder.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/api/gui/IVelocityGuiFormBuilder.java @@ -15,7 +15,7 @@ public interface IVelocityGuiFormBuilder extends IGuiFormBuilder { * @param config GUI builder configuration * @return */ - public VelocityContext generateVelocityContextFromConfiguration( + VelocityContext generateVelocityContextFromConfiguration( IVelocityGuiBuilderConfiguration config); @@ -27,7 +27,7 @@ public interface IVelocityGuiFormBuilder extends IGuiFormBuilder { * invoking method * @throws GuiBuildException In case of an error */ - public InputStream getTemplateInputStream(IVelocityGuiBuilderConfiguration config) + InputStream getTemplateInputStream(IVelocityGuiBuilderConfiguration config) throws GuiBuildException; diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/AuthenticationData.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/AuthenticationData.java index a02498b7..1c1de7c8 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/AuthenticationData.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/AuthenticationData.java @@ -497,15 +497,12 @@ public class AuthenticationData implements IAuthData, Serializable { } - if (object != null) { - if (!Serializable.class.isInstance(object)) { - log.warn( - "Generic data can only store objects which implements the 'Seralizable' interface"); - throw new EaafStorageException( - "Generic data can only store objects which implements the 'Seralizable' interface", - null); - - } + if (object != null && !Serializable.class.isInstance(object)) { + log.warn( + "Generic data can only store objects which implements the 'Seralizable' interface"); + throw new EaafStorageException( + "Generic data can only store objects which implements the 'Seralizable' interface", + null); } if (genericDataStorate.containsKey(key)) { diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/AbstractAuthenticationManager.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/AbstractAuthenticationManager.java index 7a967d3f..241b43c9 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/AbstractAuthenticationManager.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/AbstractAuthenticationManager.java @@ -161,12 +161,12 @@ public abstract class AbstractAuthenticationManager implements IAuthenticationMa // force new authentication authentication process if (pendingReq.forceAuth()) { - startAuthenticationProcess(httpReq, httpResp, (RequestImpl) pendingReq); + startAuthenticationProcess(httpReq, (RequestImpl) pendingReq); return false; // perform SSO-Consents evaluation if it it required } else if (isValidSsoSession && pendingReq.isNeedUserConsent()) { - sendSingleSignOnConsentsEvaluation(httpReq, httpResp, (RequestImpl) pendingReq); + sendSingleSignOnConsentsEvaluation((RequestImpl) pendingReq); return false; @@ -193,7 +193,7 @@ public abstract class AbstractAuthenticationManager implements IAuthenticationMa } else { // Start authentication! - startAuthenticationProcess(httpReq, httpResp, (RequestImpl) pendingReq); + startAuthenticationProcess(httpReq, (RequestImpl) pendingReq); return false; } @@ -230,14 +230,13 @@ public abstract class AbstractAuthenticationManager implements IAuthenticationMa * Populate process execution context and start process engine. * * @param httpReq http request - * @param httpResp http response * @param pendingReq current pending request * @throws ServletException In case of a servlet error * @throws IOException In case of an IO error * @throws EaafException In case of EAAF processing error */ private void startAuthenticationProcess(final HttpServletRequest httpReq, - final HttpServletResponse httpResp, final RequestImpl pendingReq) throws EaafException { + final RequestImpl pendingReq) throws EaafException { log.info("Starting authentication ..."); revisionsLogger.logEvent(pendingReq, EVENT_AUTHENTICATION_PROCESS_STARTED); @@ -253,9 +252,9 @@ public abstract class AbstractAuthenticationManager implements IAuthenticationMa if (httpReq.getAttribute("javax.servlet.request.X509Certificate") != null) { log.debug("Find SSL-client-certificate on request --> Add it to context"); executionContext.put(EAAFConstants.PROCESS_ENGINE_SSL_CLIENT_CERTIFICATE, - ((X509Certificate[]) httpReq.getAttribute("javax.servlet.request.X509Certificate"))); + (X509Certificate[]) httpReq.getAttribute("javax.servlet.request.X509Certificate")); pendingReq.setRawDataToTransaction(EAAFConstants.PROCESS_ENGINE_SSL_CLIENT_CERTIFICATE, - (httpReq.getAttribute("javax.servlet.request.X509Certificate"))); + httpReq.getAttribute("javax.servlet.request.X509Certificate")); } @@ -313,15 +312,12 @@ public abstract class AbstractAuthenticationManager implements IAuthenticationMa /** * Starting a user consent evaluation. * - * @param request http request - * @param response http response * @param pendingReq current pending request * @throws ServletException In case of a servlet error * @throws IOException In case of an IO error * @throws EaafException In case of a EAAF processing error */ - private void sendSingleSignOnConsentsEvaluation(final HttpServletRequest request, - final HttpServletResponse response, final RequestImpl pendingReq) throws EaafException { + private void sendSingleSignOnConsentsEvaluation(final RequestImpl pendingReq) throws EaafException { log.debug("Starting SSO user-consents evaluation ..."); diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/builder/AbstractAuthenticationDataBuilder.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/builder/AbstractAuthenticationDataBuilder.java index 491fdf4a..b12658f5 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/builder/AbstractAuthenticationDataBuilder.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/builder/AbstractAuthenticationDataBuilder.java @@ -190,17 +190,17 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati // #################################################### // set QAA level - setQaaLevel(internalAuthData, authProcessData, pendingReq); + setQaaLevel(internalAuthData, authProcessData); // #################################################### // set isForeigner flag - setFlagForeigner(internalAuthData, authProcessData, pendingReq); + setFlagForeigner(internalAuthData, authProcessData); // #################################################### // set citizen country-code - setCitizenCountryCode(internalAuthData, authProcessData, pendingReq); + setCitizenCountryCode(internalAuthData, authProcessData); // set generic authProcessData to authdata @@ -228,10 +228,9 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati * * @param authData Current authentication data * @param authProcessData Authentication information holder from current pending request - * @param pendingReq Current pending request */ private void setCitizenCountryCode(final AuthenticationData authData, - final IAuthProcessDataContainer authProcessData, final IRequest pendingReq) { + final IAuthProcessDataContainer authProcessData) { includedToGenericAuthData.remove(PVPAttributeDefinitions.EID_ISSUING_NATION_NAME); final String pvpCccAttr = authProcessData .getGenericDataFromSession(PVPAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class); @@ -241,7 +240,8 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati } else { if (authData.isForeigner()) { - // TODO!!!! + //TODO: + log.warn("Foreign citizen country NOT set yet!"); } else { authData.setCiticenCountryCode(basicConfig.getBasicConfiguration( @@ -261,8 +261,7 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati * @param pendingReq current pending request */ private void setQaaLevel(@NonNull final AuthenticationData authData, - @NonNull final IAuthProcessDataContainer authProcessData, - @NonNull final IRequest pendingReq) { + @NonNull final IAuthProcessDataContainer authProcessData) { includedToGenericAuthData.remove(PVPAttributeDefinitions.EID_CITIZEN_EIDAS_QAA_LEVEL_NAME); String currentLoA = null; if (StringUtils.isNotEmpty(authProcessData.getQAALevel())) { @@ -295,7 +294,7 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati private void setFlagForeigner(final AuthenticationData authData, - final IAuthProcessDataContainer authProcessData, final IRequest pendingReq) { + final IAuthProcessDataContainer authProcessData) { // TODO: change to new eIDAS-token attribute identifier if (authProcessData .getGenericDataFromSession(PVPAttributeDefinitions.EID_STORK_TOKEN_NAME) != null) { @@ -424,17 +423,17 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati // #################################################### // set QAA level - setQaaLevel(authData, authProcessData, pendingReq); + setQaaLevel(authData, authProcessData); // #################################################### // set isForeigner flag - setFlagForeigner(authData, authProcessData, pendingReq); + setFlagForeigner(authData, authProcessData); // #################################################### // set citizen country-code - setCitizenCountryCode(authData, authProcessData, pendingReq); + setCitizenCountryCode(authData, authProcessData); // #################################################### diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/builder/BpkBuilder.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/builder/BpkBuilder.java index 765a6669..60c08253 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/builder/BpkBuilder.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/builder/BpkBuilder.java @@ -170,8 +170,8 @@ public class BpkBuilder { bpk = baseId; } - if ((StringUtils.isEmpty(bpk) || StringUtils.isEmpty(sourceCountry) - || StringUtils.isEmpty(destinationCountry))) { + if (StringUtils.isEmpty(bpk) || StringUtils.isEmpty(sourceCountry) + || StringUtils.isEmpty(destinationCountry)) { throw new EaafBuilderException("builder.00", new Object[] {"eIDAS-ID", "Unvollständige Parameterangaben: identificationValue=" + bpk + ", Zielland=" @@ -199,7 +199,7 @@ public class BpkBuilder { throws EaafBuilderException { final SimpleDateFormat sdf = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss"); if (target.startsWith(EAAFConstants.URN_PREFIX_CDID)) { - target = target.substring((EAAFConstants.URN_PREFIX_CDID).length()); + target = target.substring(EAAFConstants.URN_PREFIX_CDID.length()); } final String input = diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/modules/ModuleRegistration.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/modules/ModuleRegistration.java index b04b000e..27aeab03 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/modules/ModuleRegistration.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/modules/ModuleRegistration.java @@ -137,7 +137,7 @@ public class ModuleRegistration { Collections.sort(priorizedModules, (thisAuthModule, otherAuthModule) -> { final int thisOrder = thisAuthModule.getPriority(); final int otherOrder = otherAuthModule.getPriority(); - return (thisOrder < otherOrder ? 1 : (thisOrder == otherOrder ? 0 : -1)); + return thisOrder < otherOrder ? 1 : thisOrder == otherOrder ? 0 : -1; }); } diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/BpkAttributeBuilder.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/BpkAttributeBuilder.java index 2908ebdf..56eb5634 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/BpkAttributeBuilder.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/BpkAttributeBuilder.java @@ -81,11 +81,11 @@ public class BpkAttributeBuilder implements IPvpAttributeBuilder { protected String removeBpkTypePrefix(@Nonnull final String type) { Assert.isTrue(type != null, "bPKType is 'NULL'"); if (type.startsWith(EAAFConstants.URN_PREFIX_WBPK)) { - return type.substring((EAAFConstants.URN_PREFIX_WBPK).length()); + return type.substring(EAAFConstants.URN_PREFIX_WBPK.length()); } else if (type.startsWith(EAAFConstants.URN_PREFIX_CDID)) { - return type.substring((EAAFConstants.URN_PREFIX_CDID).length()); + return type.substring(EAAFConstants.URN_PREFIX_CDID.length()); } else if (type.startsWith(EAAFConstants.URN_PREFIX_EIDAS)) { - return type.substring((EAAFConstants.URN_PREFIX_EIDAS).length()); + return type.substring(EAAFConstants.URN_PREFIX_EIDAS.length()); } else { return type; } diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/AbstractController.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/AbstractController.java index 7c42f506..b15dfeba 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/AbstractController.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/AbstractController.java @@ -115,7 +115,6 @@ public abstract class AbstractController { + "(Errorcode=9199" + " | Description=" + StringEscapeUtils.escapeHtml4(StringEscapeUtils.escapeEcmaScript(exception.getMessage())) + ")"); - return; } @@ -134,7 +133,6 @@ public abstract class AbstractController { log.error("Internel Server Error.", exception); resp.setContentType(EAAFConstants.CONTENTTYPE_HTML_UTF8); resp.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); - return; } diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/protocols/RequestImpl.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/protocols/RequestImpl.java index ac0876c4..88dae874 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/protocols/RequestImpl.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/protocols/RequestImpl.java @@ -445,15 +445,12 @@ public abstract class RequestImpl implements IRequest, Serializable { } - if (object != null) { - if (!Serializable.class.isInstance(object)) { - log.warn( - "Generic request-data can only store objects which implements the 'Seralizable' interface"); - throw new EaafStorageException( - "Generic request-data can only store objects which implements the 'Seralizable' interface", - null); - - } + if (object != null && !Serializable.class.isInstance(object)) { + log.warn( + "Generic request-data can only store objects which implements the 'Seralizable' interface"); + throw new EaafStorageException( + "Generic request-data can only store objects which implements the 'Seralizable' interface", + null); } if (genericDataStorage.containsKey(key)) { diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/ProcessEngineImpl.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/ProcessEngineImpl.java index 0c4946af..fefcf331 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/ProcessEngineImpl.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/ProcessEngineImpl.java @@ -366,7 +366,7 @@ public class ProcessEngineImpl implements ProcessEngine { pi.setNextId(t.getTo().getId()); // inspect current task - if (t.getTo() instanceof TaskInfo && (((TaskInfo) t.getTo()).isAsync())) { + if (t.getTo() instanceof TaskInfo && ((TaskInfo) t.getTo()).isAsync()) { // immediately return in case of asynchonous task log.debug("Suspending process instance '{}' for asynchronous task '{}'.", pi.getId(), t.getTo().getId()); diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/utils/DomUtils.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/utils/DomUtils.java index 818523d0..aafea776 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/utils/DomUtils.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/utils/DomUtils.java @@ -412,7 +412,7 @@ public class DomUtils { final String xmlContent = new String(buffer, "UTF-8"); log.debug("SAXException in:\n" + xmlContent); } - throw (e); + throw e; } return parser.getDocument(); @@ -925,10 +925,8 @@ public class DomUtils { final Attr attr = (Attr) n; final Element owner = attr.getOwnerElement(); - if (owner == null) { - if (!isNamespaceDeclaration(attr)) { - return false; - } + if (owner == null && !isNamespaceDeclaration(attr)) { + return false; } if (!nodeSet.contains(owner) && !isNamespaceDeclaration(attr)) { @@ -1054,6 +1052,7 @@ public class DomUtils { } default: { + log.trace("Node type: {} not supported", currentNode.getNodeType()); // All other nodes will be ignored } } @@ -1103,7 +1102,7 @@ public class DomUtils { * <code>null</code> or empty or no element is included in the list. */ public static Element getElementFromNodeList(final NodeList nl) { - if ((nl == null) || (nl.getLength() == 0)) { + if (nl == null || nl.getLength() == 0) { return null; } for (int i = 0; i < nl.getLength(); i++) { diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/utils/EaafDomEntityResolver.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/utils/EaafDomEntityResolver.java index c2700214..6139e914 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/utils/EaafDomEntityResolver.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/utils/EaafDomEntityResolver.java @@ -25,8 +25,6 @@ import java.io.InputStream; import at.gv.egiz.eaaf.core.api.data.XMLNamespaceConstants; import org.apache.xerces.util.URI; import org.apache.xerces.util.URI.MalformedURIException; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; import org.xml.sax.EntityResolver; import org.xml.sax.InputSource; @@ -46,7 +44,6 @@ import org.xml.sax.InputSource; * */ public class EaafDomEntityResolver implements EntityResolver { - private static final Logger log = LoggerFactory.getLogger(EaafDomEntityResolver.class); /** * Resolve an entity. diff --git a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/auth/AuthenticationDataBuilderTest.java b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/auth/AuthenticationDataBuilderTest.java index 586d464e..b91eaf21 100644 --- a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/auth/AuthenticationDataBuilderTest.java +++ b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/auth/AuthenticationDataBuilderTest.java @@ -25,7 +25,7 @@ public class AuthenticationDataBuilderTest { @Autowired private DummyConfiguration authConfig; - private static final String DUMMY_IDL_2 = + public static final String DUMMY_IDL_2 = "PHNhbWw6QXNzZXJ0aW9uIEFzc2VydGlvbklEPSJlbGdhdGVzdC5lZ2l6Lmd2LmF0LUFzc2VydGlvbklEWFhYxZB6Z8O8" + "cl9YWFhUw7x6ZWvDp2kiIElzc3VlSW5zdGFudD0iMjAxOS0wMy0wNFQxNTo1MzowNCswMTowMCIgSXNzdWVyPSJodH" + "RwOi8vcG9ydGFsLmJtaS5ndi5hdC9yZWYvc3pyL2lzc3VlciIgTWFqb3JWZXJzaW9uPSIxIiBNaW5vclZlcnNpb249" diff --git a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/auth/IdentityLinkTest.java b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/auth/IdentityLinkTest.java new file mode 100644 index 00000000..db97f4ca --- /dev/null +++ b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/auth/IdentityLinkTest.java @@ -0,0 +1,101 @@ +package at.gv.egiz.eaaf.core.impl.idp.auth; + +import java.io.ByteArrayInputStream; +import java.io.UnsupportedEncodingException; +import java.math.BigInteger; +import java.security.PublicKey; +import java.security.interfaces.RSAPublicKey; + +import org.apache.commons.lang3.RandomStringUtils; +import org.junit.Assert; +import org.junit.Before; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.junit.runners.BlockJUnit4ClassRunner; +import org.springframework.util.Base64Utils; + +import at.gv.egiz.eaaf.core.exceptions.EaafParserException; +import at.gv.egiz.eaaf.core.impl.idp.auth.data.IdentityLink; +import at.gv.egiz.eaaf.core.impl.idp.auth.data.SimpleIdentityLinkAssertionParser; + +@RunWith(BlockJUnit4ClassRunner.class) +public class IdentityLinkTest { + + private IdentityLink idl = null; + + /** + * jUnit test set-up. + * @throws EaafParserException In case of an error + * @throws UnsupportedEncodingException In case of an unsupported encoding + */ + @Before + public void testInit() throws EaafParserException, UnsupportedEncodingException { + idl = (IdentityLink) new SimpleIdentityLinkAssertionParser( + new ByteArrayInputStream(Base64Utils.decode(AuthenticationDataBuilderTest.DUMMY_IDL_2.getBytes("UTF-8")))).parseIdentityLink(); + + } + + @Test + public void checkElement() { + Assert.assertNotNull("DateOfBirth", idl.getDateOfBirth()); + Assert.assertNotNull("FamilyName", idl.getFamilyName()); + Assert.assertNotNull("GivenNamae", idl.getGivenName()); + Assert.assertNotNull("baseIdType", idl.getIdentificationType()); + Assert.assertNotNull("baseid", idl.getIdentificationValue()); + Assert.assertNotNull("IssuerInstant", idl.getIssueInstant()); + Assert.assertNotNull("name", idl.getName()); + Assert.assertNotNull("prPerson", idl.getPrPerson()); + Assert.assertNotNull("Assertion element", idl.getSamlAssertion()); + Assert.assertNotNull("Assertion serialized", idl.getSerializedSamlAssertion()); + Assert.assertNotNull("Transform ref", idl.getDsigReferenceTransforms()); + Assert.assertEquals("Transform Size not match", 1, idl.getDsigReferenceTransforms().length); + + } + + @Test + public void checkPubKeys() { + PublicKey[] publicKey = new RSAPublicKey[2]; + publicKey[0] = generatePubKey(); + publicKey[1] = generatePubKey(); + + idl.setPublicKey(publicKey ); + + Assert.assertNotNull("PubKey", idl.getPublicKey()); + Assert.assertEquals("PubKeys not match", publicKey.length, idl.getPublicKey().length); + + } + + private PublicKey generatePubKey() { + return new RSAPublicKey() { + private static final long serialVersionUID = 1L; + + @Override + public BigInteger getModulus() { + return new BigInteger(RandomStringUtils.randomNumeric(10)); + } + + @Override + public String getFormat() { + // TODO Auto-generated method stub + return null; + } + + @Override + public byte[] getEncoded() { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getAlgorithm() { + // TODO Auto-generated method stub + return null; + } + + @Override + public BigInteger getPublicExponent() { + return new BigInteger(RandomStringUtils.randomNumeric(2)); + } + }; + } +} diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/IGarbageCollectorProcessing.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/IGarbageCollectorProcessing.java index 1b8f0d48..68d837c3 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/IGarbageCollectorProcessing.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/IGarbageCollectorProcessing.java @@ -31,5 +31,5 @@ public interface IGarbageCollectorProcessing { * This method gets executed by the MOA garbage collector at regular intervals. * */ - public void runGarbageCollector(); + void runGarbageCollector(); } diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/IPostStartupInitializable.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/IPostStartupInitializable.java index c9eccbba..bfa4cd21 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/IPostStartupInitializable.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/IPostStartupInitializable.java @@ -33,6 +33,6 @@ public interface IPostStartupInitializable { * This method is called once when MOA-ID-Auth start-up process is fully completed. * */ - public void executeAfterStartup(); + void executeAfterStartup(); } diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/IRequest.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/IRequest.java index 03575223..fa8cb7f4 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/IRequest.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/IRequest.java @@ -33,7 +33,7 @@ public interface IRequest extends Serializable { * * @return Full-qualified name of the class which implements this protocol */ - public String requestedModule(); + String requestedModule(); /** * Indicates the protocol specific action, which should executed if the request is processed. The @@ -41,14 +41,14 @@ public interface IRequest extends Serializable { * * @return Full-qualified name of the class which implements the action */ - public String requestedAction(); + String requestedAction(); /** * Unique identifier, which indicates the service provider. * * @return Unique identifier for the service provider */ - public String getSpEntityId(); + String getSpEntityId(); /** * Indicates the passive flag in authentication requests. If the passive flag is set, the @@ -56,7 +56,7 @@ public interface IRequest extends Serializable { * * @return true, if the is passive flag is set in authentication request, otherwise false */ - public boolean isPassiv(); + boolean isPassiv(); /** * Indicates the force authentication flag in authentication request If this flag is set, a new @@ -64,7 +64,7 @@ public interface IRequest extends Serializable { * * @return true, if the force authentication flag is set, otherwise false */ - public boolean forceAuth(); + boolean forceAuth(); /** @@ -73,7 +73,7 @@ public interface IRequest extends Serializable { * @param key The specific identifier of the request-data object * @return The request-data object or null if no data is found with this key */ - public Object getRawData(String key); + Object getRawData(String key); /** * Returns a generic request-data object with is stored with a specific identifier. @@ -82,7 +82,7 @@ public interface IRequest extends Serializable { * @param clazz The class type which is stored with this key * @return The request-data object or null if no data is found with this key */ - public <T> T getRawData(String key, final Class<T> clazz); + <T> T getRawData(String key, final Class<T> clazz); /** * Store a generic data-object into pending request with a specific identifier. @@ -93,7 +93,7 @@ public interface IRequest extends Serializable { * @throws SessionDataStorageException Error message if the data-object can not stored to generic * request-data storage */ - public void setRawDataToTransaction(String key, Object object) throws EaafStorageException; + void setRawDataToTransaction(String key, Object object) throws EaafStorageException; /** * Store generic data-objects into pending request with specific identifiers. @@ -102,7 +102,7 @@ public interface IRequest extends Serializable { * @throws SessionDataStorageException Error message if the data-object can not stored to generic * request-data storage */ - public void setRawDataToTransaction(Map<String, Object> map) throws EaafStorageException; + void setRawDataToTransaction(Map<String, Object> map) throws EaafStorageException; /** * Wrap the internal dataStorage map into a DAO. @@ -111,7 +111,7 @@ public interface IRequest extends Serializable { * @return */ @Nonnull - public <T> T getSessionData(@Nonnull Class<T> wrapper); + <T> T getSessionData(@Nonnull Class<T> wrapper); /** * Hold the identifier of this request object. This identifier can be used to load the request @@ -119,7 +119,7 @@ public interface IRequest extends Serializable { * * @return Request identifier */ - public String getPendingRequestId(); + String getPendingRequestId(); /** @@ -127,14 +127,14 @@ public interface IRequest extends Serializable { * * @return SSO session-identifier if a associated session exists, otherwise null */ - public String getInternalSsoSessionIdentifier(); + String getInternalSsoSessionIdentifier(); /** * Set the in SSO session identifier, if an active SSO session exists. * * @param internalSsoSessionId Internal SSO session id */ - public void setInternalSsoSessionIdentifier(String internalSsoSessionId); + void setInternalSsoSessionIdentifier(String internalSsoSessionId); /** * Holds a unique transaction identifier, which could be used for looging This transaction @@ -142,7 +142,7 @@ public interface IRequest extends Serializable { * * @return Unique transaction identifier. */ - public String getUniqueTransactionIdentifier(); + String getUniqueTransactionIdentifier(); /** * Holds a unique session identifier, which could be used for logging This session identifier is @@ -150,7 +150,7 @@ public interface IRequest extends Serializable { * * @return Unique session identifier */ - public String getUniqueSessionIdentifier(); + String getUniqueSessionIdentifier(); /** @@ -159,7 +159,7 @@ public interface IRequest extends Serializable { * @return ProcessInstanceID if this request is associated with a authentication process, * otherwise null */ - public String getProcessInstanceId(); + String getProcessInstanceId(); /** @@ -167,35 +167,35 @@ public interface IRequest extends Serializable { * * @return IDP URL PreFix. The URL prefix always ends without / */ - public String getAuthUrl(); + String getAuthUrl(); /** * get the IDP URL PreFix, which was used for authentication request. * * @return IDP URL PreFix. The URL prefix always ends without / */ - public String getAuthUrlWithOutSlash(); + String getAuthUrlWithOutSlash(); /** * Indicates if this pending request needs authentication. * * @return true if this request needs authentication, otherwise false */ - public boolean isNeedAuthentication(); + boolean isNeedAuthentication(); /** * Indicates, if this pending request needs Single Sign-On (SSO) functionality. * * @return true if this request needs SSO, otherwise false */ - public boolean needSingleSignOnFunctionality(); + boolean needSingleSignOnFunctionality(); /** * Set flag that this requests needs SSO. * * @param needSso true if SSO is needed, otherwise false */ - public void setNeedSingleSignOnFunctionality(boolean needSso); + void setNeedSingleSignOnFunctionality(boolean needSso); /** @@ -203,25 +203,25 @@ public interface IRequest extends Serializable { * * @return true if this request needs additional user consent, otherwise false */ - public boolean isNeedUserConsent(); + boolean isNeedUserConsent(); - public void setNeedUserConsent(boolean needConsent); + void setNeedUserConsent(boolean needConsent); /** * Indicates, if this pending request is already authenticated. * * @return true if this request is already authenticated, otherwise false */ - public boolean isAuthenticated(); + boolean isAuthenticated(); - public void setAuthenticated(boolean isAuthenticated); + void setAuthenticated(boolean isAuthenticated); /** * Get get Service-Provider configuration which is associated with this request. * * @return Service-Provider configuration */ - public IspConfiguration getServiceProviderConfiguration(); + IspConfiguration getServiceProviderConfiguration(); /** @@ -229,7 +229,7 @@ public interface IRequest extends Serializable { * * @return Service-Provider configuration as object */ - public <T> T getServiceProviderConfiguration(final Class<T> decorator); + <T> T getServiceProviderConfiguration(final Class<T> decorator); /** @@ -237,13 +237,13 @@ public interface IRequest extends Serializable { * * @return true, if it is aborted, otherwise false */ - public boolean isAbortedByUser(); + boolean isAbortedByUser(); /** * Set the 'isAboredByUser' flag of this pending-request. * * @param isAborted true, if the user has abort the authentication process, otherwise false */ - public void setAbortedByUser(boolean isAborted); + void setAbortedByUser(boolean isAborted); } diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/IRequestStorage.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/IRequestStorage.java index c76dfe76..efd19591 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/IRequestStorage.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/IRequestStorage.java @@ -38,7 +38,7 @@ public interface IRequestStorage { * @return Pending Request Object * @throws PendingReqIdValidationException if the pendingRequestId was invalid */ - public IRequest getPendingRequest(String pendingReqID) throws PendingReqIdValidationException; + IRequest getPendingRequest(String pendingReqID) throws PendingReqIdValidationException; /** * Store a pending-request in storage. @@ -46,14 +46,14 @@ public interface IRequestStorage { * @param pendingRequest Pending-Request object to store * @throws EaafException In case of a storage error */ - public void storePendingRequest(IRequest pendingRequest) throws EaafException; + void storePendingRequest(IRequest pendingRequest) throws EaafException; /** * Remove a pending-request from storage. * * @param pendingReqId Id of the pending request */ - public void removePendingRequest(String pendingReqId); + void removePendingRequest(String pendingReqId); /** * change the pendingRequestId of a pending-request. @@ -62,6 +62,6 @@ public interface IRequestStorage { * @return new pending-requestId * @throws EaafException in case of a storage error */ - public String changePendingRequestID(IRequest pendingRequest) throws EaafException; + String changePendingRequestID(IRequest pendingRequest) throws EaafException; } diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/IStatusMessenger.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/IStatusMessenger.java index 633f1583..b6bcf18a 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/IStatusMessenger.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/IStatusMessenger.java @@ -25,18 +25,18 @@ import javax.annotation.Nullable; public interface IStatusMessenger { // internal error codes defined in EAAFCore - public static final String CODES_INTERNAL_ERROR_GENERIC = "internal.00"; - public static final String CODES_INTERNAL_ERROR_AUTH_NOSPCONFIG = "auth.00"; - public static final String CODES_INTERNAL_ERROR_AUTH_NOPENDIGREQID = "auth.26"; - public static final String CODES_INTERNAL_ERROR_AUTH_TIMEOUT = "auth.28"; - public static final String CODES_INTERNAL_ERROR_AUTH_USERSTOP = "auth.21"; - public static final String CODES_INTERNAL_ERROR_AUTH_REQUEST_INVALID = "auth.38"; + String CODES_INTERNAL_ERROR_GENERIC = "internal.00"; + String CODES_INTERNAL_ERROR_AUTH_NOSPCONFIG = "auth.00"; + String CODES_INTERNAL_ERROR_AUTH_NOPENDIGREQID = "auth.26"; + String CODES_INTERNAL_ERROR_AUTH_TIMEOUT = "auth.28"; + String CODES_INTERNAL_ERROR_AUTH_USERSTOP = "auth.21"; + String CODES_INTERNAL_ERROR_AUTH_REQUEST_INVALID = "auth.38"; - public static final String CODES_INTERNAL_ILLEGAL_STATE = "process.03"; + String CODES_INTERNAL_ILLEGAL_STATE = "process.03"; // external error codes defined in EAAFCore - public static final String CODES_EXTERNAL_ERROR_GENERIC = "9199"; - public static final String CODES_EXTERNAL_ERROR_PROCESSENGINE = "1099"; + String CODES_EXTERNAL_ERROR_GENERIC = "9199"; + String CODES_EXTERNAL_ERROR_PROCESSENGINE = "1099"; /** @@ -47,7 +47,7 @@ public interface IStatusMessenger { * @return The formatted message. */ @Nonnull - public String getMessage(String messageId, Object[] parameters); + String getMessage(String messageId, Object[] parameters); /** * Get the message corresponding to a given message ID. @@ -57,7 +57,7 @@ public interface IStatusMessenger { * @return The formatted message, or <code>null</code> if no message was fround */ @Nullable - public String getMessageWithoutDefault(String messageId, Object[] parameters); + String getMessageWithoutDefault(String messageId, Object[] parameters); /** * Get external errorCode from from Exception. @@ -65,7 +65,7 @@ public interface IStatusMessenger { * @param throwable Reason of error * @return external error code */ - public String getResponseErrorCode(Throwable throwable); + String getResponseErrorCode(Throwable throwable); /** @@ -74,6 +74,6 @@ public interface IStatusMessenger { * @param intErrorCode internal error code * @return external error code */ - public String mapInternalErrorToExternalError(String intErrorCode); + String mapInternalErrorToExternalError(String intErrorCode); } diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/data/ExtendedPVPAttributeDefinitions.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/data/ExtendedPVPAttributeDefinitions.java index 2d0fde0b..b895ab7d 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/data/ExtendedPVPAttributeDefinitions.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/data/ExtendedPVPAttributeDefinitions.java @@ -22,27 +22,27 @@ package at.gv.egiz.eaaf.core.api.data; public interface ExtendedPVPAttributeDefinitions extends PVPAttributeDefinitions { - public static final String SP_UNIQUEID_NAME = "urn:eidgvat:attributes.ServiceProviderUniqueId"; - public static final String SP_UNIQUEID_FRIENDLY_NAME = "ServiceProvider-UniqueId"; + String SP_UNIQUEID_NAME = "urn:eidgvat:attributes.ServiceProviderUniqueId"; + String SP_UNIQUEID_FRIENDLY_NAME = "ServiceProvider-UniqueId"; - public static final String SP_FRIENDLYNAME_NAME = + String SP_FRIENDLYNAME_NAME = "urn:eidgvat:attributes.ServiceProviderFriendlyName"; - public static final String SP_FRIENDLYNAME_FRIENDLY_NAME = "ServiceProvider-FriendlyName"; + String SP_FRIENDLYNAME_FRIENDLY_NAME = "ServiceProvider-FriendlyName"; - public static final String SP_COUNTRYCODE_NAME = + String SP_COUNTRYCODE_NAME = "urn:eidgvat:attributes.ServiceProviderCountryCode"; - public static final String SP_COUNTRYCODE_FRIENDLY_NAME = "ServiceProvider-CountryCode"; + String SP_COUNTRYCODE_FRIENDLY_NAME = "ServiceProvider-CountryCode"; - public static final String SP_USESMANDATES_NAME = + String SP_USESMANDATES_NAME = "urn:eidgvat:attributes.ServiceProviderMandateProfiles"; - public static final String SP_USESMANDATES_FRIENDLY_NAME = "ServiceProvider-MandateProfiles"; + String SP_USESMANDATES_FRIENDLY_NAME = "ServiceProvider-MandateProfiles"; /* Attributes for E-ID */ - public static final String EID_ENCRYPTED_SOURCEID_NAME = "urn:eidgvat:attributes.vsz.value"; - public static final String EID_ENCRYPTED_SOURCEID_FRIENDLY_NAME = "vSZ"; + String EID_ENCRYPTED_SOURCEID_NAME = "urn:eidgvat:attributes.vsz.value"; + String EID_ENCRYPTED_SOURCEID_FRIENDLY_NAME = "vSZ"; - public static final String EID_ENCRYPTED_SOURCEID_TYPE_NAME = "urn:eidgvat:attributes.vsz.type"; - public static final String EID_ENCRYPTED_SOURCEID_TYPE_FRIENDLY_NAME = "vSZ-Type"; + String EID_ENCRYPTED_SOURCEID_TYPE_NAME = "urn:eidgvat:attributes.vsz.type"; + String EID_ENCRYPTED_SOURCEID_TYPE_FRIENDLY_NAME = "vSZ-Type"; } diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/data/ILoALevelMapper.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/data/ILoALevelMapper.java index c58f4fe7..3abf39e7 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/data/ILoALevelMapper.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/data/ILoALevelMapper.java @@ -30,7 +30,7 @@ public interface ILoALevelMapper { * @param qaa, but not null * @return An eIDAS LoA if there is a mapping, otherwise null */ - public String mapToeIDASLoA(String qaa); + String mapToeIDASLoA(String qaa); /** * Map an arbitrary QAA level to PVP SecClass @@ -38,7 +38,7 @@ public interface ILoALevelMapper { * @param qaa, but not null * @return A PVP SecClass if there is a mapping, otherwise null */ - public String mapToSecClass(String qaa); + String mapToSecClass(String qaa); /** @@ -48,5 +48,5 @@ public interface ILoALevelMapper { * @return A STORK QAA level */ @Deprecated - public String mapeIDASQAAToSTORKQAA(String eidasqaaLevel); + String mapeIDASQAAToSTORKQAA(String eidasqaaLevel); } diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/data/PVPAttributeDefinitions.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/data/PVPAttributeDefinitions.java index f162ad3d..7604299e 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/data/PVPAttributeDefinitions.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/data/PVPAttributeDefinitions.java @@ -24,130 +24,130 @@ package at.gv.egiz.eaaf.core.api.data; public interface PVPAttributeDefinitions { - public static final String URN_OID_PREFIX = "urn:oid:"; - - public static final String PVP_VERSION_OID = "1.2.40.0.10.2.1.1.261.10"; - public static final String PVP_VERSION_NAME = URN_OID_PREFIX + PVP_VERSION_OID; - public static final String PVP_VERSION_FRIENDLY_NAME = "PVP-VERSION"; - public static final String PVP_VERSION_2_1 = "2.2"; - - - public static final String SECCLASS_OID = "1.2.40.0.10.2.1.1.261.110"; - public static final String SECCLASS_FRIENDLY_NAME = "SECCLASS"; - public static final String SECCLASS_NAME = URN_OID_PREFIX + SECCLASS_OID; - public static final int SECCLASS_MAX_LENGTH = 128; - - public static final String PRINCIPAL_NAME_OID = "1.2.40.0.10.2.1.1.261.20"; - public static final String PRINCIPAL_NAME_NAME = URN_OID_PREFIX + PRINCIPAL_NAME_OID; - public static final String PRINCIPAL_NAME_FRIENDLY_NAME = "PRINCIPAL-NAME"; - public static final int PRINCIPAL_NAME_MAX_LENGTH = 128; - - public static final String GIVEN_NAME_OID = "2.5.4.42"; - public static final String GIVEN_NAME_NAME = URN_OID_PREFIX + GIVEN_NAME_OID; - public static final String GIVEN_NAME_FRIENDLY_NAME = "GIVEN-NAME"; - public static final int GIVEN_NAME_MAX_LENGTH = 128; - - public static final String BIRTHDATE_OID = "1.2.40.0.10.2.1.1.55"; - public static final String BIRTHDATE_NAME = URN_OID_PREFIX + BIRTHDATE_OID; - public static final String BIRTHDATE_FRIENDLY_NAME = "BIRTHDATE"; - public static final String BIRTHDATE_FORMAT_PATTERN = "yyyy-MM-dd"; - - public static final String USERID_OID = "0.9.2342.19200300.100.1.1"; - public static final String USERID_NAME = URN_OID_PREFIX + USERID_OID; - public static final String USERID_FRIENDLY_NAME = "USERID"; - public static final int USERID_MAX_LENGTH = 128; - - public static final String GID_OID = "1.2.40.0.10.2.1.1.1"; - public static final String GID_NAME = URN_OID_PREFIX + GID_OID; - public static final String GID_FRIENDLY_NAME = "GID"; - public static final int GID_MAX_LENGTH = 128; - - public static final String BPK_OID = "1.2.40.0.10.2.1.1.149"; - public static final String BPK_NAME = URN_OID_PREFIX + BPK_OID; - public static final String BPK_FRIENDLY_NAME = "BPK"; - public static final int BPK_MAX_LENGTH = 1024; - public static final String BPK_R_PROFILE21_HEADER = "X-PVP-BPK"; - - public static final String BPK_LIST_OID = "1.2.40.0.10.2.1.1.261.28"; - public static final String BPK_LIST_NAME = URN_OID_PREFIX + BPK_LIST_OID; - public static final String BPK_LIST_FRIENDLY_NAME = "BPK-LIST"; - public static final int BPK_LIST_MAX_LENGTH = 32767; - - public static final String ENC_BPK_LIST_OID = "1.2.40.0.10.2.1.1.261.22"; - public static final String ENC_BPK_LIST_NAME = URN_OID_PREFIX + ENC_BPK_LIST_OID; - public static final String ENC_BPK_LIST_FRIENDLY_NAME = "ENC-BPK-LIST"; - public static final int ENC_BPK_LIST_MAX_LENGTH = 32767; - - public static final String MAIL_OID = "0.9.2342.19200300.100.1.3"; - public static final String MAIL_NAME = URN_OID_PREFIX + MAIL_OID; - public static final String MAIL_FRIENDLY_NAME = "MAIL"; - public static final int MAIL_MAX_LENGTH = 128; - - public static final String TEL_OID = "2.5.4.20"; - public static final String TEL_NAME = URN_OID_PREFIX + TEL_OID; - public static final String TEL_FRIENDLY_NAME = "TEL"; - public static final int TEL_MAX_LENGTH = 32; - - public static final String PARTICIPANT_ID_OID = "1.2.40.0.10.2.1.1.71"; - public static final String PARTICIPANT_ID_NAME = URN_OID_PREFIX + PARTICIPANT_ID_OID; - public static final String PARTICIPANT_ID_FRIENDLY_NAME = "PARTICIPANT-ID"; - public static final int PARTICIPANT_MAX_LENGTH = 39; - - public static final String PARTICIPANT_OKZ_OID = "1.2.40.0.10.2.1.1.261.24"; - public static final String PARTICIPANT_OKZ_NAME = URN_OID_PREFIX + PARTICIPANT_OKZ_OID; - public static final String PARTICIPANT_OKZ_FRIENDLY_NAME = "PARTICIPANT-OKZ"; - public static final int PARTICIPANT_OKZ_MAX_LENGTH = 32; - - public static final String OU_OKZ_OID = "1.2.40.0.10.2.1.1.153"; - public static final String OU_OKZ_NAME = URN_OID_PREFIX + OU_OKZ_OID; - public static final int OU_OKZ_MAX_LENGTH = 32; - - public static final String OU_GV_OU_ID_OID = "1.2.40.0.10.2.1.1.3"; - public static final String OU_GV_OU_ID_NAME = URN_OID_PREFIX + OU_GV_OU_ID_OID; - public static final String OU_GV_OU_ID_FRIENDLY_NAME = "OU-GV-OU-ID"; - public static final int OU_GV_OU_ID_MAX_LENGTH = 39; - - public static final String OU_OID = "2.5.4.11"; - public static final String OU_NAME = URN_OID_PREFIX + OU_OID; - public static final String OU_FRIENDLY_NAME = "OU"; - public static final int OU_MAX_LENGTH = 64; - - public static final String FUNCTION_OID = "1.2.40.0.10.2.1.1.33"; - public static final String FUNCTION_NAME = URN_OID_PREFIX + FUNCTION_OID; - public static final String FUNCTION_FRIENDLY_NAME = "FUNCTION"; - public static final int FUNCTION_MAX_LENGTH = 32; - - public static final String ROLES_OID = "1.2.40.0.10.2.1.1.261.30"; - public static final String ROLES_NAME = URN_OID_PREFIX + ROLES_OID; - public static final String ROLES_FRIENDLY_NAME = "ROLES"; - public static final int ROLES_MAX_LENGTH = 32767; - - @Deprecated - public static final String EID_CITIZEN_QAA_LEVEL_OID = "1.2.40.0.10.2.1.1.261.94"; - @Deprecated - public static final String EID_CITIZEN_QAA_LEVEL_NAME = + String URN_OID_PREFIX = "urn:oid:"; + + String PVP_VERSION_OID = "1.2.40.0.10.2.1.1.261.10"; + String PVP_VERSION_NAME = URN_OID_PREFIX + PVP_VERSION_OID; + String PVP_VERSION_FRIENDLY_NAME = "PVP-VERSION"; + String PVP_VERSION_2_1 = "2.2"; + + + String SECCLASS_OID = "1.2.40.0.10.2.1.1.261.110"; + String SECCLASS_FRIENDLY_NAME = "SECCLASS"; + String SECCLASS_NAME = URN_OID_PREFIX + SECCLASS_OID; + int SECCLASS_MAX_LENGTH = 128; + + String PRINCIPAL_NAME_OID = "1.2.40.0.10.2.1.1.261.20"; + String PRINCIPAL_NAME_NAME = URN_OID_PREFIX + PRINCIPAL_NAME_OID; + String PRINCIPAL_NAME_FRIENDLY_NAME = "PRINCIPAL-NAME"; + int PRINCIPAL_NAME_MAX_LENGTH = 128; + + String GIVEN_NAME_OID = "2.5.4.42"; + String GIVEN_NAME_NAME = URN_OID_PREFIX + GIVEN_NAME_OID; + String GIVEN_NAME_FRIENDLY_NAME = "GIVEN-NAME"; + int GIVEN_NAME_MAX_LENGTH = 128; + + String BIRTHDATE_OID = "1.2.40.0.10.2.1.1.55"; + String BIRTHDATE_NAME = URN_OID_PREFIX + BIRTHDATE_OID; + String BIRTHDATE_FRIENDLY_NAME = "BIRTHDATE"; + String BIRTHDATE_FORMAT_PATTERN = "yyyy-MM-dd"; + + String USERID_OID = "0.9.2342.19200300.100.1.1"; + String USERID_NAME = URN_OID_PREFIX + USERID_OID; + String USERID_FRIENDLY_NAME = "USERID"; + int USERID_MAX_LENGTH = 128; + + String GID_OID = "1.2.40.0.10.2.1.1.1"; + String GID_NAME = URN_OID_PREFIX + GID_OID; + String GID_FRIENDLY_NAME = "GID"; + int GID_MAX_LENGTH = 128; + + String BPK_OID = "1.2.40.0.10.2.1.1.149"; + String BPK_NAME = URN_OID_PREFIX + BPK_OID; + String BPK_FRIENDLY_NAME = "BPK"; + int BPK_MAX_LENGTH = 1024; + String BPK_R_PROFILE21_HEADER = "X-PVP-BPK"; + + String BPK_LIST_OID = "1.2.40.0.10.2.1.1.261.28"; + String BPK_LIST_NAME = URN_OID_PREFIX + BPK_LIST_OID; + String BPK_LIST_FRIENDLY_NAME = "BPK-LIST"; + int BPK_LIST_MAX_LENGTH = 32767; + + String ENC_BPK_LIST_OID = "1.2.40.0.10.2.1.1.261.22"; + String ENC_BPK_LIST_NAME = URN_OID_PREFIX + ENC_BPK_LIST_OID; + String ENC_BPK_LIST_FRIENDLY_NAME = "ENC-BPK-LIST"; + int ENC_BPK_LIST_MAX_LENGTH = 32767; + + String MAIL_OID = "0.9.2342.19200300.100.1.3"; + String MAIL_NAME = URN_OID_PREFIX + MAIL_OID; + String MAIL_FRIENDLY_NAME = "MAIL"; + int MAIL_MAX_LENGTH = 128; + + String TEL_OID = "2.5.4.20"; + String TEL_NAME = URN_OID_PREFIX + TEL_OID; + String TEL_FRIENDLY_NAME = "TEL"; + int TEL_MAX_LENGTH = 32; + + String PARTICIPANT_ID_OID = "1.2.40.0.10.2.1.1.71"; + String PARTICIPANT_ID_NAME = URN_OID_PREFIX + PARTICIPANT_ID_OID; + String PARTICIPANT_ID_FRIENDLY_NAME = "PARTICIPANT-ID"; + int PARTICIPANT_MAX_LENGTH = 39; + + String PARTICIPANT_OKZ_OID = "1.2.40.0.10.2.1.1.261.24"; + String PARTICIPANT_OKZ_NAME = URN_OID_PREFIX + PARTICIPANT_OKZ_OID; + String PARTICIPANT_OKZ_FRIENDLY_NAME = "PARTICIPANT-OKZ"; + int PARTICIPANT_OKZ_MAX_LENGTH = 32; + + String OU_OKZ_OID = "1.2.40.0.10.2.1.1.153"; + String OU_OKZ_NAME = URN_OID_PREFIX + OU_OKZ_OID; + int OU_OKZ_MAX_LENGTH = 32; + + String OU_GV_OU_ID_OID = "1.2.40.0.10.2.1.1.3"; + String OU_GV_OU_ID_NAME = URN_OID_PREFIX + OU_GV_OU_ID_OID; + String OU_GV_OU_ID_FRIENDLY_NAME = "OU-GV-OU-ID"; + int OU_GV_OU_ID_MAX_LENGTH = 39; + + String OU_OID = "2.5.4.11"; + String OU_NAME = URN_OID_PREFIX + OU_OID; + String OU_FRIENDLY_NAME = "OU"; + int OU_MAX_LENGTH = 64; + + String FUNCTION_OID = "1.2.40.0.10.2.1.1.33"; + String FUNCTION_NAME = URN_OID_PREFIX + FUNCTION_OID; + String FUNCTION_FRIENDLY_NAME = "FUNCTION"; + int FUNCTION_MAX_LENGTH = 32; + + String ROLES_OID = "1.2.40.0.10.2.1.1.261.30"; + String ROLES_NAME = URN_OID_PREFIX + ROLES_OID; + String ROLES_FRIENDLY_NAME = "ROLES"; + int ROLES_MAX_LENGTH = 32767; + + @Deprecated + String EID_CITIZEN_QAA_LEVEL_OID = "1.2.40.0.10.2.1.1.261.94"; + @Deprecated + String EID_CITIZEN_QAA_LEVEL_NAME = URN_OID_PREFIX + EID_CITIZEN_QAA_LEVEL_OID; @Deprecated - public static final String EID_CITIZEN_QAA_LEVEL_FRIENDLY_NAME = "EID-CITIZEN-QAA-LEVEL"; + String EID_CITIZEN_QAA_LEVEL_FRIENDLY_NAME = "EID-CITIZEN-QAA-LEVEL"; - public static final String EID_CITIZEN_EIDAS_QAA_LEVEL_OID = "1.2.40.0.10.2.1.1.261.108"; - public static final String EID_CITIZEN_EIDAS_QAA_LEVEL_NAME = + String EID_CITIZEN_EIDAS_QAA_LEVEL_OID = "1.2.40.0.10.2.1.1.261.108"; + String EID_CITIZEN_EIDAS_QAA_LEVEL_NAME = URN_OID_PREFIX + EID_CITIZEN_EIDAS_QAA_LEVEL_OID; - public static final String EID_CITIZEN_EIDAS_QAA_LEVEL_FRIENDLY_NAME = + String EID_CITIZEN_EIDAS_QAA_LEVEL_FRIENDLY_NAME = "EID-CITIZEN-QAA-EIDAS-LEVEL"; - public static final String EID_IDENTITY_STATUS_LEVEL_OID = "1.2.40.0.10.2.1.1.261.109"; - public static final String EID_IDENTITY_STATUS_LEVEL_NAME = + String EID_IDENTITY_STATUS_LEVEL_OID = "1.2.40.0.10.2.1.1.261.109"; + String EID_IDENTITY_STATUS_LEVEL_NAME = URN_OID_PREFIX + EID_IDENTITY_STATUS_LEVEL_OID; - public static final String EID_IDENTITY_STATUS_LEVEL_FRIENDLY_NAME = "EID-IDENTITY-STATUS-LEVEL"; + String EID_IDENTITY_STATUS_LEVEL_FRIENDLY_NAME = "EID-IDENTITY-STATUS-LEVEL"; - public enum EID_IDENTITY_STATUS_LEVEL_VALUES { + enum EID_IDENTITY_STATUS_LEVEL_VALUES { IDENTITY("http://eid.gv.at/eID/status/identity"), TESTIDENTITY( "http://eid.gv.at/eID/status/testidentity"), SYSTEM("http://eid.gv.at/eID/status/system"); private final String uri; - private EID_IDENTITY_STATUS_LEVEL_VALUES(final String uri) { + EID_IDENTITY_STATUS_LEVEL_VALUES(final String uri) { this.uri = uri; } @@ -161,220 +161,220 @@ public interface PVPAttributeDefinitions { } } - public static final String EID_ISSUING_NATION_OID = "1.2.40.0.10.2.1.1.261.32"; - public static final String EID_ISSUING_NATION_NAME = URN_OID_PREFIX + EID_ISSUING_NATION_OID; - public static final String EID_ISSUING_NATION_FRIENDLY_NAME = "EID-ISSUING-NATION"; - public static final int EID_ISSUING_NATION_MAX_LENGTH = 2; + String EID_ISSUING_NATION_OID = "1.2.40.0.10.2.1.1.261.32"; + String EID_ISSUING_NATION_NAME = URN_OID_PREFIX + EID_ISSUING_NATION_OID; + String EID_ISSUING_NATION_FRIENDLY_NAME = "EID-ISSUING-NATION"; + int EID_ISSUING_NATION_MAX_LENGTH = 2; - public static final String EID_SECTOR_FOR_IDENTIFIER_OID = "1.2.40.0.10.2.1.1.261.34"; - public static final String EID_SECTOR_FOR_IDENTIFIER_NAME = + String EID_SECTOR_FOR_IDENTIFIER_OID = "1.2.40.0.10.2.1.1.261.34"; + String EID_SECTOR_FOR_IDENTIFIER_NAME = URN_OID_PREFIX + EID_SECTOR_FOR_IDENTIFIER_OID; - public static final String EID_SECTOR_FOR_IDENTIFIER_FRIENDLY_NAME = "EID-SECTOR-FOR-IDENTIFIER"; - public static final int EID_SECTOR_FOR_IDENTIFIER_MAX_LENGTH = 255; + String EID_SECTOR_FOR_IDENTIFIER_FRIENDLY_NAME = "EID-SECTOR-FOR-IDENTIFIER"; + int EID_SECTOR_FOR_IDENTIFIER_MAX_LENGTH = 255; @Deprecated - public static final String EID_SOURCE_PIN_OID = "1.2.40.0.10.2.1.1.261.36"; + String EID_SOURCE_PIN_OID = "1.2.40.0.10.2.1.1.261.36"; @Deprecated - public static final String EID_SOURCE_PIN_NAME = URN_OID_PREFIX + EID_SOURCE_PIN_OID; + String EID_SOURCE_PIN_NAME = URN_OID_PREFIX + EID_SOURCE_PIN_OID; @Deprecated - public static final String EID_SOURCE_PIN_FRIENDLY_NAME = "EID-SOURCE-PIN"; + String EID_SOURCE_PIN_FRIENDLY_NAME = "EID-SOURCE-PIN"; @Deprecated - public static final int EID_SOURCE_PIN_MAX_LENGTH = 128; + int EID_SOURCE_PIN_MAX_LENGTH = 128; @Deprecated - public static final String EID_SOURCE_PIN_TYPE_OID = "1.2.40.0.10.2.1.1.261.104"; + String EID_SOURCE_PIN_TYPE_OID = "1.2.40.0.10.2.1.1.261.104"; @Deprecated - public static final String EID_SOURCE_PIN_TYPE_NAME = URN_OID_PREFIX + EID_SOURCE_PIN_TYPE_OID; + String EID_SOURCE_PIN_TYPE_NAME = URN_OID_PREFIX + EID_SOURCE_PIN_TYPE_OID; @Deprecated - public static final String EID_SOURCE_PIN_TYPE_FRIENDLY_NAME = "EID-SOURCE-PIN-TYPE"; + String EID_SOURCE_PIN_TYPE_FRIENDLY_NAME = "EID-SOURCE-PIN-TYPE"; @Deprecated - public static final int EID_SOURCE_PIN_TYPE_MAX_LENGTH = 128; + int EID_SOURCE_PIN_TYPE_MAX_LENGTH = 128; @Deprecated - public static final String EID_IDENTITY_LINK_OID = "1.2.40.0.10.2.1.1.261.38"; + String EID_IDENTITY_LINK_OID = "1.2.40.0.10.2.1.1.261.38"; @Deprecated - public static final String EID_IDENTITY_LINK_NAME = URN_OID_PREFIX + EID_IDENTITY_LINK_OID; + String EID_IDENTITY_LINK_NAME = URN_OID_PREFIX + EID_IDENTITY_LINK_OID; @Deprecated - public static final String EID_IDENTITY_LINK_FRIENDLY_NAME = "EID-IDENTITY-LINK"; + String EID_IDENTITY_LINK_FRIENDLY_NAME = "EID-IDENTITY-LINK"; @Deprecated - public static final int EID_IDENTITY_LINK_MAX_LENGTH = 32767; + int EID_IDENTITY_LINK_MAX_LENGTH = 32767; - public static final String EID_E_ID_TOKEN_OID = "1.2.40.0.10.2.1.1.261.39"; - public static final String EID_E_ID_TOKEN_NAME = URN_OID_PREFIX + EID_E_ID_TOKEN_OID; - public static final String EID_E_ID_TOKEN_FRIENDLY_NAME = "EID-E-ID-TOKEN"; - public static final int EID_E_ID_TOKEN_MAX_LENGTH = 32767; + String EID_E_ID_TOKEN_OID = "1.2.40.0.10.2.1.1.261.39"; + String EID_E_ID_TOKEN_NAME = URN_OID_PREFIX + EID_E_ID_TOKEN_OID; + String EID_E_ID_TOKEN_FRIENDLY_NAME = "EID-E-ID-TOKEN"; + int EID_E_ID_TOKEN_MAX_LENGTH = 32767; @Deprecated - public static final String EID_AUTH_BLOCK_OID = "1.2.40.0.10.2.1.1.261.62"; + String EID_AUTH_BLOCK_OID = "1.2.40.0.10.2.1.1.261.62"; @Deprecated - public static final String EID_AUTH_BLOCK_NAME = URN_OID_PREFIX + EID_AUTH_BLOCK_OID; + String EID_AUTH_BLOCK_NAME = URN_OID_PREFIX + EID_AUTH_BLOCK_OID; @Deprecated - public static final String EID_AUTH_BLOCK_FRIENDLY_NAME = "EID-AUTH-BLOCK"; + String EID_AUTH_BLOCK_FRIENDLY_NAME = "EID-AUTH-BLOCK"; @Deprecated - public static final int EID_AUTH_BLOCK_MAX_LENGTH = 32767; + int EID_AUTH_BLOCK_MAX_LENGTH = 32767; - public static final String EID_CCS_URL_OID = "1.2.40.0.10.2.1.1.261.64"; - public static final String EID_CCS_URL_NAME = URN_OID_PREFIX + EID_CCS_URL_OID; - public static final String EID_CCS_URL_FRIENDLY_NAME = "EID-CCS-URL"; - public static final int EID_CCS_URL_MAX_LENGTH = 1024; + String EID_CCS_URL_OID = "1.2.40.0.10.2.1.1.261.64"; + String EID_CCS_URL_NAME = URN_OID_PREFIX + EID_CCS_URL_OID; + String EID_CCS_URL_FRIENDLY_NAME = "EID-CCS-URL"; + int EID_CCS_URL_MAX_LENGTH = 1024; - public static final String EID_SIGNER_CERTIFICATE_OID = "1.2.40.0.10.2.1.1.261.66"; - public static final String EID_SIGNER_CERTIFICATE_NAME = + String EID_SIGNER_CERTIFICATE_OID = "1.2.40.0.10.2.1.1.261.66"; + String EID_SIGNER_CERTIFICATE_NAME = URN_OID_PREFIX + EID_SIGNER_CERTIFICATE_OID; - public static final String EID_SIGNER_CERTIFICATE_FRIENDLY_NAME = "EID-SIGNER-CERTIFICATE"; - public static final int EID_SIGNER_CERTIFICATE_MAX_LENGTH = 32767; + String EID_SIGNER_CERTIFICATE_FRIENDLY_NAME = "EID-SIGNER-CERTIFICATE"; + int EID_SIGNER_CERTIFICATE_MAX_LENGTH = 32767; @Deprecated - public static final String EID_STORK_TOKEN_OID = "1.2.40.0.10.2.1.1.261.96"; + String EID_STORK_TOKEN_OID = "1.2.40.0.10.2.1.1.261.96"; @Deprecated - public static final String EID_STORK_TOKEN_NAME = URN_OID_PREFIX + EID_STORK_TOKEN_OID; + String EID_STORK_TOKEN_NAME = URN_OID_PREFIX + EID_STORK_TOKEN_OID; @Deprecated - public static final String EID_STORK_TOKEN_FRIENDLY_NAME = "EID-STORK-TOKEN"; + String EID_STORK_TOKEN_FRIENDLY_NAME = "EID-STORK-TOKEN"; @Deprecated - public static final int EID_STORK_TOKEN_MAX_LENGTH = 32767; + int EID_STORK_TOKEN_MAX_LENGTH = 32767; - public static final String MANDATE_TYPE_OID = "1.2.40.0.10.2.1.1.261.68"; - public static final String MANDATE_TYPE_NAME = URN_OID_PREFIX + MANDATE_TYPE_OID; - public static final String MANDATE_TYPE_FRIENDLY_NAME = "MANDATE-TYPE"; - public static final int MANDATE_TYPE_MAX_LENGTH = 256; + String MANDATE_TYPE_OID = "1.2.40.0.10.2.1.1.261.68"; + String MANDATE_TYPE_NAME = URN_OID_PREFIX + MANDATE_TYPE_OID; + String MANDATE_TYPE_FRIENDLY_NAME = "MANDATE-TYPE"; + int MANDATE_TYPE_MAX_LENGTH = 256; - public static final String MANDATE_TYPE_OID_OID = "1.2.40.0.10.2.1.1.261.106"; - public static final String MANDATE_TYPE_OID_NAME = URN_OID_PREFIX + MANDATE_TYPE_OID_OID; - public static final String MANDATE_TYPE_OID_FRIENDLY_NAME = "MANDATE-TYPE-OID"; - public static final int MANDATE_TYPE_OID_MAX_LENGTH = 256; + String MANDATE_TYPE_OID_OID = "1.2.40.0.10.2.1.1.261.106"; + String MANDATE_TYPE_OID_NAME = URN_OID_PREFIX + MANDATE_TYPE_OID_OID; + String MANDATE_TYPE_OID_FRIENDLY_NAME = "MANDATE-TYPE-OID"; + int MANDATE_TYPE_OID_MAX_LENGTH = 256; @Deprecated - public static final String MANDATE_NAT_PER_SOURCE_PIN_OID = "1.2.40.0.10.2.1.1.261.70"; + String MANDATE_NAT_PER_SOURCE_PIN_OID = "1.2.40.0.10.2.1.1.261.70"; @Deprecated - public static final String MANDATE_NAT_PER_SOURCE_PIN_NAME = + String MANDATE_NAT_PER_SOURCE_PIN_NAME = URN_OID_PREFIX + MANDATE_NAT_PER_SOURCE_PIN_OID; @Deprecated - public static final String MANDATE_NAT_PER_SOURCE_PIN_FRIENDLY_NAME = + String MANDATE_NAT_PER_SOURCE_PIN_FRIENDLY_NAME = "MANDATOR-NATURAL-PERSON-SOURCE-PIN"; @Deprecated - public static final int MANDATE_NAT_PER_SOURCE_PIN_MAX_LENGTH = 128; + int MANDATE_NAT_PER_SOURCE_PIN_MAX_LENGTH = 128; - public static final String MANDATE_LEG_PER_SOURCE_PIN_OID = "1.2.40.0.10.2.1.1.261.100"; - public static final String MANDATE_LEG_PER_SOURCE_PIN_NAME = + String MANDATE_LEG_PER_SOURCE_PIN_OID = "1.2.40.0.10.2.1.1.261.100"; + String MANDATE_LEG_PER_SOURCE_PIN_NAME = URN_OID_PREFIX + MANDATE_LEG_PER_SOURCE_PIN_OID; - public static final String MANDATE_LEG_PER_SOURCE_PIN_FRIENDLY_NAME = + String MANDATE_LEG_PER_SOURCE_PIN_FRIENDLY_NAME = "MANDATOR-LEGAL-PERSON-SOURCE-PIN"; - public static final int MANDATE_LEG_PER_SOURCE_PIN_MAX_LENGTH = 128; + int MANDATE_LEG_PER_SOURCE_PIN_MAX_LENGTH = 128; @Deprecated - public static final String MANDATE_NAT_PER_SOURCE_PIN_TYPE_OID = "1.2.40.0.10.2.1.1.261.102"; + String MANDATE_NAT_PER_SOURCE_PIN_TYPE_OID = "1.2.40.0.10.2.1.1.261.102"; @Deprecated - public static final String MANDATE_NAT_PER_SOURCE_PIN_TYPE_NAME = + String MANDATE_NAT_PER_SOURCE_PIN_TYPE_NAME = URN_OID_PREFIX + MANDATE_NAT_PER_SOURCE_PIN_TYPE_OID; @Deprecated - public static final String MANDATE_NAT_PER_SOURCE_PIN_TYPE_FRIENDLY_NAME = + String MANDATE_NAT_PER_SOURCE_PIN_TYPE_FRIENDLY_NAME = "MANDATOR-NATURAL-PERSON-SOURCE-PIN-TYPE"; @Deprecated - public static final int MANDATE_NAT_PER_SOURCE_PIN_TYPE_MAX_LENGTH = 128; + int MANDATE_NAT_PER_SOURCE_PIN_TYPE_MAX_LENGTH = 128; - public static final String MANDATE_LEG_PER_SOURCE_PIN_TYPE_OID = "1.2.40.0.10.2.1.1.261.76"; - public static final String MANDATE_LEG_PER_SOURCE_PIN_TYPE_NAME = + String MANDATE_LEG_PER_SOURCE_PIN_TYPE_OID = "1.2.40.0.10.2.1.1.261.76"; + String MANDATE_LEG_PER_SOURCE_PIN_TYPE_NAME = URN_OID_PREFIX + MANDATE_LEG_PER_SOURCE_PIN_TYPE_OID; - public static final String MANDATE_LEG_PER_SOURCE_PIN_TYPE_FRIENDLY_NAME = + String MANDATE_LEG_PER_SOURCE_PIN_TYPE_FRIENDLY_NAME = "MANDATOR-LEGAL-PERSON-SOURCE-PIN-TYPE"; - public static final int MANDATE_LEG_PER_SOURCE_PIN_TYPE_MAX_LENGTH = 128; + int MANDATE_LEG_PER_SOURCE_PIN_TYPE_MAX_LENGTH = 128; - public static final String MANDATE_NAT_PER_BPK_OID = "1.2.40.0.10.2.1.1.261.98"; - public static final String MANDATE_NAT_PER_BPK_NAME = URN_OID_PREFIX + MANDATE_NAT_PER_BPK_OID; - public static final String MANDATE_NAT_PER_BPK_FRIENDLY_NAME = "MANDATOR-NATURAL-PERSON-BPK"; - public static final int MANDATE_NAT_PER_BPK_MAX_LENGTH = 1024; + String MANDATE_NAT_PER_BPK_OID = "1.2.40.0.10.2.1.1.261.98"; + String MANDATE_NAT_PER_BPK_NAME = URN_OID_PREFIX + MANDATE_NAT_PER_BPK_OID; + String MANDATE_NAT_PER_BPK_FRIENDLY_NAME = "MANDATOR-NATURAL-PERSON-BPK"; + int MANDATE_NAT_PER_BPK_MAX_LENGTH = 1024; - public static final String MANDATE_NAT_PER_BPK_LIST_OID = "1.2.40.0.10.2.1.1.261.73"; - public static final String MANDATE_NAT_PER_BPK_LIST_NAME = + String MANDATE_NAT_PER_BPK_LIST_OID = "1.2.40.0.10.2.1.1.261.73"; + String MANDATE_NAT_PER_BPK_LIST_NAME = URN_OID_PREFIX + MANDATE_NAT_PER_BPK_LIST_OID; - public static final String MANDATE_NAT_PER_BPK_LIST_FRIENDLY_NAME = + String MANDATE_NAT_PER_BPK_LIST_FRIENDLY_NAME = "MANDATOR-NATURAL-PERSON-BPK-LIST"; - public static final int MANDATE_NAT_PER_ENC_LIST_MAX_LENGTH = 32767; + int MANDATE_NAT_PER_ENC_LIST_MAX_LENGTH = 32767; - public static final String MANDATE_NAT_PER_ENC_BPK_LIST_OID = "1.2.40.0.10.2.1.1.261.72"; - public static final String MANDATE_NAT_PER_ENC_BPK_LIST_NAME = + String MANDATE_NAT_PER_ENC_BPK_LIST_OID = "1.2.40.0.10.2.1.1.261.72"; + String MANDATE_NAT_PER_ENC_BPK_LIST_NAME = URN_OID_PREFIX + MANDATE_NAT_PER_ENC_BPK_LIST_OID; - public static final String MANDATE_NAT_PER_ENC_BPK_LIST_FRIENDLY_NAME = + String MANDATE_NAT_PER_ENC_BPK_LIST_FRIENDLY_NAME = "MANDATOR-NATURAL-PERSON-ENC-BPK-LIST"; - public static final int MANDATE_NAT_PER_ENC_BPK_LIST_MAX_LENGTH = 32767; + int MANDATE_NAT_PER_ENC_BPK_LIST_MAX_LENGTH = 32767; - public static final String MANDATE_NAT_PER_GIVEN_NAME_OID = "1.2.40.0.10.2.1.1.261.78"; - public static final String MANDATE_NAT_PER_GIVEN_NAME_NAME = + String MANDATE_NAT_PER_GIVEN_NAME_OID = "1.2.40.0.10.2.1.1.261.78"; + String MANDATE_NAT_PER_GIVEN_NAME_NAME = URN_OID_PREFIX + MANDATE_NAT_PER_GIVEN_NAME_OID; - public static final String MANDATE_NAT_PER_GIVEN_NAME_FRIENDLY_NAME = + String MANDATE_NAT_PER_GIVEN_NAME_FRIENDLY_NAME = "MANDATOR-NATURAL-PERSON-GIVEN-NAME"; - public static final int MANDATE_NAT_PER_GIVEN_NAME_MAX_LENGTH = 128; + int MANDATE_NAT_PER_GIVEN_NAME_MAX_LENGTH = 128; - public static final String MANDATE_NAT_PER_FAMILY_NAME_OID = "1.2.40.0.10.2.1.1.261.80"; - public static final String MANDATE_NAT_PER_FAMILY_NAME_NAME = + String MANDATE_NAT_PER_FAMILY_NAME_OID = "1.2.40.0.10.2.1.1.261.80"; + String MANDATE_NAT_PER_FAMILY_NAME_NAME = URN_OID_PREFIX + MANDATE_NAT_PER_FAMILY_NAME_OID; - public static final String MANDATE_NAT_PER_FAMILY_NAME_FRIENDLY_NAME = + String MANDATE_NAT_PER_FAMILY_NAME_FRIENDLY_NAME = "MANDATOR-NATURAL-PERSON-FAMILY-NAME"; - public static final int MANDATE_NAT_PER_FAMILY_NAME_MAX_LENGTH = 128; + int MANDATE_NAT_PER_FAMILY_NAME_MAX_LENGTH = 128; - public static final String MANDATE_NAT_PER_BIRTHDATE_OID = "1.2.40.0.10.2.1.1.261.82"; - public static final String MANDATE_NAT_PER_BIRTHDATE_NAME = + String MANDATE_NAT_PER_BIRTHDATE_OID = "1.2.40.0.10.2.1.1.261.82"; + String MANDATE_NAT_PER_BIRTHDATE_NAME = URN_OID_PREFIX + MANDATE_NAT_PER_BIRTHDATE_OID; - public static final String MANDATE_NAT_PER_BIRTHDATE_FRIENDLY_NAME = + String MANDATE_NAT_PER_BIRTHDATE_FRIENDLY_NAME = "MANDATOR-NATURAL-PERSON-BIRTHDATE"; - public static final String MANDATE_NAT_PER_BIRTHDATE_FORMAT_PATTERN = BIRTHDATE_FORMAT_PATTERN; + String MANDATE_NAT_PER_BIRTHDATE_FORMAT_PATTERN = BIRTHDATE_FORMAT_PATTERN; - public static final String MANDATE_LEG_PER_FULL_NAME_OID = "1.2.40.0.10.2.1.1.261.84"; - public static final String MANDATE_LEG_PER_FULL_NAME_NAME = + String MANDATE_LEG_PER_FULL_NAME_OID = "1.2.40.0.10.2.1.1.261.84"; + String MANDATE_LEG_PER_FULL_NAME_NAME = URN_OID_PREFIX + MANDATE_LEG_PER_FULL_NAME_OID; - public static final String MANDATE_LEG_PER_FULL_NAME_FRIENDLY_NAME = + String MANDATE_LEG_PER_FULL_NAME_FRIENDLY_NAME = "MANDATOR-LEGAL-PERSON-FULL-NAME"; - public static final int MANDATE_LEG_PER_FULL_NAME_MAX_LENGTH = 256; + int MANDATE_LEG_PER_FULL_NAME_MAX_LENGTH = 256; - public static final String MANDATE_PROF_REP_OID_OID = "1.2.40.0.10.2.1.1.261.86"; - public static final String MANDATE_PROF_REP_OID_NAME = URN_OID_PREFIX + MANDATE_PROF_REP_OID_OID; - public static final String MANDATE_PROF_REP_OID_FRIENDLY_NAME = "MANDATE-PROF-REP-OID"; - public static final int MANDATE_PROF_REP_OID_MAX_LENGTH = 256; + String MANDATE_PROF_REP_OID_OID = "1.2.40.0.10.2.1.1.261.86"; + String MANDATE_PROF_REP_OID_NAME = URN_OID_PREFIX + MANDATE_PROF_REP_OID_OID; + String MANDATE_PROF_REP_OID_FRIENDLY_NAME = "MANDATE-PROF-REP-OID"; + int MANDATE_PROF_REP_OID_MAX_LENGTH = 256; - public static final String MANDATE_PROF_REP_DESC_OID = "1.2.40.0.10.2.1.1.261.88"; - public static final String MANDATE_PROF_REP_DESC_NAME = + String MANDATE_PROF_REP_DESC_OID = "1.2.40.0.10.2.1.1.261.88"; + String MANDATE_PROF_REP_DESC_NAME = URN_OID_PREFIX + MANDATE_PROF_REP_DESC_OID; - public static final String MANDATE_PROF_REP_DESC_FRIENDLY_NAME = "MANDATE-PROF-REP-DESCRIPTION"; - public static final int MANDATE_PROF_REP_DESC_MAX_LENGTH = 1024; + String MANDATE_PROF_REP_DESC_FRIENDLY_NAME = "MANDATE-PROF-REP-DESCRIPTION"; + int MANDATE_PROF_REP_DESC_MAX_LENGTH = 1024; - public static final String MANDATE_REFERENCE_VALUE_OID = "1.2.40.0.10.2.1.1.261.90"; - public static final String MANDATE_REFERENCE_VALUE_NAME = + String MANDATE_REFERENCE_VALUE_OID = "1.2.40.0.10.2.1.1.261.90"; + String MANDATE_REFERENCE_VALUE_NAME = URN_OID_PREFIX + MANDATE_REFERENCE_VALUE_OID; - public static final String MANDATE_REFERENCE_VALUE_FRIENDLY_NAME = "MANDATE-REFERENCE-VALUE"; - public static final int MANDATE_REFERENCE_VALUE_MAX_LENGTH = 100; + String MANDATE_REFERENCE_VALUE_FRIENDLY_NAME = "MANDATE-REFERENCE-VALUE"; + int MANDATE_REFERENCE_VALUE_MAX_LENGTH = 100; - public static final String MANDATE_IDENTIFIER_OID = "1.2.40.0.10.2.1.1.261.91"; - public static final String MANDATE_IDENTIFIER_FRIENDLY_NAME = "MANDATE-IDENTIFIER"; - public static final String MANDATE_IDENTIFIER_NAME = URN_OID_PREFIX + MANDATE_IDENTIFIER_OID; - public static final int MANDATE_IDENTIFIER_MAX_LENGTH = 256; + String MANDATE_IDENTIFIER_OID = "1.2.40.0.10.2.1.1.261.91"; + String MANDATE_IDENTIFIER_FRIENDLY_NAME = "MANDATE-IDENTIFIER"; + String MANDATE_IDENTIFIER_NAME = URN_OID_PREFIX + MANDATE_IDENTIFIER_OID; + int MANDATE_IDENTIFIER_MAX_LENGTH = 256; @Deprecated - public static final String MANDATE_FULL_MANDATE_OID = "1.2.40.0.10.2.1.1.261.92"; + String MANDATE_FULL_MANDATE_OID = "1.2.40.0.10.2.1.1.261.92"; @Deprecated - public static final String MANDATE_FULL_MANDATE_NAME = URN_OID_PREFIX + MANDATE_FULL_MANDATE_OID; + String MANDATE_FULL_MANDATE_NAME = URN_OID_PREFIX + MANDATE_FULL_MANDATE_OID; @Deprecated - public static final String MANDATE_FULL_MANDATE_FRIENDLY_NAME = "MANDATE-FULL-MANDATE"; + String MANDATE_FULL_MANDATE_FRIENDLY_NAME = "MANDATE-FULL-MANDATE"; @Deprecated - public static final int MANDATE_FULL_MANDATE_MAX_LENGTH = 32767; + int MANDATE_FULL_MANDATE_MAX_LENGTH = 32767; - public static final String INVOICE_RECPT_ID_OID = "1.2.40.0.10.2.1.1.261.40"; - public static final String INVOICE_RECPT_ID_NAME = URN_OID_PREFIX + INVOICE_RECPT_ID_OID; - public static final String INVOICE_RECPT_ID_FRIENDLY_NAME = "INVOICE-RECPT-ID"; - public static final int INVOICE_RECPT_ID_MAX_LENGTH = 64; + String INVOICE_RECPT_ID_OID = "1.2.40.0.10.2.1.1.261.40"; + String INVOICE_RECPT_ID_NAME = URN_OID_PREFIX + INVOICE_RECPT_ID_OID; + String INVOICE_RECPT_ID_FRIENDLY_NAME = "INVOICE-RECPT-ID"; + int INVOICE_RECPT_ID_MAX_LENGTH = 64; - public static final String COST_CENTER_ID_OID = "1.2.40.0.10.2.1.1.261.50"; - public static final String COST_CENTER_ID_NAME = URN_OID_PREFIX + COST_CENTER_ID_OID; - public static final String COST_CENTER_ID_FRIENDLY_NAME = "COST-CENTER-ID"; - public static final int COST_CENTER_ID_MAX_LENGTH = 32767; + String COST_CENTER_ID_OID = "1.2.40.0.10.2.1.1.261.50"; + String COST_CENTER_ID_NAME = URN_OID_PREFIX + COST_CENTER_ID_OID; + String COST_CENTER_ID_FRIENDLY_NAME = "COST-CENTER-ID"; + int COST_CENTER_ID_MAX_LENGTH = 32767; - public static final String CHARGE_CODE_OID = "1.2.40.0.10.2.1.1.261.60"; - public static final String CHARGE_CODE_NAME = URN_OID_PREFIX + CHARGE_CODE_OID; - public static final String CHARGE_CODE_FRIENDLY_NAME = "CHARGE-CODE"; - public static final int CHARGE_CODE_MAX_LENGTH = 32767; + String CHARGE_CODE_OID = "1.2.40.0.10.2.1.1.261.60"; + String CHARGE_CODE_NAME = URN_OID_PREFIX + CHARGE_CODE_OID; + String CHARGE_CODE_FRIENDLY_NAME = "CHARGE-CODE"; + int CHARGE_CODE_MAX_LENGTH = 32767; - public static final String PVP_HOLDEROFKEY_OID = "1.2.40.0.10.2.1.1.261.xx.xx"; - public static final String PVP_HOLDEROFKEY_NAME = URN_OID_PREFIX + PVP_HOLDEROFKEY_OID; - public static final String PVP_HOLDEROFKEY_FRIENDLY_NAME = "HOLDER-OF-KEY-CERTIFICATE"; + String PVP_HOLDEROFKEY_OID = "1.2.40.0.10.2.1.1.261.xx.xx"; + String PVP_HOLDEROFKEY_NAME = URN_OID_PREFIX + PVP_HOLDEROFKEY_OID; + String PVP_HOLDEROFKEY_FRIENDLY_NAME = "HOLDER-OF-KEY-CERTIFICATE"; } diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/data/XMLNamespaceConstants.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/data/XMLNamespaceConstants.java index 8f367281..bda600f3 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/data/XMLNamespaceConstants.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/data/XMLNamespaceConstants.java @@ -1,4 +1,4 @@ -/******************************************************************************* +/* * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology. * @@ -15,11 +15,7 @@ * This product combines work with different licenses. See the "NOTICE" text file for details on the * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative * works that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -/******************************************************************************* - *******************************************************************************/ -/******************************************************************************* - *******************************************************************************/ + */ package at.gv.egiz.eaaf.core.api.data; @@ -35,418 +31,418 @@ import java.util.Map; */ public interface XMLNamespaceConstants { /** Root location of the schema files. */ - public static final String SCHEMA_ROOT = "/schemas/"; + String SCHEMA_ROOT = "/schemas/"; /** URI of the Widerrufregister XML namespace. */ - public static final String WRR_NS_URI = + String WRR_NS_URI = "http://reference.e-government.gv.at/namespace/moavv/20041223"; /** Prefix used for the Widerrufregister XML namespace */ - public static final String WRR_PREFIX = "wrr"; + String WRR_PREFIX = "wrr"; /** URI of the StandardTextBlock XML namespace. */ - public static final String STB_NS_URI = + String STB_NS_URI = "http://reference.e-government.gv.at/namespace/standardtextblock/20041105#"; /** Prefix used for the standard text block XML namespace */ - public static final String STB_PREFIX = "stb"; + String STB_PREFIX = "stb"; /** URI of the MOA XML namespace. */ - public static final String MOA_NS_URI = + String MOA_NS_URI = "http://reference.e-government.gv.at/namespace/moa/20020822#"; /** Name of the mandates infobox */ - public static final String INFOBOXIDENTIFIER_MANDATES = "Mandates"; + String INFOBOXIDENTIFIER_MANDATES = "Mandates"; /** Prefix used for the Mandate XML namespace */ - public static final String MD_PREFIX = "md"; + String MD_PREFIX = "md"; /** URI of the Mandate XML namespace. */ - public static final String MD_NS_URI = + String MD_NS_URI = "http://reference.e-government.gv.at/namespace/mandates/20040701#"; /** Prefix used for the Mandate XML namespace */ - public static final String MVV_PREFIX = "mvv"; + String MVV_PREFIX = "mvv"; /** URI of the Mandate XML namespace. */ - public static final String MVV_NS_URI = + String MVV_NS_URI = "http://reference.e-government.gv.at/namespace/moavv/app2mvv/20041125"; /** Prefix used for the MandateCheckProfile XML namespace */ - public static final String MDP_PREFIX = "mdp"; + String MDP_PREFIX = "mdp"; /** URI of the Mandate XML namespace. */ - public static final String MDP_NS_URI = + String MDP_NS_URI = "http://reference.e-government.gv.at/namespace/mandateprofile/20041105#"; /** Prefix used for the MOA XML namespace */ - public static final String MOA_PREFIX = "moa"; + String MOA_PREFIX = "moa"; /** Local location of the MOA XML schema definition. */ - public static final String MOA_SCHEMA_LOCATION = SCHEMA_ROOT + "MOA-SPSS-2.0.0.xsd"; + String MOA_SCHEMA_LOCATION = SCHEMA_ROOT + "MOA-SPSS-2.0.0.xsd"; /** URI of the MOA configuration XML namespace. */ - public static final String MOA_CONFIG_NS_URI = + String MOA_CONFIG_NS_URI = "http://reference.e-government.gv.at/namespace/moaconfig/20021122#"; /** URI of the MOA ID configuration XML namespace. */ - public static final String MOA_ID_CONFIG_NS_URI = + String MOA_ID_CONFIG_NS_URI = "http://www.buergerkarte.at/namespaces/moaconfig#"; /** Prefix used for the MOA configuration XML namespace */ - public static final String MOA_CONFIG_PREFIX = "conf"; + String MOA_CONFIG_PREFIX = "conf"; /** Prefix used for the MOA configuration XML namespace */ - public static final String MOA_ID_CONFIG_PREFIX = "confID"; + String MOA_ID_CONFIG_PREFIX = "confID"; /** Local location of the MOA configuration XML schema definition. */ - public static final String MOA_CONFIG_SCHEMA_LOCATION = SCHEMA_ROOT + "MOA-SPSS-config-2.0.0.xsd"; + String MOA_CONFIG_SCHEMA_LOCATION = SCHEMA_ROOT + "MOA-SPSS-config-2.0.0.xsd"; /** Local location of the MOA ID configuration XML schema definition. */ - public static final String MOA_ID_CONFIG_SCHEMA_LOCATION = + String MOA_ID_CONFIG_SCHEMA_LOCATION = SCHEMA_ROOT + "MOA-ID-Configuration-1.5.2.xsd"; /** URI of the Security Layer 1.0 namespace. */ - public static final String SL10_NS_URI = + String SL10_NS_URI = "http://www.buergerkarte.at/namespaces/securitylayer/20020225#"; /** Prefix used for the Security Layer 1.0 XML namespace */ - public static final String SL10_PREFIX = "sl10"; + String SL10_PREFIX = "sl10"; /** Local location of the Security Layer 1.0 XML schema definition */ - public static final String SL10_SCHEMA_LOCATION = SCHEMA_ROOT + "Core.20020225.xsd"; + String SL10_SCHEMA_LOCATION = SCHEMA_ROOT + "Core.20020225.xsd"; /** URI of the Security Layer 1.1 XML namespace */ - public static final String SL11_NS_URI = + String SL11_NS_URI = "http://www.buergerkarte.at/namespaces/securitylayer/20020831#"; /** Prefix used for the Security Layer 1.1 XML namespace */ - public static final String SL11_PREFIX = "sl11"; + String SL11_PREFIX = "sl11"; /** Local location of the Security Layer 1.1 XML schema definition */ - public static final String SL11_SCHEMA_LOCATION = SCHEMA_ROOT + "Core.20020831.xsd"; + String SL11_SCHEMA_LOCATION = SCHEMA_ROOT + "Core.20020831.xsd"; /** URI of the Security Layer 1.2 XML namespace */ - public static final String SL12_NS_URI = + String SL12_NS_URI = "http://www.buergerkarte.at/namespaces/securitylayer/1.2#"; /** Prefix used for the Security Layer 1.2 XML namespace */ - public static final String SL12_PREFIX = "sl"; + String SL12_PREFIX = "sl"; /** Local location of the Security Layer 1.2 XML schema definition */ - public static final String SL12_SCHEMA_LOCATION = SCHEMA_ROOT + "Core-1.2.xsd"; + String SL12_SCHEMA_LOCATION = SCHEMA_ROOT + "Core-1.2.xsd"; /** URI of the ECDSA XML namespace */ - public static final String ECDSA_NS_URI = "http://www.w3.org/2001/04/xmldsig-more#"; + String ECDSA_NS_URI = "http://www.w3.org/2001/04/xmldsig-more#"; /** Prefix used for ECDSA namespace */ - public static final String ECDSA_PREFIX = "ecdsa"; + String ECDSA_PREFIX = "ecdsa"; /** Local location of ECDSA XML schema definition */ - public static final String ECDSA_SCHEMA_LOCATION = SCHEMA_ROOT + "ECDSAKeyValue.xsd"; + String ECDSA_SCHEMA_LOCATION = SCHEMA_ROOT + "ECDSAKeyValue.xsd"; /** URI of the PersonData XML namespace. */ - public static final String PD_NS_URI = + String PD_NS_URI = "http://reference.e-government.gv.at/namespace/persondata/20020228#"; /** Prefix used for the PersonData XML namespace */ - public static final String PD_PREFIX = "pr"; + String PD_PREFIX = "pr"; // /** Local location of the PersonData XML schema definition */ - // public static final String PD_SCHEMA_LOCATION = + // String PD_SCHEMA_LOCATION = // SCHEMA_ROOT + "PersonData.xsd"; /** Local location of the PersonData XML schema definition */ - public static final String PD_SCHEMA_LOCATION = SCHEMA_ROOT + "PersonData_20_en_moaWID.xsd"; + String PD_SCHEMA_LOCATION = SCHEMA_ROOT + "PersonData_20_en_moaWID.xsd"; /** URI of the SAML namespace. */ - public static final String SAML_NS_URI = "urn:oasis:names:tc:SAML:1.0:assertion"; + String SAML_NS_URI = "urn:oasis:names:tc:SAML:1.0:assertion"; /** Prefix used for the SAML XML namespace */ - public static final String SAML_PREFIX = "saml"; + String SAML_PREFIX = "saml"; /** Local location of the SAML XML schema definition. */ - public static final String SAML_SCHEMA_LOCATION = SCHEMA_ROOT + "cs-sstc-schema-assertion-01.xsd"; + String SAML_SCHEMA_LOCATION = SCHEMA_ROOT + "cs-sstc-schema-assertion-01.xsd"; /** URI of the SAML request-response protocol namespace. */ - public static final String SAMLP_NS_URI = "urn:oasis:names:tc:SAML:1.0:protocol"; + String SAMLP_NS_URI = "urn:oasis:names:tc:SAML:1.0:protocol"; /** Prefix used for the SAML request-response protocol namespace */ - public static final String SAMLP_PREFIX = "samlp"; + String SAMLP_PREFIX = "samlp"; /** Local location of the SAML request-response protocol schema definition. */ - public static final String SAMLP_SCHEMA_LOCATION = SCHEMA_ROOT + "cs-sstc-schema-protocol-01.xsd"; + String SAMLP_SCHEMA_LOCATION = SCHEMA_ROOT + "cs-sstc-schema-protocol-01.xsd"; /** URI of the XML namespace. */ - public static final String XML_NS_URI = "http://www.w3.org/XML/1998/namespace"; + String XML_NS_URI = "http://www.w3.org/XML/1998/namespace"; /** Prefix used for the XML namespace */ - public static final String XML_PREFIX = "xml"; + String XML_PREFIX = "xml"; /** Local location of the XML schema definition. */ - public static final String XML_SCHEMA_LOCATION = SCHEMA_ROOT + "xml.xsd"; + String XML_SCHEMA_LOCATION = SCHEMA_ROOT + "xml.xsd"; /** URI of the XMLNS namespace */ - public static final String XMLNS_NS_URI = "http://www.w3.org/2000/xmlns/"; + String XMLNS_NS_URI = "http://www.w3.org/2000/xmlns/"; /** Prefix used for the XSI namespace */ - public static final String XSI_PREFIX = "xsi"; + String XSI_PREFIX = "xsi"; /** Local location of the XSI schema definition. */ - public static final String XSI_SCHEMA_LOCATION = SCHEMA_ROOT + "XMLSchema-instance.xsd"; + String XSI_SCHEMA_LOCATION = SCHEMA_ROOT + "XMLSchema-instance.xsd"; /** URI of the XSI XMLNS namespace */ - public static final String XSI_NS_URI = "http://www.w3.org/2001/XMLSchema-instance"; + String XSI_NS_URI = "http://www.w3.org/2001/XMLSchema-instance"; /** URI of the XSLT XML namespace */ - public static final String XSLT_NS_URI = "http://www.w3.org/1999/XSL/Transform"; + String XSLT_NS_URI = "http://www.w3.org/1999/XSL/Transform"; /** Prefix used for the XSLT XML namespace */ - public static final String XSLT_PREFIX = "xsl"; + String XSLT_PREFIX = "xsl"; /** URI of the XMLDSig XML namespace. */ - public static final String DSIG_NS_URI = "http://www.w3.org/2000/09/xmldsig#"; + String DSIG_NS_URI = "http://www.w3.org/2000/09/xmldsig#"; /** Prefix used for the XMLDSig XML namespace */ - public static final String DSIG_PREFIX = "dsig"; + String DSIG_PREFIX = "dsig"; /** Local location of the XMLDSig XML schema. */ - public static final String DSIG_SCHEMA_LOCATION = SCHEMA_ROOT + "xmldsig-core-schema.xsd"; + String DSIG_SCHEMA_LOCATION = SCHEMA_ROOT + "xmldsig-core-schema.xsd"; /** URI of the XMLDSig XPath Filter XML namespace. */ - public static final String DSIG_FILTER2_NS_URI = "http://www.w3.org/2002/06/xmldsig-filter2"; + String DSIG_FILTER2_NS_URI = "http://www.w3.org/2002/06/xmldsig-filter2"; /** Prefix used for the XMLDSig XPath Filter XML namespace */ - public static final String DSIG_FILTER2_PREFIX = "dsig-filter2"; + String DSIG_FILTER2_PREFIX = "dsig-filter2"; /** Local location of the XMLDSig XPath Filter XML schema definition. */ - public static final String DSIG_FILTER2_SCHEMA_LOCATION = SCHEMA_ROOT + "xmldsig-filter2.xsd"; + String DSIG_FILTER2_SCHEMA_LOCATION = SCHEMA_ROOT + "xmldsig-filter2.xsd"; /** URI of the Exclusive Canonicalization XML namespace */ - public static final String DSIG_EC_NS_URI = "http://www.w3.org/2001/10/xml-exc-c14n#"; + String DSIG_EC_NS_URI = "http://www.w3.org/2001/10/xml-exc-c14n#"; /** Prefix used for the Exclusive Canonicalization XML namespace */ - public static final String DSIG_EC_PREFIX = "ec"; + String DSIG_EC_PREFIX = "ec"; /** Local location of the Exclusive Canonicalizaion XML schema definition */ - public static final String DSIG_EC_SCHEMA_LOCATION = + String DSIG_EC_SCHEMA_LOCATION = SCHEMA_ROOT + "exclusive-canonicalization.xsd"; /** URI of the XMLLoginParameterResolver Configuration XML namespace */ - public static final String XMLLPR_NS_URI = + String XMLLPR_NS_URI = "http://reference.e-government.gv.at/namespace/moa/20020822#/xmllpr20030814"; /** Local location of the XMLLoginParameterResolver Configuration XML schema definition */ - public static final String XMLLPR_SCHEMA_LOCATION = SCHEMA_ROOT + "MOAIdentities.xsd"; + String XMLLPR_SCHEMA_LOCATION = SCHEMA_ROOT + "MOAIdentities.xsd"; /** Local location of the XAdES v1.1.1 schema definition */ - public static final String XADES_1_1_1_SCHEMA_LOCATION = SCHEMA_ROOT + "XAdES-1.1.1.xsd"; + String XADES_1_1_1_SCHEMA_LOCATION = SCHEMA_ROOT + "XAdES-1.1.1.xsd"; /** URI of the XAdES v1.1.1 namespace */ - public static final String XADES_1_1_1_NS_URI = "http://uri.etsi.org/01903/v1.1.1#"; + String XADES_1_1_1_NS_URI = "http://uri.etsi.org/01903/v1.1.1#"; - public static final String XADES_1_1_1_NS_PREFIX = "xades111"; + String XADES_1_1_1_NS_PREFIX = "xades111"; /** Local location of the XAdES v1.2.2 schema definition */ - public static final String XADES_1_2_2_SCHEMA_LOCATION = SCHEMA_ROOT + "XAdES-1.2.2.xsd"; + String XADES_1_2_2_SCHEMA_LOCATION = SCHEMA_ROOT + "XAdES-1.2.2.xsd"; /** URI of the XAdES v1.2.2 namespace */ - public static final String XADES_1_2_2_NS_URI = "http://uri.etsi.org/01903/v1.2.2#"; + String XADES_1_2_2_NS_URI = "http://uri.etsi.org/01903/v1.2.2#"; - public static final String XADES_1_2_2_NS_PREFIX = "xades122"; + String XADES_1_2_2_NS_PREFIX = "xades122"; /** Local location of the XAdES v1.1.1 schema definition */ - public static final String XADES_1_3_2_SCHEMA_LOCATION = SCHEMA_ROOT + "XAdES-1.3.2.xsd"; + String XADES_1_3_2_SCHEMA_LOCATION = SCHEMA_ROOT + "XAdES-1.3.2.xsd"; /** URI of the XAdES v1.3.2 namespace */ - public static final String XADES_1_3_2_NS_URI = "http://uri.etsi.org/01903/v1.3.2#"; + String XADES_1_3_2_NS_URI = "http://uri.etsi.org/01903/v1.3.2#"; - public static final String XADES_1_3_2_NS_PREFIX = "xades132"; + String XADES_1_3_2_NS_PREFIX = "xades132"; /** Local location of the XAdES v1.4.1 schema definition */ - public static final String XADES_1_4_1_SCHEMA_LOCATION = SCHEMA_ROOT + "XAdES-1.4.1.xsd"; + String XADES_1_4_1_SCHEMA_LOCATION = SCHEMA_ROOT + "XAdES-1.4.1.xsd"; /** URI of the XAdES v1.4.1 namespace */ - public static final String XADES_1_4_1_NS_URI = "http://uri.etsi.org/01903/v1.4.1#"; + String XADES_1_4_1_NS_URI = "http://uri.etsi.org/01903/v1.4.1#"; - public static final String XADES_1_4_1_NS_PREFIX = "xades141"; + String XADES_1_4_1_NS_PREFIX = "xades141"; /** URI of the SAML 2.0 namespace. */ - public static final String SAML2_NS_URI = "urn:oasis:names:tc:SAML:2.0:assertion"; + String SAML2_NS_URI = "urn:oasis:names:tc:SAML:2.0:assertion"; /** Prefix used for the SAML 2.0 XML namespace */ - public static final String SAML2_PREFIX = "saml2"; + String SAML2_PREFIX = "saml2"; /** Local location of the SAML 2.0 XML schema definition. */ - public static final String SAML2_SCHEMA_LOCATION = SCHEMA_ROOT + "saml-schema-assertion-2.0.xsd"; + String SAML2_SCHEMA_LOCATION = SCHEMA_ROOT + "saml-schema-assertion-2.0.xsd"; /** URI of the SAML 2.0 protocol namespace. */ - public static final String SAML2P_NS_URI = "urn:oasis:names:tc:SAML:2.0:protocol"; + String SAML2P_NS_URI = "urn:oasis:names:tc:SAML:2.0:protocol"; /** Prefix used for the SAML 2.0 protocol XML namespace */ - public static final String SAML2P_PREFIX = "saml2p"; + String SAML2P_PREFIX = "saml2p"; /** Local location of the SAML 2.0 protocol XML schema definition. */ - public static final String SAML2P_SCHEMA_LOCATION = SCHEMA_ROOT + "saml-schema-protocol-2.0.xsd"; + String SAML2P_SCHEMA_LOCATION = SCHEMA_ROOT + "saml-schema-protocol-2.0.xsd"; /** URI of the STORK namespace. */ - public static final String STORK_NS_URI = "urn:eu:stork:names:tc:STORK:1.0:assertion"; + String STORK_NS_URI = "urn:eu:stork:names:tc:STORK:1.0:assertion"; /** Prefix used for the STORK XML namespace */ - public static final String STORK_PREFIX = "stork"; + String STORK_PREFIX = "stork"; /** Local location of the STORK XML schema definition. */ - public static final String STORK_SCHEMA_LOCATION = SCHEMA_ROOT + "stork-schema-assertion-1.0.xsd"; + String STORK_SCHEMA_LOCATION = SCHEMA_ROOT + "stork-schema-assertion-1.0.xsd"; /** URI of the STORK protocol namespace. */ - public static final String STORKP_NS_URI = "urn:eu:stork:names:tc:STORK:1.0:protocol"; + String STORKP_NS_URI = "urn:eu:stork:names:tc:STORK:1.0:protocol"; /** Prefix used for the STORK protocol XML namespace */ - public static final String STORKP_PREFIX = "storkp"; + String STORKP_PREFIX = "storkp"; /** Local location of the STORK protocol XML schema definition. */ - public static final String STORKP_SCHEMA_LOCATION = SCHEMA_ROOT + "stork-schema-protocol-1.0.xsd"; + String STORKP_SCHEMA_LOCATION = SCHEMA_ROOT + "stork-schema-protocol-1.0.xsd"; /** URI of the TSL namespace. */ - public static final String TSL_NS_URI = "http://uri.etsi.org/02231/v2#"; + String TSL_NS_URI = "http://uri.etsi.org/02231/v2#"; /** Prefix used for the TSL namespace */ - public static final String TSL_PREFIX = "tsl1"; + String TSL_PREFIX = "tsl1"; /** Local location of the TSL schema definition. */ - public static final String TSL_SCHEMA_LOCATION = SCHEMA_ROOT + "ts_119612v010201_xsd.xsd"; + String TSL_SCHEMA_LOCATION = SCHEMA_ROOT + "ts_119612v010201_xsd.xsd"; /** URI of the TSL SIE namespace. */ - public static final String TSL_SIE_NS_URI = + String TSL_SIE_NS_URI = "http://uri.etsi.org/TrstSvc/SvcInfoExt/eSigDir-1999-93-EC-TrustedList/#"; /** Prefix used for the TSL SIE namespace */ - public static final String TSL_SIE_PREFIX = "tslsie"; + String TSL_SIE_PREFIX = "tslsie"; /** Local location of the TSL SIE schema definition. */ - public static final String TSL_SIE_SCHEMA_LOCATION = SCHEMA_ROOT + "ts_119612v010201_sie_xsd.xsd"; + String TSL_SIE_SCHEMA_LOCATION = SCHEMA_ROOT + "ts_119612v010201_sie_xsd.xsd"; /** URI of the TSL additional types namespace. */ - public static final String TSL_ADDTYPES_NS_URI = "http://uri.etsi.org/02231/v2/additionaltypes#"; + String TSL_ADDTYPES_NS_URI = "http://uri.etsi.org/02231/v2/additionaltypes#"; /** Prefix used for the TSL additional types namespace */ - public static final String TSL_ADDTYPES_PREFIX = "tsltype"; + String TSL_ADDTYPES_PREFIX = "tsltype"; /** Local location of the TSL additional types schema definition. */ - public static final String TSL_ADDTYPES_SCHEMA_LOCATION = + String TSL_ADDTYPES_SCHEMA_LOCATION = SCHEMA_ROOT + "ts_ts_119612v010201_additionaltypes_xsd.xsd"; /** URI of the XML Encryption namespace. */ - public static final String XENC_NS_URI = "http://www.w3.org/2001/04/xmlenc#"; + String XENC_NS_URI = "http://www.w3.org/2001/04/xmlenc#"; /** Prefix used for the XML Encryption XML namespace */ - public static final String XENC_PREFIX = "xenc"; + String XENC_PREFIX = "xenc"; /** Local location of the XML Encryption XML schema definition. */ - public static final String XENC_SCHEMA_LOCATION = SCHEMA_ROOT + "xenc-schema.xsd"; + String XENC_SCHEMA_LOCATION = SCHEMA_ROOT + "xenc-schema.xsd"; /** Prefix used for the XML Encryption XML namespace */ - public static final String SAML2_METADATA_PREFIX = "md"; + String SAML2_METADATA_PREFIX = "md"; /** Prefix used for the XML Encryption XML namespace */ - public static final String SAML2_METADATA_URI = "urn:oasis:names:tc:SAML:2.0:metadata"; + String SAML2_METADATA_URI = "urn:oasis:names:tc:SAML:2.0:metadata"; /** Local location of the XML Encryption XML schema definition. */ - public static final String SAML2_METADATA_SCHEMA_LOCATION = + String SAML2_METADATA_SCHEMA_LOCATION = SCHEMA_ROOT + "saml-schema-metadata-2.0.xsd"; /* Prefix and Schema definition for eIDAS specific SAML2 extensions */ - public static final String SAML2_eIDAS_EXTENSIONS_PREFIX = "eidas"; - public static final String SAML2_eIDAS_EXTENSIONS = "http://eidas.europa.eu/saml-extensions"; - public static final String SAML2_eIDAS_EXTENSIONS_SCHEMA_LOCATION = + String SAML2_eIDAS_EXTENSIONS_PREFIX = "eidas"; + String SAML2_eIDAS_EXTENSIONS = "http://eidas.europa.eu/saml-extensions"; + String SAML2_eIDAS_EXTENSIONS_SCHEMA_LOCATION = SCHEMA_ROOT + "eIDAS_saml_extensions.xsd"; /* Prefix and Schema for SAML2 Entity Attributes */ - public static final String SAML2_MDATTR_EXTENSIONS_PREFIX = "mdattr"; - public static final String SAML2_MDATTR_EXTENSIONS = "urn:oasis:names:tc:SAML:metadata:attribute"; - public static final String SAML2_MDATTR_EXTENSIONS_SCHEMA_LOCATION = + String SAML2_MDATTR_EXTENSIONS_PREFIX = "mdattr"; + String SAML2_MDATTR_EXTENSIONS = "urn:oasis:names:tc:SAML:metadata:attribute"; + String SAML2_MDATTR_EXTENSIONS_SCHEMA_LOCATION = SCHEMA_ROOT + "sstc-metadata-attr.xsd"; /** * Contains all namespaces and local schema locations for XML schema definitions relevant for MOA. * For use in validating XML parsers. */ - public static final String ALL_SCHEMA_LOCATIONS = (MOA_NS_URI + " " + MOA_SCHEMA_LOCATION + " ") - + (MOA_CONFIG_NS_URI + " " + MOA_CONFIG_SCHEMA_LOCATION + " ") - + (MOA_ID_CONFIG_NS_URI + " " + MOA_ID_CONFIG_SCHEMA_LOCATION + " ") - + (SL10_NS_URI + " " + SL10_SCHEMA_LOCATION + " ") - + (SL11_NS_URI + " " + SL11_SCHEMA_LOCATION + " ") - + (SL12_NS_URI + " " + SL12_SCHEMA_LOCATION + " ") - + (ECDSA_NS_URI + " " + ECDSA_SCHEMA_LOCATION + " ") - + (PD_NS_URI + " " + PD_SCHEMA_LOCATION + " ") - + (SAML_NS_URI + " " + SAML_SCHEMA_LOCATION + " ") - + (SAMLP_NS_URI + " " + SAMLP_SCHEMA_LOCATION + " ") - + (XML_NS_URI + " " + XML_SCHEMA_LOCATION + " ") - + (XSI_NS_URI + " " + XSI_SCHEMA_LOCATION + " ") - + (DSIG_NS_URI + " " + DSIG_SCHEMA_LOCATION + " ") - + (DSIG_FILTER2_NS_URI + " " + DSIG_FILTER2_SCHEMA_LOCATION + " ") - + (DSIG_EC_NS_URI + " " + DSIG_EC_SCHEMA_LOCATION + " ") - + (XMLLPR_NS_URI + " " + XMLLPR_SCHEMA_LOCATION + " ") - + (XADES_1_1_1_NS_URI + " " + XADES_1_1_1_SCHEMA_LOCATION + " ") - + (XADES_1_2_2_NS_URI + " " + XADES_1_2_2_SCHEMA_LOCATION + " ") - + (XADES_1_3_2_NS_URI + " " + XADES_1_3_2_SCHEMA_LOCATION + " ") - + (XADES_1_4_1_NS_URI + " " + XADES_1_4_1_SCHEMA_LOCATION + " ") - + (TSL_NS_URI + " " + TSL_SCHEMA_LOCATION + " ") - + (TSL_SIE_NS_URI + " " + TSL_SIE_SCHEMA_LOCATION + " ") - + (TSL_ADDTYPES_NS_URI + " " + TSL_ADDTYPES_SCHEMA_LOCATION + " ") - + (SAML2_NS_URI + " " + SAML2_SCHEMA_LOCATION + " ") - + (SAML2P_NS_URI + " " + SAML2P_SCHEMA_LOCATION + " ") - + (STORK_NS_URI + " " + STORK_SCHEMA_LOCATION + " ") - + (STORKP_NS_URI + " " + STORKP_SCHEMA_LOCATION + " ") - + (SAML2_METADATA_URI + " " + SAML2_METADATA_SCHEMA_LOCATION + " ") - + (XENC_NS_URI + " " + XENC_SCHEMA_LOCATION + " ") - + (SAML2_eIDAS_EXTENSIONS + " " + SAML2_eIDAS_EXTENSIONS_SCHEMA_LOCATION + " ") - + (SAML2_MDATTR_EXTENSIONS + " " + SAML2_MDATTR_EXTENSIONS_SCHEMA_LOCATION); + String ALL_SCHEMA_LOCATIONS = MOA_NS_URI + " " + MOA_SCHEMA_LOCATION + " " + + MOA_CONFIG_NS_URI + " " + MOA_CONFIG_SCHEMA_LOCATION + " " + + MOA_ID_CONFIG_NS_URI + " " + MOA_ID_CONFIG_SCHEMA_LOCATION + " " + + SL10_NS_URI + " " + SL10_SCHEMA_LOCATION + " " + + SL11_NS_URI + " " + SL11_SCHEMA_LOCATION + " " + + SL12_NS_URI + " " + SL12_SCHEMA_LOCATION + " " + + ECDSA_NS_URI + " " + ECDSA_SCHEMA_LOCATION + " " + + PD_NS_URI + " " + PD_SCHEMA_LOCATION + " " + + SAML_NS_URI + " " + SAML_SCHEMA_LOCATION + " " + + SAMLP_NS_URI + " " + SAMLP_SCHEMA_LOCATION + " " + + XML_NS_URI + " " + XML_SCHEMA_LOCATION + " " + + XSI_NS_URI + " " + XSI_SCHEMA_LOCATION + " " + + DSIG_NS_URI + " " + DSIG_SCHEMA_LOCATION + " " + + DSIG_FILTER2_NS_URI + " " + DSIG_FILTER2_SCHEMA_LOCATION + " " + + DSIG_EC_NS_URI + " " + DSIG_EC_SCHEMA_LOCATION + " " + + XMLLPR_NS_URI + " " + XMLLPR_SCHEMA_LOCATION + " " + + XADES_1_1_1_NS_URI + " " + XADES_1_1_1_SCHEMA_LOCATION + " " + + XADES_1_2_2_NS_URI + " " + XADES_1_2_2_SCHEMA_LOCATION + " " + + XADES_1_3_2_NS_URI + " " + XADES_1_3_2_SCHEMA_LOCATION + " " + + XADES_1_4_1_NS_URI + " " + XADES_1_4_1_SCHEMA_LOCATION + " " + + TSL_NS_URI + " " + TSL_SCHEMA_LOCATION + " " + + TSL_SIE_NS_URI + " " + TSL_SIE_SCHEMA_LOCATION + " " + + TSL_ADDTYPES_NS_URI + " " + TSL_ADDTYPES_SCHEMA_LOCATION + " " + + SAML2_NS_URI + " " + SAML2_SCHEMA_LOCATION + " " + + SAML2P_NS_URI + " " + SAML2P_SCHEMA_LOCATION + " " + + STORK_NS_URI + " " + STORK_SCHEMA_LOCATION + " " + + STORKP_NS_URI + " " + STORKP_SCHEMA_LOCATION + " " + + SAML2_METADATA_URI + " " + SAML2_METADATA_SCHEMA_LOCATION + " " + + XENC_NS_URI + " " + XENC_SCHEMA_LOCATION + " " + + SAML2_eIDAS_EXTENSIONS + " " + SAML2_eIDAS_EXTENSIONS_SCHEMA_LOCATION + " " + + SAML2_MDATTR_EXTENSIONS + " " + SAML2_MDATTR_EXTENSIONS_SCHEMA_LOCATION; /** Security Layer manifest type URI. */ - public static final String SL_MANIFEST_TYPE_URI = + String SL_MANIFEST_TYPE_URI = "http://www.buergerkarte.at/specifications/Security-Layer/20020225#SignatureManifest"; /** URI of the SHA1 digest algorithm */ - public static final String SHA1_URI = "http://www.w3.org/2000/09/xmldsig#sha1"; + String SHA1_URI = "http://www.w3.org/2000/09/xmldsig#sha1"; /** URI of the SHA1 digest algorithm */ - public static final String SHA256_URI = "http://www.w3.org/2000/09/xmldsig#sha256"; + String SHA256_URI = "http://www.w3.org/2000/09/xmldsig#sha256"; /** URI of the SHA1 digest algorithm */ - public static final String SHA384_URI = "http://www.w3.org/2000/09/xmldsig#sha384"; + String SHA384_URI = "http://www.w3.org/2000/09/xmldsig#sha384"; /** URI of the SHA1 digest algorithm */ - public static final String SHA512_URI = "http://www.w3.org/2000/09/xmldsig#sha512"; + String SHA512_URI = "http://www.w3.org/2000/09/xmldsig#sha512"; - public static final String SHA3_256_URI = "http://www.w3.org/2007/05/xmldsig-more#sha3-256"; + String SHA3_256_URI = "http://www.w3.org/2007/05/xmldsig-more#sha3-256"; - public static final String SHA3_512_URI = "http://www.w3.org/2007/05/xmldsig-more#sha3-512"; + String SHA3_512_URI = "http://www.w3.org/2007/05/xmldsig-more#sha3-512"; /** URI of the Canonical XML algorithm */ - public static final String C14N_URI = "http://www.w3.org/TR/2001/REC-xml-c14n-20010315"; + String C14N_URI = "http://www.w3.org/TR/2001/REC-xml-c14n-20010315"; /** URI of the Canoncial XML with comments algorithm */ - public static final String C14N_WITH_COMMENTS_URI = + String C14N_WITH_COMMENTS_URI = "http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"; /** URI of the Exclusive Canonical XML algorithm */ - public static final String EXC_C14N_URI = "http://www.w3.org/2001/10/xml-exc-c14n#"; + String EXC_C14N_URI = "http://www.w3.org/2001/10/xml-exc-c14n#"; /** URI of the Exclusive Canonical XML with commments algorithm */ - public static final String EXC_C14N_WITH_COMMENTS_URI = + String EXC_C14N_WITH_COMMENTS_URI = "http://www.w3.org/2001/10/xml-exc-c14n#WithComments"; /** * A map used to map namespace prefixes to namespace URIs */ - public static final Map<String, String> nSMap = + Map<String, String> nSMap = Collections.unmodifiableMap(new HashMap<String, String>() { - private static final long serialVersionUID = 3845384324295136490L; + private static final long serialVersionUID = 3845384324295136490L; { put(XMLNamespaceConstants.SAML_PREFIX, XMLNamespaceConstants.SAML_NS_URI); put(XMLNamespaceConstants.ECDSA_PREFIX, "http://www.w3.org/2001/04/xmldsig-more#"); diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/gui/GroupDefinition.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/gui/GroupDefinition.java index b53ba830..5fdbe2bb 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/gui/GroupDefinition.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/gui/GroupDefinition.java @@ -5,7 +5,7 @@ public class GroupDefinition { private final String name; private final Type type; - private GroupDefinition(final String name, final Type type) { + GroupDefinition(final String name, final Type type) { this.name = name; this.type = type; } @@ -25,7 +25,7 @@ public class GroupDefinition { public enum Type { LIST("list"), MAP("map"); - private Type(final String type) { + Type(final String type) { } } diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/gui/IGuiBuilderConfiguration.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/gui/IGuiBuilderConfiguration.java index 6fa80919..52fa7f45 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/gui/IGuiBuilderConfiguration.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/gui/IGuiBuilderConfiguration.java @@ -35,14 +35,14 @@ public interface IGuiBuilderConfiguration { * * @return templatename, but never null */ - public String getViewName(); + String getViewName(); /** * Define the parameters, which should be evaluated in the template. * * @return Map of parameters, which should be added to template */ - public Map<String, Object> getViewParameters(); + Map<String, Object> getViewParameters(); /** * Get the contentType, which should be set in HTTP response. <br> @@ -51,5 +51,5 @@ public interface IGuiBuilderConfiguration { * * @return ContentType, or null if default ContentType should be used. */ - public String getDefaultContentType(); + String getDefaultContentType(); } diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/gui/IGuiBuilderConfigurationFactory.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/gui/IGuiBuilderConfigurationFactory.java index 77bdf89d..b01990af 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/gui/IGuiBuilderConfigurationFactory.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/gui/IGuiBuilderConfigurationFactory.java @@ -32,7 +32,7 @@ public interface IGuiBuilderConfigurationFactory { * @param authUrl PublicURLPrefix of the IDP but never null * @return */ - public IGuiBuilderConfiguration getDefaultErrorGui(String authUrl); + IGuiBuilderConfiguration getDefaultErrorGui(String authUrl); /** * Default Velocity based GUI builder configuration. @@ -47,7 +47,7 @@ public interface IGuiBuilderConfigurationFactory { * @return GUI builder configuration * @throws MalformedURLException If configRootContextDir is not a valid URI */ - public IVelocityGuiBuilderConfiguration getSpSpecificSaml2PostConfiguration(IRequest pendingReq, + IVelocityGuiBuilderConfiguration getSpSpecificSaml2PostConfiguration(IRequest pendingReq, String viewName, URI configRootContextDir) throws MalformedURLException; } diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/gui/IGuiFormBuilder.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/gui/IGuiFormBuilder.java index 25349861..f0811021 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/gui/IGuiFormBuilder.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/gui/IGuiFormBuilder.java @@ -46,7 +46,7 @@ public interface IGuiFormBuilder { * * @throws GuiBuildException in case of an error */ - public void build(HttpServletRequest httpReq, HttpServletResponse httpResp, + void build(HttpServletRequest httpReq, HttpServletResponse httpResp, IGuiBuilderConfiguration config, String loggerName) throws GuiBuildException; /** diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/gui/IVelocityGuiBuilderConfiguration.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/gui/IVelocityGuiBuilderConfiguration.java index a6ea0606..151f1eeb 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/gui/IVelocityGuiBuilderConfiguration.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/gui/IVelocityGuiBuilderConfiguration.java @@ -9,7 +9,7 @@ public interface IVelocityGuiBuilderConfiguration extends IGuiBuilderConfigurati * * @return Classpath directory, or null if the default directory should be used */ - public String getClasspathTemplateDir(); + String getClasspathTemplateDir(); /** * Get the GUI template with a specific name. @@ -18,6 +18,6 @@ public interface IVelocityGuiBuilderConfiguration extends IGuiBuilderConfigurati * @return Tempate as <code>InputStream</code>, or null if default getTemplate method should be * used */ - public InputStream getTemplate(String viewName); + InputStream getTemplate(String viewName); } diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/EaafAuthProcessDataConstants.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/EaafAuthProcessDataConstants.java index e4763ddc..5963dc5f 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/EaafAuthProcessDataConstants.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/EaafAuthProcessDataConstants.java @@ -21,21 +21,21 @@ package at.gv.egiz.eaaf.core.api.idp; public interface EaafAuthProcessDataConstants { - public static final String GENERIC_PREFIX = "generic_"; + String GENERIC_PREFIX = "generic_"; - public static final String VALUE_ISSUEINSTANT = "direct_issueInstant"; + String VALUE_ISSUEINSTANT = "direct_issueInstant"; - public static final String FLAG_IS_AUTHENTICATED = "direct_flagIsAuth"; - public static final String FLAG_IS_FOREIGNER = "direct_flagIsForeigner"; - public static final String FLAG_USE_MANDATE = "direct_flagUseMandate"; - public static final String FLAG_IS_ORGANWALTER = "direct_flagOrganwalter"; - public static final String FLAG_IS_NEW_EID_PROCESS = "direct_flagIsNewEID"; + String FLAG_IS_AUTHENTICATED = "direct_flagIsAuth"; + String FLAG_IS_FOREIGNER = "direct_flagIsForeigner"; + String FLAG_USE_MANDATE = "direct_flagUseMandate"; + String FLAG_IS_ORGANWALTER = "direct_flagOrganwalter"; + String FLAG_IS_NEW_EID_PROCESS = "direct_flagIsNewEID"; @Deprecated - public static final String VALUE_IDENTITYLINK = "direct_idl"; - public static final String VALUE_QAALEVEL = "direct_qaaLevel"; + String VALUE_IDENTITYLINK = "direct_idl"; + String VALUE_QAALEVEL = "direct_qaaLevel"; @Deprecated - public static final String VALUE_MISMANDATE = "direct_MIS_Mandate"; + String VALUE_MISMANDATE = "direct_MIS_Mandate"; } diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IAction.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IAction.java index 50a76007..e2d553fb 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IAction.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IAction.java @@ -34,11 +34,11 @@ import at.gv.egiz.eaaf.core.exceptions.EaafException; * */ public interface IAction { - public SloInformationInterface processRequest(IRequest req, HttpServletRequest httpReq, + SloInformationInterface processRequest(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp, IAuthData authData) throws EaafException; - public boolean needAuthentication(IRequest req, HttpServletRequest httpReq, + boolean needAuthentication(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp); - public String getDefaultActionName(); + String getDefaultActionName(); } diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IAttributeBuilder.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IAttributeBuilder.java index d3736a17..86739725 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IAttributeBuilder.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IAttributeBuilder.java @@ -22,10 +22,10 @@ package at.gv.egiz.eaaf.core.api.idp; import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException; public interface IAttributeBuilder { - public String getName(); + String getName(); - public <ATT> ATT build(final IspConfiguration oaParam, final IAuthData authData, + <ATT> ATT build(final IspConfiguration oaParam, final IAuthData authData, final IAttributeGenerator<ATT> g) throws AttributeBuilderException; - public <ATT> ATT buildEmpty(final IAttributeGenerator<ATT> g); + <ATT> ATT buildEmpty(final IAttributeGenerator<ATT> g); } diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IAttributeGenerator.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IAttributeGenerator.java index 0f50bada..34f1f73f 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IAttributeGenerator.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IAttributeGenerator.java @@ -28,14 +28,14 @@ public interface IAttributeGenerator<ATT> { * @param value value * @return */ - public abstract ATT buildStringAttribute(final String friendlyName, final String name, + ATT buildStringAttribute(final String friendlyName, final String name, final String value); - public abstract ATT buildIntegerAttribute(final String friendlyName, final String name, + ATT buildIntegerAttribute(final String friendlyName, final String name, final int value); - public abstract ATT buildLongAttribute(final String friendlyName, final String name, + ATT buildLongAttribute(final String friendlyName, final String name, final long value); - public abstract ATT buildEmptyAttribute(final String friendlyName, final String name); + ATT buildEmptyAttribute(final String friendlyName, final String name); } diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IAuthData.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IAuthData.java index 68106549..de18319b 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IAuthData.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IAuthData.java @@ -109,7 +109,7 @@ public interface IAuthData { * * @return eIDAS LoA URI */ - public String getEidasQaaLevel(); + String getEidasQaaLevel(); /** @@ -171,7 +171,7 @@ public interface IAuthData { * @param clazz Type of the generic data * @return return the generic data of specific type, otherwise null */ - public <T> T getGenericData(String key, final Class<T> clazz); + <T> T getGenericData(String key, final Class<T> clazz); /** diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IConfiguration.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IConfiguration.java index e41f099b..5bb750ed 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IConfiguration.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IConfiguration.java @@ -29,7 +29,7 @@ public interface IConfiguration { * @param key configuration key * @return configuration value or null if it is not found */ - public String getBasicConfiguration(final String key); + String getBasicConfiguration(final String key); /** @@ -39,7 +39,7 @@ public interface IConfiguration { * @param defaultValue Default value if no value with this key is found * @return configuration value */ - public String getBasicConfiguration(final String key, final String defaultValue); + String getBasicConfiguration(final String key, final String defaultValue); /** @@ -49,7 +49,7 @@ public interface IConfiguration { * @return configuration value as {@link Boolean} or <code>false</code> if key * does not exist */ - public boolean getBasicConfigurationBoolean(final String key); + boolean getBasicConfigurationBoolean(final String key); /** * Get a configuration value from file based configuration. @@ -59,7 +59,7 @@ public interface IConfiguration { * @return configuration value as {@link Boolean} or <code>defaultValue</code> * if key does not exist */ - public boolean getBasicConfigurationBoolean(final String key, final boolean defaultValue); + boolean getBasicConfigurationBoolean(final String key, final boolean defaultValue); /** @@ -67,7 +67,7 @@ public interface IConfiguration { * * @return */ - public URI getConfigurationRootDirectory(); + URI getConfigurationRootDirectory(); } diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IConfigurationWithSP.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IConfigurationWithSP.java index 1c065c94..9e5786b6 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IConfigurationWithSP.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IConfigurationWithSP.java @@ -8,7 +8,7 @@ import at.gv.egiz.eaaf.core.exceptions.EaafException; public interface IConfigurationWithSP extends IConfiguration { - public static final String CONFIG_PROPS_AUTH_DEFAULT_COUNTRYCODE = + String CONFIG_PROPS_AUTH_DEFAULT_COUNTRYCODE = "configuration.auth.default.countrycode"; @@ -20,7 +20,7 @@ public interface IConfigurationWithSP extends IConfiguration { * @throws EaafConfigurationException In case of a Service-Provider loading error */ @Nullable - public IspConfiguration getServiceProviderConfiguration(final String uniqueID) + IspConfiguration getServiceProviderConfiguration(final String uniqueID) throws EaafConfigurationException; @@ -34,7 +34,7 @@ public interface IConfigurationWithSP extends IConfiguration { * @throws EaafConfigurationException In case of a Service-Provider loading error */ @Nullable - public <T> T getServiceProviderConfiguration(String spIdentifier, final Class<T> decorator) + <T> T getServiceProviderConfiguration(String spIdentifier, final Class<T> decorator) throws EaafConfigurationException; @@ -47,7 +47,7 @@ public interface IConfigurationWithSP extends IConfiguration { * @param prefix Prefix of the configuration key * @return Map String/String without prefix, but never null */ - public Map<String, String> getBasicConfigurationWithPrefix(final String prefix); + Map<String, String> getBasicConfigurationWithPrefix(final String prefix); /** * Validate a URL if it it is allowed by configuration. @@ -55,5 +55,5 @@ public interface IConfigurationWithSP extends IConfiguration { * @param authReqUrl URL for validation * @return URL of the application context if the authReqUrl was valid, otherwise null */ - public String validateIdpUrl(URL authReqUrl) throws EaafException; + String validateIdpUrl(URL authReqUrl) throws EaafException; } diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IExtendedConfiguration.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IExtendedConfiguration.java index 61bce96d..ec09995d 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IExtendedConfiguration.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IExtendedConfiguration.java @@ -11,7 +11,7 @@ public interface IExtendedConfiguration extends IConfigurationWithSP { * @return */ @Deprecated - public Properties getFullConfigurationProperties(); + Properties getFullConfigurationProperties(); /** * Get the path to EAAFCore configuration that is internally used. @@ -19,6 +19,6 @@ public interface IExtendedConfiguration extends IConfigurationWithSP { * @return */ @Deprecated - public URI getConfigurationFilePath(); + URI getConfigurationFilePath(); } diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IModulInfo.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IModulInfo.java index 3625de86..8dc30568 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IModulInfo.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IModulInfo.java @@ -36,14 +36,14 @@ public interface IModulInfo { * * @return */ - public String getName(); + String getName(); /** * Authentication protocol identifier for this module. * * @return */ - public String getAuthProtocolIdentifier(); + String getAuthProtocolIdentifier(); /** * Generates a protocol specific error message. @@ -57,7 +57,7 @@ public interface IModulInfo { * <i>false</i> * @throws Throwable In case of an internal error during error message generation */ - public boolean generateErrorMessage(Throwable e, HttpServletRequest request, + boolean generateErrorMessage(Throwable e, HttpServletRequest request, HttpServletResponse response, IRequest protocolRequest) throws Throwable; /** @@ -68,6 +68,6 @@ public interface IModulInfo { * @param pending incoming protocol request * @return return <i>true</i> if the incoming request is valid, otherwise <i>false</i> */ - public boolean validate(HttpServletRequest request, HttpServletResponse response, + boolean validate(HttpServletRequest request, HttpServletResponse response, IRequest pending); } diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IspConfiguration.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IspConfiguration.java index 37ca4779..ab3ab87c 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IspConfiguration.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IspConfiguration.java @@ -22,16 +22,15 @@ package at.gv.egiz.eaaf.core.api.idp; import java.io.Serializable; import java.util.List; import java.util.Map; -import at.gv.egiz.eaaf.core.api.data.EAAFConstants; public interface IspConfiguration extends Serializable { - public static final String CONFIG_KEY_RESTRICTIONS_BASEID_INTERNAL = + String CONFIG_KEY_RESTRICTIONS_BASEID_INTERNAL = "configuration.restrictions.baseID.idpProcessing"; - public static final String CONFIG_KEY_RESTRICTIONS_BASEID_TRANSMISSION = + String CONFIG_KEY_RESTRICTIONS_BASEID_TRANSMISSION = "configuration.restrictions.baseID.spTransmission"; - public static final String CONFIG_KEY_RESTRICTIONS_EID_DEMO_MODE = + String CONFIG_KEY_RESTRICTIONS_EID_DEMO_MODE = "configuration.restrictions.eIDTestMode"; /** @@ -39,7 +38,7 @@ public interface IspConfiguration extends Serializable { * * @return an unmodifiable map of key/value pairs */ - public Map<String, String> getFullConfiguration(); + Map<String, String> getFullConfiguration(); /** * Get a configuration value from Service Provider key/value configuration. @@ -47,7 +46,7 @@ public interface IspConfiguration extends Serializable { * @param key The key identifier of a configuration value * @return The configuration value {String} or null if the key does not exist */ - public String getConfigurationValue(String key); + String getConfigurationValue(String key); /** * Get a configuration value from Service Provider key/value configuration. @@ -56,7 +55,7 @@ public interface IspConfiguration extends Serializable { * @param defaultValue Default value if key does not exist * @return The configuration value {String} or defaultValue if the key does not exist */ - public String getConfigurationValue(String key, String defaultValue); + String getConfigurationValue(String key, String defaultValue); /** * Get a boolean configuration value from Service Provider key/value configuration. @@ -64,7 +63,7 @@ public interface IspConfiguration extends Serializable { * @param key The key identifier of a configuration value * @return true / false, or false if the key does not exist */ - public boolean isConfigurationValue(String key); + boolean isConfigurationValue(String key); /** @@ -74,7 +73,7 @@ public interface IspConfiguration extends Serializable { * @param defaultValue Default value if key does not exist * @return true / false, or defaultValue if the key does not exist */ - public boolean isConfigurationValue(String key, boolean defaultValue); + boolean isConfigurationValue(String key, boolean defaultValue); /** * Check if a configuration key is available in this Service Provider configuration. @@ -89,14 +88,14 @@ public interface IspConfiguration extends Serializable { * * @return */ - public String getUniqueIdentifier(); + String getUniqueIdentifier(); /** * Return the unique identifier of this Service Provider. * * @return */ - public String getFriendlyName(); + String getFriendlyName(); /** * Indicates if this service provider has private area restrictions that disallow baseId. @@ -104,7 +103,7 @@ public interface IspConfiguration extends Serializable { * * @return true if there is a restriction, otherwise false */ - public boolean hasBaseIdInternalProcessingRestriction(); + boolean hasBaseIdInternalProcessingRestriction(); /** @@ -113,7 +112,7 @@ public interface IspConfiguration extends Serializable { * * @return true if there is a restriction, otherwise false */ - public boolean hasBaseIdTransferRestriction(); + boolean hasBaseIdTransferRestriction(); /** * Get the {@link List} of identifier's that indicates no baseID processing restriction @@ -122,7 +121,7 @@ public interface IspConfiguration extends Serializable { * * @return */ - public List<String> getTargetsWithNoBaseIdInternalProcessingRestriction(); + List<String> getTargetsWithNoBaseIdInternalProcessingRestriction(); /** * Get the {@link List} of identifier's that indicates no baseID transfer restriction exists.<br> @@ -130,7 +129,7 @@ public interface IspConfiguration extends Serializable { * * @return */ - public List<String> getTargetsWithNoBaseIdTransferRestriction(); + List<String> getTargetsWithNoBaseIdTransferRestriction(); /** * Get the List eIDAS LoA that are required by this service provider. @@ -140,7 +139,7 @@ public interface IspConfiguration extends Serializable { * * @return return List of eIDAS LoAs */ - public List<String> getRequiredLoA(); + List<String> getRequiredLoA(); /** * Get required matching mode for LoAs {@link EIDAS_LOA_MATCHING_MINIMUM}. @@ -148,7 +147,7 @@ public interface IspConfiguration extends Serializable { * * @return */ - public String getLoAMatchingMode(); + String getLoAMatchingMode(); /** @@ -158,6 +157,6 @@ public interface IspConfiguration extends Serializable { * * @return area identifier with prefix */ - public String getAreaSpecificTargetIdentifier(); + String getAreaSpecificTargetIdentifier(); } diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/IAuthenticationManager.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/IAuthenticationManager.java index 1f95bd57..7c100d1d 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/IAuthenticationManager.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/IAuthenticationManager.java @@ -28,10 +28,10 @@ import at.gv.egiz.eaaf.core.exceptions.EaafException; public interface IAuthenticationManager { - public static int EVENT_AUTHENTICATION_PROCESS_FOR_SP = 4003; - public static int EVENT_AUTHENTICATION_PROCESS_STARTED = 4000; - public static int EVENT_AUTHENTICATION_PROCESS_FINISHED = 4001; - public static int EVENT_AUTHENTICATION_PROCESS_ERROR = 4002; + int EVENT_AUTHENTICATION_PROCESS_FOR_SP = 4003; + int EVENT_AUTHENTICATION_PROCESS_STARTED = 4000; + int EVENT_AUTHENTICATION_PROCESS_FINISHED = 4001; + int EVENT_AUTHENTICATION_PROCESS_ERROR = 4002; /** diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/ISsoManager.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/ISsoManager.java index a0734684..65c388e8 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/ISsoManager.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/ISsoManager.java @@ -28,12 +28,12 @@ import at.gv.egiz.eaaf.core.exceptions.EaafSsoException; public interface ISsoManager { // TODO - public static int EVENT_SSO_SESSION_INVALID = -1; - public static int EVENT_SSO_SESSION_VALID = -1; + int EVENT_SSO_SESSION_INVALID = -1; + int EVENT_SSO_SESSION_VALID = -1; - public static final String PROCESS_ENGINE_SSO_CONSENTS_EVALUATION = "ssoconsentsevaluation"; - public static final String AUTH_DATA_SSO_SESSIONID = "eaaf_authdata_sso_sessionId"; + String PROCESS_ENGINE_SSO_CONSENTS_EVALUATION = "ssoconsentsevaluation"; + String AUTH_DATA_SSO_SESSIONID = "eaaf_authdata_sso_sessionId"; /** @@ -47,7 +47,7 @@ public interface ISsoManager { * @return true if there is a valid SSO session, otherwise false * @throws EaafSsoException In case of an internal error */ - public boolean checkAndValidateSsoSession(IRequest pendingReq, HttpServletRequest httpReq, + boolean checkAndValidateSsoSession(IRequest pendingReq, HttpServletRequest httpReq, HttpServletResponse httpResp) throws EaafSsoException; /** @@ -61,7 +61,7 @@ public interface ISsoManager { * @param pendingReq Current incoming pending request * @param httpReq http Servlet request */ - public void isSsoAllowedForSp(IRequest pendingReq, HttpServletRequest httpReq); + void isSsoAllowedForSp(IRequest pendingReq, HttpServletRequest httpReq); /** @@ -70,7 +70,7 @@ public interface ISsoManager { * @param pendingReq pending request that should be populated by SSO session * @throws EaafSsoException if pending request contains no SSO information or population failed */ - public void populatePendingRequestWithSsoInformation(IRequest pendingReq) throws EaafSsoException; + void populatePendingRequestWithSsoInformation(IRequest pendingReq) throws EaafSsoException; /** @@ -82,7 +82,7 @@ public interface ISsoManager { * @return true if a SSO session was closed successfully, otherwise false * @throws EaafSsoException in case of an internal processing error */ - public boolean destroySsoSessionOnIdpOnly(HttpServletRequest httpReq, + boolean destroySsoSessionOnIdpOnly(HttpServletRequest httpReq, HttpServletResponse httpResp, IRequest pendingReq) throws EaafSsoException; @@ -96,7 +96,7 @@ public interface ISsoManager { * @return new created SSO identifier * @throws EaafSsoException In case of an internal error */ - public String createNewSsoSessionCookie(HttpServletRequest req, HttpServletResponse resp, + String createNewSsoSessionCookie(HttpServletRequest req, HttpServletResponse resp, IRequest pendingReq) throws EaafSsoException; @@ -107,7 +107,7 @@ public interface ISsoManager { * @param newSsoSessionId new SSO sessionId * @throws EaafSsoException In case of an internal error */ - public void createNewSsoSession(IRequest pendingReq, String newSsoSessionId) + void createNewSsoSession(IRequest pendingReq, String newSsoSessionId) throws EaafSsoException; @@ -119,7 +119,7 @@ public interface ISsoManager { * @param sloInformation SLO information container * @throws EaafSsoException In case of an internal error */ - public void updateSsoSession(IRequest pendingReq, String newSsoSessionId, + void updateSsoSession(IRequest pendingReq, String newSsoSessionId, SloInformationInterface sloInformation) throws EaafSsoException; diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/services/IProtocolAuthenticationService.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/services/IProtocolAuthenticationService.java index 14ce0989..e817720b 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/services/IProtocolAuthenticationService.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/services/IProtocolAuthenticationService.java @@ -28,10 +28,10 @@ import at.gv.egiz.eaaf.core.exceptions.EaafException; public interface IProtocolAuthenticationService { - public String PARAM_GUI_ERROMSG = "errorMsg"; - public String PARAM_GUI_ERRORCODE = "errorCode"; - public String PARAM_GUI_ERRORCODEPARAMS = "errorParams"; - public String PARAM_GUI_ERRORSTACKTRACE = "stacktrace"; + String PARAM_GUI_ERROMSG = "errorMsg"; + String PARAM_GUI_ERRORCODE = "errorCode"; + String PARAM_GUI_ERRORCODEPARAMS = "errorParams"; + String PARAM_GUI_ERRORSTACKTRACE = "stacktrace"; /** diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/slo/ISloInformationContainer.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/slo/ISloInformationContainer.java index 154d64d3..9d72d877 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/slo/ISloInformationContainer.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/slo/ISloInformationContainer.java @@ -69,7 +69,7 @@ public interface ISloInformationContainer extends Serializable { void putFailedOA(String oaID); - public String getTransactionID(); + String getTransactionID(); - public String getSessionID(); + String getSessionID(); } diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/slo/SloInformationInterface.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/slo/SloInformationInterface.java index fd4f9e12..e956c07f 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/slo/SloInformationInterface.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/slo/SloInformationInterface.java @@ -33,14 +33,14 @@ public interface SloInformationInterface { * * @return SessionID (SessionIndex in case of SAML2) */ - public String getSessionIndex(); + String getSessionIndex(); /** * get user identifier which was used. * * @return bPK / wbPK (nameID in case of SAML2) */ - public String getUserNameIdentifier(); + String getUserNameIdentifier(); /** @@ -48,33 +48,33 @@ public interface SloInformationInterface { * * @return return authentication protocol type */ - public String getProtocolType(); + String getProtocolType(); /** * Format of the User NameId. * * @return */ - public String getUserNameIdFormat(); + String getUserNameIdFormat(); /** * Get the unique entityID of this Service-Provider. * * @return unique identifier, but never null */ - public String getSpEntityID(); + String getSpEntityID(); - public String getAuthUrl(); + String getAuthUrl(); - public String getServiceUrl(); + String getServiceUrl(); - public String getBinding(); + String getBinding(); - public void setUserNameIdentifier(String subjectNameId); + void setUserNameIdentifier(String subjectNameId); - public void setNameIdFormat(String format); + void setNameIdFormat(String format); - public void setSessionIndex(String sessionIndex); + void setSessionIndex(String sessionIndex); } diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/logging/IRevisionLogger.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/logging/IRevisionLogger.java index 9fc8cf5a..ac5bd45a 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/logging/IRevisionLogger.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/logging/IRevisionLogger.java @@ -26,7 +26,7 @@ public interface IRevisionLogger { // TODO: - public static final int AUTHPROTOCOL_TYPE = 3000; + int AUTHPROTOCOL_TYPE = 3000; void logEvent(IspConfiguration oaConfig, int eventCode, String message); diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/logging/IStatisticLogger.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/logging/IStatisticLogger.java index 42c49d3c..7ccbb8a7 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/logging/IStatisticLogger.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/logging/IStatisticLogger.java @@ -26,13 +26,13 @@ import at.gv.egiz.eaaf.core.api.idp.IAuthData; public interface IStatisticLogger { - public void logSuccessOperation(IRequest protocolRequest, IAuthData authData, + void logSuccessOperation(IRequest protocolRequest, IAuthData authData, boolean isSsoSession); - public void logErrorOperation(Throwable throwable); + void logErrorOperation(Throwable throwable); - public void logErrorOperation(Throwable throwable, IRequest errorRequest); + void logErrorOperation(Throwable throwable, IRequest errorRequest); - public void internalTesting() throws Exception; + void internalTesting() throws Exception; } diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/storage/ITransactionStorage.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/storage/ITransactionStorage.java index b8438a79..15215b3e 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/storage/ITransactionStorage.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/storage/ITransactionStorage.java @@ -40,7 +40,7 @@ public interface ITransactionStorage { * @param key Key, which identifies a data object * @return true if key is found, otherwise false */ - public boolean containsKey(String key); + boolean containsKey(String key); /** * Store a data object with a key to transaction storage. @@ -51,7 +51,7 @@ public interface ITransactionStorage { * @param timeoutMs Defines the period of time a data object is kept within the storage * @throws EaafStorageException In case of store operation failed */ - public void put(String key, Object value, int timeoutMs) throws EaafException; + void put(String key, Object value, int timeoutMs) throws EaafException; /** * Get a data object from transaction storage. @@ -60,7 +60,7 @@ public interface ITransactionStorage { * @return The transaction-data object, or null * @throws EaafStorageException In case of load operation failed */ - public Object get(String key) throws EaafException; + Object get(String key) throws EaafException; /** * Get a data object from transaction storage. @@ -70,7 +70,7 @@ public interface ITransactionStorage { * @return The transaction-data object from type class, or null * @throws EaafStorageException In case of load operation failed */ - public <T> T get(String key, final Class<T> clazz) throws EaafException; + <T> T get(String key, final Class<T> clazz) throws EaafException; /** * Get a data object from transaction storage. @@ -81,7 +81,7 @@ public interface ITransactionStorage { * @return The transaction-data object from type class, or null * @throws EaafStorageException In case of load operation failed */ - public <T> T get(String key, final Class<T> clazz, long dataTimeOut) throws EaafException; + <T> T get(String key, final Class<T> clazz, long dataTimeOut) throws EaafException; /** @@ -92,14 +92,14 @@ public interface ITransactionStorage { * @param value Data object which should be stored * @throws EaafStorageException In case of store operation failed */ - public void changeKey(String oldKey, String newKey, Object value) throws EaafException; + void changeKey(String oldKey, String newKey, Object value) throws EaafException; /** * Remove a data object from transaction storage. * * @param key Id which identifiers the data object */ - public void remove(String key); + void remove(String key); /** * Get all entries for Clean-up the transaction storage. @@ -108,7 +108,7 @@ public interface ITransactionStorage { * @param dataTimeOut Data-object timeout in [ms] * @return List of entry-keys which as a timeout */ - public List<String> clean(Date now, long dataTimeOut); + List<String> clean(Date now, long dataTimeOut); /** @@ -119,7 +119,7 @@ public interface ITransactionStorage { * @throws EaafException In case of a storage error */ @Nullable - public Object getRaw(String key) throws EaafException; + Object getRaw(String key) throws EaafException; /** @@ -129,7 +129,7 @@ public interface ITransactionStorage { * @param element Object to store * @throws EaafException In case of a storage error */ - public void putRaw(@Nonnull String key, @Nonnull Object element) throws EaafException; + void putRaw(@Nonnull String key, @Nonnull Object element) throws EaafException; } diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/utils/IPendingRequestIdGenerationStrategy.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/utils/IPendingRequestIdGenerationStrategy.java index 2129568a..31a61216 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/utils/IPendingRequestIdGenerationStrategy.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/utils/IPendingRequestIdGenerationStrategy.java @@ -14,7 +14,7 @@ public interface IPendingRequestIdGenerationStrategy { * @throws EaafException In case of a token generation error */ @Nonnull - public String generateExternalPendingRequestId() throws EaafException; + String generateExternalPendingRequestId() throws EaafException; /** * Validate a pendingRequestId according to implemented strategy. @@ -24,7 +24,7 @@ public interface IPendingRequestIdGenerationStrategy { * @throws PendingReqIdValidationException In case of a token validation error */ @Nonnull - public String validateAndGetPendingRequestId(@Nullable String pendingReqId) + String validateAndGetPendingRequestId(@Nullable String pendingReqId) throws PendingReqIdValidationException; /** @@ -35,7 +35,7 @@ public interface IPendingRequestIdGenerationStrategy { * @throws PendingReqIdValidationException In case of token processing error */ @Nonnull - public String getPendingRequestIdWithOutChecks(@Nullable String externalPendingReqId) + String getPendingRequestIdWithOutChecks(@Nullable String externalPendingReqId) throws PendingReqIdValidationException; diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/exceptions/EaafBuilderException.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/exceptions/EaafBuilderException.java index 008d24a7..39b26f38 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/exceptions/EaafBuilderException.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/exceptions/EaafBuilderException.java @@ -22,13 +22,20 @@ package at.gv.egiz.eaaf.core.exceptions; public class EaafBuilderException extends EaafException { private static final long serialVersionUID = 1L; + private String msg; public EaafBuilderException(final String errorId, final Object[] params, final String msg) { super(errorId, params); + this.msg = msg; } public EaafBuilderException(final String errorId, final Object[] objects, final String message, final Throwable ex) { super(errorId, objects, ex); + this.msg = message; + } + + public String getDetailMessage() { + return this.msg; } } diff --git a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/utils/HttpClientFactory.java b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/utils/HttpClientFactory.java index 4e8be52e..c60fcd7f 100644 --- a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/utils/HttpClientFactory.java +++ b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/utils/HttpClientFactory.java @@ -91,7 +91,7 @@ public class HttpClientFactory implements IHttpClientFactory { private final String mode; - private ClientAuthMode(final String mode) { + ClientAuthMode(final String mode) { this.mode = mode; } @@ -132,7 +132,7 @@ public class HttpClientFactory implements IHttpClientFactory { private final String type; - private KeyStoreType(final String type) { + KeyStoreType(final String type) { this.type = type; } diff --git a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/utils/HttpUtils.java b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/utils/HttpUtils.java index 394d2843..1f7601d8 100644 --- a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/utils/HttpUtils.java +++ b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/utils/HttpUtils.java @@ -62,7 +62,7 @@ public class HttpUtils { // add port if necessary final int port = request.getServerPort(); - if ((protocol.equals("http") && port != 80) || (protocol.equals("https") && port != 443)) { + if (protocol.equals("http") && port != 80 || protocol.equals("https") && port != 443) { buffer.append(':'); buffer.append(port); } @@ -78,8 +78,8 @@ public class HttpUtils { */ public static String extractAuthUrlFromRequest(final HttpServletRequest req) { String authUrl = req.getScheme() + "://" + req.getServerName(); - if ((req.getScheme().equalsIgnoreCase("https") && req.getServerPort() != 443) - || (req.getScheme().equalsIgnoreCase("http") && req.getServerPort() != 80)) { + if (req.getScheme().equalsIgnoreCase("https") && req.getServerPort() != 443 + || req.getScheme().equalsIgnoreCase("http") && req.getServerPort() != 80) { authUrl = authUrl.concat(":" + req.getServerPort()); } authUrl = authUrl.concat(req.getContextPath()); diff --git a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/utils/ServletUtils.java b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/utils/ServletUtils.java index 0d16e9cd..c8865465 100644 --- a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/utils/ServletUtils.java +++ b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/utils/ServletUtils.java @@ -30,7 +30,7 @@ public class ServletUtils { * @return Context URL */ public static String getBaseUrl(final HttpServletRequest request) { - if ((request.getServerPort() == 80) || (request.getServerPort() == 443)) { + if (request.getServerPort() == 80 || request.getServerPort() == 443) { return request.getScheme() + "://" + request.getServerName() + request.getContextPath(); } else { return request.getScheme() + "://" + request.getServerName() + ":" + request.getServerPort() diff --git a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/utils/StreamUtils.java b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/utils/StreamUtils.java index cc784870..795b71f7 100644 --- a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/utils/StreamUtils.java +++ b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/utils/StreamUtils.java @@ -169,11 +169,7 @@ public class StreamUtils { while ((bytesRead = source.read(buffer)) >= 0) { destination.write(buffer, 0, bytesRead); } - } else { - while (source.read(buffer) >= 0) { - - } - } + } } // /** diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/AbstractSL20AuthenticationModulImpl.java b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/AbstractSL20AuthenticationModulImpl.java index 4009796f..1a88c43b 100644 --- a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/AbstractSL20AuthenticationModulImpl.java +++ b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/AbstractSL20AuthenticationModulImpl.java @@ -81,8 +81,7 @@ public abstract class AbstractSL20AuthenticationModulImpl implements AuthModule if (authConfig.getBasicConfigurationBoolean(getGeneralConfigPropertyNameEnableModule(), getGeneralConfigPropertyNameEnableModuleDefault())) { - if (spConfig != null - && StringUtils + if (StringUtils .isNotEmpty(spConfig.getConfigurationValue(getSpConfigPropertyNameEnableModule())) && Boolean .valueOf(spConfig.getConfigurationValue(getSpConfigPropertyNameEnableModule()))) { diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/tasks/AbstractCreateQualEidRequestTask.java b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/tasks/AbstractCreateQualEidRequestTask.java index 251b516f..518f0d24 100644 --- a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/tasks/AbstractCreateQualEidRequestTask.java +++ b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/tasks/AbstractCreateQualEidRequestTask.java @@ -92,7 +92,7 @@ public abstract class AbstractCreateQualEidRequestTask extends AbstractAuthServl final HttpPost httpReq = new HttpPost(new URIBuilder(vdaQualEidDUrl).build()); final List<NameValuePair> parameters = new ArrayList<>(); parameters.add(new BasicNameValuePair(SL20Constants.PARAM_SL20_REQ_COMMAND_PARAM, - Base64Url.encode(sl20Req.toString().getBytes()))); + Base64Url.encode(sl20Req.toString().getBytes("UTF-8")))); httpReq.setEntity(new UrlEncodedFormEntity(parameters)); // build http GET request @@ -105,7 +105,7 @@ public abstract class AbstractCreateQualEidRequestTask extends AbstractAuthServl httpReq.addHeader(SL20Constants.HTTP_HEADER_SL20_CLIENT_TYPE, SL20Constants.HTTP_HEADER_VALUE_NATIVE); - log.trace("Request VDA via SL20 with: " + Base64Url.encode(sl20Req.toString().getBytes())); + log.trace("Request VDA via SL20 with: " + Base64Url.encode(sl20Req.toString().getBytes("UTF-8"))); // request VDA final HttpResponse httpResp = httpClientFactory.getHttpClient(false).execute(httpReq); diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/tasks/AbstractReceiveQualEidTask.java b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/tasks/AbstractReceiveQualEidTask.java index 39cfce05..516a33b9 100644 --- a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/tasks/AbstractReceiveQualEidTask.java +++ b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/tasks/AbstractReceiveQualEidTask.java @@ -138,7 +138,7 @@ public abstract class AbstractReceiveQualEidTask extends AbstractAuthServletTask .extractSL20PayLoad(sl20ReqObj, joseTools, authConfig.getBasicConfigurationBoolean( Constants.CONFIG_PROP_FORCE_EID_SIGNED_RESULT, true)); - if ((payLoadContainer.isValidSigned() == null || !payLoadContainer.isValidSigned())) { + if (payLoadContainer.isValidSigned() == null || !payLoadContainer.isValidSigned()) { if (authConfig.getBasicConfigurationBoolean( Constants.CONFIG_PROP_FORCE_EID_SIGNED_RESULT, true)) { log.info("SL20 result from VDA was not valid signed"); @@ -151,10 +151,7 @@ public abstract class AbstractReceiveQualEidTask extends AbstractAuthServletTask } } - - payLoadContainer.getCertChain(); - - + // extract payloaf final JsonNode payLoad = payLoadContainer.getPayload(); @@ -193,7 +190,7 @@ public abstract class AbstractReceiveQualEidTask extends AbstractAuthServletTask // buildResponse(request, response, sl20ReqObj, aTrustErrorWorkAround); buildResponse(request, response, sl20ReqObj); } else { - buildErrorResponse(request, response, "2000", "General transport Binding error"); + buildErrorResponse(response, "2000", "General transport Binding error"); } } @@ -225,8 +222,7 @@ public abstract class AbstractReceiveQualEidTask extends AbstractAuthServletTask protected abstract String getResumeEndPoint(); - private void buildErrorResponse(final HttpServletRequest request, - final HttpServletResponse response, final String errorCode, final String errorMsg) + private void buildErrorResponse(final HttpServletResponse response, final String errorCode, final String errorMsg) throws Exception { final ObjectNode error = SL20JsonBuilderUtils.createErrorCommandResult(errorCode, errorMsg); final ObjectNode errorCommand = SL20JsonBuilderUtils diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/IJoseTools.java b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/IJoseTools.java index caa2e8d8..9d444802 100644 --- a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/IJoseTools.java +++ b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/IJoseTools.java @@ -21,7 +21,7 @@ public interface IJoseTools { * @param payLoad Payload to sign * @throws SlCommandoBuildException In case of a signature creation error */ - public String createSignature(String payLoad) throws SlCommandoBuildException; + String createSignature(String payLoad) throws SlCommandoBuildException; /** * Validates a signed SL2.0 message. @@ -31,7 +31,7 @@ public interface IJoseTools { * @throws SL20Exception In case of a signature validation error */ @Nonnull - public VerificationResult validateSignature(@Nonnull String serializedContent) + VerificationResult validateSignature(@Nonnull String serializedContent) throws SL20Exception; /** @@ -45,7 +45,7 @@ public interface IJoseTools { * @throws IOException In case of a general IO error */ @Nonnull - public VerificationResult validateSignature(@Nonnull String serializedContent, + VerificationResult validateSignature(@Nonnull String serializedContent, @Nonnull List<X509Certificate> trustedCerts, @Nonnull AlgorithmConstraints constraints) throws JoseException, IOException; @@ -61,7 +61,7 @@ public interface IJoseTools { * @throws KeyStoreException In case of TrustStore error */ @Nonnull - public VerificationResult validateSignature(@Nonnull String serializedContent, + VerificationResult validateSignature(@Nonnull String serializedContent, @Nonnull KeyStore trustStore, @Nonnull AlgorithmConstraints algconstraints) throws JoseException, IOException, KeyStoreException; @@ -70,7 +70,7 @@ public interface IJoseTools { * * @return */ - public X509Certificate getEncryptionCertificate(); + X509Certificate getEncryptionCertificate(); /** * Decrypt a serialized JWE token. @@ -79,6 +79,6 @@ public interface IJoseTools { * @return decrypted payload * @throws SL20Exception In case of a decryption error */ - public JsonNode decryptPayload(String compactSerialization) throws SL20Exception; + JsonNode decryptPayload(String compactSerialization) throws SL20Exception; } diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/JsonSecurityUtils.java b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/JsonSecurityUtils.java index 28106377..6ec56825 100644 --- a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/JsonSecurityUtils.java +++ b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/JsonSecurityUtils.java @@ -133,6 +133,9 @@ public class JsonSecurityUtils implements IJoseTools { log.info("NO SL2.0 authentication security configuration. Initialization was skipped"); } + } catch (RuntimeException e) { + throw e; + } catch (final Exception e) { log.error("SL2.0 security constrains initialization FAILED.", e); @@ -304,11 +307,11 @@ public class JsonSecurityUtils implements IJoseTools { final List<X509Certificate> sortedX5cCerts = X509Utils.sortCertificates(x5cCerts); if (!sortedX5cCerts.get(0).equals(encCertChain[0])) { - log.info("Certificate from JOSE header does NOT match encryption certificate"); - log.debug("JOSE certificate: " + sortedX5cCerts.get(0).toString()); + log.info("Certificate from JOSE header does NOT match encryption certificate"); try { - log.debug("Cert: " + Base64Utils.encode(sortedX5cCerts.get(0).getEncoded())); + + log.debug("JOSE certificate: {}", Base64Utils.encode(sortedX5cCerts.get(0).getEncoded())); } catch (final CertificateEncodingException e) { e.printStackTrace(); } @@ -441,7 +444,8 @@ public class JsonSecurityUtils implements IJoseTools { if (cert != null && cert instanceof X509Certificate) { result.add((X509Certificate) cert); } else { - log.info("Can not process entry: " + el + ". Reason: " + cert.toString()); + log.info("Can not process entry: {}. Reason: {}", el, + cert != null ? cert.getType() : "cert is null"); } } diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20Constants.java b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20Constants.java index 5a8be243..d3726546 100644 --- a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20Constants.java +++ b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20Constants.java @@ -1,6 +1,7 @@ package at.gv.egiz.eaaf.modules.auth.sl20.utils; import java.util.Arrays; +import java.util.Collections; import java.util.List; import org.jose4j.jwe.ContentEncryptionAlgorithmIdentifiers; @@ -43,9 +44,9 @@ public class SL20Constants { public static final String JSON_ALGORITHM_SIGNING_PS512 = AlgorithmIdentifiers.RSA_PSS_USING_SHA512; - public static final List<String> SL20_ALGORITHM_WHITELIST_SIGNING = Arrays.asList( + public static final List<String> SL20_ALGORITHM_WHITELIST_SIGNING = Collections.unmodifiableList(Arrays.asList( JSON_ALGORITHM_SIGNING_RS256, JSON_ALGORITHM_SIGNING_RS512, JSON_ALGORITHM_SIGNING_ES256, - JSON_ALGORITHM_SIGNING_ES512, JSON_ALGORITHM_SIGNING_PS256, JSON_ALGORITHM_SIGNING_PS512); + JSON_ALGORITHM_SIGNING_ES512, JSON_ALGORITHM_SIGNING_PS256, JSON_ALGORITHM_SIGNING_PS512)); public static final String JSON_ALGORITHM_ENC_KEY_RSAOAEP = KeyManagementAlgorithmIdentifiers.RSA_OAEP; @@ -53,7 +54,7 @@ public class SL20Constants { KeyManagementAlgorithmIdentifiers.RSA_OAEP_256; public static final List<String> SL20_ALGORITHM_WHITELIST_KEYENCRYPTION = - Arrays.asList(JSON_ALGORITHM_ENC_KEY_RSAOAEP, JSON_ALGORITHM_ENC_KEY_RSAOAEP256); + Collections.unmodifiableList(Arrays.asList(JSON_ALGORITHM_ENC_KEY_RSAOAEP, JSON_ALGORITHM_ENC_KEY_RSAOAEP256)); public static final String JSON_ALGORITHM_ENC_PAYLOAD_A128CBCHS256 = ContentEncryptionAlgorithmIdentifiers.AES_128_CBC_HMAC_SHA_256; @@ -64,9 +65,9 @@ public class SL20Constants { public static final String JSON_ALGORITHM_ENC_PAYLOAD_A256GCM = ContentEncryptionAlgorithmIdentifiers.AES_256_GCM; - public static final List<String> SL20_ALGORITHM_WHITELIST_ENCRYPTION = Arrays.asList( + public static final List<String> SL20_ALGORITHM_WHITELIST_ENCRYPTION = Collections.unmodifiableList(Arrays.asList( JSON_ALGORITHM_ENC_PAYLOAD_A128CBCHS256, JSON_ALGORITHM_ENC_PAYLOAD_A256CBCHS512, - JSON_ALGORITHM_ENC_PAYLOAD_A128GCM, JSON_ALGORITHM_ENC_PAYLOAD_A256GCM); + JSON_ALGORITHM_ENC_PAYLOAD_A128GCM, JSON_ALGORITHM_ENC_PAYLOAD_A256GCM)); // ********************************************************************************************* diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20HttpBindingUtils.java b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20HttpBindingUtils.java index be306b69..6a8b96d4 100644 --- a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20HttpBindingUtils.java +++ b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20HttpBindingUtils.java @@ -53,7 +53,7 @@ public class SL20HttpBindingUtils { log.debug("Client request containts is no native client ... "); final URIBuilder clientRedirectUri = new URIBuilder(redirectUrl); clientRedirectUri.addParameter(SL20Constants.PARAM_SL20_REQ_COMMAND_PARAM, - Base64Url.encode(sl20Forward.toString().getBytes())); + Base64Url.encode(sl20Forward.toString().getBytes("UTF-8"))); httpResp.setStatus(httpCodeRedirect); httpResp.setHeader("Location", clientRedirectUri.build().toString()); diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20JsonBuilderUtils.java b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20JsonBuilderUtils.java index f505f28d..82a8cf26 100644 --- a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20JsonBuilderUtils.java +++ b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20JsonBuilderUtils.java @@ -1,5 +1,6 @@ package at.gv.egiz.eaaf.modules.auth.sl20.utils; +import java.io.UnsupportedEncodingException; import java.security.cert.CertificateEncodingException; import java.security.cert.X509Certificate; import java.util.Arrays; @@ -65,13 +66,17 @@ public class SL20JsonBuilderUtils { final JsonSecurityUtils encrypter) throws SlCommandoBuildException { // TODO: add real implementation // create header and footer - final String dummyHeader = createJsonEncryptionHeader(encrypter).toString(); + final String dummyHeader = createJsonEncryptionHeader().toString(); final String payLoad = result.toString(); - final String dummyFooter = createJsonSignedFooter(encrypter); + final String dummyFooter = createJsonSignedFooter(); - return Base64.getUrlEncoder().encodeToString(dummyHeader.getBytes()) + "." - + Base64.getUrlEncoder().encodeToString(payLoad.getBytes()) + "." - + Base64.getUrlEncoder().encodeToString(dummyFooter.getBytes()); + try { + return Base64.getUrlEncoder().encodeToString(dummyHeader.getBytes("UTF-8")) + "." + + Base64.getUrlEncoder().encodeToString(payLoad.getBytes("UTF-8")) + "." + + Base64.getUrlEncoder().encodeToString(dummyFooter.getBytes("UTF-8")); + } catch (UnsupportedEncodingException e) { + throw new SlCommandoBuildException("No UTF-8 encoding", e); + } } @@ -116,12 +121,17 @@ public class SL20JsonBuilderUtils { // TODO: add real implementation // create header and footer - final String dummyHeader = createJsonSignedHeader(signer).toString(); - final String dummyFooter = createJsonSignedFooter(signer); + final String dummyHeader = createJsonSignedHeader().toString(); + final String dummyFooter = createJsonSignedFooter(); - return Base64.getUrlEncoder().encodeToString(dummyHeader.getBytes()) + "." - + Base64.getUrlEncoder().encodeToString(encodedCommand.getBytes()) + "." - + Base64.getUrlEncoder().encodeToString(dummyFooter.getBytes()); + try { + return Base64.getUrlEncoder().encodeToString(dummyHeader.getBytes("UTF-8")) + "." + + Base64.getUrlEncoder().encodeToString(encodedCommand.getBytes("UTF-8")) + "." + + Base64.getUrlEncoder().encodeToString(dummyFooter.getBytes("UTF-8")); + + } catch (UnsupportedEncodingException e) { + throw new SlCommandoBuildException("No UTF-8 encoding", e); + } } @@ -560,7 +570,7 @@ public class SL20JsonBuilderUtils { // TODO!!!! - private static ObjectNode createJsonSignedHeader(final JsonSecurityUtils signer) + private static ObjectNode createJsonSignedHeader() throws SlCommandoBuildException { final ObjectNode header = mapper.getMapper().createObjectNode(); addSingleStringElement(header, SL20Constants.JSON_ALGORITHM, @@ -574,7 +584,7 @@ public class SL20JsonBuilderUtils { } // TODO!!!! - private static ObjectNode createJsonEncryptionHeader(final JsonSecurityUtils signer) + private static ObjectNode createJsonEncryptionHeader() throws SlCommandoBuildException { final ObjectNode header = mapper.getMapper().createObjectNode(); addSingleStringElement(header, SL20Constants.JSON_ALGORITHM, @@ -590,7 +600,7 @@ public class SL20JsonBuilderUtils { } // TODO!!!! - private static String createJsonSignedFooter(final JsonSecurityUtils signer) { + private static String createJsonSignedFooter() { return "cC4hiUPoj9Eetdgtv3hF80EGrhuB__dzERat0XF9g2VtQgr9PJbu3XOiZj5RZmh7\n" + " AAuHIm4Bh-0Qc_lF5YKt_O8W2Fp5jujGbds9uJdbF9CUAr7t1dnZcAcQjbKBYNX4\n" + " BAynRFdiuB--f_nZLgrnbyTyWzO75vRK5h6xBArLIARNPvkSjtQBMHlb1L07Qe7K\n" diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20JsonExtractorUtils.java b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20JsonExtractorUtils.java index f4b5a724..d4e1490d 100644 --- a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20JsonExtractorUtils.java +++ b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20JsonExtractorUtils.java @@ -245,7 +245,7 @@ public class SL20JsonExtractorUtils { try { final String[] signedPayload = encryptedResult.toString().split("\\."); final JsonNode payLoad = mapper.getMapper() - .readTree(new String(Base64.getUrlDecoder().decode(signedPayload[1]))); + .readTree(new String(Base64.getUrlDecoder().decode(signedPayload[1]), "UTF-8")); return payLoad; } catch (final Exception e1) { @@ -338,9 +338,9 @@ public class SL20JsonExtractorUtils { } sl20Resp = parseSL20ResultFromResponse(httpResp.getEntity()); - } else if ((httpResp.getStatusLine().getStatusCode() == 500) - || (httpResp.getStatusLine().getStatusCode() == 401) - || (httpResp.getStatusLine().getStatusCode() == 400)) { + } else if (httpResp.getStatusLine().getStatusCode() == 500 + || httpResp.getStatusLine().getStatusCode() == 401 + || httpResp.getStatusLine().getStatusCode() == 400) { log.info("SL20 response with http-code: " + httpResp.getStatusLine().getStatusCode() + ". Search for error message"); diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/ISchemaRessourceProvider.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/ISchemaRessourceProvider.java index 9bd5791f..49940ca5 100644 --- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/ISchemaRessourceProvider.java +++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/ISchemaRessourceProvider.java @@ -17,5 +17,5 @@ public interface ISchemaRessourceProvider { * @return A Set of {@link Entry} consist of Name of the Scheme and XML scheme as * {@link InputStream} */ - public Map<String, InputStream> getSchemas(); + Map<String, InputStream> getSchemas(); } diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/SignatureCreationService.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/SignatureCreationService.java index 5cb001ef..338e77d8 100644 --- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/SignatureCreationService.java +++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/SignatureCreationService.java @@ -18,13 +18,17 @@ public class SignatureCreationService extends AbstractSignatureService private XMLSignatureCreationInvoker xadesInvoker; private CMSSignatureCreationInvoker cadesInvoker; + @PostConstruct protected void internalInitializer() { log.debug("Instanzing SignatureCreationService implementation ... "); xadesInvoker = XMLSignatureCreationInvoker.getInstance(); cadesInvoker = CMSSignatureCreationInvoker.getInstance(); + log.trace("XML_impl: {} , CMS_imp: {}", + xadesInvoker.getClass().getName(), cadesInvoker.getClass().getName()); log.info("MOA-Sig signature-creation service initialized"); + } diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/data/GenericSignatureVerificationResponse.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/data/GenericSignatureVerificationResponse.java index 701e2072..18ee6edb 100644 --- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/data/GenericSignatureVerificationResponse.java +++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/data/GenericSignatureVerificationResponse.java @@ -42,7 +42,10 @@ public class GenericSignatureVerificationResponse @Override public Date getSigningDateTime() { - return this.signingDateTime; + if (this.signingDateTime != null) { + return new Date(this.signingDateTime.getTime()); + } + return null; } @@ -84,7 +87,11 @@ public class GenericSignatureVerificationResponse @Override public byte[] getX509CertificateEncoded() { - return this.getX509CertificateEncoded(); + if (this.x509CertificateEncoded != null) { + return this.x509CertificateEncoded.clone(); + + } + return null; } @@ -101,7 +108,9 @@ public class GenericSignatureVerificationResponse } public void setSigningDateTime(final Date signingDateTime) { - this.signingDateTime = signingDateTime; + if (signingDateTime != null) { + this.signingDateTime = new Date(signingDateTime.getTime()); + } } public void setSignatureCheckCode(final int signatureCheckCode) { @@ -125,7 +134,10 @@ public class GenericSignatureVerificationResponse } public void setX509CertificateEncoded(final byte[] x509CertificateEncoded) { - this.x509CertificateEncoded = x509CertificateEncoded; + if (x509CertificateEncoded != null) { + this.x509CertificateEncoded = x509CertificateEncoded.clone(); + + } } diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/parser/VerifyXmlSignatureResponseParser.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/parser/VerifyXmlSignatureResponseParser.java index 8cf941a7..aa094f1e 100644 --- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/parser/VerifyXmlSignatureResponseParser.java +++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/parser/VerifyXmlSignatureResponseParser.java @@ -145,15 +145,14 @@ public class VerifyXmlSignatureResponseParser { respData.setPublicAuthority(publicAuthority != null); respData.setPublicAuthorityCode( XPathUtils.getElementValue(verifyXmlSignatureResponse, PUBLIC_AUTHORITY_CODE_XPATH, "")); - respData.setSignatureCheckCode(new Integer( - XPathUtils.getElementValue(verifyXmlSignatureResponse, SIGNATURE_CHECK_CODE_XPATH, "")) - .intValue()); + respData.setSignatureCheckCode(Integer.parseInt( + XPathUtils.getElementValue(verifyXmlSignatureResponse, SIGNATURE_CHECK_CODE_XPATH, ""))); final String xmlDsigCheckCode = XPathUtils.getElementValue(verifyXmlSignatureResponse, XMLDSIG_MANIFEST_CHECK_CODE_XPATH, null); if (xmlDsigCheckCode != null) { respData.setXmlDSIGManigest(true); - respData.setXmlDSIGManifestCheckCode(new Integer(xmlDsigCheckCode).intValue()); + respData.setXmlDSIGManifestCheckCode(Integer.parseInt(xmlDsigCheckCode)); } else { respData.setXmlDSIGManigest(false); @@ -163,12 +162,11 @@ public class VerifyXmlSignatureResponseParser { final String signatureManifestCheckCode = XPathUtils .getElementValue(verifyXmlSignatureResponse, SIGNATURE_MANIFEST_CHECK_CODE_XPATH, null); if (signatureManifestCheckCode != null) { - respData.setSignatureManifestCheckCode(new Integer(signatureManifestCheckCode).intValue()); + respData.setSignatureManifestCheckCode(Integer.parseInt(signatureManifestCheckCode)); } - respData.setCertificateCheckCode(new Integer( - XPathUtils.getElementValue(verifyXmlSignatureResponse, CERTIFICATE_CHECK_CODE_XPATH, "")) - .intValue()); + respData.setCertificateCheckCode(Integer.parseInt( + XPathUtils.getElementValue(verifyXmlSignatureResponse, CERTIFICATE_CHECK_CODE_XPATH, ""))); final String signingTimeElement = XPathUtils.getElementValue(verifyXmlSignatureResponse, SIGNING_TIME_XPATH, ""); diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/PvpConstants.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/PvpConstants.java index e8d42e80..8bd2f024 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/PvpConstants.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/PvpConstants.java @@ -30,34 +30,34 @@ import org.opensaml.xml.signature.SignatureConstants; public interface PvpConstants extends PVPAttributeDefinitions { - public static final String DEFAULT_SIGNING_METHODE = + String DEFAULT_SIGNING_METHODE = SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA256; - public static final String DEFAULT_DIGESTMETHODE = SignatureConstants.ALGO_ID_DIGEST_SHA256; - public static final String DEFAULT_SYM_ENCRYPTION_METHODE = + String DEFAULT_DIGESTMETHODE = SignatureConstants.ALGO_ID_DIGEST_SHA256; + String DEFAULT_SYM_ENCRYPTION_METHODE = EncryptionConstants.ALGO_ID_BLOCKCIPHER_AES256; - public static final String DEFAULT_ASYM_ENCRYPTION_METHODE = + String DEFAULT_ASYM_ENCRYPTION_METHODE = EncryptionConstants.ALGO_ID_KEYTRANSPORT_RSAOAEP; - public static final String ENTITY_CATEGORY_ATTRIBITE = "http://macedir.org/entity-category"; - public static final String EGOVTOKEN = "http://www.ref.gv.at/ns/names/agiz/pvp/egovtoken"; - public static final String CITIZENTOKEN = "http://www.ref.gv.at/ns/names/agiz/pvp/citizentoken"; + String ENTITY_CATEGORY_ATTRIBITE = "http://macedir.org/entity-category"; + String EGOVTOKEN = "http://www.ref.gv.at/ns/names/agiz/pvp/egovtoken"; + String CITIZENTOKEN = "http://www.ref.gv.at/ns/names/agiz/pvp/citizentoken"; @Deprecated - public static final String STORK_ATTRIBUTE_PREFIX = "http://www.stork.gov.eu/"; + String STORK_ATTRIBUTE_PREFIX = "http://www.stork.gov.eu/"; - public static final String REDIRECT = "Redirect"; - public static final String POST = "Post"; - public static final String SOAP = "Soap"; - public static final String METADATA = "Metadata"; - public static final String ATTRIBUTEQUERY = "AttributeQuery"; - public static final String SINGLELOGOUT = "SingleLogOut"; + String REDIRECT = "Redirect"; + String POST = "Post"; + String SOAP = "Soap"; + String METADATA = "Metadata"; + String ATTRIBUTEQUERY = "AttributeQuery"; + String SINGLELOGOUT = "SingleLogOut"; /** * Get required PVP attributes for egovtoken First : PVP attribute name (OID) Second: FriendlyName * Third: Required. * */ - public static final List<Trible<String, String, Boolean>> EGOVTOKEN_PVP_ATTRIBUTES = + List<Trible<String, String, Boolean>> EGOVTOKEN_PVP_ATTRIBUTES = Collections.unmodifiableList(new ArrayList<Trible<String, String, Boolean>>() { private static final long serialVersionUID = 1L; { @@ -82,7 +82,7 @@ public interface PvpConstants extends PVPAttributeDefinitions { * FriendlyName Third: Required. * */ - public static final List<Trible<String, String, Boolean>> CITIZENTOKEN_PVP_ATTRIBUTES = + List<Trible<String, String, Boolean>> CITIZENTOKEN_PVP_ATTRIBUTES = Collections.unmodifiableList(new ArrayList<Trible<String, String, Boolean>>() { private static final long serialVersionUID = 1L; { @@ -129,10 +129,10 @@ public interface PvpConstants extends PVPAttributeDefinitions { }); // constants for requested SAML2 attribtes by using own namespace - public static final String EIDAT10_SAML_NS = "http://eid.gv.at/eID/attributes/saml-extensions"; - public static final String EIDAT10_PREFIX = "eid"; + String EIDAT10_SAML_NS = "http://eid.gv.at/eID/attributes/saml-extensions"; + String EIDAT10_PREFIX = "eid"; - public static final QName EIDAS_REQUESTED_ATTRIBUTE_VALUE_TYPE = + QName EIDAS_REQUESTED_ATTRIBUTE_VALUE_TYPE = new QName(EIDAT10_SAML_NS, "AttributeValue", EIDAT10_PREFIX); } diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/binding/IDecoder.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/binding/IDecoder.java index 27a6532b..677028a5 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/binding/IDecoder.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/binding/IDecoder.java @@ -30,11 +30,11 @@ import org.opensaml.xml.security.SecurityException; public interface IDecoder { - public InboundMessageInterface decode(HttpServletRequest req, HttpServletResponse resp, + InboundMessageInterface decode(HttpServletRequest req, HttpServletResponse resp, MetadataProvider metadataProvider, boolean isSpEndPoint, URIComparator comparator) throws MessageDecodingException, SecurityException, Pvp2Exception; - public boolean handleDecode(String action, HttpServletRequest req); + boolean handleDecode(String action, HttpServletRequest req); - public String getSaml2BindingName(); + String getSaml2BindingName(); } diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/metadata/IRefreshableMetadataProvider.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/metadata/IRefreshableMetadataProvider.java index 74ee74de..5f69ba62 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/metadata/IRefreshableMetadataProvider.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/metadata/IRefreshableMetadataProvider.java @@ -33,5 +33,5 @@ public interface IRefreshableMetadataProvider { * @param entityID EntityId * @return true, if refresh is success, otherwise false */ - public boolean refreshMetadataProvider(String entityID); + boolean refreshMetadataProvider(String entityID); } diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/Pvp2Exception.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/Pvp2Exception.java index 93980a73..0ea909e2 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/Pvp2Exception.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/Pvp2Exception.java @@ -40,11 +40,11 @@ public abstract class Pvp2Exception extends EaafException { public String getStatusCodeValue() { - return (this.statusCodeValue); + return this.statusCodeValue; } public String getStatusMessageValue() { - return (this.statusMessageValue); + return this.statusMessageValue; } diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/PostBinding.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/PostBinding.java index 0933f0a2..2734c859 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/PostBinding.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/PostBinding.java @@ -229,7 +229,7 @@ public class PostBinding implements IDecoder, IEncoder { @Override public boolean handleDecode(final String action, final HttpServletRequest req) { - return (req.getMethod().equals("POST") && action.equals(PvpConstants.POST)); + return req.getMethod().equals("POST") && action.equals(PvpConstants.POST); } @Override diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/RedirectBinding.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/RedirectBinding.java index 4e548d57..7b8525ce 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/RedirectBinding.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/RedirectBinding.java @@ -229,8 +229,8 @@ public class RedirectBinding implements IDecoder, IEncoder { @Override public boolean handleDecode(final String action, final HttpServletRequest req) { - return ((action.equals(PvpConstants.REDIRECT) || action.equals(PvpConstants.SINGLELOGOUT)) - && req.getMethod().equals("GET")); + return action.equals(PvpConstants.REDIRECT) || action.equals(PvpConstants.SINGLELOGOUT) + && req.getMethod().equals("GET"); } @Override diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/SoapBinding.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/SoapBinding.java index 79a88487..2e19f259 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/SoapBinding.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/SoapBinding.java @@ -126,8 +126,8 @@ public class SoapBinding implements IDecoder, IEncoder { @Override public boolean handleDecode(final String action, final HttpServletRequest req) { - return (req.getMethod().equals("POST") - && (action.equals(PvpConstants.SOAP) || action.equals(PvpConstants.ATTRIBUTEQUERY))); + return req.getMethod().equals("POST") + && action.equals(PvpConstants.SOAP) || action.equals(PvpConstants.ATTRIBUTEQUERY); } @Override diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/message/InboundMessage.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/message/InboundMessage.java index 107a856e..c21524dd 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/message/InboundMessage.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/message/InboundMessage.java @@ -19,7 +19,13 @@ package at.gv.egiz.eaaf.modules.pvp2.impl.message; +import java.io.IOException; import java.io.Serializable; + +import javax.xml.parsers.ParserConfigurationException; +import javax.xml.transform.TransformerException; + +import at.gv.egiz.eaaf.core.impl.utils.DomUtils; import at.gv.egiz.eaaf.modules.pvp2.api.message.InboundMessageInterface; import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvpMetadataProvider; import at.gv.egiz.eaaf.modules.pvp2.exception.NoMetadataInformationException; @@ -28,17 +34,20 @@ import org.opensaml.saml2.metadata.provider.MetadataProviderException; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.w3c.dom.Element; +import org.xml.sax.SAXException; public class InboundMessage implements InboundMessageInterface, Serializable { private static final Logger log = LoggerFactory.getLogger(InboundMessage.class); private static final long serialVersionUID = 2395131650841669663L; - private Element samlMessage = null; + private transient Element samlMessage = null; private boolean verified = false; private String entityID = null; private String relayState = null; + private String serializedSamlMessage; + /** * Get SAML2 metadata for Entity that sends this request. * @@ -90,6 +99,13 @@ public class InboundMessage implements InboundMessageInterface, Serializable { */ public void setSamlMessage(final Element msg) { this.samlMessage = msg; + try { + this.serializedSamlMessage = DomUtils.serializeNode(msg); + + } catch (TransformerException | IOException e) { + log.warn("Can not serialize message",e ); + + } } /* @@ -129,7 +145,20 @@ public class InboundMessage implements InboundMessageInterface, Serializable { */ @Override public Element getInboundMessage() { - return samlMessage; + if (this.samlMessage != null) { + return samlMessage; + + } else { + try { + return (Element) DomUtils.parseDocument(serializedSamlMessage, false, null, null); + + } catch (SAXException | IOException | ParserConfigurationException e) { + throw new RuntimeException(e); + + } + + } + } } diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata/AbstractChainingMetadataProvider.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata/AbstractChainingMetadataProvider.java index ec81353a..8a6105bc 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata/AbstractChainingMetadataProvider.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata/AbstractChainingMetadataProvider.java @@ -401,7 +401,7 @@ public abstract class AbstractChainingMetadataProvider extends SimpleMetadataPro protected void emitChangeEvent() { - if ((getObservers() == null) || (getObservers().size() == 0)) { + if (getObservers() == null || getObservers().size() == 0) { return; } @@ -463,13 +463,12 @@ public abstract class AbstractChainingMetadataProvider extends SimpleMetadataPro while (metadataUrlInterator.hasNext()) { final String metadataurl = metadataUrlInterator.next(); try { - if (StringUtils.isNotEmpty(metadataurl)) { - if (loadedproviders.containsKey(metadataurl)) { - // SAML2 SP is actually loaded, to nothing - providersinuse.put(metadataurl, loadedproviders.get(metadataurl)); - loadedproviders.remove(metadataurl); + if (StringUtils.isNotEmpty(metadataurl) + && loadedproviders.containsKey(metadataurl)) { + // SAML2 SP is actually loaded, to nothing + providersinuse.put(metadataurl, loadedproviders.get(metadataurl)); + loadedproviders.remove(metadataurl); - } } } catch (final Throwable e) { log.error("Failed to add Metadata (unhandled reason: " + e.getMessage(), e); diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/KeyStoreX509CredentialAdapter.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/EaafKeyStoreX509CredentialAdapter.java index d84b407f..a6d2508d 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/KeyStoreX509CredentialAdapter.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/EaafKeyStoreX509CredentialAdapter.java @@ -29,7 +29,7 @@ import org.opensaml.xml.security.x509.X509Credential; * @author tlenz * */ -public class KeyStoreX509CredentialAdapter +public class EaafKeyStoreX509CredentialAdapter extends org.opensaml.xml.security.x509.KeyStoreX509CredentialAdapter { /** @@ -39,7 +39,7 @@ public class KeyStoreX509CredentialAdapter * @param alias Key alias * @param password key Password */ - public KeyStoreX509CredentialAdapter(final KeyStore store, final String alias, + public EaafKeyStoreX509CredentialAdapter(final KeyStore store, final String alias, final char[] password) { super(store, alias, password); } diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/HttpPostEncoderWithOwnTemplate.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/HttpPostEncoderWithOwnTemplate.java index 860eec64..957def02 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/HttpPostEncoderWithOwnTemplate.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/HttpPostEncoderWithOwnTemplate.java @@ -101,7 +101,7 @@ public class HttpPostEncoderWithOwnTemplate extends HTTPPostEncoder { // evaluate template and write content to response final Writer out = new OutputStreamWriter(outTransport.getOutgoingStream(), "UTF-8"); velocityEngine.evaluate(context, out, "SAML2_POST_BINDING", - new BufferedReader(new InputStreamReader(is))); + new BufferedReader(new InputStreamReader(is, "UTF-8"))); out.flush(); } catch (final Exception e) { diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/utils/AbstractCredentialProvider.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/utils/AbstractCredentialProvider.java index ea361f11..ec4009f0 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/utils/AbstractCredentialProvider.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/utils/AbstractCredentialProvider.java @@ -26,7 +26,7 @@ import java.security.interfaces.RSAPrivateKey; import at.gv.egiz.eaaf.core.exceptions.EaafException; import at.gv.egiz.eaaf.core.impl.utils.KeyStoreUtils; import at.gv.egiz.eaaf.modules.pvp2.exception.CredentialsNotAvailableException; -import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.KeyStoreX509CredentialAdapter; +import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.EaafKeyStoreX509CredentialAdapter; import org.apache.commons.lang3.StringUtils; import org.opensaml.xml.security.credential.Credential; import org.opensaml.xml.security.credential.UsageType; @@ -120,7 +120,7 @@ public abstract class AbstractCredentialProvider { keyStore = KeyStoreUtils.loadKeyStore(getKeyStoreFilePath(), getKeyStorePassword()); } - final KeyStoreX509CredentialAdapter credentials = new KeyStoreX509CredentialAdapter(keyStore, + final EaafKeyStoreX509CredentialAdapter credentials = new EaafKeyStoreX509CredentialAdapter(keyStore, getMetadataKeyAlias(), getMetadataKeyPassword().toCharArray()); credentials.setUsageType(UsageType.SIGNING); @@ -152,7 +152,7 @@ public abstract class AbstractCredentialProvider { keyStore = KeyStoreUtils.loadKeyStore(getKeyStoreFilePath(), getKeyStorePassword()); } - final KeyStoreX509CredentialAdapter credentials = new KeyStoreX509CredentialAdapter(keyStore, + final EaafKeyStoreX509CredentialAdapter credentials = new EaafKeyStoreX509CredentialAdapter(keyStore, getSignatureKeyAlias(), getSignatureKeyPassword().toCharArray()); credentials.setUsageType(UsageType.SIGNING); @@ -191,7 +191,7 @@ public abstract class AbstractCredentialProvider { return null; } - final KeyStoreX509CredentialAdapter credentials = new KeyStoreX509CredentialAdapter(keyStore, + final EaafKeyStoreX509CredentialAdapter credentials = new EaafKeyStoreX509CredentialAdapter(keyStore, getEncryptionKeyAlias(), getEncryptionKeyPassword().toCharArray()); credentials.setUsageType(UsageType.ENCRYPTION); diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/utils/Saml2Utils.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/utils/Saml2Utils.java index 1c7a9652..8bcc3e74 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/utils/Saml2Utils.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/utils/Saml2Utils.java @@ -20,7 +20,6 @@ package at.gv.egiz.eaaf.modules.pvp2.impl.utils; import java.io.IOException; -import java.security.NoSuchAlgorithmException; import java.util.List; import javax.xml.namespace.QName; import javax.xml.parsers.DocumentBuilder; @@ -34,7 +33,6 @@ import at.gv.egiz.eaaf.core.impl.utils.Random; import at.gv.egiz.eaaf.modules.pvp2.PvpConstants; import at.gv.egiz.eaaf.modules.pvp2.api.reqattr.EaafRequestedAttribute; import org.apache.commons.lang3.StringUtils; -import org.opensaml.common.impl.SecureRandomIdentifierGenerator; import org.opensaml.common.xml.SAMLSchemaBuilder; import org.opensaml.saml2.core.Attribute; import org.opensaml.saml2.core.Status; @@ -56,8 +54,6 @@ import org.w3c.dom.Document; public class Saml2Utils { private static final Logger log = LoggerFactory.getLogger(Saml2Utils.class); - private static SecureRandomIdentifierGenerator idGenerator; - private static DocumentBuilder builder; static { @@ -70,15 +66,7 @@ public class Saml2Utils { } catch (final ParserConfigurationException e) { // TODO Auto-generated catch block e.printStackTrace(); - } - - try { - idGenerator = new SecureRandomIdentifierGenerator(); - - } catch (final NoSuchAlgorithmException e) { - e.printStackTrace(); - - } + } } /** diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/PvpAuthRequestSignedRole.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/PvpAuthRequestSignedRole.java index 4eb711f9..8f042ae2 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/PvpAuthRequestSignedRole.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/PvpAuthRequestSignedRole.java @@ -46,8 +46,8 @@ public class PvpAuthRequestSignedRole extends SAML2AuthnRequestsSignedRule { final List<String> samlReqParam = inTransport.getParameterValues("SAMLRequest"); final List<String> samlRespParam = inTransport.getParameterValues("SAMLResponse"); final boolean isValidContent = - ((samlReqParam.size() == 1 && !DatatypeHelper.isEmpty(samlReqParam.get(0))) - || (samlRespParam.size() == 1 && !DatatypeHelper.isEmpty(samlRespParam.get(0)))) + (samlReqParam.size() == 1 && !DatatypeHelper.isEmpty(samlReqParam.get(0)) + || samlRespParam.size() == 1 && !DatatypeHelper.isEmpty(samlRespParam.get(0))) && !(samlReqParam.size() == 1 && samlRespParam.size() == 1); return isValidSigned && isValidSigAlgExists && isValidContent; diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/SamlVerificationEngine.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/SamlVerificationEngine.java index 64eb5247..024c35d8 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/SamlVerificationEngine.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/SamlVerificationEngine.java @@ -23,6 +23,8 @@ import javax.xml.namespace.QName; import javax.xml.transform.dom.DOMSource; import javax.xml.validation.Schema; import javax.xml.validation.Validator; + +import at.gv.egiz.eaaf.core.exceptions.EaafProtocolException; import at.gv.egiz.eaaf.core.exceptions.InvalidProtocolRequestException; import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvpMetadataProvider; import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IRefreshableMetadataProvider; @@ -73,10 +75,15 @@ public class SamlVerificationEngine { try { if (msg instanceof PvpSProfileRequest && ((PvpSProfileRequest) msg).getSamlRequest() instanceof RequestAbstractType) { - verifyRequest(((RequestAbstractType) ((PvpSProfileRequest) msg).getSamlRequest()), + verifyRequest((RequestAbstractType) ((PvpSProfileRequest) msg).getSamlRequest(), sigTrustEngine); - } else { + } else if (msg instanceof PvpSProfileResponse){ verifyIdpResponse(((PvpSProfileResponse) msg).getResponse(), sigTrustEngine); + + } else { + log.warn("SAML2 message type: {} not supported", msg.getClass().getName()); + throw new EaafProtocolException("9999", null); + } } catch (final InvalidProtocolRequestException e) { @@ -96,7 +103,7 @@ public class SamlVerificationEngine { if (msg instanceof PvpSProfileRequest && ((PvpSProfileRequest) msg).getSamlRequest() instanceof RequestAbstractType) { - verifyRequest(((RequestAbstractType) ((PvpSProfileRequest) msg).getSamlRequest()), + verifyRequest((RequestAbstractType) ((PvpSProfileRequest) msg).getSamlRequest(), sigTrustEngine); } else { verifyIdpResponse(((PvpSProfileResponse) msg).getResponse(), sigTrustEngine); diff --git a/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/api/builder/ISubjectNameIdGenerator.java b/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/api/builder/ISubjectNameIdGenerator.java index 131be543..e1c21ae7 100644 --- a/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/api/builder/ISubjectNameIdGenerator.java +++ b/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/api/builder/ISubjectNameIdGenerator.java @@ -34,6 +34,6 @@ public interface ISubjectNameIdGenerator { * @return Pair of subjectNameId and NameIdFormat * @throws Pvp2Exception In case of an error */ - public Pair<String, String> generateSubjectNameId(IAuthData authData, IspConfiguration spConfig) + Pair<String, String> generateSubjectNameId(IAuthData authData, IspConfiguration spConfig) throws Pvp2Exception; } diff --git a/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/AbstractPvp2XProtocol.java b/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/AbstractPvp2XProtocol.java index 3fac7894..8c74c3fb 100644 --- a/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/AbstractPvp2XProtocol.java +++ b/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/AbstractPvp2XProtocol.java @@ -409,7 +409,7 @@ public abstract class AbstractPvp2XProtocol extends AbstractController implement if (msg instanceof PvpSProfileRequest && ((PvpSProfileRequest) msg).getSamlRequest() instanceof AuthnRequest) { - preProcessAuthRequest(request, response, pendingReq); + preProcessAuthRequest(request, pendingReq); } else if (childPreProcess(request, response, pendingReq)) { log.debug("Find protocol handler in child implementation"); } else { @@ -430,15 +430,14 @@ public abstract class AbstractPvp2XProtocol extends AbstractController implement * PreProcess Authn request. * * @param request http request - * @param response http response * @param pendingReq current pending request * @throws Throwable in case of an error */ private void preProcessAuthRequest(final HttpServletRequest request, - final HttpServletResponse response, final PvpSProfilePendingRequest pendingReq) + final PvpSProfilePendingRequest pendingReq) throws Throwable { - final PvpSProfileRequest moaRequest = ((PvpSProfileRequest) pendingReq.getRequest()); + final PvpSProfileRequest moaRequest = (PvpSProfileRequest) pendingReq.getRequest(); final SignableXMLObject samlReq = moaRequest.getSamlRequest(); if (!(samlReq instanceof AuthnRequest)) { diff --git a/eaaf_modules/eaaf_module_pvp2_sp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/sp/api/IPvpAuthnRequestBuilderConfiguruation.java b/eaaf_modules/eaaf_module_pvp2_sp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/sp/api/IPvpAuthnRequestBuilderConfiguruation.java index d050dd4b..07e9c28d 100644 --- a/eaaf_modules/eaaf_module_pvp2_sp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/sp/api/IPvpAuthnRequestBuilderConfiguruation.java +++ b/eaaf_modules/eaaf_module_pvp2_sp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/sp/api/IPvpAuthnRequestBuilderConfiguruation.java @@ -39,14 +39,14 @@ public interface IPvpAuthnRequestBuilderConfiguruation { * * @return */ - public String getSpNameForLogging(); + String getSpNameForLogging(); /** * If true, the SAML2 isPassive flag is set in the AuthnRequest. * * @return */ - public Boolean isPassivRequest(); + Boolean isPassivRequest(); /** * Define the ID of the AssertionConsumerService, which defines the required attributes in @@ -54,21 +54,21 @@ public interface IPvpAuthnRequestBuilderConfiguruation { * * @return */ - public Integer getAssertionConsumerServiceId(); + Integer getAssertionConsumerServiceId(); /** * Define the SAML2 EntityID of the service provider. * * @return */ - public String getSpEntityID(); + String getSpEntityID(); /** * Define the SAML2 NameIDPolicy. * * @return Service-Provider EntityID, but never null */ - public String getNameIdPolicyFormat(); + String getNameIdPolicyFormat(); /** * Define the AuthnContextClassRefernece of this request. @@ -80,14 +80,14 @@ public interface IPvpAuthnRequestBuilderConfiguruation { * * @return */ - public String getAuthnContextClassRef(); + String getAuthnContextClassRef(); /** * Define the AuthnContextComparison model, which should be used. * * @return */ - public AuthnContextComparisonTypeEnumeration getAuthnContextComparison(); + AuthnContextComparisonTypeEnumeration getAuthnContextComparison(); /** @@ -95,7 +95,7 @@ public interface IPvpAuthnRequestBuilderConfiguruation { * * @return */ - public Credential getAuthnRequestSigningCredential(); + Credential getAuthnRequestSigningCredential(); /** @@ -103,14 +103,14 @@ public interface IPvpAuthnRequestBuilderConfiguruation { * * @return Credential, but never null. */ - public EntityDescriptor getIdpEntityDescriptor(); + EntityDescriptor getIdpEntityDescriptor(); /** * Set the SAML2 NameIDPolicy allow-creation flag. * * @return EntityDescriptor, but never null. */ - public boolean getNameIdPolicyAllowCreation(); + boolean getNameIdPolicyAllowCreation(); /** @@ -118,7 +118,7 @@ public interface IPvpAuthnRequestBuilderConfiguruation { * * @return SubjectNameID, or null if no SubjectNameID should be used */ - public String getSubjectNameID(); + String getSubjectNameID(); /** * Define the qualifier of the <code>SubjectNameID</code> <br> @@ -127,7 +127,7 @@ public interface IPvpAuthnRequestBuilderConfiguruation { * * @return qualifier, or null if no qualifier should be set */ - public String getSubjectNameIdQualifier(); + String getSubjectNameIdQualifier(); /** * Define the format of the subjectNameID, which is included in authn-request. @@ -135,21 +135,21 @@ public interface IPvpAuthnRequestBuilderConfiguruation { * * @return nameIDFormat, of SAML2 'transient' if nothing is defined */ - public String getSubjectNameIdFormat(); + String getSubjectNameIdFormat(); /** * Define a SP specific SAML2 requestID. * * @return requestID, or null if the requestID should be generated automatically */ - public String getRequestID(); + String getRequestID(); /** * Defines the 'method' attribute in 'SubjectConformation' element. * * @return method, or null if no method should set */ - public String getSubjectConformationMethode(); + String getSubjectConformationMethode(); /** * Define the information, which should be added as 'subjectConformationDate' in @@ -157,7 +157,7 @@ public interface IPvpAuthnRequestBuilderConfiguruation { * * @return subjectConformation information or null if no subjectConformation should be set */ - public Element getSubjectConformationDate(); + Element getSubjectConformationDate(); /** @@ -165,7 +165,7 @@ public interface IPvpAuthnRequestBuilderConfiguruation { * * @return */ - public String getScopeRequesterId(); + String getScopeRequesterId(); /** @@ -173,7 +173,7 @@ public interface IPvpAuthnRequestBuilderConfiguruation { * * @return */ - public String getProviderName(); + String getProviderName(); /** @@ -182,6 +182,6 @@ public interface IPvpAuthnRequestBuilderConfiguruation { * * @return */ - public List<EaafRequestedAttribute> getRequestedAttributes(); + List<EaafRequestedAttribute> getRequestedAttributes(); } diff --git a/eaaf_modules/eaaf_module_pvp2_sp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/sp/impl/PvpAuthnRequestBuilder.java b/eaaf_modules/eaaf_module_pvp2_sp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/sp/impl/PvpAuthnRequestBuilder.java index 36f43cc8..11b1ecad 100644 --- a/eaaf_modules/eaaf_module_pvp2_sp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/sp/impl/PvpAuthnRequestBuilder.java +++ b/eaaf_modules/eaaf_module_pvp2_sp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/sp/impl/PvpAuthnRequestBuilder.java @@ -253,6 +253,11 @@ public class PvpAuthnRequestBuilder { } else if (endpoint.getBinding().equals(SAMLConstants.SAML2_POST_BINDING_URI)) { binding = springContext.getBean("PVPPOSTBinding", PostBinding.class); + } else { + log.warn("Binding: {} is not supported", endpoint.getBinding()); + throw new AuthnRequestBuildException("sp.pvp2.00", + new Object[] {config.getSpNameForLogging(), idpEntity.getEntityID()}); + } // encode message diff --git a/eaaf_modules/eaaf_module_pvp2_sp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/sp/impl/utils/AssertionAttributeExtractor.java b/eaaf_modules/eaaf_module_pvp2_sp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/sp/impl/utils/AssertionAttributeExtractor.java index e0cad257..42d1c85e 100644 --- a/eaaf_modules/eaaf_module_pvp2_sp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/sp/impl/utils/AssertionAttributeExtractor.java +++ b/eaaf_modules/eaaf_module_pvp2_sp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/sp/impl/utils/AssertionAttributeExtractor.java @@ -285,7 +285,7 @@ public class AssertionAttributeExtractor { && getFullAssertion().getAuthnStatements().size() > 0) { for (final AuthnStatement el : getFullAssertion().getAuthnStatements()) { if (el.getSessionNotOnOrAfter() != null) { - return (el.getSessionNotOnOrAfter().toDate()); + return el.getSessionNotOnOrAfter().toDate(); } } @@ -331,21 +331,20 @@ public class AssertionAttributeExtractor { && assertion.getAttributeStatements().size() > 0) { final AttributeStatement attrStat = assertion.getAttributeStatements().get(0); for (final Attribute attr : attrStat.getAttributes()) { - if (attr.getName().startsWith(PvpConstants.STORK_ATTRIBUTE_PREFIX)) { - final List<String> storkAttrValues = new ArrayList<>(); - for (final XMLObject el : attr.getAttributeValues()) { - storkAttrValues.add(el.getDOM().getTextContent()); - } - +// if (attr.getName().startsWith(PvpConstants.STORK_ATTRIBUTE_PREFIX)) { +// final List<String> storkAttrValues = new ArrayList<>(); +// for (final XMLObject el : attr.getAttributeValues()) { +// storkAttrValues.add(el.getDOM().getTextContent()); +// } // PersonalAttribute storkAttr = new PersonalAttribute(attr.getName(), // false, storkAttrValues , "Available"); // storkAttributes.put(attr.getName(), storkAttr ); - } else { +// } else { final List<String> attrList = new ArrayList<>(); for (final XMLObject el : attr.getAttributeValues()) { attrList.add(el.getDOM().getTextContent()); - } + // } attributs.put(attr.getName(), attrList); @@ -573,11 +573,11 @@ </execution> </executions> <configuration> - <linkXref>true</linkXref> + <linkXref>false</linkXref> <sourceEncoding>utf-8</sourceEncoding> <minimumTokens>100</minimumTokens> <targetJdk>1.8</targetJdk> - <failOnViolation>false</failOnViolation> + <failOnViolation>true</failOnViolation> <printFailingErrors>true</printFailingErrors> <rulesets> <ruleset>${pmw_rules_location}</ruleset> @@ -599,7 +599,7 @@ </execution> </executions> <configuration> - <failOnError>false</failOnError> + <failOnError>true</failOnError> </configuration> </plugin> |