From 3fada6cef21c9b16467177d866df778203b51b4d Mon Sep 17 00:00:00 2001 From: Thomas Date: Thu, 5 Dec 2019 09:52:48 +0100 Subject: some code code-style modifications active code-quality checks! --- .../core/api/idp/EaafAuthProcessDataConstants.java | 1 - .../java/at/gv/egiz/eaaf/core/api/idp/IAction.java | 13 +- .../egiz/eaaf/core/api/idp/IAttributeBuilder.java | 4 +- .../eaaf/core/api/idp/IAttributeGenerator.java | 13 +- .../at/gv/egiz/eaaf/core/api/idp/IAuthData.java | 23 ++- .../core/api/idp/IAuthenticationDataBuilder.java | 2 - .../gv/egiz/eaaf/core/api/idp/IConfiguration.java | 8 +- .../eaaf/core/api/idp/IConfigurationWithSP.java | 35 +++-- .../at/gv/egiz/eaaf/core/api/idp/IEidAuthData.java | 10 +- .../at/gv/egiz/eaaf/core/api/idp/IModulInfo.java | 28 ++-- .../eaaf/core/api/idp/IPvpAttributeBuilder.java | 4 +- .../egiz/eaaf/core/api/idp/ISpConfiguration.java | 164 +++++++++++++++++++++ .../egiz/eaaf/core/api/idp/IspConfiguration.java | 162 -------------------- .../core/api/idp/auth/IAuthenticationManager.java | 46 +++--- .../egiz/eaaf/core/api/idp/auth/ISsoManager.java | 71 +++++---- .../idp/auth/data/IAuthProcessDataContainer.java | 103 +++++++------ .../eaaf/core/api/idp/auth/data/IIdentityLink.java | 64 ++++---- .../eaaf/core/api/idp/auth/modules/AuthModule.java | 33 +++-- .../services/IProtocolAuthenticationService.java | 48 +++--- .../core/api/idp/process/ExecutionContext.java | 25 ++-- .../core/api/idp/slo/ISloInformationContainer.java | 1 + .../core/api/idp/slo/SloInformationInterface.java | 3 - 22 files changed, 428 insertions(+), 433 deletions(-) create mode 100644 eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/ISpConfiguration.java delete mode 100644 eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IspConfiguration.java (limited to 'eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp') diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/EaafAuthProcessDataConstants.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/EaafAuthProcessDataConstants.java index 5963dc5f..98c59236 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/EaafAuthProcessDataConstants.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/EaafAuthProcessDataConstants.java @@ -37,5 +37,4 @@ public interface EaafAuthProcessDataConstants { @Deprecated String VALUE_MISMANDATE = "direct_MIS_Mandate"; - } diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IAction.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IAction.java index e2d553fb..9a057801 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IAction.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IAction.java @@ -21,24 +21,23 @@ package at.gv.egiz.eaaf.core.api.idp; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; + import at.gv.egiz.eaaf.core.api.IRequest; import at.gv.egiz.eaaf.core.api.idp.slo.SloInformationInterface; import at.gv.egiz.eaaf.core.exceptions.EaafException; - /** - * Basic interface of a specific operation that is requested by an authentication protocol - * implementation. + * Basic interface of a specific operation that is requested by an + * authentication protocol implementation. * * @author tlenz * */ public interface IAction { - SloInformationInterface processRequest(IRequest req, HttpServletRequest httpReq, - HttpServletResponse httpResp, IAuthData authData) throws EaafException; + SloInformationInterface processRequest(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp, + IAuthData authData) throws EaafException; - boolean needAuthentication(IRequest req, HttpServletRequest httpReq, - HttpServletResponse httpResp); + boolean needAuthentication(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp); String getDefaultActionName(); } diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IAttributeBuilder.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IAttributeBuilder.java index 86739725..9c451282 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IAttributeBuilder.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IAttributeBuilder.java @@ -24,8 +24,8 @@ import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException; public interface IAttributeBuilder { String getName(); - ATT build(final IspConfiguration oaParam, final IAuthData authData, - final IAttributeGenerator g) throws AttributeBuilderException; + ATT build(final ISpConfiguration oaParam, final IAuthData authData, final IAttributeGenerator g) + throws AttributeBuilderException; ATT buildEmpty(final IAttributeGenerator g); } diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IAttributeGenerator.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IAttributeGenerator.java index 34f1f73f..072f76e6 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IAttributeGenerator.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IAttributeGenerator.java @@ -24,18 +24,15 @@ public interface IAttributeGenerator { * Protocol attribute generator. * * @param friendlyName FriendlyName - * @param name Name - * @param value value + * @param name Name + * @param value value * @return */ - ATT buildStringAttribute(final String friendlyName, final String name, - final String value); + ATT buildStringAttribute(final String friendlyName, final String name, final String value); - ATT buildIntegerAttribute(final String friendlyName, final String name, - final int value); + ATT buildIntegerAttribute(final String friendlyName, final String name, final int value); - ATT buildLongAttribute(final String friendlyName, final String name, - final long value); + ATT buildLongAttribute(final String friendlyName, final String name, final long value); ATT buildEmptyAttribute(final String friendlyName, final String name); } diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IAuthData.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IAuthData.java index de18319b..ed2c6316 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IAuthData.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IAuthData.java @@ -21,6 +21,7 @@ package at.gv.egiz.eaaf.core.api.idp; import java.util.Date; import java.util.List; + import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink; import at.gv.egiz.eaaf.core.impl.data.Pair; @@ -35,7 +36,8 @@ public interface IAuthData { /** * BaseId transfer policy. * - * @return true if baseID transfer to service provider is allowed, otherwise false + * @return true if baseID transfer to service provider is allowed, otherwise + * false */ boolean isBaseIdTransferRestrication(); @@ -60,7 +62,6 @@ public interface IAuthData { */ String getAuthenticationIssueInstantString(); - /** * Familyname of the user. * @@ -111,7 +112,6 @@ public interface IAuthData { */ String getEidasQaaLevel(); - /** * Indicates that the user is a foreigner. * @@ -126,9 +126,9 @@ public interface IAuthData { */ String getCiticenCountryCode(); - /** - * Indicate that the authentication was done by using an active single sign-on session. + * Indicate that the authentication was done by using an active single sign-on + * session. * * @return true if it an SSO session was used, otherwise false */ @@ -141,9 +141,9 @@ public interface IAuthData { */ Date getSsoSessionValidTo(); - /** - * SessionIndex, if it was an reauthentication on a service provider by using the same SSO session. + * SessionIndex, if it was an reauthentication on a service provider by using + * the same SSO session. * * @return */ @@ -163,17 +163,15 @@ public interface IAuthData { */ String getNameIdFormat(); - /** * Get generic information for this authenticated user. * - * @param key Identifier for the generic data + * @param key Identifier for the generic data * @param clazz Type of the generic data * @return return the generic data of specific type, otherwise null */ T getGenericData(String key, final Class clazz); - /** * Get bPK of the user. * @@ -191,7 +189,6 @@ public interface IAuthData { @Deprecated String getBpkType(); - /** * Get List of bPK/bPKType tuples for this service provider. * @@ -209,14 +206,14 @@ public interface IAuthData { String getIdentificationValue(); /** - * Get type identifier of the baseId By default, this type is urn:publicid:gv.at:baseid. + * Get type identifier of the baseId By default, this type is + * urn:publicid:gv.at:baseid. * * @return */ @Deprecated String getIdentificationType(); - /** * Get the identityLink for the authenticated user. * diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IAuthenticationDataBuilder.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IAuthenticationDataBuilder.java index 519c4f5e..8c99b783 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IAuthenticationDataBuilder.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IAuthenticationDataBuilder.java @@ -26,6 +26,4 @@ public interface IAuthenticationDataBuilder { IAuthData buildAuthenticationData(IRequest pendingReq) throws EaafAuthenticationException; - - } diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IConfiguration.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IConfiguration.java index 5bb750ed..b9ba9869 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IConfiguration.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IConfiguration.java @@ -31,17 +31,15 @@ public interface IConfiguration { */ String getBasicConfiguration(final String key); - /** * Get a configuration value from file based configuration. * - * @param key configuration key + * @param key configuration key * @param defaultValue Default value if no value with this key is found * @return configuration value */ String getBasicConfiguration(final String key, final String defaultValue); - /** * Get a configuration value from file based configuration. * @@ -54,14 +52,13 @@ public interface IConfiguration { /** * Get a configuration value from file based configuration. * - * @param key configuration key + * @param key configuration key * @param defaultValue Default value if no value with this key is found * @return configuration value as {@link Boolean} or defaultValue * if key does not exist */ boolean getBasicConfigurationBoolean(final String key, final boolean defaultValue); - /** * Get the root directory of the configuration folder. * @@ -69,5 +66,4 @@ public interface IConfiguration { */ URI getConfigurationRootDirectory(); - } diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IConfigurationWithSP.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IConfigurationWithSP.java index 9e5786b6..1ab27e7f 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IConfigurationWithSP.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IConfigurationWithSP.java @@ -2,45 +2,47 @@ package at.gv.egiz.eaaf.core.api.idp; import java.net.URL; import java.util.Map; + import javax.annotation.Nullable; + import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException; import at.gv.egiz.eaaf.core.exceptions.EaafException; public interface IConfigurationWithSP extends IConfiguration { - String CONFIG_PROPS_AUTH_DEFAULT_COUNTRYCODE = - "configuration.auth.default.countrycode"; - + String CONFIG_PROPS_AUTH_DEFAULT_COUNTRYCODE = "configuration.auth.default.countrycode"; /** * Get a configuration entry for a specific Service Provider. * * @param uniqueID Unique identifier of the Service Provider - * @return {@link IspConfiguration} or null if no SP configuration was found - * @throws EaafConfigurationException In case of a Service-Provider loading error + * @return {@link ISpConfiguration} or null if no SP configuration + * was found + * @throws EaafConfigurationException In case of a Service-Provider loading + * error */ @Nullable - IspConfiguration getServiceProviderConfiguration(final String uniqueID) - throws EaafConfigurationException; - + ISpConfiguration getServiceProviderConfiguration(final String uniqueID) throws EaafConfigurationException; /** - * Get a configuration entry for a specific Service Provider that is decorated by a Object. + * Get a configuration entry for a specific Service Provider that is decorated + * by a Object. * * @param spIdentifier EntityID of a Service Provider - * @param decorator Decorator that should be used to decorate the result. This decorator has to be - * implement or extend the {@link IspConfiguration} interface + * @param decorator Decorator that should be used to decorate the result. + * This decorator has to be implement or extend the + * {@link ISpConfiguration} interface * @return T or null if no SP configuration was found - * @throws EaafConfigurationException In case of a Service-Provider loading error + * @throws EaafConfigurationException In case of a Service-Provider loading + * error */ @Nullable T getServiceProviderConfiguration(String spIdentifier, final Class decorator) throws EaafConfigurationException; - /** - * Get a set of configuration values from file based configuration that starts with this prefix. - *
+ * Get a set of configuration values from file based configuration that starts + * with this prefix.
*
* Important: The configuration values must be of type String! * @@ -53,7 +55,8 @@ public interface IConfigurationWithSP extends IConfiguration { * Validate a URL if it it is allowed by configuration. * * @param authReqUrl URL for validation - * @return URL of the application context if the authReqUrl was valid, otherwise null + * @return URL of the application context if the authReqUrl was valid, otherwise + * null */ String validateIdpUrl(URL authReqUrl) throws EaafException; } diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IEidAuthData.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IEidAuthData.java index 97951d40..323e4aeb 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IEidAuthData.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IEidAuthData.java @@ -1,6 +1,6 @@ package at.gv.egiz.eaaf.core.api.idp; -import at.gv.egiz.eaaf.core.api.data.PVPAttributeDefinitions; +import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions; public interface IEidAuthData extends IAuthData { @@ -11,7 +11,6 @@ public interface IEidAuthData extends IAuthData { */ byte[] getSignerCertificate(); - /** * Get the serialized E-ID token that can be used to validate the Identity-Link. * @@ -19,14 +18,12 @@ public interface IEidAuthData extends IAuthData { */ byte[] getEidToken(); - /** * Get the status of the E-ID. * - * @return {@link PVPAttributeDefinitions.EID_IDENTITY_STATUS_LEVEL_VALUES} + * @return {@link PvpAttributeDefinitions.EidIdentityStatusLevelValues} */ - PVPAttributeDefinitions.EID_IDENTITY_STATUS_LEVEL_VALUES getEidStatus(); - + PvpAttributeDefinitions.EidIdentityStatusLevelValues getEidStatus(); /** * Get the URL of the VDA EndPoint, that was used for authentication. @@ -35,7 +32,6 @@ public interface IEidAuthData extends IAuthData { */ String getVdaEndPointUrl(); - /** * Flag that mandates are used. * diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IModulInfo.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IModulInfo.java index 8dc30568..4834f15e 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IModulInfo.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IModulInfo.java @@ -21,6 +21,7 @@ package at.gv.egiz.eaaf.core.api.idp; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; + import at.gv.egiz.eaaf.core.api.IRequest; /** @@ -49,25 +50,26 @@ public interface IModulInfo { * Generates a protocol specific error message. * * - * @param e Exception that contains the error message - * @param request httpRequest object from servlet container - * @param response httpResponse object from servlet container + * @param e Exception that contains the error message + * @param request httpRequest object from servlet container + * @param response httpResponse object from servlet container * @param protocolRequest incoming protocol request - * @return return true if a protocol specific error message was generated, otherwise - * false - * @throws Throwable In case of an internal error during error message generation + * @return return true if a protocol specific error message was + * generated, otherwise false + * @throws Throwable In case of an internal error during error message + * generation */ - boolean generateErrorMessage(Throwable e, HttpServletRequest request, - HttpServletResponse response, IRequest protocolRequest) throws Throwable; + boolean generateErrorMessage(Throwable e, HttpServletRequest request, HttpServletResponse response, + IRequest protocolRequest) throws Throwable; /** * additional validation of a incoming authentication request. * - * @param request httpRequest object from servlet container + * @param request httpRequest object from servlet container * @param response httpResponse object from servlet container - * @param pending incoming protocol request - * @return return true if the incoming request is valid, otherwise false + * @param pending incoming protocol request + * @return return true if the incoming request is valid, otherwise + * false */ - boolean validate(HttpServletRequest request, HttpServletResponse response, - IRequest pending); + boolean validate(HttpServletRequest request, HttpServletResponse response, IRequest pending); } diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IPvpAttributeBuilder.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IPvpAttributeBuilder.java index c1cb38f7..5115327d 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IPvpAttributeBuilder.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IPvpAttributeBuilder.java @@ -19,8 +19,8 @@ package at.gv.egiz.eaaf.core.api.idp; -import at.gv.egiz.eaaf.core.api.data.PVPAttributeDefinitions; +import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions; -public interface IPvpAttributeBuilder extends PVPAttributeDefinitions, IAttributeBuilder { +public interface IPvpAttributeBuilder extends PvpAttributeDefinitions, IAttributeBuilder { } diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/ISpConfiguration.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/ISpConfiguration.java new file mode 100644 index 00000000..5a16f655 --- /dev/null +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/ISpConfiguration.java @@ -0,0 +1,164 @@ +/* + * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a + * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European + * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in + * compliance with the Licence. You may obtain a copy of the Licence at: + * https://joinup.ec.europa.eu/news/understanding-eupl-v12 + * + * Unless required by applicable law or agreed to in writing, software distributed under the Licence + * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express + * or implied. See the Licence for the specific language governing permissions and limitations under + * the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text file for details on the + * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative + * works that you distribute must include a readable copy of the "NOTICE" text file. +*/ + +package at.gv.egiz.eaaf.core.api.idp; + +import java.io.Serializable; +import java.util.List; +import java.util.Map; + +public interface ISpConfiguration extends Serializable { + + String CONFIG_KEY_RESTRICTIONS_BASEID_INTERNAL = "configuration.restrictions.baseID.idpProcessing"; + String CONFIG_KEY_RESTRICTIONS_BASEID_TRANSMISSION = "configuration.restrictions.baseID.spTransmission"; + + String CONFIG_KEY_RESTRICTIONS_EID_DEMO_MODE = "configuration.restrictions.eIDTestMode"; + + /** + * Get the full key/value configuration for this Service Provider. + * + * @return an unmodifiable map of key/value pairs + */ + Map getFullConfiguration(); + + /** + * Get a configuration value from Service Provider key/value configuration. + * + * @param key The key identifier of a configuration value + * @return The configuration value {String} or null if the key does not exist + */ + String getConfigurationValue(String key); + + /** + * Get a configuration value from Service Provider key/value configuration. + * + * @param key The key identifier of a configuration value + * @param defaultValue Default value if key does not exist + * @return The configuration value {String} or defaultValue if the key does not + * exist + */ + String getConfigurationValue(String key, String defaultValue); + + /** + * Get a boolean configuration value from Service Provider key/value + * configuration. + * + * @param key The key identifier of a configuration value + * @return true / false, or false if the key does not exist + */ + boolean isConfigurationValue(String key); + + /** + * Get a boolean configuration value from Service Provider key/value + * configuration. + * + * @param key The key identifier of a configuration value + * @param defaultValue Default value if key does not exist + * @return true / false, or defaultValue if the key does not exist + */ + boolean isConfigurationValue(String key, boolean defaultValue); + + /** + * Check if a configuration key is available in this Service Provider + * configuration. + * + * @param key The key identifier of a configuration value + * @return true if the configuration key exists, otherwise false + */ + boolean containsConfigurationKey(String key); + + /** + * Return the unique identifier of this Service Provider. + * + * @return + */ + String getUniqueIdentifier(); + + /** + * Return the unique identifier of this Service Provider. + * + * @return + */ + String getFriendlyName(); + + /** + * Indicates if this service provider has private area restrictions that + * disallow baseId. processing in general * + * + * @return true if there is a restriction, otherwise false + */ + boolean hasBaseIdInternalProcessingRestriction(); + + /** + * Indicates if this service provider has private area restrictions that + * disallow baseId transfer. to SP + * + * @return true if there is a restriction, otherwise false + */ + boolean hasBaseIdTransferRestriction(); + + /** + * Get the {@link List} of identifier's that indicates no baseID processing + * restriction exists.
+ * This list can be configured by key: + * "configuration.restrictions.baseID.idpProcessing" + * + * @return + */ + List getTargetsWithNoBaseIdInternalProcessingRestriction(); + + /** + * Get the {@link List} of identifier's that indicates no baseID transfer + * restriction exists.
+ * This list can be configured by key: + * "configuration.restrictions.baseID.spTransmission" + * + * @return + */ + List getTargetsWithNoBaseIdTransferRestriction(); + + /** + * Get the List eIDAS LoA that are required by this service provider. + * + * {@link at.gv.egiz.eaaf.core.api.data.EaafConstants.EIDAS_LOA_LOW} + * {@link at.gv.egiz.eaaf.core.api.data.EaafConstants.EIDAS_LOA_SUBSTANTIAL} + * {@link at.gv.egiz.eaaf.core.api.data.EaafConstants.EIDAS_LOA_HIGH} or any other non-notified LoA scheme + * + * @return return List of eIDAS LoAs + */ + List getRequiredLoA(); + + /** + * Get required matching mode for LoAs {@link EIDAS_LOA_MATCHING_MINIMUM}. + * {@link EIDAS_LOA_MATCHING_EXACT} + * + * @return + */ + String getLoAMatchingMode(); + + /** + * Get the full area-identifier for this service provider to calculate the + * area-specific unique person identifier (bPK, wbPK, eIDAS unique identifier, + * ...). This identifier always contains the full prefix + * + * @return area identifier with prefix + */ + String getAreaSpecificTargetIdentifier(); + +} diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IspConfiguration.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IspConfiguration.java deleted file mode 100644 index ab3ab87c..00000000 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IspConfiguration.java +++ /dev/null @@ -1,162 +0,0 @@ -/* - * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a - * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European - * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in - * compliance with the Licence. You may obtain a copy of the Licence at: - * https://joinup.ec.europa.eu/news/understanding-eupl-v12 - * - * Unless required by applicable law or agreed to in writing, software distributed under the Licence - * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express - * or implied. See the Licence for the specific language governing permissions and limitations under - * the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text file for details on the - * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative - * works that you distribute must include a readable copy of the "NOTICE" text file. -*/ - -package at.gv.egiz.eaaf.core.api.idp; - -import java.io.Serializable; -import java.util.List; -import java.util.Map; - -public interface IspConfiguration extends Serializable { - - String CONFIG_KEY_RESTRICTIONS_BASEID_INTERNAL = - "configuration.restrictions.baseID.idpProcessing"; - String CONFIG_KEY_RESTRICTIONS_BASEID_TRANSMISSION = - "configuration.restrictions.baseID.spTransmission"; - - String CONFIG_KEY_RESTRICTIONS_EID_DEMO_MODE = - "configuration.restrictions.eIDTestMode"; - - /** - * Get the full key/value configuration for this Service Provider. - * - * @return an unmodifiable map of key/value pairs - */ - Map getFullConfiguration(); - - /** - * Get a configuration value from Service Provider key/value configuration. - * - * @param key The key identifier of a configuration value - * @return The configuration value {String} or null if the key does not exist - */ - String getConfigurationValue(String key); - - /** - * Get a configuration value from Service Provider key/value configuration. - * - * @param key The key identifier of a configuration value - * @param defaultValue Default value if key does not exist - * @return The configuration value {String} or defaultValue if the key does not exist - */ - String getConfigurationValue(String key, String defaultValue); - - /** - * Get a boolean configuration value from Service Provider key/value configuration. - * - * @param key The key identifier of a configuration value - * @return true / false, or false if the key does not exist - */ - boolean isConfigurationValue(String key); - - - /** - * Get a boolean configuration value from Service Provider key/value configuration. - * - * @param key The key identifier of a configuration value - * @param defaultValue Default value if key does not exist - * @return true / false, or defaultValue if the key does not exist - */ - boolean isConfigurationValue(String key, boolean defaultValue); - - /** - * Check if a configuration key is available in this Service Provider configuration. - * - * @param key The key identifier of a configuration value - * @return true if the configuration key exists, otherwise false - */ - boolean containsConfigurationKey(String key); - - /** - * Return the unique identifier of this Service Provider. - * - * @return - */ - String getUniqueIdentifier(); - - /** - * Return the unique identifier of this Service Provider. - * - * @return - */ - String getFriendlyName(); - - /** - * Indicates if this service provider has private area restrictions that disallow baseId. - * processing in general * - * - * @return true if there is a restriction, otherwise false - */ - boolean hasBaseIdInternalProcessingRestriction(); - - - /** - * Indicates if this service provider has private area restrictions that disallow baseId transfer. - * to SP - * - * @return true if there is a restriction, otherwise false - */ - boolean hasBaseIdTransferRestriction(); - - /** - * Get the {@link List} of identifier's that indicates no baseID processing restriction - * exists.
- * This list can be configured by key: "configuration.restrictions.baseID.idpProcessing" - * - * @return - */ - List getTargetsWithNoBaseIdInternalProcessingRestriction(); - - /** - * Get the {@link List} of identifier's that indicates no baseID transfer restriction exists.
- * This list can be configured by key: "configuration.restrictions.baseID.spTransmission" - * - * @return - */ - List getTargetsWithNoBaseIdTransferRestriction(); - - /** - * Get the List eIDAS LoA that are required by this service provider. - * - * {@link EAAFConstants.EIDAS_LOA_LOW} {@link EAAFConstants.EIDAS_LOA_SUBSTANTIAL} - * {@link EAAFConstants.EIDAS_LOA_HIGH} or any other non-notified LoA scheme - * - * @return return List of eIDAS LoAs - */ - List getRequiredLoA(); - - /** - * Get required matching mode for LoAs {@link EIDAS_LOA_MATCHING_MINIMUM}. - * {@link EIDAS_LOA_MATCHING_EXACT} - * - * @return - */ - String getLoAMatchingMode(); - - - /** - * Get the full area-identifier for this service provider to calculate the area-specific unique - * person identifier (bPK, wbPK, eIDAS unique identifier, ...). This identifier always contains - * the full prefix - * - * @return area identifier with prefix - */ - String getAreaSpecificTargetIdentifier(); - -} diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/IAuthenticationManager.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/IAuthenticationManager.java index 7c100d1d..3dba4e78 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/IAuthenticationManager.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/IAuthenticationManager.java @@ -21,6 +21,7 @@ package at.gv.egiz.eaaf.core.api.idp.auth; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; + import at.gv.egiz.eaaf.core.api.IRequest; import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; import at.gv.egiz.eaaf.core.api.idp.slo.ISloInformationContainer; @@ -33,60 +34,57 @@ public interface IAuthenticationManager { int EVENT_AUTHENTICATION_PROCESS_FINISHED = 4001; int EVENT_AUTHENTICATION_PROCESS_ERROR = 4002; - /** - * Add a request parameter to whitelist. All parameters that are part of the white list are added - * into {@link ExecutionContext} + * Add a request parameter to whitelist. All parameters that are part of the + * white list are added into {@link ExecutionContext} * * @param httpReqParam http parameter name, but never null */ void addParameterNameToWhiteList(String httpReqParam); /** - * Add a request header to whitelist. All parameters that are part of the white list are added - * into {@link ExecutionContext} + * Add a request header to whitelist. All parameters that are part of the white + * list are added into {@link ExecutionContext} * * @param httpReqParam http header name, but never null */ void addHeaderNameToWhiteList(String httpReqParam); - /** * Starts an authentication process for a specific pending request. * - * @param httpReq http servlet request - * @param httpResp http servlet response + * @param httpReq http servlet request + * @param httpResp http servlet response * @param pendingReq Pending request for that an authentication is required * @return true if the pending request is already authenticated, otherwise false * @throws EaafException In case of an authentication error */ - boolean doAuthentication(HttpServletRequest httpReq, HttpServletResponse httpResp, - IRequest pendingReq) throws EaafException; + boolean doAuthentication(HttpServletRequest httpReq, HttpServletResponse httpResp, IRequest pendingReq) + throws EaafException; /** * Close an active authenticated session on IDP side. * - * @param request http servlet request - * @param response http servlet response - * @param pendingReq ReqPending request for that an authentication session should be closed + * @param request http servlet request + * @param response http servlet response + * @param pendingReq ReqPending request for that an authentication session + * should be closed */ - void performOnlyIdpLogOut(HttpServletRequest request, HttpServletResponse response, - IRequest pendingReq); - + void performOnlyIdpLogOut(HttpServletRequest request, HttpServletResponse response, IRequest pendingReq); /** - * Close an active authenticated session on IDP side and get a list authenticated service - * providers. + * Close an active authenticated session on IDP side and get a list + * authenticated service providers. * - * @param httpReq http servlet request - * @param httpResp http servlet response - * @param pendingReq ReqPending request for that an authentication session should be closed + * @param httpReq http servlet request + * @param httpResp http servlet response + * @param pendingReq ReqPending request for that an authentication session + * should be closed * @param internalSsoId internal SSO session identifier * @return A container that contains all active SP sessions * @throws EaafException In case of an internal SLO error */ - ISloInformationContainer performSingleLogOut(HttpServletRequest httpReq, - HttpServletResponse httpResp, IRequest pendingReq, String internalSsoId) throws EaafException; - + ISloInformationContainer performSingleLogOut(HttpServletRequest httpReq, HttpServletResponse httpResp, + IRequest pendingReq, String internalSsoId) throws EaafException; } diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/ISsoManager.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/ISsoManager.java index 65c388e8..f0d6cfca 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/ISsoManager.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/ISsoManager.java @@ -21,6 +21,7 @@ package at.gv.egiz.eaaf.core.api.idp.auth; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; + import at.gv.egiz.eaaf.core.api.IRequest; import at.gv.egiz.eaaf.core.api.idp.slo.SloInformationInterface; import at.gv.egiz.eaaf.core.exceptions.EaafSsoException; @@ -31,97 +32,91 @@ public interface ISsoManager { int EVENT_SSO_SESSION_INVALID = -1; int EVENT_SSO_SESSION_VALID = -1; - String PROCESS_ENGINE_SSO_CONSENTS_EVALUATION = "ssoconsentsevaluation"; String AUTH_DATA_SSO_SESSIONID = "eaaf_authdata_sso_sessionId"; - /** - * Check if there is an active and valid SSO session for the current pending request.
- * If there is an active SSO session, the pending request will be populated with eID information - * from SSO session + * Check if there is an active and valid SSO session for the current pending + * request.
+ * If there is an active SSO session, the pending request will be populated with + * eID information from SSO session * * @param pendingReq Current incoming pending request - * @param httpReq http Servlet request - * @param httpResp http Servlet response + * @param httpReq http Servlet request + * @param httpResp http Servlet response * @return true if there is a valid SSO session, otherwise false * @throws EaafSsoException In case of an internal error */ - boolean checkAndValidateSsoSession(IRequest pendingReq, HttpServletRequest httpReq, - HttpServletResponse httpResp) throws EaafSsoException; + boolean checkAndValidateSsoSession(IRequest pendingReq, HttpServletRequest httpReq, HttpServletResponse httpResp) + throws EaafSsoException; /** * Populate service provider specific SSO settings. * *

- * Check if Single Sign-On is allowed for the current pending request and the requested service - * provider Set IRequest.needSingleSignOnFunctionality() to true if SSO is allowed + * Check if Single Sign-On is allowed for the current pending request and the + * requested service provider Set IRequest.needSingleSignOnFunctionality() to + * true if SSO is allowed *

* * @param pendingReq Current incoming pending request - * @param httpReq http Servlet request + * @param httpReq http Servlet request */ void isSsoAllowedForSp(IRequest pendingReq, HttpServletRequest httpReq); - /** - * Populate the current pending request with eID information from an existing SSO session. + * Populate the current pending request with eID information from an existing + * SSO session. * * @param pendingReq pending request that should be populated by SSO session - * @throws EaafSsoException if pending request contains no SSO information or population failed + * @throws EaafSsoException if pending request contains no SSO information or + * population failed */ void populatePendingRequestWithSsoInformation(IRequest pendingReq) throws EaafSsoException; - /** * Destroy an active SSO session on IDP site only. * - * @param httpReq http servlet request - * @param httpResp http servlet response + * @param httpReq http servlet request + * @param httpResp http servlet response * @param pendingReq current pending request * @return true if a SSO session was closed successfully, otherwise false * @throws EaafSsoException in case of an internal processing error */ - boolean destroySsoSessionOnIdpOnly(HttpServletRequest httpReq, - HttpServletResponse httpResp, IRequest pendingReq) throws EaafSsoException; - - + boolean destroySsoSessionOnIdpOnly(HttpServletRequest httpReq, HttpServletResponse httpResp, IRequest pendingReq) + throws EaafSsoException; /** - * Create a new SSO session-cookie for a specific pendingRequest and add it into http response. + * Create a new SSO session-cookie for a specific pendingRequest and add it into + * http response. * - * @param req http Request - * @param resp http Response + * @param req http Request + * @param resp http Response * @param pendingReq Current open PendingRequest * @return new created SSO identifier * @throws EaafSsoException In case of an internal error */ - String createNewSsoSessionCookie(HttpServletRequest req, HttpServletResponse resp, - IRequest pendingReq) throws EaafSsoException; - + String createNewSsoSessionCookie(HttpServletRequest req, HttpServletResponse resp, IRequest pendingReq) + throws EaafSsoException; /** * Create a new SSO session in database. * - * @param pendingReq current pending request + * @param pendingReq current pending request * @param newSsoSessionId new SSO sessionId * @throws EaafSsoException In case of an internal error */ - void createNewSsoSession(IRequest pendingReq, String newSsoSessionId) - throws EaafSsoException; - + void createNewSsoSession(IRequest pendingReq, String newSsoSessionId) throws EaafSsoException; /** * Updateing an existing SSO session in database. * - * @param pendingReq current pending request + * @param pendingReq current pending request * @param newSsoSessionId new SSO session Id - * @param sloInformation SLO information container + * @param sloInformation SLO information container * @throws EaafSsoException In case of an internal error */ - void updateSsoSession(IRequest pendingReq, String newSsoSessionId, - SloInformationInterface sloInformation) throws EaafSsoException; - - + void updateSsoSession(IRequest pendingReq, String newSsoSessionId, SloInformationInterface sloInformation) + throws EaafSsoException; } diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/data/IAuthProcessDataContainer.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/data/IAuthProcessDataContainer.java index 77fc025c..60224ea6 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/data/IAuthProcessDataContainer.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/data/IAuthProcessDataContainer.java @@ -1,4 +1,4 @@ -/******************************************************************************* +/* * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology. * @@ -11,15 +11,12 @@ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express * or implied. See the Licence for the specific language governing permissions and limitations under * the Licence. - * + * * This product combines work with different licenses. See the "NOTICE" text file for details on the * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative * works that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -/******************************************************************************* - *******************************************************************************/ -/******************************************************************************* - *******************************************************************************/ +*/ + package at.gv.egiz.eaaf.core.api.idp.auth.data; import java.util.Date; @@ -31,36 +28,36 @@ public interface IAuthProcessDataContainer { /** * Returns the issuing time of the AUTH-Block SAML assertion. - * + * * @return The issuing time of the AUTH-Block SAML assertion. */ String getIssueInstant(); /** * Sets the issuing time of the AUTH-Block SAML assertion. - * + * * @param issueInstant The issueInstant to set. */ void setIssueInstant(String issueInstant); /** - * Indicate if the authentication process is finished - * + * Indicate if the authentication process is finished. + * * @return */ boolean isAuthenticated(); /** - * Mark the authentication as authenticated, which means that the authenication process is - * completed - * - * @param authenticated + * Mark the authentication as authenticated, which means that the authenication + * process is completed. + * + * @param authenticated If true, the authentication-process is marked as finished */ void setAuthenticated(boolean authenticated); /** * Returns the identityLink. - * + * * @return IdentityLink */ @Deprecated @@ -68,84 +65,84 @@ public interface IAuthProcessDataContainer { /** * Sets the identityLink. - * + * * @param identityLink The identityLink to set */ @Deprecated void setIdentityLink(IIdentityLink identityLink); - /** - * Flag marks the authentication process as new E-ID process - * + * Flag marks the authentication process as new E-ID process. + * * @return true if E-ID process, otherwise false */ - boolean isEIDProcess(); - + boolean isEidProcess(); /** - * Set the flag to make the process as new E-ID process - * + * Set the flag to make the process as new E-ID process. + * * @param value true if new E-ID process, otherwise false */ - void setEIDProcess(boolean value); + void setEidProcess(boolean value); /** * Indicate that mandates was used in this auth. process - * + * * @return */ boolean isMandateUsed(); /** * Mark that mandates was used in this auth. process - * - * @param useMandates + * + * @param useMandates true, if mandates are used */ void setUseMandates(boolean useMandates); /** * Indicate that the auth. process was performed by a foreigner - * + * * @return */ boolean isForeigner(); /** * Mark that the auth. process was done by a foreigner - * - * @param isForeigner + * + * @param isForeigner true, if citizenn is a foreigner */ void setForeigner(boolean isForeigner); /** * Indicate that the auth. process was performed by an official representatives - * + * * @return is official representatives */ boolean isOW(); /** * Mark that the auth. process was done by an official representatives - * + * */ void setOW(boolean isOW); /** - * eIDAS QAA level - * + * eIDAS QAA level. + * * @return the qAALevel */ - String getQAALevel(); + String getQaaLevel(); /** - * set QAA level in eIDAS form - * - * @param qAALevel the qAALevel to set + * set QAA level in eIDAS form. + * + * @param qaaLevel the qAALevel to set */ - void setQAALevel(String qAALevel); + void setQaaLevel(String qaaLevel); /** + * Get Timestamp when session was created. + * * @return the sessionCreated */ Date getSessionCreated(); @@ -153,30 +150,32 @@ public interface IAuthProcessDataContainer { Map getGenericSessionDataStorage(); /** - * Returns a generic session-data object with is stored with a specific identifier - * + * Returns a generic session-data object with is stored with a specific + * identifier. + * * @param key The specific identifier of the session-data object * @return The session-data object or null if no data is found with this key */ Object getGenericDataFromSession(String key); /** - * Returns a generic session-data object with is stored with a specific identifier - * - * @param key The specific identifier of the session-data object + * Returns a generic session-data object with is stored with a specific + * identifier. + * + * @param key The specific identifier of the session-data object * @param clazz The class type which is stored with this key * @return The session-data object or null if no data is found with this key */ T getGenericDataFromSession(String key, Class clazz); /** - * Store a generic data-object to session with a specific identifier - * - * @param key Identifier for this data-object - * @param object Generic data-object which should be stored. This data-object had to be implement - * the 'java.io.Serializable' interface - * @throws EaafStorageException Error message if the data-object can not stored to generic - * session-data storage + * Store a generic data-object to session with a specific identifier. + * + * @param key Identifier for this data-object + * @param object Generic data-object which should be stored. This data-object + * had to be implement the 'java.io.Serializable' interface + * @throws EaafStorageException Error message if the data-object can not stored + * to generic session-data storage */ void setGenericDataToSession(String key, Object object) throws EaafStorageException; } diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/data/IIdentityLink.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/data/IIdentityLink.java index b37d41e3..74c82181 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/data/IIdentityLink.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/data/IIdentityLink.java @@ -1,4 +1,4 @@ -/******************************************************************************* +/* * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology. * @@ -11,15 +11,12 @@ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express * or implied. See the Licence for the specific language governing permissions and limitations under * the Licence. - * + * * This product combines work with different licenses. See the "NOTICE" text file for details on the * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative * works that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -/******************************************************************************* - *******************************************************************************/ -/******************************************************************************* - *******************************************************************************/ +*/ + package at.gv.egiz.eaaf.core.api.idp.auth.data; import java.io.IOException; @@ -30,6 +27,8 @@ import javax.xml.transform.TransformerException; import org.w3c.dom.Element; /** + * Deprecated IdentityLink interface. + * * @author tlenz * */ @@ -37,38 +36,39 @@ public interface IIdentityLink { /** * Returns the dateOfBirth. - * + * * @return Calendar */ String getDateOfBirth(); /** * Returns the familyName. - * + * * @return String */ String getFamilyName(); /** * Returns the givenName. - * + * * @return String */ String getGivenName(); /** * Return the name as 'givenName + " " + familyName'
- * This method should be used any more. Use getFamilyName() and getGivenName() separately. - * + * This method should be used any more. Use getFamilyName() and getGivenName() + * separately. + * * @return The name. */ @Deprecated String getName(); /** - * Returns the identificationValue. "identificationValue" is the translation of - * "Stammzahl". - * + * Returns the identificationValue. "identificationValue" is the + * translation of "Stammzahl". + * * @return String */ String getIdentificationValue(); @@ -76,106 +76,106 @@ public interface IIdentityLink { /** * Returns the identificationType. "identificationType" type of the * identificationValue in the IdentityLink. - * + * * @return String */ String getIdentificationType(); /** * Sets the dateOfBirth. - * + * * @param dateOfBirth The dateOfBirth to set */ void setDateOfBirth(String dateOfBirth); /** * Sets the familyName. - * + * * @param familyName The familyName to set */ void setFamilyName(String familyName); /** * Sets the givenName. - * + * * @param givenName The givenName to set */ void setGivenName(String givenName); /** - * Sets the identificationValue. "identificationValue" is the translation of - * "Stammzahl". - * + * Sets the identificationValue. "identificationValue" is the + * translation of "Stammzahl". + * * @param identificationValue The identificationValue to set */ void setIdentificationValue(String identificationValue); /** * Sets the Type of the identificationValue. - * + * * @param identificationType The type of identificationValue to set */ void setIdentificationType(String identificationType); /** * Returns the samlAssertion. - * + * * @return Element */ Element getSamlAssertion(); /** * Returns the samlAssertion. - * + * * @return Element */ String getSerializedSamlAssertion(); /** * Sets the samlAssertion and the serializedSamlAssertion. - * + * * @param samlAssertion The samlAssertion to set */ void setSamlAssertion(Element samlAssertion) throws TransformerException, IOException; /** * Returns the dsigReferenceTransforms. - * + * * @return Element[] */ Element[] getDsigReferenceTransforms(); /** * Sets the dsigReferenceTransforms. - * + * * @param dsigReferenceTransforms The dsigReferenceTransforms to set */ void setDsigReferenceTransforms(Element[] dsigReferenceTransforms); /** * Returns the publicKey. - * + * * @return PublicKey[] */ PublicKey[] getPublicKey(); /** * Sets the publicKey. - * + * * @param publicKey The publicKey to set */ void setPublicKey(PublicKey[] publicKey); /** * Returns the prPerson. - * + * * @return Element */ Element getPrPerson(); /** * Sets the prPerson. - * + * * @param prPerson The prPerson to set */ void setPrPerson(Element prPerson); diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/modules/AuthModule.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/modules/AuthModule.java index e74bed63..54a50920 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/modules/AuthModule.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/modules/AuthModule.java @@ -23,37 +23,42 @@ import at.gv.egiz.eaaf.core.api.IRequest; import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; /** - * Provides metadata of a certain module. Uses for module discovery and process selection. + * Provides metadata of a certain module. Uses for module discovery and process + * selection. */ public interface AuthModule { /** - * Returns the priority of the module. The priority defines the order of the respective module - * within the chain of discovered modules. Higher priorized modules are asked before lower - * priorized modules for a process that they can handle. + * Returns the priority of the module. The priority defines the order of the + * respective module within the chain of discovered modules. Higher priorized + * modules are asked before lower priorized modules for a process that they can + * handle. *

- * Internal default modules are priorized neutral ({@code 0}. Use a higher priority - * ({@code 1...Integer.MAX_VALUE}) in order to have your module(s) priorized or a lower priority - * ({@code Integer.MIN_VALUE...-1}) in order to put your modules behind default modules. + * Internal default modules are priorized neutral ({@code 0}. Use a higher + * priority ({@code 1...Integer.MAX_VALUE}) in order to have your module(s) + * priorized or a lower priority ({@code Integer.MIN_VALUE...-1}) in order to + * put your modules behind default modules. * * @return the priority of the module. */ int getPriority(); /** - * Selects a process (description), referenced by its unique id, which is able to perform - * authentication with the given {@link ExecutionContext}. Returns {@code null} if no appropriate - * process (description) was available within this module. + * Selects a process (description), referenced by its unique id, which is able + * to perform authentication with the given {@link ExecutionContext}. Returns + * {@code null} if no appropriate process (description) was available within + * this module. * - * @param context an ExecutionContext for a process. + * @param context an ExecutionContext for a process. * @param pendingReq the current processed pending request - * @return the process-ID of a process which is able to work with the given ExecutionContext, or - * {@code null}. + * @return the process-ID of a process which is able to work with the given + * ExecutionContext, or {@code null}. */ String selectProcess(ExecutionContext context, IRequest pendingReq); /** - * Returns the an Array of {@link ProcessDefinition}s of the processes included in this module. + * Returns the an Array of {@link ProcessDefinition}s of the processes included + * in this module. * * @return an array of resource uris of the processes included in this module. */ diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/services/IProtocolAuthenticationService.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/services/IProtocolAuthenticationService.java index e817720b..86d15d5b 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/services/IProtocolAuthenticationService.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/services/IProtocolAuthenticationService.java @@ -20,8 +20,10 @@ package at.gv.egiz.eaaf.core.api.idp.auth.services; import java.io.IOException; + import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; + import at.gv.egiz.eaaf.core.api.IRequest; import at.gv.egiz.eaaf.core.api.logging.IStatisticLogger; import at.gv.egiz.eaaf.core.exceptions.EaafException; @@ -33,14 +35,13 @@ public interface IProtocolAuthenticationService { String PARAM_GUI_ERRORCODEPARAMS = "errorParams"; String PARAM_GUI_ERRORSTACKTRACE = "stacktrace"; - /** * Initialize an authentication process for this protocol request. * - * @param httpReq HttpServletRequest - * @param httpResp HttpServletResponse + * @param httpReq HttpServletRequest + * @param httpResp HttpServletResponse * @param pendingReq Authentication request which is actually in process - * @throws IOException In case of a communication error + * @throws IOException In case of a communication error * @throws EaafException In case of an application error */ void performAuthentication(HttpServletRequest httpReq, HttpServletResponse httpResp, IRequest pendingReq) @@ -49,10 +50,11 @@ public interface IProtocolAuthenticationService { /** * Finalize the requested protocol operation. * - * @param httpReq HttpServletRequest - * @param httpResp HttpServletResponse + * @param httpReq HttpServletRequest + * @param httpResp HttpServletResponse * @param pendingReq Authentication request which is actually in process - * @throws IOException If response can not be written into {@link HttpServletResponse} + * @throws IOException If response can not be written into + * {@link HttpServletResponse} * @throws EaafException If an internal error occur */ void finalizeAuthentication(HttpServletRequest httpReq, HttpServletResponse httpResp, IRequest pendingReq) @@ -61,26 +63,30 @@ public interface IProtocolAuthenticationService { /** * Build protocol-specific error message. * - * @param throwable Exception that should be handled - * @param req Current open http request as {@link HttpServletRequest} - * @param resp Current open http response as {@link HttpServletResponse} + * @param throwable Exception that should be handled + * @param req Current open http request as {@link HttpServletRequest} + * @param resp Current open http response as {@link HttpServletResponse} * @param pendingReq Authentication request which is actually in process - * @throws IOException If response can not be written into {@link HttpServletResponse} + * @throws IOException If response can not be written into + * {@link HttpServletResponse} * @throws EaafException If an internal error occur */ - void buildProtocolSpecificErrorResponse(Throwable throwable, HttpServletRequest req, - HttpServletResponse resp, IRequest pendingReq) throws IOException, EaafException; + void buildProtocolSpecificErrorResponse(Throwable throwable, HttpServletRequest req, HttpServletResponse resp, + IRequest pendingReq) throws IOException, EaafException; /** - * Handles all exceptions with no pending request. Therefore, the error is written to the users - * browser + * Handles all exceptions with no pending request. Therefore, the error is + * written to the users browser * - * @param throwable Exception that should be handled - * @param req Current open http request as {@link HttpServletRequest} - * @param resp Current open http response as {@link HttpServletResponse} - * @param writeExceptionToStatisticLog if true, the exception get logged into - * {@link IStatisticLogger} - * @throws IOException If response can not be written into {@link HttpServletResponse} + * @param throwable Exception that should be handled + * @param req Current open http request as + * {@link HttpServletRequest} + * @param resp Current open http response as + * {@link HttpServletResponse} + * @param writeExceptionToStatisticLog if true, the exception get + * logged into {@link IStatisticLogger} + * @throws IOException If response can not be written into + * {@link HttpServletResponse} * @throws EaafException If an internal error occure */ void handleErrorNoRedirect(Throwable throwable, HttpServletRequest req, HttpServletResponse resp, diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/process/ExecutionContext.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/process/ExecutionContext.java index 3c2136aa..68584dc9 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/process/ExecutionContext.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/process/ExecutionContext.java @@ -31,7 +31,8 @@ import java.util.Set; public interface ExecutionContext extends Serializable { /** - * Flag that indicates that a Task canceled the current {@link ExecutionContext}. + * Flag that indicates that a Task canceled the current + * {@link ExecutionContext}. * * @return true if the process-flow was marked as canceled, otherwise false */ @@ -41,7 +42,8 @@ public interface ExecutionContext extends Serializable { * Mark this {@link ExecutionContext} as cancelled. * *

- * The process-flow engine will stop execution when the task that sets this flag is finished + * The process-flow engine will stop execution when the task that sets this flag + * is finished *

*/ void setCanceleProcessFlag(); @@ -63,26 +65,29 @@ public interface ExecutionContext extends Serializable { /** * Stores a serializable object using {@code key}. * - * @param key The key under that the {@code object} should be stored. + * @param key The key under that the {@code object} should be stored. * @param object The object to be stored. */ void put(String key, Serializable object); /** - * Returns an serializable object stored within this process context using {@code key}. + * Returns an serializable object stored within this process context using + * {@code key}. * - * @param key The key that has been used to store the serializable object (may be {@code null}). - * @return The object or {@code null} in case the key does not relate to a stored object or the - * stored object itself was {@code null}. + * @param key The key that has been used to store the serializable object (may + * be {@code null}). + * @return The object or {@code null} in case the key does not relate to a + * stored object or the stored object itself was {@code null}. */ Serializable get(String key); /** * Removes the object stored using {@code key}. * - * @param key The key that has been used to store the serializable object (may be {@code null}). - * @return The object that has been removed or {@code null} there was no object stored using - * {@code key}. + * @param key The key that has been used to store the serializable object (may + * be {@code null}). + * @return The object that has been removed or {@code null} there was no object + * stored using {@code key}. */ Serializable remove(String key); diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/slo/ISloInformationContainer.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/slo/ISloInformationContainer.java index 9d72d877..9338da43 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/slo/ISloInformationContainer.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/slo/ISloInformationContainer.java @@ -24,6 +24,7 @@ import java.util.Iterator; import java.util.List; import java.util.Map.Entry; import java.util.Set; + import at.gv.egiz.eaaf.core.api.IRequest; /** diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/slo/SloInformationInterface.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/slo/SloInformationInterface.java index e956c07f..79fb18e3 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/slo/SloInformationInterface.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/slo/SloInformationInterface.java @@ -27,7 +27,6 @@ package at.gv.egiz.eaaf.core.api.idp.slo; */ public interface SloInformationInterface { - /** * get AssertionID which was used for Service Provider Single LogOut request. * @@ -42,7 +41,6 @@ public interface SloInformationInterface { */ String getUserNameIdentifier(); - /** * get protocol type which was used for authentication. * @@ -76,5 +74,4 @@ public interface SloInformationInterface { void setSessionIndex(String sessionIndex); - } -- cgit v1.2.3