diff options
Diffstat (limited to 'eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp')
28 files changed, 1652 insertions, 1859 deletions
diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/EAAFAuthProcessDataConstants.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/EAAFAuthProcessDataConstants.java deleted file mode 100644 index 7ce24cf4..00000000 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/EAAFAuthProcessDataConstants.java +++ /dev/null @@ -1,46 +0,0 @@ -/******************************************************************************* - * Copyright 2017 Graz University of Technology - * EAAF-Core Components has been developed in a cooperation between EGIZ, - * A-SIT Plus, A-SIT, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * https://joinup.ec.europa.eu/news/understanding-eupl-v12 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -/******************************************************************************* - *******************************************************************************/ -/******************************************************************************* - *******************************************************************************/ -package at.gv.egiz.eaaf.core.api.idp; - -public interface EAAFAuthProcessDataConstants { - - public static final String GENERIC_PREFIX = "generic_"; - - public static final String VALUE_ISSUEINSTANT = "direct_issueInstant"; - - public static final String FLAG_IS_AUTHENTICATED = "direct_flagIsAuth"; - public static final String FLAG_IS_FOREIGNER = "direct_flagIsForeigner"; - public static final String FLAG_USE_MANDATE = "direct_flagUseMandate"; - public static final String FLAG_IS_ORGANWALTER = "direct_flagOrganwalter"; - public static final String FLAG_IS_NEW_EID_PROCESS = "direct_flagIsNewEID"; - - @Deprecated public static final String VALUE_IDENTITYLINK = "direct_idl"; - public static final String VALUE_QAALEVEL = "direct_qaaLevel"; - @Deprecated public static final String VALUE_MISMANDATE = "direct_MIS_Mandate"; - - -} diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/EaafAuthProcessDataConstants.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/EaafAuthProcessDataConstants.java new file mode 100644 index 00000000..98c59236 --- /dev/null +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/EaafAuthProcessDataConstants.java @@ -0,0 +1,40 @@ +/* + * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a + * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European + * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in + * compliance with the Licence. You may obtain a copy of the Licence at: + * https://joinup.ec.europa.eu/news/understanding-eupl-v12 + * + * Unless required by applicable law or agreed to in writing, software distributed under the Licence + * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express + * or implied. See the Licence for the specific language governing permissions and limitations under + * the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text file for details on the + * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative + * works that you distribute must include a readable copy of the "NOTICE" text file. +*/ + +package at.gv.egiz.eaaf.core.api.idp; + +public interface EaafAuthProcessDataConstants { + + String GENERIC_PREFIX = "generic_"; + + String VALUE_ISSUEINSTANT = "direct_issueInstant"; + + String FLAG_IS_AUTHENTICATED = "direct_flagIsAuth"; + String FLAG_IS_FOREIGNER = "direct_flagIsForeigner"; + String FLAG_USE_MANDATE = "direct_flagUseMandate"; + String FLAG_IS_ORGANWALTER = "direct_flagOrganwalter"; + String FLAG_IS_NEW_EID_PROCESS = "direct_flagIsNewEID"; + + @Deprecated + String VALUE_IDENTITYLINK = "direct_idl"; + String VALUE_QAALEVEL = "direct_qaaLevel"; + @Deprecated + String VALUE_MISMANDATE = "direct_MIS_Mandate"; + +} diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IAction.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IAction.java index a40394b3..9a057801 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IAction.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IAction.java @@ -1,67 +1,43 @@ -/******************************************************************************* - * Copyright 2017 Graz University of Technology - * EAAF-Core Components has been developed in a cooperation between EGIZ, - * A-SIT Plus, A-SIT, and Graz University of Technology. +/* + * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a + * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology. * - * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: + * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European + * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in + * compliance with the Licence. You may obtain a copy of the Licence at: * https://joinup.ec.europa.eu/news/understanding-eupl-v12 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -/******************************************************************************* - *******************************************************************************/ -/******************************************************************************* - *******************************************************************************/ -/******************************************************************************* - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ + * Unless required by applicable law or agreed to in writing, software distributed under the Licence + * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express + * or implied. See the Licence for the specific language governing permissions and limitations under + * the Licence. * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ + * This product combines work with different licenses. See the "NOTICE" text file for details on the + * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative + * works that you distribute must include a readable copy of the "NOTICE" text file. +*/ + package at.gv.egiz.eaaf.core.api.idp; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import at.gv.egiz.eaaf.core.api.IRequest; -import at.gv.egiz.eaaf.core.api.idp.slo.SLOInformationInterface; -import at.gv.egiz.eaaf.core.exceptions.EAAFException; - +import at.gv.egiz.eaaf.core.api.idp.slo.SloInformationInterface; +import at.gv.egiz.eaaf.core.exceptions.EaafException; /** - * Basic interface of a specific operation that is requested by an authentication protocol implementation - * + * Basic interface of a specific operation that is requested by an + * authentication protocol implementation. + * * @author tlenz * */ public interface IAction { - public SLOInformationInterface processRequest(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp, IAuthData authData) - throws EAAFException; - public boolean needAuthentication(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp); - - public String getDefaultActionName(); + SloInformationInterface processRequest(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp, + IAuthData authData) throws EaafException; + + boolean needAuthentication(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp); + + String getDefaultActionName(); } diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IAttributeBuilder.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IAttributeBuilder.java index 902aabbe..9c451282 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IAttributeBuilder.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IAttributeBuilder.java @@ -1,56 +1,31 @@ -/******************************************************************************* - * Copyright 2017 Graz University of Technology - * EAAF-Core Components has been developed in a cooperation between EGIZ, - * A-SIT Plus, A-SIT, and Graz University of Technology. +/* + * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a + * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology. * - * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: + * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European + * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in + * compliance with the Licence. You may obtain a copy of the Licence at: * https://joinup.ec.europa.eu/news/understanding-eupl-v12 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -/******************************************************************************* - *******************************************************************************/ -/******************************************************************************* - *******************************************************************************/ -/******************************************************************************* - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ + * Unless required by applicable law or agreed to in writing, software distributed under the Licence + * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express + * or implied. See the Licence for the specific language governing permissions and limitations under + * the Licence. * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ + * This product combines work with different licenses. See the "NOTICE" text file for details on the + * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative + * works that you distribute must include a readable copy of the "NOTICE" text file. +*/ + package at.gv.egiz.eaaf.core.api.idp; import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException; public interface IAttributeBuilder { - public String getName(); - - public <ATT> ATT build(final ISPConfiguration oaParam, final IAuthData authData, - final IAttributeGenerator<ATT> g) throws AttributeBuilderException; - - public <ATT> ATT buildEmpty(final IAttributeGenerator<ATT> g); + String getName(); + + <ATT> ATT build(final ISpConfiguration oaParam, final IAuthData authData, final IAttributeGenerator<ATT> g) + throws AttributeBuilderException; + + <ATT> ATT buildEmpty(final IAttributeGenerator<ATT> g); } diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IAttributeGenerator.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IAttributeGenerator.java index 3591e313..072f76e6 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IAttributeGenerator.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IAttributeGenerator.java @@ -1,63 +1,38 @@ -/******************************************************************************* - * Copyright 2017 Graz University of Technology - * EAAF-Core Components has been developed in a cooperation between EGIZ, - * A-SIT Plus, A-SIT, and Graz University of Technology. +/* + * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a + * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology. * - * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: + * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European + * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in + * compliance with the Licence. You may obtain a copy of the Licence at: * https://joinup.ec.europa.eu/news/understanding-eupl-v12 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -/******************************************************************************* - *******************************************************************************/ -/******************************************************************************* - *******************************************************************************/ -/******************************************************************************* - - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. + * Unless required by applicable law or agreed to in writing, software distributed under the Licence + * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express + * or implied. See the Licence for the specific language governing permissions and limitations under + * the Licence. * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ + * This product combines work with different licenses. See the "NOTICE" text file for details on the + * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative + * works that you distribute must include a readable copy of the "NOTICE" text file. +*/ + package at.gv.egiz.eaaf.core.api.idp; public interface IAttributeGenerator<ATT> { - /** - * - * @param friendlyName FriendlyName - * @param name Name - * @param value value - * @return - */ - public abstract ATT buildStringAttribute(final String friendlyName, final String name, final String value); - - public abstract ATT buildIntegerAttribute(final String friendlyName, final String name, final int value); - - public abstract ATT buildLongAttribute(final String friendlyName, final String name, final long value); - - public abstract ATT buildEmptyAttribute(final String friendlyName, final String name); + /** + * Protocol attribute generator. + * + * @param friendlyName FriendlyName + * @param name Name + * @param value value + * @return + */ + ATT buildStringAttribute(final String friendlyName, final String name, final String value); + + ATT buildIntegerAttribute(final String friendlyName, final String name, final int value); + + ATT buildLongAttribute(final String friendlyName, final String name, final long value); + + ATT buildEmptyAttribute(final String friendlyName, final String name); } diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IAuthData.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IAuthData.java index e9d86efa..ca946496 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IAuthData.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IAuthData.java @@ -1,251 +1,212 @@ -/******************************************************************************* - * Copyright 2017 Graz University of Technology - * EAAF-Core Components has been developed in a cooperation between EGIZ, - * A-SIT Plus, A-SIT, and Graz University of Technology. +/* + * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a + * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology. * - * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: + * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European + * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in + * compliance with the Licence. You may obtain a copy of the Licence at: * https://joinup.ec.europa.eu/news/understanding-eupl-v12 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -/******************************************************************************* - *******************************************************************************/ -/******************************************************************************* - *******************************************************************************/ -/** - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. + * Unless required by applicable law or agreed to in writing, software distributed under the Licence + * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express + * or implied. See the Licence for the specific language governing permissions and limitations under + * the Licence. * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ + * This product combines work with different licenses. See the "NOTICE" text file for details on the + * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative + * works that you distribute must include a readable copy of the "NOTICE" text file. +*/ + package at.gv.egiz.eaaf.core.api.idp; import java.util.Date; -import java.util.List; import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink; -import at.gv.egiz.eaaf.core.impl.data.Pair; /** + * Service-Provider specific authentication-data. + * * @author tlenz * */ public interface IAuthData { - /** - * BaseId transfer policy - * - * @return true if baseID transfer to service provider is allowed, otherwise false - */ - boolean isBaseIDTransferRestrication(); - - /** - * Identifier of the IDP that authenicates the user - * - * @return - */ - String getAuthenticationIssuer(); - - /** - * Timestamp of the authentication process - * - * @return - */ - Date getAuthenticationIssueInstant(); - - /** - * Get string formated timestamp of the authentication process - * - * @return - */ - String getAuthenticationIssueInstantString(); - - - /** - * Familyname of the user - * - * @return - */ - String getFamilyName(); - - /** - * Givenname of the user - * - * @return - */ - String getGivenName(); - - /** - * Date of birth of the user - * - * @return date of birth or null no data of birth is available - */ - Date getDateOfBirth(); - - /** - * String formated date of birth of the user with pattern yyyy-MM-dd - * - * - * @return date of birth or '2999-12-31' if no data of birth is available - */ - String getFormatedDateOfBirth(); - - /** - * Get the encrypted SourceId (vSZ) from new E-ID scheme - * - * @return - */ - String getEncryptedSourceId(); - - /** - * Get the type identifier of encrypted SourceId - * - * @return - */ - String getEncryptedSourceIdType(); - - /** - * Return LoA for this user authentication - * - * @return eIDAS LoA URI - */ - public String getEIDASQAALevel(); - - - /** - * Indicates that the user is a foreigner - * - * @return true if the user is foreigner, otherwise false - */ - boolean isForeigner(); - - /** - * Code of the citizen country of the authenticated user - * - * @return - */ - String getCiticenCountryCode(); - - - /** - * Indicate that the authentication was done by using an active single sign-on session - * - * @return true if it an SSO session was used, otherwise false - */ - boolean isSsoSession(); - - /** - * Date, up to which the SSO that was used for authentication is valid to - * - * @return - */ - Date getSsoSessionValidTo(); - - - /** - * SessionIndex, if it was an reauthentication on a service provider by using the same SSO session - * - * @return - */ - String getSessionIndex(); - - /** - * SAML2 NameID for the user - * - * @return - */ - String getNameID(); - - /** - * Format of the SAML2 NameID - * - * @return - */ - String getNameIDFormat(); - - - /** - * Get generic information for this authenticated user - * - * @param key Identifier for the generic data - * @param clazz Type of the generic data - * @return return the generic data of specific type, otherwise null - */ - public <T> T getGenericData(String key, final Class<T> clazz); - - - /** - * Get bPK of the user - * - * @return - */ - @Deprecated - String getBPK(); - - /** - * Get sector for user's bPK - * - * - * @return Sector identifier with prefix - */ - @Deprecated - String getBPKType(); - - - /** - * Get List of bPK/bPKType tuples for this service provider - * @return List of Pairs<bPK, bPKType> - */ - @Deprecated - List<Pair<String, String>> getAdditionalbPKs(); - - /** - * Get baseId of this user - * - * @return - */ - @Deprecated - String getIdentificationValue(); - - /** - * Get type identifier of the baseId - * By default, this type is urn:publicid:gv.at:baseid - * - * @return - */ - @Deprecated - String getIdentificationType(); - - - /** - * Get the identityLink for the authenticated user - * - * @return IDL, or NULL if no IDL is available - */ - @Deprecated - IIdentityLink getIdentityLink(); + /** + * BaseId transfer policy. + * + * @return true if baseID transfer to service provider is allowed, otherwise + * false + */ + boolean isBaseIdTransferRestrication(); + + /** + * Identifier of the IDP that authenicates the user. + * + * @return + */ + String getAuthenticationIssuer(); + + /** + * Timestamp of the authentication process. + * + * @return + */ + Date getAuthenticationIssueInstant(); + + /** + * Get string formated timestamp of the authentication process. + * + * @return + */ + String getAuthenticationIssueInstantString(); + + /** + * Familyname of the user. + * + * @return + */ + String getFamilyName(); + + /** + * Givenname of the user. + * + * @return + */ + String getGivenName(); + + /** + * Date of birth of the user. + * + * @return date of birth or null no data of birth is available + */ + Date getDateOfBirth(); + + /** + * String formated date of birth of the user with pattern yyyy-MM-dd. + * + * + * @return date of birth or '2999-12-31' if no data of birth is available + */ + String getFormatedDateOfBirth(); + + /** + * Get the encrypted SourceId (vSZ) from new E-ID scheme. + * + * @return + */ + String getEncryptedSourceId(); + + /** + * Get the type identifier of encrypted SourceId. + * + * @return + */ + String getEncryptedSourceIdType(); + + /** + * Return LoA for this user authentication. + * + * @return eIDAS LoA URI + */ + String getEidasQaaLevel(); + + /** + * Indicates that the user is a foreigner. + * + * @return true if the user is foreigner, otherwise false + */ + boolean isForeigner(); + + /** + * Code of the citizen country of the authenticated user. + * + * @return + */ + String getCiticenCountryCode(); + + /** + * Indicate that the authentication was done by using an active single sign-on + * session. + * + * @return true if it an SSO session was used, otherwise false + */ + boolean isSsoSession(); + + /** + * Date, up to which the SSO that was used for authentication is valid to. + * + * @return + */ + Date getSsoSessionValidTo(); + + /** + * SessionIndex, if it was an reauthentication on a service provider by using + * the same SSO session. + * + * @return + */ + String getSessionIndex(); + + /** + * SAML2 NameID for the user. + * + * @return + */ + String getNameID(); + + /** + * Format of the SAML2 NameID. + * + * @return + */ + String getNameIdFormat(); + + /** + * Get generic information for this authenticated user. + * + * @param key Identifier for the generic data + * @param clazz Type of the generic data + * @return return the generic data of specific type, otherwise null + */ + <T> T getGenericData(String key, final Class<T> clazz); + + /** + * Get bPK of the user. + * + * @return + */ + String getBpk(); + + /** + * Get sector for user's bPK. + * + * + * @return Sector identifier with prefix + */ + String getBpkType(); + + /** + * Get baseId of this user. + * + * @return + */ + @Deprecated + String getIdentificationValue(); + + /** + * Get type identifier of the baseId By default, this type is + * urn:publicid:gv.at:baseid. + * + * @return + */ + @Deprecated + String getIdentificationType(); + + /** + * Get the identityLink for the authenticated user. + * + * @return IDL, or NULL if no IDL is available + */ + @Deprecated + IIdentityLink getIdentityLink(); } diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IAuthenticationDataBuilder.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IAuthenticationDataBuilder.java index 2e67f2a8..8c99b783 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IAuthenticationDataBuilder.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IAuthenticationDataBuilder.java @@ -1,38 +1,29 @@ -/******************************************************************************* - * Copyright 2017 Graz University of Technology - * EAAF-Core Components has been developed in a cooperation between EGIZ, - * A-SIT Plus, A-SIT, and Graz University of Technology. +/* + * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a + * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology. * - * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: + * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European + * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in + * compliance with the Licence. You may obtain a copy of the Licence at: * https://joinup.ec.europa.eu/news/understanding-eupl-v12 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -/******************************************************************************* - *******************************************************************************/ -/******************************************************************************* - *******************************************************************************/ + * Unless required by applicable law or agreed to in writing, software distributed under the Licence + * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express + * or implied. See the Licence for the specific language governing permissions and limitations under + * the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text file for details on the + * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative + * works that you distribute must include a readable copy of the "NOTICE" text file. +*/ + package at.gv.egiz.eaaf.core.api.idp; import at.gv.egiz.eaaf.core.api.IRequest; -import at.gv.egiz.eaaf.core.exceptions.EAAFAuthenticationException; +import at.gv.egiz.eaaf.core.exceptions.EaafAuthenticationException; public interface IAuthenticationDataBuilder { - IAuthData buildAuthenticationData(IRequest pendingReq) throws EAAFAuthenticationException; + IAuthData buildAuthenticationData(IRequest pendingReq) throws EaafAuthenticationException; - - } diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IConfiguration.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IConfiguration.java index 3ed505ef..b9ba9869 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IConfiguration.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IConfiguration.java @@ -1,78 +1,69 @@ -/******************************************************************************* - * Copyright 2017 Graz University of Technology - * EAAF-Core Components has been developed in a cooperation between EGIZ, - * A-SIT Plus, A-SIT, and Graz University of Technology. +/* + * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a + * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology. * - * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: + * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European + * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in + * compliance with the Licence. You may obtain a copy of the Licence at: * https://joinup.ec.europa.eu/news/understanding-eupl-v12 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -/******************************************************************************* - *******************************************************************************/ -/******************************************************************************* - *******************************************************************************/ + * Unless required by applicable law or agreed to in writing, software distributed under the Licence + * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express + * or implied. See the Licence for the specific language governing permissions and limitations under + * the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text file for details on the + * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative + * works that you distribute must include a readable copy of the "NOTICE" text file. +*/ + package at.gv.egiz.eaaf.core.api.idp; import java.net.URI; public interface IConfiguration { - - /** - * Get a configuration value from file based configuration - * - * @param key configuration key - * @return configuration value or null if it is not found - */ - public String getBasicConfiguration(final String key); - - - /** - * Get a configuration value from file based configuration - * - * @param key configuration key - * @param defaultValue Default value if no value with this key is found - * @return configuration value - */ - public String getBasicConfiguration(final String key, final String defaultValue); - - - /** - * Get a configuration value from file based configuration - * - * @param key configuration key - * @return configuration value as {@link Boolean.parseBoolean(value)} or <code>null</code> if key does not exist - */ - public Boolean getBasicConfigurationBoolean(final String key); - - /** - * Get a configuration value from file based configuration - * - * @param key configuration key - * @param defaultValue Default value if no value with this key is found - * @return configuration value as {@link Boolean.parseBoolean(value)} or <code>defaultValue</code> if key does not exist - */ - public boolean getBasicConfigurationBoolean(final String key, final boolean defaultValue); - - - /** - * Get the root directory of the configuration folder - * - * @return - */ - public URI getConfigurationRootDirectory(); - - + + /** + * Get a configuration value from file based configuration. + * + * @param key configuration key + * @return configuration value or null if it is not found + */ + String getBasicConfiguration(final String key); + + /** + * Get a configuration value from file based configuration. + * + * @param key configuration key + * @param defaultValue Default value if no value with this key is found + * @return configuration value + */ + String getBasicConfiguration(final String key, final String defaultValue); + + /** + * Get a configuration value from file based configuration. + * + * @param key configuration key + * @return configuration value as {@link Boolean} or <code>false</code> if key + * does not exist + */ + boolean getBasicConfigurationBoolean(final String key); + + /** + * Get a configuration value from file based configuration. + * + * @param key configuration key + * @param defaultValue Default value if no value with this key is found + * @return configuration value as {@link Boolean} or <code>defaultValue</code> + * if key does not exist + */ + boolean getBasicConfigurationBoolean(final String key, final boolean defaultValue); + + /** + * Get the root directory of the configuration folder. + * + * @return + */ + URI getConfigurationRootDirectory(); + } diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IConfigurationWithSP.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IConfigurationWithSP.java index ef453808..1ab27e7f 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IConfigurationWithSP.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IConfigurationWithSP.java @@ -5,53 +5,58 @@ import java.util.Map; import javax.annotation.Nullable; -import at.gv.egiz.eaaf.core.exceptions.EAAFConfigurationException; -import at.gv.egiz.eaaf.core.exceptions.EAAFException; +import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException; +import at.gv.egiz.eaaf.core.exceptions.EaafException; public interface IConfigurationWithSP extends IConfiguration { - public static final String CONFIG_PROPS_AUTH_DEFAULT_COUNTRYCODE = "configuration.auth.default.countrycode"; - - - /** - * Get a configuration entry for a specific Service Provider - * - * @param uniqueID Unique identifier of the Service Provider - * @return {@link ISPConfiguration} or <code>null</code> if no SP configuration was found - * @throws EAAFConfigurationException - */ - @Nullable - public ISPConfiguration getServiceProviderConfiguration(final String uniqueID) throws EAAFConfigurationException; - - - /** - * Get a configuration entry for a specific Service Provider that is decorated by a Object - * - * @param spIdentifier EntityID of a Service Provider - * @param decorator Decorator that should be used to decorate the result. - * This decorator has to be implement or extend the {@link ISPConfiguration} interface - * @return <code>T</code> or <code>null</code> if no SP configuration was found - * @throws EAAFConfigurationException - */ - @Nullable - public <T> T getServiceProviderConfiguration(String spIdentifier, final Class<T> decorator) throws EAAFConfigurationException; - - - /** - * Get a set of configuration values from file based configuration that starts with this prefix - * <br><br> - * <b>Important:</b> The configuration values must be of type String! - * - * @param prefix Prefix of the configuration key - * @return Map<String, String> without prefix, but never null - */ - public Map<String, String> getBasicConfigurationWithPrefix(final String prefix); - - /** - * Validate a URL if it it is allowed by configuration. - * - * @param authReqUrl URL for validation - * @return URL of the application context if the authReqUrl was valid, otherwise null - */ - public String validateIDPURL(URL authReqUrl) throws EAAFException; + String CONFIG_PROPS_AUTH_DEFAULT_COUNTRYCODE = "configuration.auth.default.countrycode"; + + /** + * Get a configuration entry for a specific Service Provider. + * + * @param uniqueID Unique identifier of the Service Provider + * @return {@link ISpConfiguration} or <code>null</code> if no SP configuration + * was found + * @throws EaafConfigurationException In case of a Service-Provider loading + * error + */ + @Nullable + ISpConfiguration getServiceProviderConfiguration(final String uniqueID) throws EaafConfigurationException; + + /** + * Get a configuration entry for a specific Service Provider that is decorated + * by a Object. + * + * @param spIdentifier EntityID of a Service Provider + * @param decorator Decorator that should be used to decorate the result. + * This decorator has to be implement or extend the + * {@link ISpConfiguration} interface + * @return <code>T</code> or <code>null</code> if no SP configuration was found + * @throws EaafConfigurationException In case of a Service-Provider loading + * error + */ + @Nullable + <T> T getServiceProviderConfiguration(String spIdentifier, final Class<T> decorator) + throws EaafConfigurationException; + + /** + * Get a set of configuration values from file based configuration that starts + * with this prefix. <br> + * <br> + * <b>Important:</b> The configuration values must be of type String! + * + * @param prefix Prefix of the configuration key + * @return Map String/String without prefix, but never null + */ + Map<String, String> getBasicConfigurationWithPrefix(final String prefix); + + /** + * Validate a URL if it it is allowed by configuration. + * + * @param authReqUrl URL for validation + * @return URL of the application context if the authReqUrl was valid, otherwise + * null + */ + String validateIdpUrl(URL authReqUrl) throws EaafException; } diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IEidAuthData.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IEidAuthData.java index 74c84468..323e4aeb 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IEidAuthData.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IEidAuthData.java @@ -1,45 +1,41 @@ package at.gv.egiz.eaaf.core.api.idp; -import at.gv.egiz.eaaf.core.api.data.PVPAttributeDefinitions; +import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions; public interface IEidAuthData extends IAuthData { - /** - * Get the serialized signing certificate that was used to sign the consent - * - * @return - */ - byte[] getSignerCertificate(); + /** + * Get the serialized signing certificate that was used to sign the consent. + * + * @return + */ + byte[] getSignerCertificate(); - - /** - * Get the serialized E-ID token that can be used to validate the Identity-Link - * - * @return - */ - byte[] getEIDToken(); + /** + * Get the serialized E-ID token that can be used to validate the Identity-Link. + * + * @return + */ + byte[] getEidToken(); + /** + * Get the status of the E-ID. + * + * @return {@link PvpAttributeDefinitions.EidIdentityStatusLevelValues} + */ + PvpAttributeDefinitions.EidIdentityStatusLevelValues getEidStatus(); - /** - * Get the status of the E-ID - * - * @return {@link PVPAttributeDefinitions.EID_IDENTITY_STATUS_LEVEL_VALUES} - */ - PVPAttributeDefinitions.EID_IDENTITY_STATUS_LEVEL_VALUES getEIDStatus(); - - - /** - * Get the URL of the VDA EndPoint, that was used for authentication - * - * @return - */ - String getVdaEndPointUrl(); - - - /** - * Flag that mandates are used - * - * @return true if mandates are used, otherwise false - */ - boolean isUseMandate(); + /** + * Get the URL of the VDA EndPoint, that was used for authentication. + * + * @return + */ + String getVdaEndPointUrl(); + + /** + * Flag that mandates are used. + * + * @return true if mandates are used, otherwise false + */ + boolean isUseMandate(); } diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IExtendedConfiguration.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IExtendedConfiguration.java index a12a7260..ec09995d 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IExtendedConfiguration.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IExtendedConfiguration.java @@ -5,20 +5,20 @@ import java.util.Properties; public interface IExtendedConfiguration extends IConfigurationWithSP { - /** - * Get the full configuration properties object - * - * @return - */ - @Deprecated - public Properties getFullConfigurationProperties(); - - /** - * Get the path to EAAFCore configuration that is internally used - * - * @return - */ - @Deprecated - public URI getConfigurationFilePath(); - + /** + * Get the full configuration properties object. + * + * @return + */ + @Deprecated + Properties getFullConfigurationProperties(); + + /** + * Get the path to EAAFCore configuration that is internally used. + * + * @return + */ + @Deprecated + URI getConfigurationFilePath(); + } diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IModulInfo.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IModulInfo.java index 06aed047..4834f15e 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IModulInfo.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IModulInfo.java @@ -1,47 +1,22 @@ -/******************************************************************************* - * Copyright 2017 Graz University of Technology - * EAAF-Core Components has been developed in a cooperation between EGIZ, - * A-SIT Plus, A-SIT, and Graz University of Technology. +/* + * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a + * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology. * - * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: + * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European + * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in + * compliance with the Licence. You may obtain a copy of the Licence at: * https://joinup.ec.europa.eu/news/understanding-eupl-v12 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -/******************************************************************************* - *******************************************************************************/ -/******************************************************************************* - *******************************************************************************/ -/******************************************************************************* - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ + * Unless required by applicable law or agreed to in writing, software distributed under the Licence + * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express + * or implied. See the Licence for the specific language governing permissions and limitations under + * the Licence. * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ + * This product combines work with different licenses. See the "NOTICE" text file for details on the + * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative + * works that you distribute must include a readable copy of the "NOTICE" text file. +*/ + package at.gv.egiz.eaaf.core.api.idp; import javax.servlet.http.HttpServletRequest; @@ -50,50 +25,51 @@ import javax.servlet.http.HttpServletResponse; import at.gv.egiz.eaaf.core.api.IRequest; /** - * Basic interface of an authentication protocol implementation on IDP side - * + * Basic interface of an authentication protocol implementation on IDP side. + * * @author tlenz * */ public interface IModulInfo { - - /** - * Name of this IDP authentication module - * - * @return - */ - public String getName(); - - /** - * Authentication protocol identifier for this module - * - * @return - */ - public String getAuthProtocolIdentifier(); - - /** - * Generates a protocol specific error message - * - * - * @param e Exception that contains the error message - * @param request httpRequest object from servlet container - * @param response httpResponse object from servlet container - * @param protocolRequest incoming protocol request - * @return return <i>true</i> if a protocol specific error message was generated, otherwise <i>false</i> - * @throws Throwable - */ - public boolean generateErrorMessage(Throwable e, - HttpServletRequest request, HttpServletResponse response, - IRequest protocolRequest) throws Throwable; - - /** - * additional validation of a incoming authentication request - * - * @param request httpRequest object from servlet container - * @param response httpResponse object from servlet container - * @param pending incoming protocol request - * @return return <i>true</i> if the incoming request is valid, otherwise <i>false</i> - */ - public boolean validate(HttpServletRequest request, - HttpServletResponse response, IRequest pending); + + /** + * Name of this IDP authentication module. + * + * @return + */ + String getName(); + + /** + * Authentication protocol identifier for this module. + * + * @return + */ + String getAuthProtocolIdentifier(); + + /** + * Generates a protocol specific error message. + * + * + * @param e Exception that contains the error message + * @param request httpRequest object from servlet container + * @param response httpResponse object from servlet container + * @param protocolRequest incoming protocol request + * @return return <i>true</i> if a protocol specific error message was + * generated, otherwise <i>false</i> + * @throws Throwable In case of an internal error during error message + * generation + */ + boolean generateErrorMessage(Throwable e, HttpServletRequest request, HttpServletResponse response, + IRequest protocolRequest) throws Throwable; + + /** + * additional validation of a incoming authentication request. + * + * @param request httpRequest object from servlet container + * @param response httpResponse object from servlet container + * @param pending incoming protocol request + * @return return <i>true</i> if the incoming request is valid, otherwise + * <i>false</i> + */ + boolean validate(HttpServletRequest request, HttpServletResponse response, IRequest pending); } diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IPVPAttributeBuilder.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IPVPAttributeBuilder.java deleted file mode 100644 index eab7af9b..00000000 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IPVPAttributeBuilder.java +++ /dev/null @@ -1,33 +0,0 @@ -/******************************************************************************* - * Copyright 2017 Graz University of Technology - * EAAF-Core Components has been developed in a cooperation between EGIZ, - * A-SIT Plus, A-SIT, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * https://joinup.ec.europa.eu/news/understanding-eupl-v12 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -/******************************************************************************* - *******************************************************************************/ -/******************************************************************************* - *******************************************************************************/ -package at.gv.egiz.eaaf.core.api.idp; - -import at.gv.egiz.eaaf.core.api.data.PVPAttributeDefinitions; - -public interface IPVPAttributeBuilder extends PVPAttributeDefinitions, IAttributeBuilder { - -} diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IPvpAttributeBuilder.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IPvpAttributeBuilder.java new file mode 100644 index 00000000..5115327d --- /dev/null +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IPvpAttributeBuilder.java @@ -0,0 +1,26 @@ +/* + * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a + * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European + * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in + * compliance with the Licence. You may obtain a copy of the Licence at: + * https://joinup.ec.europa.eu/news/understanding-eupl-v12 + * + * Unless required by applicable law or agreed to in writing, software distributed under the Licence + * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express + * or implied. See the Licence for the specific language governing permissions and limitations under + * the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text file for details on the + * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative + * works that you distribute must include a readable copy of the "NOTICE" text file. +*/ + +package at.gv.egiz.eaaf.core.api.idp; + +import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions; + +public interface IPvpAttributeBuilder extends PvpAttributeDefinitions, IAttributeBuilder { + +} diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/ISPConfiguration.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/ISPConfiguration.java deleted file mode 100644 index 9d92b713..00000000 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/ISPConfiguration.java +++ /dev/null @@ -1,168 +0,0 @@ -/******************************************************************************* - * Copyright 2017 Graz University of Technology - * EAAF-Core Components has been developed in a cooperation between EGIZ, - * A-SIT Plus, A-SIT, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * https://joinup.ec.europa.eu/news/understanding-eupl-v12 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -/******************************************************************************* - *******************************************************************************/ -/******************************************************************************* - *******************************************************************************/ -package at.gv.egiz.eaaf.core.api.idp; - -import java.io.Serializable; -import java.util.List; -import java.util.Map; - -import at.gv.egiz.eaaf.core.api.data.EAAFConstants; - -public interface ISPConfiguration extends Serializable { - - public static final String CONFIG_KEY_RESTRICTIONS_BASEID_INTERNAL = "configuration.restrictions.baseID.idpProcessing"; - public static final String CONFIG_KEY_RESTRICTIONS_BASEID_TRANSMISSION = "configuration.restrictions.baseID.spTransmission"; - - public static final String CONFIG_KEY_RESTRICTIONS_EID_DEMO_MODE = "configuration.restrictions.eIDTestMode"; - - /** - * Get the full key/value configuration for this Service Provider - * - * @return an unmodifiable map of key/value pairs - */ - public Map<String, String> getFullConfiguration(); - - /** - * Get a configuration value from Service Provider key/value configuration - * - * @param key The key identifier of a configuration value - * @return The configuration value {String} or null if the key does not exist - */ - public String getConfigurationValue(String key); - - /** - * Get a configuration value from Service Provider key/value configuration - * - * @param key The key identifier of a configuration value - * @param defaultValue Default value if key does not exist - * @return The configuration value {String} or defaultValue if the key does not exist - */ - public String getConfigurationValue(String key, String defaultValue); - - /** - * Get a boolean configuration value from Service Provider key/value configuration - * - * @param key The key identifier of a configuration value - * @return true / false, or null if the key does not exist - */ - public Boolean isConfigurationValue(String key); - - - /** - * Get a boolean configuration value from Service Provider key/value configuration - * - * @param key The key identifier of a configuration value - * @param defaultValue Default value if key does not exist - * @return true / false, or defaultValue if the key does not exist - */ - public boolean isConfigurationValue(String key, boolean defaultValue); - - /** - * Check if a configuration key is available in this Service Provider configuration - * - * @param key The key identifier of a configuration value - * @return true if the configuration key exists, otherwise false - */ - boolean containsConfigurationKey(String key); - - /** - * Return the unique identifier of this Service Provider - * - * @return - */ - public String getUniqueIdentifier(); - - /** - * Return the unique identifier of this Service Provider - * - * @return - */ - public String getFriendlyName(); - - /** - * Indicates if this service provider has private area restrictions that disallow baseId processing in general - * * - * @return true if there is a restriction, otherwise false - */ - public boolean hasBaseIdInternalProcessingRestriction(); - - - /** - * Indicates if this service provider has private area restrictions that disallow baseId transfer to SP - * - * @return true if there is a restriction, otherwise false - */ - public boolean hasBaseIdTransferRestriction(); - - /** - * Get the {@link List} of identifier's that indicates no baseID processing restriction exists.<br> - * This list can be configured by key: "configuration.restrictions.baseID.idpProcessing" - * - * @return - */ - public List<String> getTargetsWithNoBaseIdInternalProcessingRestriction(); - - /** - * Get the {@link List} of identifier's that indicates no baseID transfer restriction exists.<br> - * This list can be configured by key: "configuration.restrictions.baseID.spTransmission" - * - * @return - */ - public List<String> getTargetsWithNoBaseIdTransferRestriction(); - - /** - * Get the List eIDAS LoA that are required by this service provider - * - * {@link EAAFConstants.EIDAS_LOA_LOW} - * {@link EAAFConstants.EIDAS_LOA_SUBSTANTIAL} - * {@link EAAFConstants.EIDAS_LOA_HIGH} - * or any other non-notified LoA scheme - * - * @return return List of eIDAS LoAs - */ - public List<String> getRequiredLoA(); - - /** - * Get required matching mode for LoAs - * {@link EIDAS_LOA_MATCHING_MINIMUM} - * {@link EIDAS_LOA_MATCHING_EXACT} - * - * @return - */ - public String getLoAMatchingMode(); - - - /** - * Get the full area-identifier for this service provider to calculate the - * area-specific unique person identifier (bPK, wbPK, eIDAS unique identifier, ...). - * This identifier always contains the full prefix - * - * @return area identifier with prefix - */ - public String getAreaSpecificTargetIdentifier(); - -} diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/ISpConfiguration.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/ISpConfiguration.java new file mode 100644 index 00000000..5a16f655 --- /dev/null +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/ISpConfiguration.java @@ -0,0 +1,164 @@ +/* + * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a + * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European + * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in + * compliance with the Licence. You may obtain a copy of the Licence at: + * https://joinup.ec.europa.eu/news/understanding-eupl-v12 + * + * Unless required by applicable law or agreed to in writing, software distributed under the Licence + * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express + * or implied. See the Licence for the specific language governing permissions and limitations under + * the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text file for details on the + * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative + * works that you distribute must include a readable copy of the "NOTICE" text file. +*/ + +package at.gv.egiz.eaaf.core.api.idp; + +import java.io.Serializable; +import java.util.List; +import java.util.Map; + +public interface ISpConfiguration extends Serializable { + + String CONFIG_KEY_RESTRICTIONS_BASEID_INTERNAL = "configuration.restrictions.baseID.idpProcessing"; + String CONFIG_KEY_RESTRICTIONS_BASEID_TRANSMISSION = "configuration.restrictions.baseID.spTransmission"; + + String CONFIG_KEY_RESTRICTIONS_EID_DEMO_MODE = "configuration.restrictions.eIDTestMode"; + + /** + * Get the full key/value configuration for this Service Provider. + * + * @return an unmodifiable map of key/value pairs + */ + Map<String, String> getFullConfiguration(); + + /** + * Get a configuration value from Service Provider key/value configuration. + * + * @param key The key identifier of a configuration value + * @return The configuration value {String} or null if the key does not exist + */ + String getConfigurationValue(String key); + + /** + * Get a configuration value from Service Provider key/value configuration. + * + * @param key The key identifier of a configuration value + * @param defaultValue Default value if key does not exist + * @return The configuration value {String} or defaultValue if the key does not + * exist + */ + String getConfigurationValue(String key, String defaultValue); + + /** + * Get a boolean configuration value from Service Provider key/value + * configuration. + * + * @param key The key identifier of a configuration value + * @return true / false, or false if the key does not exist + */ + boolean isConfigurationValue(String key); + + /** + * Get a boolean configuration value from Service Provider key/value + * configuration. + * + * @param key The key identifier of a configuration value + * @param defaultValue Default value if key does not exist + * @return true / false, or defaultValue if the key does not exist + */ + boolean isConfigurationValue(String key, boolean defaultValue); + + /** + * Check if a configuration key is available in this Service Provider + * configuration. + * + * @param key The key identifier of a configuration value + * @return true if the configuration key exists, otherwise false + */ + boolean containsConfigurationKey(String key); + + /** + * Return the unique identifier of this Service Provider. + * + * @return + */ + String getUniqueIdentifier(); + + /** + * Return the unique identifier of this Service Provider. + * + * @return + */ + String getFriendlyName(); + + /** + * Indicates if this service provider has private area restrictions that + * disallow baseId. processing in general * + * + * @return true if there is a restriction, otherwise false + */ + boolean hasBaseIdInternalProcessingRestriction(); + + /** + * Indicates if this service provider has private area restrictions that + * disallow baseId transfer. to SP + * + * @return true if there is a restriction, otherwise false + */ + boolean hasBaseIdTransferRestriction(); + + /** + * Get the {@link List} of identifier's that indicates no baseID processing + * restriction exists.<br> + * This list can be configured by key: + * "configuration.restrictions.baseID.idpProcessing" + * + * @return + */ + List<String> getTargetsWithNoBaseIdInternalProcessingRestriction(); + + /** + * Get the {@link List} of identifier's that indicates no baseID transfer + * restriction exists.<br> + * This list can be configured by key: + * "configuration.restrictions.baseID.spTransmission" + * + * @return + */ + List<String> getTargetsWithNoBaseIdTransferRestriction(); + + /** + * Get the List eIDAS LoA that are required by this service provider. + * + * {@link at.gv.egiz.eaaf.core.api.data.EaafConstants.EIDAS_LOA_LOW} + * {@link at.gv.egiz.eaaf.core.api.data.EaafConstants.EIDAS_LOA_SUBSTANTIAL} + * {@link at.gv.egiz.eaaf.core.api.data.EaafConstants.EIDAS_LOA_HIGH} or any other non-notified LoA scheme + * + * @return return List of eIDAS LoAs + */ + List<String> getRequiredLoA(); + + /** + * Get required matching mode for LoAs {@link EIDAS_LOA_MATCHING_MINIMUM}. + * {@link EIDAS_LOA_MATCHING_EXACT} + * + * @return + */ + String getLoAMatchingMode(); + + /** + * Get the full area-identifier for this service provider to calculate the + * area-specific unique person identifier (bPK, wbPK, eIDAS unique identifier, + * ...). This identifier always contains the full prefix + * + * @return area identifier with prefix + */ + String getAreaSpecificTargetIdentifier(); + +} diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/IAuthenticationManager.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/IAuthenticationManager.java index 4381211d..3dba4e78 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/IAuthenticationManager.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/IAuthenticationManager.java @@ -1,94 +1,90 @@ -/******************************************************************************* - * Copyright 2017 Graz University of Technology - * EAAF-Core Components has been developed in a cooperation between EGIZ, - * A-SIT Plus, A-SIT, and Graz University of Technology. +/* + * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a + * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology. * - * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: + * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European + * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in + * compliance with the Licence. You may obtain a copy of the Licence at: * https://joinup.ec.europa.eu/news/understanding-eupl-v12 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -/******************************************************************************* - *******************************************************************************/ -/******************************************************************************* - *******************************************************************************/ + * Unless required by applicable law or agreed to in writing, software distributed under the Licence + * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express + * or implied. See the Licence for the specific language governing permissions and limitations under + * the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text file for details on the + * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative + * works that you distribute must include a readable copy of the "NOTICE" text file. +*/ + package at.gv.egiz.eaaf.core.api.idp.auth; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import at.gv.egiz.eaaf.core.api.IRequest; -import at.gv.egiz.eaaf.core.api.idp.slo.ISLOInformationContainer; -import at.gv.egiz.eaaf.core.exceptions.EAAFException; +import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; +import at.gv.egiz.eaaf.core.api.idp.slo.ISloInformationContainer; +import at.gv.egiz.eaaf.core.exceptions.EaafException; public interface IAuthenticationManager { - - public static int EVENT_AUTHENTICATION_PROCESS_FOR_SP = 4003; - public static int EVENT_AUTHENTICATION_PROCESS_STARTED = 4000; - public static int EVENT_AUTHENTICATION_PROCESS_FINISHED = 4001; - public static int EVENT_AUTHENTICATION_PROCESS_ERROR = 4002; - - - /** - * Add a request parameter to whitelist. All parameters that are part of the white list are added into {@link ExecutionContext} - * - * @param httpReqParam http parameter name, but never null - */ - void addParameterNameToWhiteList(String httpReqParam); - /** - * Add a request header to whitelist. All parameters that are part of the white list are added into {@link ExecutionContext} - * - * @param httpReqParam http header name, but never null - */ - void addHeaderNameToWhiteList(String httpReqParam); - + int EVENT_AUTHENTICATION_PROCESS_FOR_SP = 4003; + int EVENT_AUTHENTICATION_PROCESS_STARTED = 4000; + int EVENT_AUTHENTICATION_PROCESS_FINISHED = 4001; + int EVENT_AUTHENTICATION_PROCESS_ERROR = 4002; + + /** + * Add a request parameter to whitelist. All parameters that are part of the + * white list are added into {@link ExecutionContext} + * + * @param httpReqParam http parameter name, but never null + */ + void addParameterNameToWhiteList(String httpReqParam); + + /** + * Add a request header to whitelist. All parameters that are part of the white + * list are added into {@link ExecutionContext} + * + * @param httpReqParam http header name, but never null + */ + void addHeaderNameToWhiteList(String httpReqParam); + + /** + * Starts an authentication process for a specific pending request. + * + * @param httpReq http servlet request + * @param httpResp http servlet response + * @param pendingReq Pending request for that an authentication is required + * @return true if the pending request is already authenticated, otherwise false + * @throws EaafException In case of an authentication error + */ + boolean doAuthentication(HttpServletRequest httpReq, HttpServletResponse httpResp, IRequest pendingReq) + throws EaafException; + + /** + * Close an active authenticated session on IDP side. + * + * @param request http servlet request + * @param response http servlet response + * @param pendingReq ReqPending request for that an authentication session + * should be closed + */ + void performOnlyIdpLogOut(HttpServletRequest request, HttpServletResponse response, IRequest pendingReq); - /** - * Starts an authentication process for a specific pending request - * - * @param httpReq http servlet request - * @param httpResp http servlet response - * @param pendingReq Pending request for that an authentication is required - * @return true if the pending request is already authenticated, otherwise false - * @throws EAAFException - */ - boolean doAuthentication(HttpServletRequest httpReq, HttpServletResponse httpResp, - IRequest pendingReq) throws EAAFException; - - /** - * Close an active authenticated session on IDP side - * - * @param request http servlet request - * @param response http servlet response - * @param pendingReq ReqPending request for that an authentication session should be closed - */ - void performOnlyIDPLogOut(HttpServletRequest request, HttpServletResponse response, IRequest pendingReq); - - - /** - * Close an active authenticated session on IDP side and get a list authenticated service providers - * - * @param request http servlet request - * @param response http servlet response - * @param pendingReq ReqPending request for that an authentication session should be closed - * @param internalSSOId internal SSO session identifier - * @return A container that contains all active SP sessions - * @throws EAAFException - */ - ISLOInformationContainer performSingleLogOut(HttpServletRequest httpReq, HttpServletResponse httpResp, IRequest pendingReq, String internalSSOId) throws EAAFException; + /** + * Close an active authenticated session on IDP side and get a list + * authenticated service providers. + * + * @param httpReq http servlet request + * @param httpResp http servlet response + * @param pendingReq ReqPending request for that an authentication session + * should be closed + * @param internalSsoId internal SSO session identifier + * @return A container that contains all active SP sessions + * @throws EaafException In case of an internal SLO error + */ + ISloInformationContainer performSingleLogOut(HttpServletRequest httpReq, HttpServletResponse httpResp, + IRequest pendingReq, String internalSsoId) throws EaafException; - -}
\ No newline at end of file +} diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/ISSOManager.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/ISSOManager.java deleted file mode 100644 index 5481fd52..00000000 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/ISSOManager.java +++ /dev/null @@ -1,130 +0,0 @@ -/******************************************************************************* - * Copyright 2017 Graz University of Technology - * EAAF-Core Components has been developed in a cooperation between EGIZ, - * A-SIT Plus, A-SIT, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * https://joinup.ec.europa.eu/news/understanding-eupl-v12 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -/******************************************************************************* - *******************************************************************************/ -/******************************************************************************* - *******************************************************************************/ -package at.gv.egiz.eaaf.core.api.idp.auth; - -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import at.gv.egiz.eaaf.core.api.IRequest; -import at.gv.egiz.eaaf.core.api.idp.slo.SLOInformationInterface; -import at.gv.egiz.eaaf.core.exceptions.EAAFSSOException; - -public interface ISSOManager { - - //TODO - public static int EVENT_SSO_SESSION_INVALID = -1; - public static int EVENT_SSO_SESSION_VALID = -1; - - - public static final String PROCESS_ENGINE_SSO_CONSENTS_EVALUATION = "ssoconsentsevaluation"; - public static final String AUTH_DATA_SSO_SESSIONID = "eaaf_authdata_sso_sessionId"; - - - /** - * Check if there is an active and valid SSO session for the current pending request. - * <br> - * If there is an active SSO session, the pending request will be populated with eID information from SSO session - * - * @param pendingReq Current incoming pending request - * @param httpReq http Servlet request - * @param httpResp http Servlet response - * @return true if there is a valid SSO session, otherwise false - * @throws EAAFSSOException - */ - public boolean checkAndValidateSSOSession(IRequest pendingReq, HttpServletRequest httpReq, HttpServletResponse httpResp) throws EAAFSSOException; - - /** - * Populate service provider specific SSO settings - * - * Check if Single Sign-On is allowed for the current pending request and the requested service provider - * Set IRequest.needSingleSignOnFunctionality() to true if SSO is allowed - * - * @param pendingReq Current incoming pending request - * @param httpReq http Servlet request - */ - public void isSSOAllowedForSP(IRequest pendingReq, HttpServletRequest httpReq); - - - /** - * Populate the current pending request with eID information from an existing SSO session - * - * @param pendingReq pending request that should be populated by SSO session - * @throws EAAFSSOException if pending request contains no SSO information or population failed - */ - public void populatePendingRequestWithSSOInformation(IRequest pendingReq) throws EAAFSSOException; - - - /** - * Destroy an active SSO session on IDP site only - * - * @param httpReq http servlet request - * @param httpResp http servlet response - * @param pendingReq - * @return true if a SSO session was closed successfully, otherwise false - * @throws EAAFSSOException in case of an internal processing error - */ - public boolean destroySSOSessionOnIDPOnly(HttpServletRequest httpReq, HttpServletResponse httpResp, IRequest pendingReq) throws EAAFSSOException; - - - - /** - * Create a new SSO session-cookie for a specific pendingRequest and add it into http response - * - * @param req http Request - * @param resp http Response - * @param pendingReq Current open PendingRequest - * @return new created SSO identifier - * @throws EAAFSSOException - */ - public String createNewSSOSessionCookie(HttpServletRequest req, HttpServletResponse resp, IRequest pendingReq) throws EAAFSSOException; - - - /** - * Create a new SSO session in database - * - * @param pendingReq - * @param newSSOSessionId - * @throws EAAFSSOException - */ - public void createNewSSOSession(IRequest pendingReq, String newSSOSessionId) throws EAAFSSOException; - - - /** - * Updateing an existing SSO session in database - * - * @param pendingReq - * @param newSSOSessionId - * @param sloInformation - * @throws EAAFSSOException - */ - public void updateSSOSession(IRequest pendingReq, String newSSOSessionId, SLOInformationInterface sloInformation) throws EAAFSSOException; - - - - - -} diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/ISsoManager.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/ISsoManager.java new file mode 100644 index 00000000..f0d6cfca --- /dev/null +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/ISsoManager.java @@ -0,0 +1,122 @@ +/* + * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a + * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European + * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in + * compliance with the Licence. You may obtain a copy of the Licence at: + * https://joinup.ec.europa.eu/news/understanding-eupl-v12 + * + * Unless required by applicable law or agreed to in writing, software distributed under the Licence + * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express + * or implied. See the Licence for the specific language governing permissions and limitations under + * the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text file for details on the + * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative + * works that you distribute must include a readable copy of the "NOTICE" text file. +*/ + +package at.gv.egiz.eaaf.core.api.idp.auth; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import at.gv.egiz.eaaf.core.api.IRequest; +import at.gv.egiz.eaaf.core.api.idp.slo.SloInformationInterface; +import at.gv.egiz.eaaf.core.exceptions.EaafSsoException; + +public interface ISsoManager { + + // TODO + int EVENT_SSO_SESSION_INVALID = -1; + int EVENT_SSO_SESSION_VALID = -1; + + String PROCESS_ENGINE_SSO_CONSENTS_EVALUATION = "ssoconsentsevaluation"; + String AUTH_DATA_SSO_SESSIONID = "eaaf_authdata_sso_sessionId"; + + /** + * Check if there is an active and valid SSO session for the current pending + * request. <br> + * If there is an active SSO session, the pending request will be populated with + * eID information from SSO session + * + * @param pendingReq Current incoming pending request + * @param httpReq http Servlet request + * @param httpResp http Servlet response + * @return true if there is a valid SSO session, otherwise false + * @throws EaafSsoException In case of an internal error + */ + boolean checkAndValidateSsoSession(IRequest pendingReq, HttpServletRequest httpReq, HttpServletResponse httpResp) + throws EaafSsoException; + + /** + * Populate service provider specific SSO settings. + * + * <p> + * Check if Single Sign-On is allowed for the current pending request and the + * requested service provider Set IRequest.needSingleSignOnFunctionality() to + * true if SSO is allowed + * </p> + * + * @param pendingReq Current incoming pending request + * @param httpReq http Servlet request + */ + void isSsoAllowedForSp(IRequest pendingReq, HttpServletRequest httpReq); + + /** + * Populate the current pending request with eID information from an existing + * SSO session. + * + * @param pendingReq pending request that should be populated by SSO session + * @throws EaafSsoException if pending request contains no SSO information or + * population failed + */ + void populatePendingRequestWithSsoInformation(IRequest pendingReq) throws EaafSsoException; + + /** + * Destroy an active SSO session on IDP site only. + * + * @param httpReq http servlet request + * @param httpResp http servlet response + * @param pendingReq current pending request + * @return true if a SSO session was closed successfully, otherwise false + * @throws EaafSsoException in case of an internal processing error + */ + boolean destroySsoSessionOnIdpOnly(HttpServletRequest httpReq, HttpServletResponse httpResp, IRequest pendingReq) + throws EaafSsoException; + + /** + * Create a new SSO session-cookie for a specific pendingRequest and add it into + * http response. + * + * @param req http Request + * @param resp http Response + * @param pendingReq Current open PendingRequest + * @return new created SSO identifier + * @throws EaafSsoException In case of an internal error + */ + String createNewSsoSessionCookie(HttpServletRequest req, HttpServletResponse resp, IRequest pendingReq) + throws EaafSsoException; + + /** + * Create a new SSO session in database. + * + * @param pendingReq current pending request + * @param newSsoSessionId new SSO sessionId + * @throws EaafSsoException In case of an internal error + */ + void createNewSsoSession(IRequest pendingReq, String newSsoSessionId) throws EaafSsoException; + + /** + * Updateing an existing SSO session in database. + * + * @param pendingReq current pending request + * @param newSsoSessionId new SSO session Id + * @param sloInformation SLO information container + * @throws EaafSsoException In case of an internal error + */ + void updateSsoSession(IRequest pendingReq, String newSsoSessionId, SloInformationInterface sloInformation) + throws EaafSsoException; + +} diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/data/IAuthProcessDataContainer.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/data/IAuthProcessDataContainer.java index 17ec6445..6c7292ac 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/data/IAuthProcessDataContainer.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/data/IAuthProcessDataContainer.java @@ -1,185 +1,189 @@ -/******************************************************************************* - * Copyright 2017 Graz University of Technology - * EAAF-Core Components has been developed in a cooperation between EGIZ, - * A-SIT Plus, A-SIT, and Graz University of Technology. +/* + * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a + * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology. * - * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: + * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European + * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in + * compliance with the Licence. You may obtain a copy of the Licence at: * https://joinup.ec.europa.eu/news/understanding-eupl-v12 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -/******************************************************************************* - *******************************************************************************/ -/******************************************************************************* - *******************************************************************************/ + * Unless required by applicable law or agreed to in writing, software distributed under the Licence + * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express + * or implied. See the Licence for the specific language governing permissions and limitations under + * the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text file for details on the + * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative + * works that you distribute must include a readable copy of the "NOTICE" text file. +*/ + package at.gv.egiz.eaaf.core.api.idp.auth.data; import java.util.Date; import java.util.Map; -import at.gv.egiz.eaaf.core.exceptions.EAAFStorageException; +import at.gv.egiz.eaaf.core.exceptions.EaafStorageException; public interface IAuthProcessDataContainer { - /** - * Returns the issuing time of the AUTH-Block SAML assertion. - * - * @return The issuing time of the AUTH-Block SAML assertion. - */ - String getIssueInstant(); - - /** - * Sets the issuing time of the AUTH-Block SAML assertion. - * - * @param issueInstant - * The issueInstant to set. - */ - void setIssueInstant(String issueInstant); - - /** - * Indicate if the authentication process is finished - * - * @return - */ - boolean isAuthenticated(); - - /** - * Mark the authentication as authenticated, which means that the authenication process is completed - * - * @param authenticated - */ - void setAuthenticated(boolean authenticated); - - /** - * Returns the identityLink. - * - * @return IdentityLink - */ - @Deprecated - IIdentityLink getIdentityLink(); - - /** - * Sets the identityLink. - * - * @param identityLink - * The identityLink to set - */ - @Deprecated - void setIdentityLink(IIdentityLink identityLink); - - - /** - * Flag marks the authentication process as new E-ID process - * - * @return true if E-ID process, otherwise false - */ - boolean isEIDProcess(); - - - /** - * Set the flag to make the process as new E-ID process - * - * @param value true if new E-ID process, otherwise false - */ - void setEIDProcess(boolean value); - - /** - * Indicate that mandates was used in this auth. process - * - * @return - */ - boolean isMandateUsed(); - - /** - * Mark that mandates was used in this auth. process - * - * @param useMandates - */ - void setUseMandates(boolean useMandates); - - /** - * Indicate that the auth. process was performed by a foreigner - * - * @return - */ - boolean isForeigner(); - - /** - * Mark that the auth. process was done by a foreigner - * - * @param isForeigner - */ - void setForeigner(boolean isForeigner); - - /** - * Indicate that the auth. process was performed by an official representatives - * - * @return is official representatives - */ - boolean isOW(); - - /** - * Mark that the auth. process was done by an official representatives - * - */ - void setOW(boolean isOW); - - /** - * eIDAS QAA level - * - * @return the qAALevel - */ - String getQAALevel(); - - /** - * set QAA level in eIDAS form - * - * @param qAALevel the qAALevel to set - */ - void setQAALevel(String qAALevel); - - /** - * @return the sessionCreated - */ - Date getSessionCreated(); - - Map<String, Object> getGenericSessionDataStorage(); - - /** - * Returns a generic session-data object with is stored with a specific identifier - * - * @param key The specific identifier of the session-data object - * @return The session-data object or null if no data is found with this key - */ - Object getGenericDataFromSession(String key); - - /** - * Returns a generic session-data object with is stored with a specific identifier - * - * @param key The specific identifier of the session-data object - * @param clazz The class type which is stored with this key - * @return The session-data object or null if no data is found with this key - */ - <T> T getGenericDataFromSession(String key, Class<T> clazz); - - /** - * Store a generic data-object to session with a specific identifier - * - * @param key Identifier for this data-object - * @param object Generic data-object which should be stored. This data-object had to be implement the 'java.io.Serializable' interface - * @throws EAAFStorageException Error message if the data-object can not stored to generic session-data storage - */ - void setGenericDataToSession(String key, Object object) throws EAAFStorageException; + /** + * Returns the issuing time of the AUTH-Block SAML assertion. + * + * @return The issuing time of the AUTH-Block SAML assertion. + */ + String getIssueInstant(); + + /** + * Sets the issuing time of the AUTH-Block SAML assertion. + * + * @param issueInstant The issueInstant to set. + */ + void setIssueInstant(String issueInstant); + + /** + * Sets the issuing time of the AUTH-Block SAML assertion. + * + * @param issueInstant The issueInstant to set. + */ + void setIssueInstant(Date issueInstant); + + /** + * Indicate if the authentication process is finished. + * + * @return + */ + boolean isAuthenticated(); + + /** + * Mark the authentication as authenticated, which means that the authenication + * process is completed. + * + * @param authenticated If true, the authentication-process is marked as finished + */ + void setAuthenticated(boolean authenticated); + + /** + * Returns the identityLink. + * + * @return IdentityLink + */ + @Deprecated + IIdentityLink getIdentityLink(); + + /** + * Sets the identityLink. + * + * @param identityLink The identityLink to set + */ + @Deprecated + void setIdentityLink(IIdentityLink identityLink); + + /** + * Flag marks the authentication process as new E-ID process. + * + * @return true if E-ID process, otherwise false + */ + boolean isEidProcess(); + + /** + * Set the flag to make the process as new E-ID process. + * + * @param value true if new E-ID process, otherwise false + */ + void setEidProcess(boolean value); + + /** + * Indicate that mandates was used in this auth. process + * + * @return + */ + boolean isMandateUsed(); + + /** + * Mark that mandates was used in this auth. process + * + * @param useMandates true, if mandates are used + */ + void setUseMandates(boolean useMandates); + + /** + * Indicate that the auth. process was performed by a foreigner + * + * @return + */ + boolean isForeigner(); + + /** + * Mark that the auth. process was done by a foreigner + * + * @param isForeigner true, if citizenn is a foreigner + */ + void setForeigner(boolean isForeigner); + + /** + * Indicate that the auth. process was performed by an official representatives + * + * @return is official representatives + */ + boolean isOW(); + + /** + * Mark that the auth. process was done by an official representatives + * + */ + void setOW(boolean isOW); + + /** + * eIDAS QAA level. + * + * @return the qAALevel + */ + String getQaaLevel(); + + /** + * set QAA level in eIDAS form. + * + * @param qaaLevel the qAALevel to set + */ + void setQaaLevel(String qaaLevel); + + /** + * Get Timestamp when session was created. + * + * @return the sessionCreated + */ + Date getSessionCreated(); + + Map<String, Object> getGenericSessionDataStorage(); + + /** + * Returns a generic session-data object with is stored with a specific + * identifier. + * + * @param key The specific identifier of the session-data object + * @return The session-data object or null if no data is found with this key + */ + Object getGenericDataFromSession(String key); + + /** + * Returns a generic session-data object with is stored with a specific + * identifier. + * + * @param key The specific identifier of the session-data object + * @param clazz The class type which is stored with this key + * @return The session-data object or null if no data is found with this key + */ + <T> T getGenericDataFromSession(String key, Class<T> clazz); + + /** + * Store a generic data-object to session with a specific identifier. + * + * @param key Identifier for this data-object + * @param object Generic data-object which should be stored. This data-object + * had to be implement the 'java.io.Serializable' interface + * @throws EaafStorageException Error message if the data-object can not stored + * to generic session-data storage + */ + void setGenericDataToSession(String key, Object object) throws EaafStorageException; + } diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/data/IIdentityLink.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/data/IIdentityLink.java index df71b30a..74c82181 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/data/IIdentityLink.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/data/IIdentityLink.java @@ -1,29 +1,22 @@ -/******************************************************************************* - * Copyright 2017 Graz University of Technology - * EAAF-Core Components has been developed in a cooperation between EGIZ, - * A-SIT Plus, A-SIT, and Graz University of Technology. +/* + * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a + * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology. * - * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: + * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European + * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in + * compliance with the Licence. You may obtain a copy of the Licence at: * https://joinup.ec.europa.eu/news/understanding-eupl-v12 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -/******************************************************************************* - *******************************************************************************/ -/******************************************************************************* - *******************************************************************************/ + * Unless required by applicable law or agreed to in writing, software distributed under the Licence + * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express + * or implied. See the Licence for the specific language governing permissions and limitations under + * the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text file for details on the + * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative + * works that you distribute must include a readable copy of the "NOTICE" text file. +*/ + package at.gv.egiz.eaaf.core.api.idp.auth.data; import java.io.IOException; @@ -34,149 +27,171 @@ import javax.xml.transform.TransformerException; import org.w3c.dom.Element; /** + * Deprecated IdentityLink interface. + * * @author tlenz * */ public interface IIdentityLink { - /** - * Returns the dateOfBirth. - * @return Calendar - */ - String getDateOfBirth(); - - /** - * Returns the familyName. - * @return String - */ - String getFamilyName(); - - /** - * Returns the givenName. - * @return String - */ - String getGivenName(); - - /** - * Return the name as 'givenName + " " + familyName'<br> - * This method should be used any more. Use getFamilyName() and getGivenName() separately. - * - * @return The name. - */ - @Deprecated - String getName(); - - /** - * Returns the identificationValue. - * <code>"identificationValue"</code> is the translation of <code>"Stammzahl"</code>. - * @return String - */ - String getIdentificationValue(); - - /** - * Returns the identificationType. - * <code>"identificationType"</code> type of the identificationValue in the IdentityLink. - * @return String - */ - String getIdentificationType(); - - /** - * Sets the dateOfBirth. - * @param dateOfBirth The dateOfBirth to set - */ - void setDateOfBirth(String dateOfBirth); - - /** - * Sets the familyName. - * @param familyName The familyName to set - */ - void setFamilyName(String familyName); - - /** - * Sets the givenName. - * @param givenName The givenName to set - */ - void setGivenName(String givenName); - - /** - * Sets the identificationValue. - * <code>"identificationValue"</code> is the translation of <code>"Stammzahl"</code>. - * @param identificationValue The identificationValue to set - */ - void setIdentificationValue(String identificationValue); - - /** - * Sets the Type of the identificationValue. - * @param identificationType The type of identificationValue to set - */ - void setIdentificationType(String identificationType); - - /** - * Returns the samlAssertion. - * @return Element - */ - Element getSamlAssertion(); - - /** - * Returns the samlAssertion. - * @return Element - */ - String getSerializedSamlAssertion(); - - /** - * Sets the samlAssertion and the serializedSamlAssertion. - * @param samlAssertion The samlAssertion to set - */ - void setSamlAssertion(Element samlAssertion) throws TransformerException, IOException; - - /** - * Returns the dsigReferenceTransforms. - * @return Element[] - */ - Element[] getDsigReferenceTransforms(); - - /** - * Sets the dsigReferenceTransforms. - * @param dsigReferenceTransforms The dsigReferenceTransforms to set - */ - void setDsigReferenceTransforms(Element[] dsigReferenceTransforms); - - /** - * Returns the publicKey. - * @return PublicKey[] - */ - PublicKey[] getPublicKey(); - - /** - * Sets the publicKey. - * @param publicKey The publicKey to set - */ - void setPublicKey(PublicKey[] publicKey); - - /** - * Returns the prPerson. - * @return Element - */ - Element getPrPerson(); - - /** - * Sets the prPerson. - * @param prPerson The prPerson to set - */ - void setPrPerson(Element prPerson); - - /** - * Returns the issuing time of the identity link SAML assertion. - * - * @return The issuing time of the identity link SAML assertion. - */ - String getIssueInstant(); - - /** - * Sets the issuing time of the identity link SAML assertion. - * - * @param issueInstant The issueInstant to set. - */ - void setIssueInstant(String issueInstant); - -}
\ No newline at end of file + /** + * Returns the dateOfBirth. + * + * @return Calendar + */ + String getDateOfBirth(); + + /** + * Returns the familyName. + * + * @return String + */ + String getFamilyName(); + + /** + * Returns the givenName. + * + * @return String + */ + String getGivenName(); + + /** + * Return the name as 'givenName + " " + familyName'<br> + * This method should be used any more. Use getFamilyName() and getGivenName() + * separately. + * + * @return The name. + */ + @Deprecated + String getName(); + + /** + * Returns the identificationValue. <code>"identificationValue"</code> is the + * translation of <code>"Stammzahl"</code>. + * + * @return String + */ + String getIdentificationValue(); + + /** + * Returns the identificationType. <code>"identificationType"</code> type of the + * identificationValue in the IdentityLink. + * + * @return String + */ + String getIdentificationType(); + + /** + * Sets the dateOfBirth. + * + * @param dateOfBirth The dateOfBirth to set + */ + void setDateOfBirth(String dateOfBirth); + + /** + * Sets the familyName. + * + * @param familyName The familyName to set + */ + void setFamilyName(String familyName); + + /** + * Sets the givenName. + * + * @param givenName The givenName to set + */ + void setGivenName(String givenName); + + /** + * Sets the identificationValue. <code>"identificationValue"</code> is the + * translation of <code>"Stammzahl"</code>. + * + * @param identificationValue The identificationValue to set + */ + void setIdentificationValue(String identificationValue); + + /** + * Sets the Type of the identificationValue. + * + * @param identificationType The type of identificationValue to set + */ + void setIdentificationType(String identificationType); + + /** + * Returns the samlAssertion. + * + * @return Element + */ + Element getSamlAssertion(); + + /** + * Returns the samlAssertion. + * + * @return Element + */ + String getSerializedSamlAssertion(); + + /** + * Sets the samlAssertion and the serializedSamlAssertion. + * + * @param samlAssertion The samlAssertion to set + */ + void setSamlAssertion(Element samlAssertion) throws TransformerException, IOException; + + /** + * Returns the dsigReferenceTransforms. + * + * @return Element[] + */ + Element[] getDsigReferenceTransforms(); + + /** + * Sets the dsigReferenceTransforms. + * + * @param dsigReferenceTransforms The dsigReferenceTransforms to set + */ + void setDsigReferenceTransforms(Element[] dsigReferenceTransforms); + + /** + * Returns the publicKey. + * + * @return PublicKey[] + */ + PublicKey[] getPublicKey(); + + /** + * Sets the publicKey. + * + * @param publicKey The publicKey to set + */ + void setPublicKey(PublicKey[] publicKey); + + /** + * Returns the prPerson. + * + * @return Element + */ + Element getPrPerson(); + + /** + * Sets the prPerson. + * + * @param prPerson The prPerson to set + */ + void setPrPerson(Element prPerson); + + /** + * Returns the issuing time of the identity link SAML assertion. + * + * @return The issuing time of the identity link SAML assertion. + */ + String getIssueInstant(); + + /** + * Sets the issuing time of the identity link SAML assertion. + * + * @param issueInstant The issueInstant to set. + */ + void setIssueInstant(String issueInstant); + +} diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/modules/AuthModule.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/modules/AuthModule.java index 7f5eef06..54a50920 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/modules/AuthModule.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/modules/AuthModule.java @@ -1,69 +1,67 @@ -/******************************************************************************* - * Copyright 2017 Graz University of Technology - * EAAF-Core Components has been developed in a cooperation between EGIZ, - * A-SIT Plus, A-SIT, and Graz University of Technology. +/* + * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a + * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology. * - * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: + * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European + * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in + * compliance with the Licence. You may obtain a copy of the Licence at: * https://joinup.ec.europa.eu/news/understanding-eupl-v12 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -/******************************************************************************* - *******************************************************************************/ -/******************************************************************************* - *******************************************************************************/ + * Unless required by applicable law or agreed to in writing, software distributed under the Licence + * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express + * or implied. See the Licence for the specific language governing permissions and limitations under + * the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text file for details on the + * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative + * works that you distribute must include a readable copy of the "NOTICE" text file. +*/ + package at.gv.egiz.eaaf.core.api.idp.auth.modules; import at.gv.egiz.eaaf.core.api.IRequest; import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; /** - * Provides metadata of a certain module. Uses for module discovery and process selection. + * Provides metadata of a certain module. Uses for module discovery and process + * selection. */ public interface AuthModule { - /** - * Returns the priority of the module. The priority defines the order of the respective module within the chain of - * discovered modules. Higher priorized modules are asked before lower priorized modules for a process that they can - * handle. - * <p/> - * Internal default modules are priorized neutral ({@code 0}. Use a higher priority ({@code 1...Integer.MAX_VALUE}) - * in order to have your module(s) priorized or a lower priority ({@code Integer.MIN_VALUE...-1}) in order to put - * your modules behind default modules. - * - * @return the priority of the module. - */ - int getPriority(); + /** + * Returns the priority of the module. The priority defines the order of the + * respective module within the chain of discovered modules. Higher priorized + * modules are asked before lower priorized modules for a process that they can + * handle. + * <p/> + * Internal default modules are priorized neutral ({@code 0}. Use a higher + * priority ({@code 1...Integer.MAX_VALUE}) in order to have your module(s) + * priorized or a lower priority ({@code Integer.MIN_VALUE...-1}) in order to + * put your modules behind default modules. + * + * @return the priority of the module. + */ + int getPriority(); - /** - * Selects a process (description), referenced by its unique id, which is able to perform authentication with the - * given {@link ExecutionContext}. Returns {@code null} if no appropriate process (description) was available within - * this module. - * - * @param context - * an ExecutionContext for a process. - * @param pendingReq the current processed pending request - * @return the process-ID of a process which is able to work with the given ExecutionContext, or {@code null}. - */ - String selectProcess(ExecutionContext context, IRequest pendingReq); + /** + * Selects a process (description), referenced by its unique id, which is able + * to perform authentication with the given {@link ExecutionContext}. Returns + * {@code null} if no appropriate process (description) was available within + * this module. + * + * @param context an ExecutionContext for a process. + * @param pendingReq the current processed pending request + * @return the process-ID of a process which is able to work with the given + * ExecutionContext, or {@code null}. + */ + String selectProcess(ExecutionContext context, IRequest pendingReq); - /** - * Returns the an Array of {@link ProcessDefinition}s of the processes included in this module. - * - * @return an array of resource uris of the processes included in this module. - */ - String[] getProcessDefinitions(); + /** + * Returns the an Array of {@link ProcessDefinition}s of the processes included + * in this module. + * + * @return an array of resource uris of the processes included in this module. + */ + String[] getProcessDefinitions(); } diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/services/IProtocolAuthenticationService.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/services/IProtocolAuthenticationService.java index de5eb036..86d15d5b 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/services/IProtocolAuthenticationService.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/services/IProtocolAuthenticationService.java @@ -1,25 +1,22 @@ -/******************************************************************************* - * Copyright 2017 Graz University of Technology - * EAAF-Core Components has been developed in a cooperation between EGIZ, - * A-SIT Plus, A-SIT, and Graz University of Technology. +/* + * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a + * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology. * - * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: + * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European + * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in + * compliance with the Licence. You may obtain a copy of the Licence at: * https://joinup.ec.europa.eu/news/understanding-eupl-v12 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ + * Unless required by applicable law or agreed to in writing, software distributed under the Licence + * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express + * or implied. See the Licence for the specific language governing permissions and limitations under + * the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text file for details on the + * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative + * works that you distribute must include a readable copy of the "NOTICE" text file. + */ + package at.gv.egiz.eaaf.core.api.idp.auth.services; import java.io.IOException; @@ -29,61 +26,70 @@ import javax.servlet.http.HttpServletResponse; import at.gv.egiz.eaaf.core.api.IRequest; import at.gv.egiz.eaaf.core.api.logging.IStatisticLogger; -import at.gv.egiz.eaaf.core.exceptions.EAAFException; +import at.gv.egiz.eaaf.core.exceptions.EaafException; public interface IProtocolAuthenticationService { - public String PARAM_GUI_ERROMSG = "errorMsg"; - public String PARAM_GUI_ERRORCODE = "errorCode"; - public String PARAM_GUI_ERRORCODEPARAMS = "errorParams"; - public String PARAM_GUI_ERRORSTACKTRACE = "stacktrace"; - - - /** - * Initialize an authentication process for this protocol request - * - * @param httpReq HttpServletRequest - * @param httpResp HttpServletResponse - * @param protocolRequest Authentication request which is actually in process - * @throws IOException - * @throws EAAFException - */ - void performAuthentication(HttpServletRequest req, HttpServletResponse resp, IRequest pendingReq) - throws IOException, EAAFException; + String PARAM_GUI_ERROMSG = "errorMsg"; + String PARAM_GUI_ERRORCODE = "errorCode"; + String PARAM_GUI_ERRORCODEPARAMS = "errorParams"; + String PARAM_GUI_ERRORSTACKTRACE = "stacktrace"; + + /** + * Initialize an authentication process for this protocol request. + * + * @param httpReq HttpServletRequest + * @param httpResp HttpServletResponse + * @param pendingReq Authentication request which is actually in process + * @throws IOException In case of a communication error + * @throws EaafException In case of an application error + */ + void performAuthentication(HttpServletRequest httpReq, HttpServletResponse httpResp, IRequest pendingReq) + throws IOException, EaafException; - /** - * Finalize the requested protocol operation - * - * @param httpReq HttpServletRequest - * @param httpResp HttpServletResponse - * @param protocolRequest Authentication request which is actually in process - * @throws IOException If response can not be written into {@link HttpServletResponse} - * @throws EAAFException If an internal error occur - */ - void finalizeAuthentication(HttpServletRequest req, HttpServletResponse resp, IRequest pendingReq) throws EAAFException, IOException; + /** + * Finalize the requested protocol operation. + * + * @param httpReq HttpServletRequest + * @param httpResp HttpServletResponse + * @param pendingReq Authentication request which is actually in process + * @throws IOException If response can not be written into + * {@link HttpServletResponse} + * @throws EaafException If an internal error occur + */ + void finalizeAuthentication(HttpServletRequest httpReq, HttpServletResponse httpResp, IRequest pendingReq) + throws EaafException, IOException; - /** - * @param throwable Exception that should be handled - * @param req Current open http request as {@link HttpServletRequest} - * @param resp Current open http response as {@link HttpServletResponse} - * @param pendingReq Authentication request which is actually in process - * @throws IOException If response can not be written into {@link HttpServletResponse} - * @throws EAAFException If an internal error occur - */ - void buildProtocolSpecificErrorResponse(Throwable throwable, HttpServletRequest req, HttpServletResponse resp, - IRequest pendingReq) throws IOException, EAAFException; + /** + * Build protocol-specific error message. + * + * @param throwable Exception that should be handled + * @param req Current open http request as {@link HttpServletRequest} + * @param resp Current open http response as {@link HttpServletResponse} + * @param pendingReq Authentication request which is actually in process + * @throws IOException If response can not be written into + * {@link HttpServletResponse} + * @throws EaafException If an internal error occur + */ + void buildProtocolSpecificErrorResponse(Throwable throwable, HttpServletRequest req, HttpServletResponse resp, + IRequest pendingReq) throws IOException, EaafException; - /** - * Handles all exceptions with no pending request. - * Therefore, the error is written to the users browser - * - * @param throwable Exception that should be handled - * @param req Current open http request as {@link HttpServletRequest} - * @param resp Current open http response as {@link HttpServletResponse} - * @param writeExceptionToStatisticLog if <code>true</code>, the exception get logged into {@link IStatisticLogger} - * @throws IOException If response can not be written into {@link HttpServletResponse} - * @throws EAAFException If an internal error occure - */ - void handleErrorNoRedirect(Throwable throwable, HttpServletRequest req, HttpServletResponse resp, boolean writeExceptionToStatisticLog) throws IOException, EAAFException; + /** + * Handles all exceptions with no pending request. Therefore, the error is + * written to the users browser + * + * @param throwable Exception that should be handled + * @param req Current open http request as + * {@link HttpServletRequest} + * @param resp Current open http response as + * {@link HttpServletResponse} + * @param writeExceptionToStatisticLog if <code>true</code>, the exception get + * logged into {@link IStatisticLogger} + * @throws IOException If response can not be written into + * {@link HttpServletResponse} + * @throws EaafException If an internal error occure + */ + void handleErrorNoRedirect(Throwable throwable, HttpServletRequest req, HttpServletResponse resp, + boolean writeExceptionToStatisticLog) throws IOException, EaafException; -}
\ No newline at end of file +} diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/process/ExecutionContext.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/process/ExecutionContext.java index 319db027..68584dc9 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/process/ExecutionContext.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/process/ExecutionContext.java @@ -1,29 +1,22 @@ -/******************************************************************************* - * Copyright 2017 Graz University of Technology - * EAAF-Core Components has been developed in a cooperation between EGIZ, - * A-SIT Plus, A-SIT, and Graz University of Technology. +/* + * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a + * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology. * - * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: + * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European + * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in + * compliance with the Licence. You may obtain a copy of the Licence at: * https://joinup.ec.europa.eu/news/understanding-eupl-v12 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -/******************************************************************************* - *******************************************************************************/ -/******************************************************************************* - *******************************************************************************/ + * Unless required by applicable law or agreed to in writing, software distributed under the Licence + * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express + * or implied. See the Licence for the specific language governing permissions and limitations under + * the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text file for details on the + * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative + * works that you distribute must include a readable copy of the "NOTICE" text file. +*/ + package at.gv.egiz.eaaf.core.api.idp.process; import java.io.Serializable; @@ -31,74 +24,78 @@ import java.util.Set; /** * Encapsulates data needed for or provided by task execution. - * + * * @author tknall - * + * */ public interface ExecutionContext extends Serializable { - /** - * Flag that indicates that a Task canceled the current {@link ExecutionContext} - * - * @return true if the process-flow was marked as canceled, otherwise false - */ - boolean isProcessCancelled(); - - /** - * Mark this {@link ExecutionContext} as cancelled - * - * The process-flow engine will stop execution when the task that sets this flag is finished - * - */ - void setCanceleProcessFlag(); - - /** - * Returns the identifier of underlying process instance. - * - * @return The identifier of the process instance. - */ - String getProcessInstanceId(); + /** + * Flag that indicates that a Task canceled the current + * {@link ExecutionContext}. + * + * @return true if the process-flow was marked as canceled, otherwise false + */ + boolean isProcessCancelled(); + + /** + * Mark this {@link ExecutionContext} as cancelled. + * + * <p> + * The process-flow engine will stop execution when the task that sets this flag + * is finished + * </p> + */ + void setCanceleProcessFlag(); + + /** + * Returns the identifier of underlying process instance. + * + * @return The identifier of the process instance. + */ + String getProcessInstanceId(); + + /** + * Sets the identifier of underlying process instance. + * + * @param processInstanceId The identifier of the process instance. + */ + void setProcessInstanceId(String processInstanceId); - /** - * Sets the identifier of underlying process instance. - * - * @param processInstanceId - * The identifier of the process instance. - */ - void setProcessInstanceId(String processInstanceId); + /** + * Stores a serializable object using {@code key}. + * + * @param key The key under that the {@code object} should be stored. + * @param object The object to be stored. + */ + void put(String key, Serializable object); - /** - * Stores a serializable object using {@code key}. - * - * @param key - * The key under that the {@code object} should be stored. - * @param object The object to be stored. - */ - void put(String key, Serializable object); + /** + * Returns an serializable object stored within this process context using + * {@code key}. + * + * @param key The key that has been used to store the serializable object (may + * be {@code null}). + * @return The object or {@code null} in case the key does not relate to a + * stored object or the stored object itself was {@code null}. + */ + Serializable get(String key); - /** - * Returns an serializable object stored within this process context using {@code key}. - * - * @param key - * The key that has been used to store the serializable object (may be {@code null}). - * @return The object or {@code null} in case the key does not relate to a stored object or the stored object itself - * was {@code null}. - */ - Serializable get(String key); - - /** - * Removes the object stored using {@code key}. - * @param key - * The key that has been used to store the serializable object (may be {@code null}). - * @return The object that has been removed or {@code null} there was no object stored using {@code key}. - */ - Serializable remove(String key); + /** + * Removes the object stored using {@code key}. + * + * @param key The key that has been used to store the serializable object (may + * be {@code null}). + * @return The object that has been removed or {@code null} there was no object + * stored using {@code key}. + */ + Serializable remove(String key); - /** - * Returns an unmodifiable set containing the stored keys. - * - * @return The keyset (never {@code null}). - */ - Set<String> keySet(); + /** + * Returns an unmodifiable set containing the stored keys. + * + * @return The keyset (never {@code null}). + */ + Set<String> keySet(); } diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/slo/ISLOInformationContainer.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/slo/ISLOInformationContainer.java deleted file mode 100644 index 419765c4..00000000 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/slo/ISLOInformationContainer.java +++ /dev/null @@ -1,93 +0,0 @@ -/******************************************************************************* - * Copyright 2017 Graz University of Technology - * EAAF-Core Components has been developed in a cooperation between EGIZ, - * A-SIT Plus, A-SIT, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * https://joinup.ec.europa.eu/news/understanding-eupl-v12 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -/******************************************************************************* - *******************************************************************************/ -/******************************************************************************* - *******************************************************************************/ -/** - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ -package at.gv.egiz.eaaf.core.api.idp.slo; - -import java.io.Serializable; -import java.util.Iterator; -import java.util.List; -import java.util.Map.Entry; -import java.util.Set; - -import at.gv.egiz.eaaf.core.api.IRequest; - -/** - * @author tlenz - * - */ -public interface ISLOInformationContainer extends Serializable { - - boolean hasFrontChannelOA(); - - Set<Entry<String, SLOInformationInterface>> getFrontChannelOASessionDescriptions(); - - void removeFrontChannelOA(String oaID); - - Iterator<String> getNextBackChannelOA(); - - SLOInformationInterface getBackChannelOASessionDescripten(String oaID); - - void removeBackChannelOA(String oaID); - - /** - * @return the sloRequest - */ - IRequest getSloRequest(); - - /** - * @param sloRequest the sloRequest to set - */ - void setSloRequest(IRequest sloRequest); - - /** - * @return the sloFailedOAs - */ - List<String> getSloFailedOAs(); - - void putFailedOA(String oaID); - - public String getTransactionID(); - - public String getSessionID(); -}
\ No newline at end of file diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/slo/ISloInformationContainer.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/slo/ISloInformationContainer.java new file mode 100644 index 00000000..9338da43 --- /dev/null +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/slo/ISloInformationContainer.java @@ -0,0 +1,76 @@ +/* + * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a + * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European + * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in + * compliance with the Licence. You may obtain a copy of the Licence at: + * https://joinup.ec.europa.eu/news/understanding-eupl-v12 + * + * Unless required by applicable law or agreed to in writing, software distributed under the Licence + * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express + * or implied. See the Licence for the specific language governing permissions and limitations under + * the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text file for details on the + * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative + * works that you distribute must include a readable copy of the "NOTICE" text file. +*/ + +package at.gv.egiz.eaaf.core.api.idp.slo; + +import java.io.Serializable; +import java.util.Iterator; +import java.util.List; +import java.util.Map.Entry; +import java.util.Set; + +import at.gv.egiz.eaaf.core.api.IRequest; + +/** + * Container object to process Single Log-Out operations. + * + * @author tlenz + * + */ +public interface ISloInformationContainer extends Serializable { + + boolean hasFrontChannelOA(); + + Set<Entry<String, SloInformationInterface>> getFrontChannelOaSessionDescriptions(); + + void removeFrontChannelOA(String oaID); + + Iterator<String> getNextBackChannelOA(); + + SloInformationInterface getBackChannelOaSessionDescripten(String oaID); + + void removeBackChannelOA(String oaID); + + /** + * Single Log-out request that starts the process. + * + * @return the sloRequest + */ + IRequest getSloRequest(); + + /** + * Single Log-out request that starts the process. + * + * @param sloRequest the sloRequest to set + */ + void setSloRequest(IRequest sloRequest); + + /** + * List of Service-provider Ids for which SLO failed. + * + * @return the sloFailedOAs + */ + List<String> getSloFailedOAs(); + + void putFailedOA(String oaID); + + String getTransactionID(); + + String getSessionID(); +} diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/slo/SLOInformationInterface.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/slo/SLOInformationInterface.java deleted file mode 100644 index f17745f3..00000000 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/slo/SLOInformationInterface.java +++ /dev/null @@ -1,104 +0,0 @@ -/******************************************************************************* - * Copyright 2017 Graz University of Technology - * EAAF-Core Components has been developed in a cooperation between EGIZ, - * A-SIT Plus, A-SIT, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * https://joinup.ec.europa.eu/news/understanding-eupl-v12 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -/******************************************************************************* - *******************************************************************************/ -/******************************************************************************* - *******************************************************************************/ -/** - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ -package at.gv.egiz.eaaf.core.api.idp.slo; - -/** - * @author tlenz - * - */ -public interface SLOInformationInterface{ - - - /** - * get AssertionID which was used for Service Provider Single LogOut request - * - * @return - * SessionID (SessionIndex in case of SAML2) - */ - public String getSessionIndex(); - - /** - * get user identifier which was used - * - * @return - * bPK / wbPK (nameID in case of SAML2) - */ - public String getUserNameIdentifier(); - - - /** - * get protocol type which was used for authentication - * - * @return - * return authentication protocol type - */ - public String getProtocolType(); - - /** - * @return - */ - public String getUserNameIDFormat(); - - /** - * Get the unique entityID of this Service-Provider - * - * @return unique identifier, but never null - */ - public String getSpEntityID(); - - public String getAuthURL(); - - public String getServiceURL(); - - public String getBinding(); - - public void setUserNameIdentifier(String subjectNameId); - - public void setNameIDFormat(String format); - - public void setSessionIndex(String sessionIndex); - - -} diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/slo/SloInformationInterface.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/slo/SloInformationInterface.java new file mode 100644 index 00000000..79fb18e3 --- /dev/null +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/slo/SloInformationInterface.java @@ -0,0 +1,77 @@ +/* + * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a + * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European + * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in + * compliance with the Licence. You may obtain a copy of the Licence at: + * https://joinup.ec.europa.eu/news/understanding-eupl-v12 + * + * Unless required by applicable law or agreed to in writing, software distributed under the Licence + * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express + * or implied. See the Licence for the specific language governing permissions and limitations under + * the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text file for details on the + * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative + * works that you distribute must include a readable copy of the "NOTICE" text file. +*/ + +package at.gv.egiz.eaaf.core.api.idp.slo; + +/** + * Container that holds information for Single Log-Out. + * + * @author tlenz + * + */ +public interface SloInformationInterface { + + /** + * get AssertionID which was used for Service Provider Single LogOut request. + * + * @return SessionID (SessionIndex in case of SAML2) + */ + String getSessionIndex(); + + /** + * get user identifier which was used. + * + * @return bPK / wbPK (nameID in case of SAML2) + */ + String getUserNameIdentifier(); + + /** + * get protocol type which was used for authentication. + * + * @return return authentication protocol type + */ + String getProtocolType(); + + /** + * Format of the User NameId. + * + * @return + */ + String getUserNameIdFormat(); + + /** + * Get the unique entityID of this Service-Provider. + * + * @return unique identifier, but never null + */ + String getSpEntityID(); + + String getAuthUrl(); + + String getServiceUrl(); + + String getBinding(); + + void setUserNameIdentifier(String subjectNameId); + + void setNameIdFormat(String format); + + void setSessionIndex(String sessionIndex); + +} |