From bee5dd259a4438d45ecd1bcc26dfba12875236d6 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <thomas.lenz@egiz.gv.at>
Date: Tue, 26 Jun 2018 11:03:48 +0200
Subject: initial commit

---
 .../impl/idp/controller/protocols/RequestImpl.java | 386 +++++++++++++++++++++
 1 file changed, 386 insertions(+)
 create mode 100644 eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/protocols/RequestImpl.java

(limited to 'eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/protocols/RequestImpl.java')

diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/protocols/RequestImpl.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/protocols/RequestImpl.java
new file mode 100644
index 00000000..6a7f4440
--- /dev/null
+++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/protocols/RequestImpl.java
@@ -0,0 +1,386 @@
+/*******************************************************************************
+ *******************************************************************************/
+package at.gv.egiz.eaaf.core.impl.idp.controller.protocols;
+
+import java.io.Serializable;
+import java.net.MalformedURLException;
+import java.net.URL;
+import java.util.Date;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.Map.Entry;
+
+import javax.naming.ConfigurationException;
+import javax.servlet.http.HttpServletRequest;
+
+import org.apache.commons.lang3.StringUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import at.gv.egiz.eaaf.core.api.IRequest;
+import at.gv.egiz.eaaf.core.api.data.EAAFConstants;
+import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
+import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
+import at.gv.egiz.eaaf.core.exceptions.EAAFAuthenticationException;
+import at.gv.egiz.eaaf.core.exceptions.EAAFException;
+import at.gv.egiz.eaaf.core.exceptions.EAAFStorageException;
+import at.gv.egiz.eaaf.core.impl.utils.HTTPUtils;
+import at.gv.egiz.eaaf.core.impl.utils.Random;
+import at.gv.egiz.eaaf.core.impl.utils.TransactionIDUtils;
+
+public abstract class RequestImpl implements IRequest, Serializable{
+		
+	private static final Logger log = LoggerFactory.getLogger(RequestImpl.class);
+	
+	public static final String DATAID_REQUESTER_IP_ADDRESS = "reqestImpl_requesterIPAddr";
+	
+	private static final long serialVersionUID = 1L;
+
+	private String module = null;
+	private String action = null;
+	
+	private String pendingRequestId;
+	private String processInstanceId;
+	private String ssoSessionId;
+	
+	private String uniqueTransactionIdentifer;
+	private String uniqueSessionIdentifer;
+	
+	private String requestedServiceProviderIdentifer;
+	private String idpAuthURL = null;
+
+	private ISPConfiguration spConfiguration = null;
+	
+	private boolean passiv = false;
+	private boolean force = false;
+	private boolean isAbortedByUser = false;
+	
+	//every request needs authentication by default
+	private boolean needAuthentication = true;
+	
+	//every request is not authenticated by default
+	private boolean isAuthenticated = false;
+	
+	//every request needs no SSO by default
+	private boolean needSSO = false;
+	 
+	private boolean needUserConsent = false;
+	
+	private Map<String, Object> genericDataStorage = new HashMap<String, Object>();
+
+	
+			 	
+	/**
+	 * @throws ConfigurationException 
+	 * 
+	 */
+	public final void initialize(HttpServletRequest req, IConfiguration authConfig) throws EAAFException {				
+		//set pendingRequestId
+		pendingRequestId = Random.nextLongRandom();
+				
+		//set unique transaction identifier for logging
+		uniqueTransactionIdentifer = Random.nextLongRandom();		
+		TransactionIDUtils.setTransactionId(uniqueTransactionIdentifer);
+		
+		//initialize session object
+		genericDataStorage.put(EAAFConstants.AUTH_DATA_CREATED, new Date());
+		//genericDataStorage.put(EAAFConstants.VALUE_SESSIONID, Random.nextLongRandom());
+		
+		//check if End-Point is valid		
+		String authURLString = HTTPUtils.extractAuthURLFromRequest(req);
+		URL authReqURL;
+		try {
+			authReqURL = new URL(authURLString);
+			
+		} catch (MalformedURLException e) {
+			log.error("IDP AuthenticationServiceURL Prefix is not a valid URL." + authURLString, e);
+			throw new EAAFAuthenticationException("errorId", new Object[]{authURLString}, 
+					"IDP AuthenticationServiceURL Prefix is not a valid URL.",  e);
+			
+		}
+		this.idpAuthURL = authConfig.validateIDPURL(authReqURL);
+		if (this.idpAuthURL == null) {
+			log.warn("Extract AuthenticationServiceURL: " + authReqURL + " is NOT found in configuration.");
+			throw new EAAFAuthenticationException("errorId", new Object[]{authURLString}, 
+					"Extract AuthenticationServiceURL: " + authReqURL + " is NOT found in configuration.");
+			
+		}
+		
+		//set unique session identifier
+		String uniqueID = (String) req.getAttribute(EAAFConstants.UNIQUESESSIONIDENTIFIER);
+		if (StringUtils.isNotEmpty(uniqueID))
+			this.uniqueSessionIdentifer = uniqueID;		
+		
+		else {
+			log.debug("Create new sessionIdentifier for this pendingRequest ... ");
+			this.uniqueSessionIdentifer = Random.nextLongRandom();
+			
+		}
+		
+		//set requester's IP address
+		try {
+			setGenericDataToSession(DATAID_REQUESTER_IP_ADDRESS, req.getRemoteAddr());
+			
+		} catch (EAAFStorageException e) {
+			log.info("Can NOT store remote IP address into 'pendingRequest'." , e);
+			
+		}
+						
+	}
+	
+//	/**
+//	 * This method map the protocol specific requested attributes to PVP 2.1 attributes.
+//	 * 
+//	 * @return List of PVP 2.1 attribute names with maps all protocol specific attributes
+//	 */
+//	public abstract Collection<String> getRequestedAttributes(MetadataProvider metadataProvider);
+	
+	public final void setSPEntityId(String spIdentifier) {
+		this.requestedServiceProviderIdentifer = spIdentifier;
+	}
+	
+	public final String getSPEntityId() {
+		return this.requestedServiceProviderIdentifer;
+	}
+
+	public final boolean isPassiv() {
+		return passiv;
+	}
+
+	public final boolean forceAuth() {
+		return force;
+	}
+
+	public final void setPassiv(boolean passiv) {
+		this.passiv = passiv;
+	}
+
+	public final void setForce(boolean force) {
+		this.force = force;
+	}
+
+	public final String requestedAction() {
+		return action;
+	}
+
+	public final void setAction(String action) {
+		this.action = action;
+	}
+	
+	public final String requestedModule() {
+		return module;
+	}
+
+	public final void setModule(String module) {
+		this.module = module;
+	}
+
+	public final void setPendingRequestId(String pendingReqId) {
+		this.pendingRequestId = pendingReqId;
+		
+	}
+
+	public final String getPendingRequestId() {
+		return pendingRequestId;
+	}
+	
+	public final String getSSOSessionIdentifier() {
+		return this.ssoSessionId;
+	}
+	
+	public final void setSSOSessionIdentifier(String internalSSOSessionId) {
+		this.ssoSessionId = internalSSOSessionId;
+		
+	}
+	
+	public final Map<String, Object> genericFullDataStorage() {
+		return this.genericDataStorage;
+		
+	}
+	
+	public  final ISPConfiguration getServiceProviderConfiguration() {
+		return this.spConfiguration;
+		
+	
+	}
+	
+	public <T> T getServiceProviderConfiguration(final Class<T> decorator) {
+		if (this.spConfiguration != null) {
+			if (decorator.isAssignableFrom(this.spConfiguration.getClass())) {
+				return (T) this.spConfiguration;
+				
+			} else
+				log.error("Can not decorate SP configuration by '" + decorator.getName() + "'.");
+				throw new RuntimeException("Can not decorate SP configuration by '" + decorator.getName() + "'.");
+			
+		}
+		
+		return null;
+		
+	}
+	
+	public void setOnlineApplicationConfiguration(ISPConfiguration  spConfig) {
+		this.spConfiguration = spConfig;
+		
+	}
+
+	public final String getUniqueTransactionIdentifier() {
+		return this.uniqueTransactionIdentifer;
+		
+	}
+	
+	public final String getUniqueSessionIdentifier() {
+		return this.uniqueSessionIdentifer;
+		
+	}
+	
+	public final String getProcessInstanceId() {
+		return this.processInstanceId;
+		
+	}
+	
+	public final void setUniqueTransactionIdentifier(String id) {
+		this.uniqueTransactionIdentifer = id;
+		
+	}
+	
+	public final void setUniqueSessionIdentifier(String id) {
+		this.uniqueSessionIdentifer = id;
+		
+	}
+	
+	public void setProcessInstanceId(String id) {
+		this.processInstanceId = id;
+		
+	}
+	
+	public final String getAuthURL() {
+		return this.idpAuthURL;
+	}
+	
+	public final String getAuthURLWithOutSlash() {
+		if (this.idpAuthURL.endsWith("/"))
+			return this.idpAuthURL.substring(0, this.idpAuthURL.length()-1);
+		else
+			return this.idpAuthURL;
+		
+	}
+
+	public final boolean isNeedAuthentication() {
+		return needAuthentication;
+	}
+
+	public final void setNeedAuthentication(boolean needAuthentication) {
+		this.needAuthentication = needAuthentication;
+	}
+
+	public final boolean isAuthenticated() {
+		return isAuthenticated;
+	}
+
+	public final void setAuthenticated(boolean isAuthenticated) {
+		this.isAuthenticated = isAuthenticated;
+	}
+
+	public final boolean needSingleSignOnFunctionality() {
+		return needSSO;
+	}
+	public final void setNeedSingleSignOnFunctionality(boolean needSSO) {
+		this.needSSO = needSSO;
+		
+	}
+	
+	public final boolean isNeedUserConsent() {
+		return this.needUserConsent;
+		
+	}
+	
+	public final void setNeedUserConsent(boolean needConsent) {
+		this.needUserConsent = needConsent;
+		
+	}
+	
+	public final boolean isAbortedByUser() {
+		return this.isAbortedByUser;
+	}
+
+	public final void setAbortedByUser(boolean isAborted) {
+		this.isAbortedByUser = isAborted;
+		
+	}
+	
+	public final Object getGenericData(String key) {
+		if (StringUtils.isNotEmpty(key)) {
+			return genericDataStorage.get(key);
+			
+		} 
+		
+		log.info("Can not load generic request-data with key='null'");
+		return null;		
+	}
+	
+	public final <T> T getGenericData(String key, final Class<T> clazz) {
+		if (StringUtils.isNotEmpty(key)) {
+			Object data =  genericDataStorage.get(key);
+			
+			if (data == null)
+				return null;
+			
+			try {
+				@SuppressWarnings("unchecked")
+				T test = (T) data;
+				return test;
+				
+			} catch (Exception e) {
+				log.warn("Generic request-data object can not be casted to requested type", e);
+				return null;
+				
+			}
+			
+		} 
+		
+		log.info("Can not load generic request-data with key='null'");
+		return null;
+		
+	}
+	
+	@Override
+	public final void setGenericDataToSession(String key, Object object) throws EAAFStorageException {
+		if (StringUtils.isEmpty(key)) {
+			log.info("Generic request-data can not be stored with a 'null' key");
+			throw new EAAFStorageException("Generic request-data can not be stored with a 'null' key", null);
+			
+		}
+		
+		if (object != null) {
+			if (!Serializable.class.isInstance(object)) {
+				log.warn("Generic request-data can only store objects which implements the 'Seralizable' interface");
+				throw new EAAFStorageException("Generic request-data can only store objects which implements the 'Seralizable' interface", null);
+				
+			}						
+		}
+		
+		if (genericDataStorage.containsKey(key))
+			log.trace("Overwrite generic request-data with key:" + key);
+		else
+			log.trace("Add generic request-data with key:" + key + " to session.");
+		
+		genericDataStorage.put(key, object);
+		
+	}
+	
+	@Override
+	public final void setGenericDataToSession(Map<String, Object> map) throws EAAFStorageException {
+		if (map == null) {
+			log.info("Generic request-data can not be stored with a 'null' map");
+			throw new EAAFStorageException("Generic request-data can not be stored with a 'null' map", null);
+			
+		}
+		
+		//validate and store values
+		for (Entry<String, Object> el : map.entrySet())
+			setGenericDataToSession(el.getKey(), el.getValue());
+					
+	}
+		
+}
-- 
cgit v1.2.3