refactor(eidas): split 'authmodule-eIDAS-v2' into 'common-eidas'

 code and connector-specific elements

5 files changed, 436 insertions, 0 deletions

diff --git a/modules/core_commons_eidas/checks/spotbugs-exclude.xml b/modules/core_commons_eidas/checks/spotbugs-exclude.xml
new file mode 100644
index 00000000..bcb1402f
--- /dev/null
+++ b/modules/core_commons_eidas/checks/spotbugs-exclude.xml
@@ -0,0 +1,9 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<FindBugsFilter>
+  <Match>
+    <!-- File path is only loaded from configuration -->
+    <Class name="at.asitplus.eidas.specific.modules.core.eidas.service.EidasAttributeRegistry" />
+    <Method name="initialize" />
+    <Bug pattern="PATH_TRAVERSAL_IN" />               
+  </Match>        
+</FindBugsFilter>
diff --git a/modules/core_commons_eidas/pom.xml b/modules/core_commons_eidas/pom.xml
new file mode 100644
index 00000000..2a1e2575
--- /dev/null
+++ b/modules/core_commons_eidas/pom.xml
@@ -0,0 +1,174 @@
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
+  <modelVersion>4.0.0</modelVersion>
+  <parent>
+    <groupId>at.asitplus.eidas.ms_specific</groupId>
+    <artifactId>modules</artifactId>
+    <version>1.3.1-SNAPSHOT</version>
+  </parent>
+  <artifactId>core_commons_eidas</artifactId>
+  <name>Commons for eIDAS Node communication</name>
+  
+  <profiles>
+    <profile>
+      <id>default</id>
+      <activation>
+        <activeByDefault>true</activeByDefault>
+      </activation>
+      <repositories>
+        <repository>
+          <id>egiz-commons</id>
+          <url>https://apps.egiz.gv.at/maven/</url>
+          <releases>
+            <enabled>true</enabled>
+          </releases>
+        </repository>
+        <repository>
+          <id>eIDASNode-local</id>
+          <name>local</name>
+          <url>file:${basedir}/../../repository</url>
+        </repository>
+      </repositories>
+    </profile>
+  </profiles>
+
+  <dependencies>
+    <dependency>
+      <groupId>at.gv.egiz.components</groupId>
+      <artifactId>egiz-spring-api</artifactId>
+    </dependency>
+    <dependency>
+      <groupId>at.asitplus.eidas.ms_specific</groupId>
+      <artifactId>core_common_lib</artifactId>
+    </dependency>  
+    <dependency>
+      <groupId>at.gv.egiz.eaaf</groupId>
+      <artifactId>eaaf-core</artifactId>
+    </dependency>
+
+    <!-- eIDAS reference implemenation libs -->
+    <dependency>
+      <groupId>eu.eidas</groupId>
+      <artifactId>eidas-commons</artifactId>
+      <exclusions>
+        <exclusion>
+          <groupId>log4j</groupId>
+          <artifactId>log4j</artifactId>
+        </exclusion>
+        <exclusion>
+          <artifactId>log4j-over-slf4j</artifactId>
+          <groupId>org.slf4j</groupId>
+        </exclusion>
+      </exclusions>
+    </dependency>
+    <dependency>
+      <groupId>eu.eidas</groupId>
+      <artifactId>eidas-specific-communication-definition</artifactId>
+    </dependency>
+    <dependency>
+      <groupId>eu.eidas</groupId>
+      <artifactId>eidas-jcache-ignite-specific-communication</artifactId>
+    </dependency>    
+    
+
+  <!-- Testing -->
+    <dependency>
+      <groupId>junit</groupId>
+      <artifactId>junit</artifactId>
+      <scope>test</scope>
+    </dependency>
+    <dependency>
+      <groupId>org.springframework</groupId>
+      <artifactId>spring-test</artifactId>
+      <scope>test</scope>
+    </dependency>
+    
+    <dependency>
+      <groupId>at.asitplus.eidas.ms_specific</groupId>
+      <artifactId>core_common_lib</artifactId>
+      <scope>test</scope>
+      <type>test-jar</type>
+    </dependency>
+    
+    <dependency>
+      <groupId>at.gv.egiz.eaaf</groupId>
+      <artifactId>eaaf_core_utils</artifactId>
+      <scope>test</scope>
+      <type>test-jar</type>
+    </dependency>
+    <dependency>
+      <groupId>at.gv.egiz.eaaf</groupId>
+      <artifactId>eaaf-core</artifactId>
+      <scope>test</scope>
+      <type>test-jar</type>
+    </dependency>    
+    
+  </dependencies>
+  
+  <build>
+    <resources>
+      <resource>
+        <directory>src/main/resources</directory>
+      </resource>
+      <resource>
+        <directory>target/generated-sources/cxf</directory>
+      </resource>
+    </resources>
+
+    <plugins>
+      <plugin>
+        <groupId>org.apache.maven.plugins</groupId>
+        <artifactId>maven-compiler-plugin</artifactId>
+        <configuration>
+          <source>1.8</source>
+          <target>1.8</target>
+        </configuration>
+      </plugin>
+      
+      <plugin>
+        <groupId>com.github.spotbugs</groupId>
+        <artifactId>spotbugs-maven-plugin</artifactId>
+        <version>${spotbugs-maven-plugin.version}</version>
+        <configuration>
+          <excludeFilterFile>checks/spotbugs-exclude.xml</excludeFilterFile>
+        </configuration>
+      </plugin>
+
+      <plugin>
+        <groupId>org.jacoco</groupId>
+        <artifactId>jacoco-maven-plugin</artifactId>
+        <executions>
+          <execution>
+            <id>post-unit-check</id>
+            <phase>test</phase>
+            <goals>
+              <goal>check</goal>
+              <goal>report</goal>
+            </goals>
+            <configuration>
+              <haltOnFailure>true</haltOnFailure>
+              <excludes />                                                    
+            </configuration>
+          </execution>
+        </executions>
+      </plugin>
+
+      <!-- enable co-existence of testng and junit -->
+      <plugin>
+        <artifactId>maven-surefire-plugin</artifactId>
+        <configuration>
+          <threadCount>1</threadCount>
+        </configuration>
+        <dependencies>
+          <dependency>
+            <groupId>org.apache.maven.surefire</groupId>
+            <artifactId>surefire-junit47</artifactId>
+            <version>${surefire.version}</version>
+          </dependency>
+        </dependencies>
+      </plugin>
+    </plugins>
+  </build> 
+  
+  
+  
+</project>
\ No newline at end of file
diff --git a/modules/core_commons_eidas/src/main/java/at/asitplus/eidas/specific/modules/core/eidas/EidasConstants.java b/modules/core_commons_eidas/src/main/java/at/asitplus/eidas/specific/modules/core/eidas/EidasConstants.java
new file mode 100644
index 00000000..ac17c30f
--- /dev/null
+++ b/modules/core_commons_eidas/src/main/java/at/asitplus/eidas/specific/modules/core/eidas/EidasConstants.java
@@ -0,0 +1,85 @@
+package at.asitplus.eidas.specific.modules.core.eidas;
+
+/**
+ * Constants to communicate with eIDAS Node.
+ * 
+ * @author tlenz
+ *
+ */
+public class EidasConstants {
+
+  // common config ore-fixes
+  public static final String CONIG_PROPS_EIDAS_PREFIX = "auth.eIDAS";
+  public static final String CONIG_PROPS_EIDAS_NODE = EidasConstants.CONIG_PROPS_EIDAS_PREFIX + ".node_v2";
+  
+  public static final String CONIG_PROPS_EIDAS_CONNECTOR_NODE_FORWARD_URL = 
+      EidasConstants.CONIG_PROPS_EIDAS_NODE + ".forward.endpoint";
+  public static final String CONIG_PROPS_EIDAS_NODE_FORWARD_METHOD = 
+      EidasConstants.CONIG_PROPS_EIDAS_NODE + ".forward.method";
+  
+  public static final String CONIG_PROPS_EIDAS_NODE_COUNTRYCODE = 
+      CONIG_PROPS_EIDAS_NODE + ".countrycode";
+  
+  
+  // templates for post-binding forwarding
+  public static final String TEMPLATE_POST_FORWARD_NAME = "eidas_node_forward.html";
+  public static final String TEMPLATE_POST_FORWARD_ENDPOINT = "endPoint";
+  public static final String TEMPLATE_POST_FORWARD_TOKEN_NAME = "tokenName";
+  public static final String TEMPLATE_POST_FORWARD_TOKEN_VALUE = "tokenValue";
+  
+  
+  // common default values
+  public static final String FORWARD_METHOD_POST = "POST";
+  public static final String FORWARD_METHOD_GET = "GET";  
+  public static final String DEFAULT_MS_NODE_COUNTRY_CODE = "AT";
+  
+  
+  // SAML2 Constants
+  public static final String SUCCESS_URI = "urn:oasis:names:tc:SAML:2.0:status:Success";
+  public static final String ERROR_URI = "urn:oasis:names:tc:SAML:2.0:status:Responder";
+  
+  
+  // eIDAS attribute names
+  public static final String eIDAS_ATTR_PERSONALIDENTIFIER = "PersonIdentifier";
+  public static final String eIDAS_ATTR_DATEOFBIRTH = "DateOfBirth";
+  public static final String eIDAS_ATTR_CURRENTGIVENNAME = "FirstName";
+  public static final String eIDAS_ATTR_CURRENTFAMILYNAME = "FamilyName";
+  public static final String eIDAS_ATTR_PLACEOFBIRTH = "PlaceOfBirth";
+  public static final String eIDAS_ATTR_BIRTHNAME = "BirthName";
+  public static final String eIDAS_ATTR_CURRENTADDRESS = "CurrentAddress";
+  
+  //TODO: set parameter if it's defined
+  public static final String eIDAS_ATTR_TAXREFERENCE = "notYetDefined";
+  
+  public static final String eIDAS_ATTR_LEGALPERSONIDENTIFIER = "LegalPersonIdentifier";
+  public static final String eIDAS_ATTR_LEGALNAME = "LegalName";
+
+  public static final String eIDAS_ATTR_REPRESENTATIVE_PERSONALIDENTIFIER = "RepresentativePersonIdentifier";
+  public static final String eIDAS_ATTR_REPRESENTATIVE_DATEOFBIRTH = "RepresentativeDateOfBirth";
+  public static final String eIDAS_ATTR_REPRESENTATIVE_CURRENTGIVENNAME = "RepresentativeFirstName";
+  public static final String eIDAS_ATTR_REPRESENTATIVE_CURRENTFAMILYNAME = "RepresentativeFamilyName";
+
+  //eIDAS attribute URN
+  public static final String eIDAS_ATTRURN_PREFIX = "http://eidas.europa.eu/attributes/";
+  public static final String eIDAS_ATTRURN_PREFIX_NATURAL = eIDAS_ATTRURN_PREFIX + "naturalperson/";
+  
+  public static final String eIDAS_ATTRURN_PERSONALIDENTIFIER =
+      eIDAS_ATTRURN_PREFIX_NATURAL + eIDAS_ATTR_PERSONALIDENTIFIER;  
+  public static final String eIDAS_ATTRURN_CURRENTGIVENNAME =
+      eIDAS_ATTRURN_PREFIX_NATURAL + "CurrentGivenName";
+  public static final String eIDAS_ATTRURN_CURRENTFAMILYNAME =
+      eIDAS_ATTRURN_PREFIX_NATURAL + "CurrentFamilyName";
+  public static final String eIDAS_ATTRURN_DATEOFBIRTH =
+      eIDAS_ATTRURN_PREFIX_NATURAL + eIDAS_ATTR_DATEOFBIRTH;  
+  public static final String eIDAS_ATTRURN_PLACEOFBIRTH =
+      eIDAS_ATTRURN_PREFIX_NATURAL + eIDAS_ATTR_PLACEOFBIRTH;
+  public static final String eIDAS_ATTRURN_BIRTHNAME =
+      eIDAS_ATTRURN_PREFIX_NATURAL + eIDAS_ATTR_BIRTHNAME;
+  
+  
+  
+  private EidasConstants() {
+    // hide Constructor for class with static content only. 
+  }
+  
+}
diff --git a/modules/core_commons_eidas/src/main/java/at/asitplus/eidas/specific/modules/core/eidas/service/EidasAttributeRegistry.java b/modules/core_commons_eidas/src/main/java/at/asitplus/eidas/specific/modules/core/eidas/service/EidasAttributeRegistry.java
new file mode 100644
index 00000000..15c8b3c0
--- /dev/null
+++ b/modules/core_commons_eidas/src/main/java/at/asitplus/eidas/specific/modules/core/eidas/service/EidasAttributeRegistry.java
@@ -0,0 +1,102 @@
+/*
+ * Copyright 2018 A-SIT Plus GmbH
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "License");
+ * You may not use this work except in compliance with the License.
+ * You may obtain a copy of the License at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.asitplus.eidas.specific.modules.core.eidas.service;
+
+import java.io.File;
+
+import javax.annotation.PostConstruct;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Service;
+
+import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP;
+import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException;
+import eu.eidas.auth.commons.attribute.AttributeRegistries;
+import eu.eidas.auth.commons.attribute.AttributeRegistry;
+
+@Service("attributeRegistry")
+public class EidasAttributeRegistry {
+  private static final Logger log = LoggerFactory.getLogger(EidasAttributeRegistry.class);
+  @Autowired
+  protected IConfigurationWithSP basicConfig;
+
+  private AttributeRegistry coreAttributeRegistry;
+
+  private String eidasAttributesFile;
+  private String additionalAttributesFile;
+
+  @PostConstruct
+  private void initialize() throws RuntimeException {
+    try {
+      if (eidasAttributesFile.isEmpty()) {
+        log.error("Basic eIDAS addribute definition NOT defined");
+        throw new EaafConfigurationException("config.30",
+            new Object[] { "eidas-attributes.xml" });
+
+      }
+
+      boolean additionalAttrAvailabe = false;
+      if (!additionalAttributesFile.isEmpty()) {
+        final File file = new File(additionalAttributesFile);
+        if (file.exists()) {
+          additionalAttrAvailabe = true;
+        }
+
+      }
+
+      if (!additionalAttrAvailabe) {
+        log.info("Start eIDAS ref. impl. Core without additional eIDAS attribute definitions ... ");
+        coreAttributeRegistry = AttributeRegistries.fromFiles(eidasAttributesFile, null);
+
+      } else {
+        // load attribute definitions
+        log.info("Start eIDAS ref. impl. Core with additional eIDAS attribute definitions ... ");
+        coreAttributeRegistry = AttributeRegistries.fromFiles(eidasAttributesFile, null,
+            additionalAttributesFile);
+
+      }
+
+    } catch (final Throwable e) {
+      log.error("Can NOT initialize eIDAS attribute definition.", e);
+      throw new RuntimeException("Can NOT initialize eIDAS attribute definition.", e);
+
+    }
+  }
+
+  public AttributeRegistry getCoreAttributeRegistry() {
+    return coreAttributeRegistry;
+  }
+
+ 
+  public void setEidasAttributesFile(String eidasAttributesFile) {
+    this.eidasAttributesFile = eidasAttributesFile;
+  }
+
+  public void setAdditionalAttributesFile(String additionalAttributesFile) {
+    this.additionalAttributesFile = additionalAttributesFile;
+  }
+
+}
diff --git a/modules/core_commons_eidas/src/test/java/at/asitplus/eidas/specific/modules/core/eidas/test/dummy/DummySpecificCommunicationService.java b/modules/core_commons_eidas/src/test/java/at/asitplus/eidas/specific/modules/core/eidas/test/dummy/DummySpecificCommunicationService.java
new file mode 100644
index 00000000..97ccade4
--- /dev/null
+++ b/modules/core_commons_eidas/src/test/java/at/asitplus/eidas/specific/modules/core/eidas/test/dummy/DummySpecificCommunicationService.java
@@ -0,0 +1,66 @@
+package at.asitplus.eidas.specific.modules.core.eidas.test.dummy;
+
+import java.util.Collection;
+
+import eu.eidas.auth.commons.attribute.AttributeDefinition;
+import eu.eidas.auth.commons.light.ILightRequest;
+import eu.eidas.auth.commons.light.ILightResponse;
+import eu.eidas.auth.commons.tx.BinaryLightToken;
+import eu.eidas.specificcommunication.BinaryLightTokenHelper;
+import eu.eidas.specificcommunication.exception.SpecificCommunicationException;
+import eu.eidas.specificcommunication.protocol.SpecificCommunicationService;
+import lombok.Setter;
+
+public class DummySpecificCommunicationService implements SpecificCommunicationService {
+
+  private ILightRequest lightRequest;
+  private ILightResponse lightResponse;
+
+  @Setter
+  private SpecificCommunicationException error;
+  
+  @Override
+  public BinaryLightToken putRequest(ILightRequest lightRequest) throws SpecificCommunicationException {
+    this.lightRequest = lightRequest;
+    return BinaryLightTokenHelper.createBinaryLightToken("Test", "TestSecret", "SHA-256");
+  }
+
+  @Override
+  public ILightRequest getAndRemoveRequest(String tokenBase64, Collection<AttributeDefinition<?>> registry)
+      throws SpecificCommunicationException {
+    if (error != null) {
+      throw error;
+      
+    }
+    return lightRequest;
+  }
+
+  @Override
+  public BinaryLightToken putResponse(ILightResponse lightResponse) throws SpecificCommunicationException {
+    this.lightResponse = lightResponse;
+    return BinaryLightTokenHelper.createBinaryLightToken("Test", "TestSecret", "SHA-256");
+  }
+
+  @Override
+  public ILightResponse getAndRemoveResponse(String tokenBase64, Collection<AttributeDefinition<?>> registry)
+      throws SpecificCommunicationException {
+    return lightResponse;
+  }
+
+  public ILightRequest getiLightRequest() {
+    return lightRequest;
+  }
+
+  public void setiLightRequest(ILightRequest lightReques) {
+    this.lightRequest = lightReques;
+  }
+
+  public ILightResponse getiLightResponse() {
+    return lightResponse;
+  }
+
+  public void setiLightResponse(ILightResponse lightResponse) {
+    this.lightResponse = lightResponse;
+  }
+
+}