/* * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology. * * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in * compliance with the Licence. You may obtain a copy of the Licence at: * https://joinup.ec.europa.eu/news/understanding-eupl-v12 * * Unless required by applicable law or agreed to in writing, software distributed under the Licence * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express * or implied. See the Licence for the specific language governing permissions and limitations under * the Licence. * * This product combines work with different licenses. See the "NOTICE" text file for details on the * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative * works that you distribute must include a readable copy of the "NOTICE" text file. */ package at.gv.egiz.eaaf.core.impl.idp; import java.io.Serializable; import java.text.DateFormat; import java.text.ParseException; import java.text.SimpleDateFormat; import java.util.Date; import java.util.Map; import java.util.TimeZone; import org.apache.commons.collections4.map.HashedMap; import org.apache.commons.lang3.StringUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import at.gv.egiz.eaaf.core.api.idp.IAuthData; import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink; import at.gv.egiz.eaaf.core.exceptions.EaafStorageException; import at.gv.egiz.eaaf.core.impl.idp.auth.builder.BpkBuilder; /** * Service-Provider specific authentication data. * * @author tlenz * */ public class AuthenticationData implements IAuthData, Serializable { private static final Logger log = LoggerFactory.getLogger(AuthenticationData.class); private static final long serialVersionUID = -1042697056735596866L; public static final String IDENTITY_LINK_DATE_FORMAT = "yyyy-MM-dd"; public static final String ISSUE_INSTANT_DATE_FORMAT = "yyyy-MM-dd'T'HH:mm:ss'Z'"; private boolean isBaseIdTransferRestrication = true; private final Map genericDataStorate = new HashedMap<>(); private String issuer; private Date issueInstant; @Deprecated private String identificationValue; @Deprecated private String identificationType; @Deprecated private IIdentityLink identityLink = null; private String familyName; private String givenName; private Date dateOfBirth; private String encSourceId; private String encSourceIdType; private String bpk; private String bpkType; private String ccc = null; private boolean foreigner = false; private String eidasLoa = null; private boolean ssoSession = false; private Date ssoSessionValidTo = null; private String sessionIndex = null; private String nameID = null; private String nameIdFormat = null; public AuthenticationData() { this.issueInstant = new Date(); } @Override public String getAuthenticationIssuer() { return this.issuer; } /** * Set an unique identifier for the IDP that authenticates the user. * * @param authIssuer Issuer of this authentication information */ public void setAuthenticationIssuer(final String authIssuer) { this.issuer = authIssuer; } @Override public Date getAuthenticationIssueInstant() { return getDateCopyOrNull(this.issueInstant); } @Override public String getAuthenticationIssueInstantString() { final SimpleDateFormat f = new SimpleDateFormat(ISSUE_INSTANT_DATE_FORMAT); f.setTimeZone(TimeZone.getTimeZone("UTC")); return f.format(this.issueInstant); } /** * Set the timestamp for this user authentication process. * * @param date Authentication data */ public void setAuthenticationIssueInstant(final Date date) { this.issueInstant = getDateCopyOrNull(date); } @Override public String getCiticenCountryCode() { return this.ccc; } @Override @Deprecated public String getBpk() { return bpk; } /** * Sets the bPK. * * @param bpk The bPK to set */ @Deprecated public void setBpk(final String bpk) { this.bpk = bpk; } @Override public Date getDateOfBirth() { return getDateCopyOrNull(this.dateOfBirth); } @Override public String getFormatedDateOfBirth() { final DateFormat pvpDateFormat = new SimpleDateFormat(IDENTITY_LINK_DATE_FORMAT); if (getDateOfBirth() != null) { return pvpDateFormat.format(getDateOfBirth()); } else { return "2999-12-31"; } } @Override public String getFamilyName() { return this.familyName; } @Override public String getGivenName() { return this.givenName; } @Override public String getEncryptedSourceId() { return this.encSourceId; } @Override public String getEncryptedSourceIdType() { return this.encSourceIdType; } @Override @Deprecated public String getIdentificationValue() { return identificationValue; } @Override @Deprecated public String getIdentificationType() { return identificationType; } @Override @Deprecated public IIdentityLink getIdentityLink() { return identityLink; } /** * Set the IdentityLink. * * @param identityLink the identityLink to set */ @Deprecated public void setIdentityLink(final IIdentityLink identityLink) { this.identityLink = identityLink; } /** * Sets the dateOfBirth. * * @param dateOfBirth The dateOfBirth to set */ public void setDateOfBirth(final Date dateOfBirth) { this.dateOfBirth = getDateCopyOrNull(dateOfBirth); } /** * Set the date of birth. * * @param dateOfBirth date of birth String as "yyyy-MM-dd" */ public void setDateOfBirth(final String dateOfBirth) { try { if (StringUtils.isNotEmpty(dateOfBirth)) { final DateFormat identityLinkFormat = new SimpleDateFormat(IDENTITY_LINK_DATE_FORMAT); this.dateOfBirth = identityLinkFormat.parse(dateOfBirth); } } catch (final ParseException e) { log.warn("Parse dateOfBirht from IdentityLink FAILED", e); } } /** * Sets the familyName. * * @param familyName The familyName to set */ public void setFamilyName(final String familyName) { this.familyName = familyName; } /** * Sets the givenName. * * @param givenName The givenName to set */ public void setGivenName(final String givenName) { this.givenName = givenName; } /** * Sets the identificationValue. * * @param identificationValue The identificationValue to set */ @Deprecated public void setIdentificationValue(final String identificationValue) { this.identificationValue = identificationValue; } /** * Sets the identificationType. * * @param identificationType The identificationType to set */ @Deprecated public void setIdentificationType(final String identificationType) { this.identificationType = identificationType; } @Override @Deprecated public String getBpkType() { return bpkType; } /** * Set sector identifier of user's bPK. * * @param bpkType bPK type */ @Deprecated public void setBpkType(final String bpkType) { this.bpkType = BpkBuilder.normalizeBpkTargetIdentifierToCommonFormat(bpkType); } @Override public String getEidasQaaLevel() { return this.eidasLoa; } @Override public boolean isForeigner() { return this.foreigner; } /** * Indicate the the user is a foreigner. * * @param foreigner true if the user is a foreigner, otherwise false */ public void setForeigner(final boolean foreigner) { this.foreigner = foreigner; } @Override public boolean isSsoSession() { return ssoSession; } /** * Indicate that the authentication was done by using an active SSO session. * * @param ssoSession true if a SSO was used, otherwise false */ public void setSsoSession(final boolean ssoSession) { this.ssoSession = ssoSession; } /** * Country Code for the authenticated user. * * @param ccc Two letter country code */ public void setCiticenCountryCode(final String ccc) { this.ccc = ccc; } @Override public String getSessionIndex() { return sessionIndex; } /** * Set an index for this session. * * @param sessionIndex the sessionIndex to set. */ public void setSessionIndex(final String sessionIndex) { this.sessionIndex = sessionIndex; } @Override public String getNameID() { return this.nameID; } /** * Set User's nameId. * * @param nameID the nameID to set. */ public void setNameID(final String nameID) { this.nameID = nameID; } /** * Get format of User's NameId. * * @return the nameIDFormat. */ @Override public String getNameIdFormat() { return nameIdFormat; } /** * Set format of User's NameId. * * @param nameIdFormat the nameIDFormat to set. */ public void setNameIdFormat(final String nameIdFormat) { this.nameIdFormat = nameIdFormat; } /** * Get SSO session valid period. * * @return the ssoSessionValidTo */ @Override public Date getSsoSessionValidTo() { return getDateCopyOrNull(ssoSessionValidTo); } /** * Set SSO session valid period. * * @param ssoSessionValidTo the ssoSessionValidTo to set */ public void setSsoSessionValidTo(final Date ssoSessionValidTo) { this.ssoSessionValidTo = getDateCopyOrNull(ssoSessionValidTo); } /* * (non-Javadoc) * * @see at.gv.egovernment.moa.id.data.IAuthData#isBusinessService() */ @Override public boolean isBaseIdTransferRestrication() { return isBaseIdTransferRestrication; } /** * Set baseId transfer restriction. * * @param isBaseIdTransferRestrication the isBaseIDTransmittionAllowed to set */ public void setBaseIdTransferRestrication(final boolean isBaseIdTransferRestrication) { this.isBaseIdTransferRestrication = isBaseIdTransferRestrication; } /** * Returns a generic data-object with is stored with a specific identifier. * * @param key The specific identifier of the data object * @param clazz The class type which is stored with this key * @return The data object or null if no data is found with this key */ @Override public T getGenericData(final String key, final Class clazz) { if (StringUtils.isNotEmpty(key)) { final Object data = genericDataStorate.get(key); if (data == null) { return null; } try { @SuppressWarnings("unchecked") final T test = (T) data; return test; } catch (final Exception e) { log.warn("Generic authentication-data object can not be casted to requsted type", e); return null; } } log.info("Can not load generic session-data with key='null'"); return null; } /** * Store a generic data-object to session with a specific identifier. * * @param key Identifier for this data-object * @param object Generic data-object which should be stored. This data-object * had to be implement the 'java.io.Serializable' interface * @throws SessionDataStorageException Error message if the data-object can not * stored to generic session-data storage */ public void setGenericData(final String key, final Object object) throws EaafStorageException { if (StringUtils.isEmpty(key)) { log.info("Generic session-data can not be stored with a 'null' key"); throw new EaafStorageException("Generic data can not be stored with a 'null' key", null); } if (object != null && !Serializable.class.isInstance(object)) { log.warn( "Generic data can only store objects which implements the 'Seralizable' interface"); throw new EaafStorageException( "Generic data can only store objects which implements the 'Seralizable' interface", null); } if (genericDataStorate.containsKey(key)) { log.debug("Overwrite generic data with key:" + key); } else { log.trace("Add generic data with key:" + key + " to session."); } genericDataStorate.put(key, object); } public void setEidasLoa(final String eidasLoa) { this.eidasLoa = eidasLoa; } /** * Set the encrypted SourceId for current authenticated user. * * @param encSourceId encryped baseId */ public void setEncSourceId(final String encSourceId) { this.encSourceId = encSourceId; } /** * Set the type identifier of the encrypted SourceId. * * @param encSourceIdType type identifier of encryped baseId */ public void setEncSourceIdType(final String encSourceIdType) { this.encSourceIdType = encSourceIdType; } private Date getDateCopyOrNull(Date in) { if (in != null) { return new Date(in.getTime()); } else { return null; } } }