aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--checks/checkstyleSuppress.xml3
-rw-r--r--connector/pom.xml216
-rw-r--r--connector/src/main/java/at/asitplus/eidas/specific/connector/MSSpecificeIDASNodeSpringResourceProvider.java51
-rw-r--r--connector/src/main/java/at/asitplus/eidas/specific/connector/MsSpecificEidasNodeSpringResourceProvider.java (renamed from eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/eIDASAuthenticationSpringResourceProvider.java)50
-rw-r--r--connector/src/main/java/at/asitplus/eidas/specific/connector/SpringInitializer.java272
-rw-r--r--connector/src/main/java/at/asitplus/eidas/specific/connector/auth/AuthenticationManager.java42
-rw-r--r--connector/src/main/java/at/asitplus/eidas/specific/connector/builder/AuthenticationDataBuilder.java141
-rw-r--r--connector/src/main/java/at/asitplus/eidas/specific/connector/builder/PvpSubjectNameGenerator.java18
-rw-r--r--connector/src/main/java/at/asitplus/eidas/specific/connector/config/PVPEndPointConfiguration.java90
-rw-r--r--connector/src/main/java/at/asitplus/eidas/specific/connector/config/PVPMetadataConfiguration.java262
-rw-r--r--connector/src/main/java/at/asitplus/eidas/specific/connector/config/PvpEndPointConfiguration.java91
-rw-r--r--connector/src/main/java/at/asitplus/eidas/specific/connector/config/PvpMetadataConfiguration.java269
-rw-r--r--connector/src/main/java/at/asitplus/eidas/specific/connector/config/StaticResourceConfiguration.java268
-rw-r--r--connector/src/main/java/at/asitplus/eidas/specific/connector/controller/MonitoringController.java423
-rw-r--r--connector/src/main/java/at/asitplus/eidas/specific/connector/controller/PVP2SProfileEndpoint.java81
-rw-r--r--connector/src/main/java/at/asitplus/eidas/specific/connector/controller/ProcessEngineSignalController.java30
-rw-r--r--connector/src/main/java/at/asitplus/eidas/specific/connector/controller/Pvp2SProfileEndpoint.java80
-rw-r--r--connector/src/main/java/at/asitplus/eidas/specific/connector/interceptor/WebFrontEndSecurityInterceptor.java83
-rw-r--r--connector/src/main/java/at/asitplus/eidas/specific/connector/logger/RevisionLogger.java140
-rw-r--r--connector/src/main/java/at/asitplus/eidas/specific/connector/logger/StatisticLogger.java211
-rw-r--r--connector/src/main/java/at/asitplus/eidas/specific/connector/mapper/LoALevelMapper.java59
-rw-r--r--connector/src/main/java/at/asitplus/eidas/specific/connector/processes/CountrySelectionProcessImpl.java59
-rw-r--r--connector/src/main/java/at/asitplus/eidas/specific/connector/processes/tasks/EvaluateCountrySelectionTask.java75
-rw-r--r--connector/src/main/java/at/asitplus/eidas/specific/connector/processes/tasks/GenerateCountrySelectionFrameTask.java82
-rw-r--r--connector/src/main/java/at/asitplus/eidas/specific/connector/provider/PVPEndPointCredentialProvider.java116
-rw-r--r--connector/src/main/java/at/asitplus/eidas/specific/connector/provider/PVPMetadataProvider.java146
-rw-r--r--connector/src/main/java/at/asitplus/eidas/specific/connector/provider/PvpEndPointCredentialProvider.java119
-rw-r--r--connector/src/main/java/at/asitplus/eidas/specific/connector/provider/PvpMetadataConfigurationFactory.java (renamed from connector/src/main/java/at/asitplus/eidas/specific/connector/provider/PVPMetadataConfigurationFactory.java)35
-rw-r--r--connector/src/main/java/at/asitplus/eidas/specific/connector/provider/PvpMetadataProvider.java155
-rw-r--r--connector/src/main/java/at/asitplus/eidas/specific/connector/provider/StatusMessageProvider.java191
-rw-r--r--connector/src/main/java/at/asitplus/eidas/specific/connector/storage/CacheWithEidasBackend.java35
-rw-r--r--connector/src/main/java/at/asitplus/eidas/specific/connector/storage/CacheWitheIDASBackend.java50
-rw-r--r--connector/src/main/java/at/asitplus/eidas/specific/connector/storage/EidasCacheTransactionStoreDecorator.java152
-rw-r--r--connector/src/main/java/at/asitplus/eidas/specific/connector/storage/SimpleInMemoryTransactionStorage.java256
-rw-r--r--connector/src/main/java/at/asitplus/eidas/specific/connector/storage/TransactionStoreElement.java78
-rw-r--r--connector/src/main/java/at/asitplus/eidas/specific/connector/storage/eIDASCacheTransactionStoreDecorator.java143
-rw-r--r--connector/src/main/java/at/asitplus/eidas/specific/connector/verification/AuthnRequestValidator.java446
-rw-r--r--connector/src/main/java/at/asitplus/eidas/specific/connector/verification/MetadataSignatureVerificationFilter.java243
-rw-r--r--connector/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider2
-rw-r--r--connector/src/main/resources/applicationContext.xml64
-rw-r--r--connector/src/main/resources/logback.xml110
-rw-r--r--connector/src/main/resources/processes/CountrySelection.process.xml36
-rw-r--r--connector/src/main/resources/specific_eIDAS_connector.beans.xml252
-rw-r--r--connector/src/main/resources/specific_eIDAS_connector.storage.beans.xml94
-rw-r--r--connector/src/test/java/at/asitplus/eidas/specific/connector/test/CountrySelectionProcessImplTest.java115
-rw-r--r--connector/src/test/java/at/asitplus/eidas/specific/connector/test/MsConnectorSpringResourceProviderTest.java56
-rw-r--r--connector/src/test/resources/spring/SpringTest-context_basic_test.xml22
-rw-r--r--connector_lib/pom.xml64
-rw-r--r--connector_lib/src/main/java/at/asitplus/eidas/specific/connector/MSConnectorEventCodes.java44
-rw-r--r--connector_lib/src/main/java/at/asitplus/eidas/specific/connector/MSeIDASNodeConstants.java123
-rw-r--r--connector_lib/src/main/java/at/asitplus/eidas/specific/connector/MsConnectorEventCodes.java45
-rw-r--r--connector_lib/src/main/java/at/asitplus/eidas/specific/connector/MsEidasNodeConstants.java136
-rw-r--r--connector_lib/src/main/java/at/asitplus/eidas/specific/connector/config/BasicConfigurationProvider.java219
-rw-r--r--connector_lib/src/main/java/at/asitplus/eidas/specific/connector/config/ServiceProviderConfiguration.java248
-rw-r--r--connector_lib/src/main/java/at/asitplus/eidas/specific/connector/gui/DefaultVelocityGuiBuilderImpl.java (renamed from connector_lib/src/main/java/at/asitplus/eidas/specific/connector/gui/DefaultVelocityGUIBuilderImpl.java)61
-rw-r--r--connector_lib/src/main/java/at/asitplus/eidas/specific/connector/gui/GuiBuilderConfigurationFactory.java40
-rw-r--r--connector_lib/src/main/java/at/asitplus/eidas/specific/connector/gui/SpringMvcGuiFormBuilderImpl.java183
-rw-r--r--connector_lib/src/main/java/at/asitplus/eidas/specific/connector/gui/StaticGuiBuilderConfiguration.java206
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/pom.xml481
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/spotbugs_exclude.xml6
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java167
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/EidasAuthenticationModulImpl.java84
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/EidasAuthenticationSpringResourceProvider.java52
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/EidasSignalServlet.java161
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/EidasPersonalIdStoreDao.java158
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/ErnbEidData.java115
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/exception/EidPostProcessingException.java (renamed from eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/exception/SQLiteServiceException.java)29
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/exception/EidasAttributeException.java (renamed from eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/exception/eIDASValidationException.java)22
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/exception/EidasSAuthenticationException.java (renamed from eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/exception/eIDASAuthenticationException.java)31
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/exception/EidasValidationException.java (renamed from eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/exception/SZRCommunicationException.java)21
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/exception/SqliteServiceException.java (renamed from eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/exception/eIDASAttributeException.java)27
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/exception/SzrCommunicationException.java (renamed from eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/exception/eIDPostProcessingException.java)29
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/AbstractEidProcessor.java357
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/DeEidProcessor.java112
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/GenericEidProcessor.java61
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/INationalEidProcessor.java81
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/CcSpecificEidProcessingService.java135
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/EidasAttributeRegistry.java180
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/EidasDataStore.java363
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/ICcSpecificEidProcessingService.java61
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/szr/SzrClient.java408
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/szr/SzrService.java164
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java406
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/GenerateAuthnRequestTask.java288
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAuthnResponseTask.java126
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/EidasResponseUtils.java172
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/LoggingHandler.java (renamed from eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/utils/LoggingHandler.java)64
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/validator/EidasResponseValidator.java175
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/Constants.java157
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/DAO/ERnBeIDData.java107
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/DAO/eIDASPersonalIdStoreDAO.java146
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/eIDASAuthenticationModulImpl.java76
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/eIDASSignalServlet.java154
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/AbstracteIDProcessor.java337
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/DEeIDProcessor.java108
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/GenericeIDProcessor.java60
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/INationaleIDProcessor.java81
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/CCSpecificEIDProcessingService.java131
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/ICCSpecificEIDProcessingService.java57
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/eIDASAttributeRegistry.java164
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/eIDASDataStore.java351
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/szr/SZRClient.java398
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/szr/SZRService.java161
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/tasks/CreateIdentityLinkTask.java392
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/tasks/GenerateAuthnRequestTask.java275
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/tasks/ReceiveAuthnResponseTask.java120
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/utils/eIDASResponseUtils.java141
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/validator/eIDASResponseValidator.java157
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider2
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/resources/eIDAS.Authentication.process.xml34
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/resources/eidas_v2_auth.beans.xml155
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/resources/resources/xmldata/fakeIdL_IdL_template.xml171
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasAttributePostProcessingTest.java458
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasAuthSpringResourceProviderTest.java56
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasDataStoreTest.java118
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasRequestPreProcessingFirstTest.java147
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasRequestPreProcessingSecondTest.java116
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTest.java272
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTestProduction.java189
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/dummy/DummySpecificCommunicationService.java58
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAuthnRequestTaskFirstTest.java122
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAuthnRequestTaskSecondTest.java140
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAuthnRequestTaskThirdTest.java106
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/SZRClientTest.java310
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/SZRClientTestProduction.java240
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/dummy/DummySpecificCommunicationService.java60
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/eIDASAttributePostProcessingTest.java463
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/eIDASDataStoreTest.java109
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/eIDASRequestPreProcessingFirstTest.java133
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/eIDASRequestPreProcessingSecondTest.java104
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/tasks/GenerateAuthnRequestTaskFirstTest.java104
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/tasks/GenerateAuthnRequestTaskSecondTest.java120
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/tasks/GenerateAuthnRequestTaskThirdTest.java93
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_basic_test.xml67
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_tasks_test.xml106
-rw-r--r--pom.xml18
136 files changed, 10202 insertions, 9359 deletions
diff --git a/checks/checkstyleSuppress.xml b/checks/checkstyleSuppress.xml
index 68a23260..e461a860 100644
--- a/checks/checkstyleSuppress.xml
+++ b/checks/checkstyleSuppress.xml
@@ -4,6 +4,5 @@
"http://www.puppycrawl.com/dtds/suppressions_1_1.dtd">
<suppressions>
<suppress checks=".*" files="[/\\]target[/\\]" />
- <suppress checks="." files=".[\\/]data[\\/]"/>
- <suppress checks="." files="[\\/]process/spring/test[\\/]"/>
+ <suppress checks=".*" files=".[\\/]data[\\/]"/>
</suppressions> \ No newline at end of file
diff --git a/connector/pom.xml b/connector/pom.xml
index 2b1f4ee8..af1d5947 100644
--- a/connector/pom.xml
+++ b/connector/pom.xml
@@ -1,100 +1,114 @@
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
- <groupId>at.asitplus.eidas</groupId>
- <artifactId>ms_specific</artifactId>
- <version>1.0.3-snapshot</version>
- </parent>
-
+ <groupId>at.asitplus.eidas</groupId>
+ <artifactId>ms_specific</artifactId>
+ <version>1.0.3-snapshot</version>
+ </parent>
+
<groupId>at.asitplus.eidas.ms_specific</groupId>
<artifactId>ms_specific_connector</artifactId>
- <packaging>war</packaging>
+ <packaging>war</packaging>
<name>Connector Maven Webapp</name>
<url>http://maven.apache.org</url>
-
+
<dependencies>
- <!-- Web application -->
-
- <dependency>
- <groupId>at.gv.egiz.components</groupId>
- <artifactId>egiz-spring-api</artifactId>
- </dependency>
- <dependency>
- <groupId>at.gv.egiz.components</groupId>
- <artifactId>eventlog-slf4j</artifactId>
- </dependency>
- <dependency>
- <groupId>at.gv.egiz.eaaf</groupId>
- <artifactId>eaaf-core</artifactId>
- </dependency>
- <dependency>
- <groupId>at.gv.egiz.eaaf</groupId>
- <artifactId>eaaf_module_pvp2_idp</artifactId>
- <exclusions>
- <exclusion>
- <groupId>org.slf4j</groupId>
- <artifactId>log4j-over-slf4j</artifactId>
- </exclusion>
- </exclusions>
- </dependency>
- <dependency>
- <groupId>at.asitplus.eidas.ms_specific</groupId>
- <artifactId>connector_lib</artifactId>
- </dependency>
- <dependency>
- <groupId>at.asitplus.eidas.ms_specific.modules</groupId>
- <artifactId>authmodule-eIDAS-v2</artifactId>
- </dependency>
-
- <!-- Third party libs -->
- <dependency>
- <groupId>org.springframework</groupId>
- <artifactId>spring-webmvc</artifactId>
- </dependency>
- <dependency>
- <groupId>org.springframework</groupId>
- <artifactId>spring-context</artifactId>
- </dependency>
- <dependency>
- <groupId>org.thymeleaf</groupId>
- <artifactId>thymeleaf-spring5</artifactId>
- </dependency>
- <dependency>
- <groupId>org.slf4j</groupId>
- <artifactId>slf4j-api</artifactId>
- </dependency>
- <dependency>
- <groupId>org.slf4j</groupId>
- <artifactId>slf4j-log4j12</artifactId>
- </dependency>
- <dependency>
- <groupId>org.apache.commons</groupId>
- <artifactId>commons-collections4</artifactId>
- </dependency>
- <dependency>
- <groupId>javax.servlet</groupId>
- <artifactId>javax.servlet-api</artifactId>
- <scope>provided</scope>
- </dependency>
-
-
- <!-- Testing -->
- <dependency>
- <groupId>junit</groupId>
- <artifactId>junit</artifactId>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>org.springframework</groupId>
- <artifactId>spring-test</artifactId>
- <scope>test</scope>
- </dependency>
-
+ <!-- Web application -->
+
+ <dependency>
+ <groupId>at.gv.egiz.components</groupId>
+ <artifactId>egiz-spring-api</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>at.gv.egiz.components</groupId>
+ <artifactId>eventlog-slf4j</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>at.gv.egiz.eaaf</groupId>
+ <artifactId>eaaf-core</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>at.gv.egiz.eaaf</groupId>
+ <artifactId>eaaf_module_pvp2_idp</artifactId>
+ <exclusions>
+ <exclusion>
+ <groupId>org.slf4j</groupId>
+ <artifactId>log4j-over-slf4j</artifactId>
+ </exclusion>
+ </exclusions>
+ </dependency>
+ <dependency>
+ <groupId>at.asitplus.eidas.ms_specific</groupId>
+ <artifactId>connector_lib</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>at.asitplus.eidas.ms_specific.modules</groupId>
+ <artifactId>authmodule-eIDAS-v2</artifactId>
+ </dependency>
+
+ <!-- Third party libs -->
+ <dependency>
+ <groupId>org.springframework</groupId>
+ <artifactId>spring-webmvc</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.springframework</groupId>
+ <artifactId>spring-context</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.thymeleaf</groupId>
+ <artifactId>thymeleaf-spring5</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.slf4j</groupId>
+ <artifactId>slf4j-api</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.slf4j</groupId>
+ <artifactId>slf4j-log4j12</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.commons</groupId>
+ <artifactId>commons-collections4</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>javax.servlet</groupId>
+ <artifactId>javax.servlet-api</artifactId>
+ <scope>provided</scope>
+ </dependency>
+
+
+ <!-- Testing -->
+ <dependency>
+ <groupId>junit</groupId>
+ <artifactId>junit</artifactId>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.springframework</groupId>
+ <artifactId>spring-test</artifactId>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>at.gv.egiz.eaaf</groupId>
+ <artifactId>eaaf_core_utils</artifactId>
+ <scope>test</scope>
+ <type>test-jar</type>
+ </dependency>
+ <dependency>
+ <groupId>at.gv.egiz.eaaf</groupId>
+ <artifactId>eaaf-core</artifactId>
+ <scope>test</scope>
+ <type>test-jar</type>
+ </dependency>
+
</dependencies>
<build>
<finalName>ms_connector</finalName>
-
+
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
@@ -104,22 +118,22 @@
<target>1.8</target>
</configuration>
</plugin>
-
+
<!-- enable co-existence of testng and junit -->
- <plugin>
- <artifactId>maven-surefire-plugin</artifactId>
- <configuration>
- <threadCount>1</threadCount>
- </configuration>
- <dependencies>
- <dependency>
- <groupId>org.apache.maven.surefire</groupId>
- <artifactId>surefire-junit47</artifactId>
- <version>${surefire.version}</version>
- </dependency>
- </dependencies>
- </plugin>
-
+ <plugin>
+ <artifactId>maven-surefire-plugin</artifactId>
+ <configuration>
+ <threadCount>1</threadCount>
+ </configuration>
+ <dependencies>
+ <dependency>
+ <groupId>org.apache.maven.surefire</groupId>
+ <artifactId>surefire-junit47</artifactId>
+ <version>${surefire.version}</version>
+ </dependency>
+ </dependencies>
+ </plugin>
+
</plugins>
</build>
</project>
diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/MSSpecificeIDASNodeSpringResourceProvider.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/MSSpecificeIDASNodeSpringResourceProvider.java
deleted file mode 100644
index 346c4fd7..00000000
--- a/connector/src/main/java/at/asitplus/eidas/specific/connector/MSSpecificeIDASNodeSpringResourceProvider.java
+++ /dev/null
@@ -1,51 +0,0 @@
-/*******************************************************************************
- * Copyright 2018 A-SIT Plus GmbH
- * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
- * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "License");
- * You may not use this work except in compliance with the License.
- * You may obtain a copy of the License at:
- * https://joinup.ec.europa.eu/news/understanding-eupl-v12
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-package at.asitplus.eidas.specific.connector;
-
-import org.springframework.core.io.ClassPathResource;
-import org.springframework.core.io.Resource;
-
-import at.gv.egiz.components.spring.api.SpringResourceProvider;
-
-public class MSSpecificeIDASNodeSpringResourceProvider implements SpringResourceProvider {
-
- @Override
- public Resource[] getResourcesToLoad() {
- ClassPathResource mseIDASNode = new ClassPathResource("/specific_eIDAS_connector.beans.xml", MSSpecificeIDASNodeSpringResourceProvider.class);
- ClassPathResource mseIDASNodeStorage = new ClassPathResource("/specific_eIDAS_connector.storage.beans.xml", MSSpecificeIDASNodeSpringResourceProvider.class);
- return new Resource[] {mseIDASNode, mseIDASNodeStorage};
- }
-
- @Override
- public String[] getPackagesToScan() {
- return null;
- }
-
- @Override
- public String getName() {
- return "MS-specific eIDAS Node SpringResourceProvider";
- }
-
-}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/eIDASAuthenticationSpringResourceProvider.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/MsSpecificEidasNodeSpringResourceProvider.java
index b5321cc9..6e8e06ef 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/eIDASAuthenticationSpringResourceProvider.java
+++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/MsSpecificEidasNodeSpringResourceProvider.java
@@ -1,6 +1,6 @@
-/*******************************************************************************
+/*
* Copyright 2018 A-SIT Plus GmbH
- * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
* A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
*
* Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
@@ -19,34 +19,34 @@
* file for details on the various modules and licenses.
* The "NOTICE" text file is part of the distribution. Any derivative works
* that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-package at.asitplus.eidas.specific.modules.authmodule_eIDASv2;
+ */
+
+package at.asitplus.eidas.specific.connector;
import org.springframework.core.io.ClassPathResource;
import org.springframework.core.io.Resource;
import at.gv.egiz.components.spring.api.SpringResourceProvider;
-public class eIDASAuthenticationSpringResourceProvider implements SpringResourceProvider {
-
- @Override
- public String getName() {
- return "Auth. module for eIDAS Ref. Impl. v2.x";
- }
-
- @Override
- public String[] getPackagesToScan() {
- // TODO Auto-generated method stub
- return null;
- }
-
- @Override
- public Resource[] getResourcesToLoad() {
- ClassPathResource eIDASAuthConfig = new ClassPathResource("/eidas_v2_auth.beans.xml", eIDASAuthenticationSpringResourceProvider.class);
-
- return new Resource[] {eIDASAuthConfig};
- }
+public class MsSpecificEidasNodeSpringResourceProvider implements SpringResourceProvider {
+
+ @Override
+ public Resource[] getResourcesToLoad() {
+ final ClassPathResource msEidasNode = new ClassPathResource("/specific_eIDAS_connector.beans.xml",
+ MsSpecificEidasNodeSpringResourceProvider.class);
+ final ClassPathResource msEidasNodeStorage = new ClassPathResource(
+ "/specific_eIDAS_connector.storage.beans.xml", MsSpecificEidasNodeSpringResourceProvider.class);
+ return new Resource[] { msEidasNode, msEidasNodeStorage };
+ }
+
+ @Override
+ public String[] getPackagesToScan() {
+ return null;
+ }
+
+ @Override
+ public String getName() {
+ return "MS-specific eIDAS Node SpringResourceProvider";
+ }
}
diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/SpringInitializer.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/SpringInitializer.java
index 083b668c..76802825 100644
--- a/connector/src/main/java/at/asitplus/eidas/specific/connector/SpringInitializer.java
+++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/SpringInitializer.java
@@ -1,6 +1,6 @@
-/*******************************************************************************
+/*
* Copyright 2018 A-SIT Plus GmbH
- * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
* A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
*
* Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
@@ -19,9 +19,8 @@
* file for details on the various modules and licenses.
* The "NOTICE" text file is part of the distribution. Any derivative works
* that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
+*/
+
package at.asitplus.eidas.specific.connector;
import java.util.Arrays;
@@ -33,7 +32,6 @@ import javax.servlet.ServletRegistration;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.config.BeanDefinition;
-import org.springframework.beans.factory.support.BeanDefinitionRegistry;
import org.springframework.beans.factory.xml.XmlBeanDefinitionReader;
import org.springframework.context.ApplicationContext;
import org.springframework.context.support.ClassPathXmlApplicationContext;
@@ -53,142 +51,136 @@ import at.gv.egiz.eaaf.core.impl.utils.Random;
import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafDefaultSaml2Bootstrap;
/**
- * Web application initializer
- *
+ * Web application initializer.
+ *
* @author Thomas Lenz
*/
public class SpringInitializer implements WebApplicationInitializer {
- private static final Logger log = LoggerFactory.getLogger(SpringInitializer.class);
-
- private String[] rootServletContexts = null;
- private String[] servletContexts = null;
- private String[] activeProfiles = null;
-
- public SpringInitializer() {
- this.rootServletContexts = null;
- this.servletContexts = new String[] {
- "/applicationContext.xml",
-
- };
- this.activeProfiles = null;
- }
-
-
- /* (non-Javadoc)
- * @see org.springframework.web.WebApplicationInitializer#onStartup(javax.servlet.ServletContext)
- */
- @Override
- public void onStartup(ServletContext servletContext) throws ServletException {
- try {
- log.info("=============== Loading Config Root Context! ===============");
- ApplicationContext cfgRootContext =
- new ClassPathXmlApplicationContext(new String[] {
- "/applicationContext.xml"
- });
-
-
- log.info("=============== Loading Root Context! ===============");
- GenericWebApplicationContext rootContext = new GenericWebApplicationContext();
- rootContext.setServletContext(servletContext);
- rootContext.setParent(cfgRootContext);
-
-// log.info("=============== Setting active profiles! ===============");
-// if (this.activeProfiles != null) {
-// for (String profile : this.activeProfiles) {
-// rootContext.getEnvironment().addActiveProfile(profile);
-// }
-// }
-
- log.info("Spring-context was initialized with active profiles: " +
- Arrays.asList(rootContext.getEnvironment().getActiveProfiles()));
-
- log.info("=============== Loading Local Contexts! ===============");
- XmlBeanDefinitionReader xmlReader = new XmlBeanDefinitionReader(
- rootContext);
- if (rootServletContexts != null) {
- for (String rootServletContext : rootServletContexts) {
- log.debug("Loading: "+ rootServletContext);
- xmlReader.loadBeanDefinitions(new ServletContextResource(
- servletContext, rootServletContext));
- }
- }
- // Manage the lifecycle of the root application context
- servletContext.addListener(new ContextLoaderListener(rootContext));
-
- // log.debug("Beans after logAMQP in {}", rootContext);
- // dumpBeanDefinitions(rootContext);
-
- log.info("=============== Loading SPI Context! ===============");
- if (rootContext instanceof BeanDefinitionRegistry) {
- log.debug("Loading modules and components");
- SpringLoader.loadSpringServices(rootContext);
-
- } else
- log.warn("Failed to load external Spring since no BeanDefinitionRegistry");
-
- log.trace("Beans after SPI in "+ rootContext);
- dumpBeanDefinitions(rootContext);
-
- log.debug("Loading servlet config in "+ rootContext);
- if (servletContexts != null) {
- for (String servletContextString : servletContexts)
- xmlReader.loadBeanDefinitions(new ClassPathResource(servletContextString, SpringInitializer.class));
-
- }
-
- log.debug("Refreshing context "+ rootContext);
- rootContext.refresh();
-
- log.info("=============== Register Dispatcher Servlet! ===============");
-
- log.trace("Final Beans in "+ rootContext);
- dumpBeanDefinitions(rootContext);
-
- log.info("Registering dispatcher configuration");
- ServletRegistration.Dynamic dispatcher = servletContext.addServlet("dispatcher", new DispatcherServlet(rootContext));
- if (dispatcher != null) {
- dispatcher.setLoadOnStartup(1);
- dispatcher.addMapping("/");
- dispatcher.setAsyncSupported(true);
-
- } else
- log.error("Failed to register dispatcher server in servlet context!");
-
-
- log.info("=============== Register RequestContextListener! ===============");
- servletContext.addListener(new RequestContextListener());
-
- //initialize status messenger
- LogMessageProviderFactory.setStatusMessager(rootContext.getBean(IStatusMessenger.class));
-
- log.info("Bootstrap openSAML .... ");
- EaafDefaultSaml2Bootstrap.bootstrap();
-
- log.info("Seed random number generator ... ");
- Random.seedRandom();
-
- log.info("Initialization of MS-specific eIDAS-connector finished.");
-
-
- } catch (Throwable e) {
- log.error("MS-specific eIDAS-connector initialization FAILED!", e);
-
- }
-
- }
-
- private void dumpBeanDefinitions(GenericApplicationContext context) {
- log.trace("Registered Bean in context " + context.toString());
-
- String[] registeredBeans = context.getBeanDefinitionNames();
- for (String registeredBean : registeredBeans) {
- BeanDefinition beanDefinition = context
- .getBeanDefinition(registeredBean);
- log.trace(registeredBean + " -> " + beanDefinition.getBeanClassName());
-
- }
-
- log.trace("Registered Bean in context --"+ context);
- }
+ private static final Logger log = LoggerFactory.getLogger(SpringInitializer.class);
+
+ private String[] rootServletContexts = null;
+ private String[] servletContexts = null;
+
+ /**
+ * Application specific Spring initializer.
+ *
+ */
+ public SpringInitializer() {
+ this.rootServletContexts = null;
+ this.servletContexts = new String[] {
+ "/applicationContext.xml",
+
+ };
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see
+ * org.springframework.web.WebApplicationInitializer#onStartup(javax.servlet.
+ * ServletContext)
+ */
+ @Override
+ public void onStartup(ServletContext servletContext) throws ServletException {
+ try {
+ log.info("=============== Loading Config Root Context! ===============");
+ final ApplicationContext cfgRootContext =
+ new ClassPathXmlApplicationContext(new String[] {
+ "/applicationContext.xml"
+ });
+
+ log.info("=============== Loading Root Context! ===============");
+ final GenericWebApplicationContext rootContext = new GenericWebApplicationContext();
+ rootContext.setServletContext(servletContext);
+ rootContext.setParent(cfgRootContext);
+
+ log.info("Spring-context was initialized with active profiles: {}",
+ Arrays.asList(rootContext.getEnvironment().getActiveProfiles()));
+
+ log.info("=============== Loading Local Contexts! ===============");
+ final XmlBeanDefinitionReader xmlReader = new XmlBeanDefinitionReader(
+ rootContext);
+ if (rootServletContexts != null) {
+ for (final String rootServletContext : rootServletContexts) {
+ log.debug("Loading: " + rootServletContext);
+ xmlReader.loadBeanDefinitions(new ServletContextResource(
+ servletContext, rootServletContext));
+ }
+ }
+ // Manage the lifecycle of the root application context
+ servletContext.addListener(new ContextLoaderListener(rootContext));
+
+ // log.debug("Beans after logAMQP in {}", rootContext);
+ // dumpBeanDefinitions(rootContext);
+
+ log.info("=============== Loading SPI Context! ===============");
+ log.debug("Loading modules and components");
+ SpringLoader.loadSpringServices(rootContext);
+
+ log.trace("Beans after SPI in " + rootContext);
+ dumpBeanDefinitions(rootContext);
+
+ log.debug("Loading servlet config in " + rootContext);
+ if (servletContexts != null) {
+ for (final String servletContextString : servletContexts) {
+ xmlReader.loadBeanDefinitions(new ClassPathResource(servletContextString, SpringInitializer.class));
+ }
+
+ }
+
+ log.debug("Refreshing context " + rootContext);
+ rootContext.refresh();
+
+ log.info("=============== Register Dispatcher Servlet! ===============");
+
+ log.trace("Final Beans in " + rootContext);
+ dumpBeanDefinitions(rootContext);
+
+ log.info("Registering dispatcher configuration");
+ final ServletRegistration.Dynamic dispatcher = servletContext.addServlet("dispatcher",
+ new DispatcherServlet(rootContext));
+ if (dispatcher != null) {
+ dispatcher.setLoadOnStartup(1);
+ dispatcher.addMapping("/");
+ dispatcher.setAsyncSupported(true);
+
+ } else {
+ log.error("Failed to register dispatcher server in servlet context!");
+ }
+
+ log.info("=============== Register RequestContextListener! ===============");
+ servletContext.addListener(new RequestContextListener());
+
+ // initialize status messenger
+ LogMessageProviderFactory.setStatusMessager(rootContext.getBean(IStatusMessenger.class));
+
+ log.info("Bootstrap openSAML .... ");
+ EaafDefaultSaml2Bootstrap.bootstrap();
+
+ log.info("Seed random number generator ... ");
+ Random.seedRandom();
+
+ log.info("Initialization of MS-specific eIDAS-connector finished.");
+
+ } catch (final Throwable e) {
+ log.error("MS-specific eIDAS-connector initialization FAILED!", e);
+
+ }
+
+ }
+
+ private void dumpBeanDefinitions(GenericApplicationContext context) {
+ log.trace("Registered Bean in context " + context.toString());
+
+ final String[] registeredBeans = context.getBeanDefinitionNames();
+ for (final String registeredBean : registeredBeans) {
+ final BeanDefinition beanDefinition = context
+ .getBeanDefinition(registeredBean);
+ log.trace(registeredBean + " -> " + beanDefinition.getBeanClassName());
+
+ }
+
+ log.trace("Registered Bean in context --" + context);
+ }
}
diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/auth/AuthenticationManager.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/auth/AuthenticationManager.java
index b4944675..abda468d 100644
--- a/connector/src/main/java/at/asitplus/eidas/specific/connector/auth/AuthenticationManager.java
+++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/auth/AuthenticationManager.java
@@ -1,6 +1,6 @@
-/*******************************************************************************
+/*
* Copyright 2018 A-SIT Plus GmbH
- * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
* A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
*
* Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
@@ -19,9 +19,8 @@
* file for details on the various modules and licenses.
* The "NOTICE" text file is part of the distribution. Any derivative works
* that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
+*/
+
package at.asitplus.eidas.specific.connector.auth;
import javax.servlet.http.HttpServletRequest;
@@ -40,21 +39,22 @@ import at.gv.egiz.eaaf.core.impl.idp.controller.protocols.RequestImpl;
@Service("AuthenticationManager")
public class AuthenticationManager extends AbstractAuthenticationManager {
- private static final Logger log = LoggerFactory.getLogger(AuthenticationManager.class);
-
- @Override
- public ISloInformationContainer performSingleLogOut(HttpServletRequest httpReq, HttpServletResponse httpResp,
- IRequest pendingReq, String internalSSOId) throws EaafException {
- throw new RuntimeException("Single LogOut is NOT supported by this implementation");
-
- }
-
- @Override
- protected void populateExecutionContext(ExecutionContext executionContext,
- RequestImpl pendingReq, HttpServletRequest httpReq)
- throws EaafException {
- log.trace("No implementation-specific population of execution-context required ... ");
-
- }
+ private static final Logger log = LoggerFactory.getLogger(AuthenticationManager.class);
+
+ @Override
+ public ISloInformationContainer performSingleLogOut(HttpServletRequest httpReq,
+ HttpServletResponse httpResp,
+ IRequest pendingReq, String internalSsoId) throws EaafException {
+ throw new RuntimeException("Single LogOut is NOT supported by this implementation");
+
+ }
+
+ @Override
+ protected void populateExecutionContext(ExecutionContext executionContext,
+ RequestImpl pendingReq, HttpServletRequest httpReq)
+ throws EaafException {
+ log.trace("No implementation-specific population of execution-context required ... ");
+
+ }
}
diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/builder/AuthenticationDataBuilder.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/builder/AuthenticationDataBuilder.java
index 0688a13f..b14faa62 100644
--- a/connector/src/main/java/at/asitplus/eidas/specific/connector/builder/AuthenticationDataBuilder.java
+++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/builder/AuthenticationDataBuilder.java
@@ -1,6 +1,6 @@
-/*******************************************************************************
+/*
* Copyright 2018 A-SIT Plus GmbH
- * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
* A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
*
* Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
@@ -19,9 +19,8 @@
* file for details on the various modules and licenses.
* The "NOTICE" text file is part of the distribution. Any derivative works
* that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
+*/
+
package at.asitplus.eidas.specific.connector.builder;
import java.util.Date;
@@ -31,7 +30,7 @@ import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Service;
import org.w3c.dom.DOMException;
-import at.asitplus.eidas.specific.connector.MSeIDASNodeConstants;
+import at.asitplus.eidas.specific.connector.MsEidasNodeConstants;
import at.gv.egiz.eaaf.core.api.IRequest;
import at.gv.egiz.eaaf.core.api.idp.IAuthData;
import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration;
@@ -49,70 +48,70 @@ import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper;
@Service("AuthenticationDataBuilder")
public class AuthenticationDataBuilder extends AbstractAuthenticationDataBuilder {
- private static final Logger log = LoggerFactory.getLogger(AuthenticationDataBuilder.class);
-
- @Override
- public IAuthData buildAuthenticationData(IRequest pendingReq) throws EaafAuthenticationException {
-
- IAuthProcessDataContainer authProcessData = pendingReq.getSessionData(AuthProcessDataWrapper.class);
- AuthenticationData authData = new AuthenticationData();
-
- try {
- generateDeprecatedBasicAuthData(authData, pendingReq, authProcessData);
-
- //set specific informations
- authData.setSsoSessionValidTo(new Date(new Date().getTime()
- + MSeIDASNodeConstants.DEFAULT_PVP_ASSERTION_VALIDITY * 60 * 1000));
-
- } catch (EaafBuilderException | EaafParserException | EaafConfigurationException
- | XPathException | DOMException e) {
- log.warn("Can not build authentication data from auth. process information");
- throw new EaafAuthenticationException("builder.11", new Object[]{e.getMessage()}, e);
-
- }
-
- return authData;
-
- }
-
- @Override
- protected IAuthData buildDeprecatedAuthData(IRequest arg0) throws EaafException {
- // TODO Auto-generated method stub
- return null;
- }
-
- @Override
- protected void buildServiceSpecificAuthenticationData(IAuthData arg0, IRequest arg1) throws EaafException {
- // TODO Auto-generated method stub
-
- }
-
- @Override
- protected IAuthData getAuthDataInstance(IRequest arg0) throws EaafException {
- return new AuthenticationData();
-
- }
-
- @Override
- protected Pair<String, String> buildOAspecificbPK(IRequest pendingReq, AuthenticationData authData) throws EaafBuilderException {
- //TODO: check if bPK already exists
-
-
- return super.buildOAspecificbPK(pendingReq, authData);
-
- }
-
- @Override
- protected Pair<String, String> getEncryptedBpkFromPvpAttribute(IAuthProcessDataContainer arg0,
- AuthenticationData arg1, ISpConfiguration arg2) throws EaafBuilderException {
- return null;
-
- }
-
- @Override
- protected Pair<String, String> getbaseIdFromSzr(AuthenticationData arg0, String arg1, String arg2) {
- return null;
-
- }
+ private static final Logger log = LoggerFactory.getLogger(AuthenticationDataBuilder.class);
+
+ @Override
+ public IAuthData buildAuthenticationData(IRequest pendingReq) throws EaafAuthenticationException {
+
+ final IAuthProcessDataContainer authProcessData = pendingReq.getSessionData(AuthProcessDataWrapper.class);
+ final AuthenticationData authData = new AuthenticationData();
+
+ try {
+ generateDeprecatedBasicAuthData(authData, pendingReq, authProcessData);
+
+ // set specific informations
+ authData.setSsoSessionValidTo(new Date(new Date().getTime()
+ + MsEidasNodeConstants.DEFAULT_PVP_ASSERTION_VALIDITY * 60 * 1000));
+
+ } catch (EaafBuilderException | EaafParserException | EaafConfigurationException
+ | XPathException | DOMException e) {
+ log.warn("Can not build authentication data from auth. process information");
+ throw new EaafAuthenticationException("builder.11", new Object[] { e.getMessage() }, e);
+
+ }
+
+ return authData;
+
+ }
+
+ @Override
+ protected IAuthData buildDeprecatedAuthData(IRequest arg0) throws EaafException {
+ return new AuthenticationData();
+
+ }
+
+ @Override
+ protected void buildServiceSpecificAuthenticationData(IAuthData arg0, IRequest arg1) throws EaafException {
+ // TODO Auto-generated method stub
+
+ }
+
+ @Override
+ protected IAuthData getAuthDataInstance(IRequest arg0) throws EaafException {
+ return new AuthenticationData();
+
+ }
+
+ @Override
+ protected Pair<String, String> buildOAspecificbPK(IRequest pendingReq, AuthenticationData authData)
+ throws EaafBuilderException {
+ // TODO: check if bPK already exists
+
+ return super.buildOAspecificbPK(pendingReq, authData);
+
+ }
+
+ @Override
+ protected Pair<String, String> getEncryptedBpkFromPvpAttribute(IAuthProcessDataContainer arg0,
+ AuthenticationData arg1, ISpConfiguration arg2) throws EaafBuilderException {
+ return null;
+
+ }
+
+ @Override
+ protected Pair<String, String> getbaseIdFromSzr(AuthenticationData arg0, String arg1, String arg2) {
+ return null;
+
+ }
}
diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/builder/PvpSubjectNameGenerator.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/builder/PvpSubjectNameGenerator.java
index bb43ee08..d4e97433 100644
--- a/connector/src/main/java/at/asitplus/eidas/specific/connector/builder/PvpSubjectNameGenerator.java
+++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/builder/PvpSubjectNameGenerator.java
@@ -1,6 +1,6 @@
-/*******************************************************************************
+/*
* Copyright 2018 A-SIT Plus GmbH
- * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
* A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
*
* Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
@@ -19,9 +19,8 @@
* file for details on the various modules and licenses.
* The "NOTICE" text file is part of the distribution. Any derivative works
* that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
+*/
+
package at.asitplus.eidas.specific.connector.builder;
import at.gv.egiz.eaaf.core.api.idp.IAuthData;
@@ -32,9 +31,10 @@ import at.gv.egiz.eaaf.modules.pvp2.idp.api.builder.ISubjectNameIdGenerator;
public class PvpSubjectNameGenerator implements ISubjectNameIdGenerator {
- @Override
- public Pair<String, String> generateSubjectNameId(IAuthData authData, ISpConfiguration spConfig) throws Pvp2Exception {
- return Pair.newInstance(authData.getBpk(), authData.getBpkType());
- }
+ @Override
+ public Pair<String, String> generateSubjectNameId(IAuthData authData, ISpConfiguration spConfig)
+ throws Pvp2Exception {
+ return Pair.newInstance(authData.getBpk(), authData.getBpkType());
+ }
}
diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/config/PVPEndPointConfiguration.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/config/PVPEndPointConfiguration.java
deleted file mode 100644
index 4086ef7e..00000000
--- a/connector/src/main/java/at/asitplus/eidas/specific/connector/config/PVPEndPointConfiguration.java
+++ /dev/null
@@ -1,90 +0,0 @@
-/*******************************************************************************
- * Copyright 2018 A-SIT Plus GmbH
- * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
- * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "License");
- * You may not use this work except in compliance with the License.
- * You may obtain a copy of the License at:
- * https://joinup.ec.europa.eu/news/understanding-eupl-v12
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-package at.asitplus.eidas.specific.connector.config;
-
-import java.util.List;
-
-import org.opensaml.saml2.metadata.ContactPerson;
-import org.opensaml.saml2.metadata.Organization;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.stereotype.Service;
-
-import at.asitplus.eidas.specific.connector.MSeIDASNodeConstants;
-import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
-import at.gv.egiz.eaaf.core.exceptions.EaafException;
-import at.gv.egiz.eaaf.modules.pvp2.api.IPvp2BasicConfiguration;
-
-@Service("PVPEndPointConfiguration")
-public class PVPEndPointConfiguration implements IPvp2BasicConfiguration {
- private static final Logger log = LoggerFactory.getLogger(PVPEndPointConfiguration.class);
-
- @Autowired(required=true) IConfiguration basicConfiguration;
-
- @Override
- public String getIdpEntityId(String authURL) throws EaafException {
- return removePostFix(authURL) + MSeIDASNodeConstants.ENDPOINT_PVP_METADATA;
-
- }
-
- @Override
- public String getIdpSsoPostService(String authURL) throws EaafException {
- return removePostFix(authURL) + MSeIDASNodeConstants.ENDPOINT_PVP_POST;
-
- }
-
- @Override
- public String getIdpSsoRedirectService(String authURL) throws EaafException {
- return removePostFix(authURL) + MSeIDASNodeConstants.ENDPOINT_PVP_REDIRECT;
-
- }
-
- @Override
- public Object getIdpSsoSoapService(String extractAuthURLFromRequest) throws EaafException {
- log.warn("PVP S-Profile End-Point does NOT support SOAP Binding");
- return null;
-
- }
-
- @Override
- public List<ContactPerson> getIdpContacts() throws EaafException {
- // Return contact person, if it shall be included in metadata
- return null;
- }
-
- @Override
- public Organization getIdpOrganisation() throws EaafException {
- // Return organization, if it shall be included in metadata
- return null;
- }
-
- private String removePostFix(String url) {
- if (url != null && url.endsWith("/"))
- return url.substring(0, url.length() - 1);
- else
- return url;
- }
-}
diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/config/PVPMetadataConfiguration.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/config/PVPMetadataConfiguration.java
deleted file mode 100644
index 62ca42ac..00000000
--- a/connector/src/main/java/at/asitplus/eidas/specific/connector/config/PVPMetadataConfiguration.java
+++ /dev/null
@@ -1,262 +0,0 @@
-/*******************************************************************************
- * Copyright 2018 A-SIT Plus GmbH
- * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
- * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "License");
- * You may not use this work except in compliance with the License.
- * You may obtain a copy of the License at:
- * https://joinup.ec.europa.eu/news/understanding-eupl-v12
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-package at.asitplus.eidas.specific.connector.config;
-
-import java.util.Arrays;
-import java.util.List;
-
-import org.opensaml.saml2.core.Attribute;
-import org.opensaml.saml2.core.NameIDType;
-import org.opensaml.saml2.metadata.ContactPerson;
-import org.opensaml.saml2.metadata.Organization;
-import org.opensaml.saml2.metadata.RequestedAttribute;
-import org.opensaml.xml.security.credential.Credential;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import at.asitplus.eidas.specific.connector.MSeIDASNodeConstants;
-import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
-import at.gv.egiz.eaaf.core.exceptions.EaafException;
-import at.gv.egiz.eaaf.modules.pvp2.api.IPvp2BasicConfiguration;
-import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvpMetadataBuilderConfiguration;
-import at.gv.egiz.eaaf.modules.pvp2.exception.CredentialsNotAvailableException;
-import at.gv.egiz.eaaf.modules.pvp2.impl.builder.PvpAttributeBuilder;
-import at.gv.egiz.eaaf.modules.pvp2.impl.utils.AbstractCredentialProvider;
-
-public class PVPMetadataConfiguration implements IPvpMetadataBuilderConfiguration{
- private static final Logger log = LoggerFactory.getLogger(PVPMetadataConfiguration.class);
-
- private IConfiguration basicConfig;
- private String authUrl;
- private AbstractCredentialProvider pvpIDPCredentials;
- private IPvp2BasicConfiguration pvpBasicConfig;
-
- public PVPMetadataConfiguration(IConfiguration basicConfig, String authURL, IPvp2BasicConfiguration pvpBasicConfig, AbstractCredentialProvider pvpIDPCredentials) {
- this.authUrl = authURL;
- this.pvpIDPCredentials = pvpIDPCredentials;
- this.basicConfig = basicConfig;
- this.pvpBasicConfig = pvpBasicConfig;
-
- }
-
- @Override
- public String getSpNameForLogging() {
- return "PVP2 S-Profile IDP";
- }
-
- @Override
- public int getMetadataValidUntil() {
- return Integer.valueOf(basicConfig.getBasicConfiguration(
- MSeIDASNodeConstants.PROP_CONFIG_PVP2_METADATA_VALIDITY,
- String.valueOf(MSeIDASNodeConstants.DEFAULT_PVP_METADATA_VALIDITY)));
-
- }
-
- @Override
- public boolean buildEntitiesDescriptorAsRootElement() {
- return false;
-
- }
-
- @Override
- public boolean buildIdpSsoDescriptor() {
- return true;
-
- }
-
- @Override
- public boolean buildSpSsoDescriptor() {
- return false;
-
- }
-
- @Override
- public String getEntityID() {
- try {
- return pvpBasicConfig.getIdpEntityId(authUrl);
-
- } catch (EaafException e) {
- log.error("Can NOT build PVP metadata configuration.", e);
- throw new RuntimeException("Can NOT build PVP metadata configuration.");
-
- }
-
- }
-
- @Override
- public String getEntityFriendlyName() {
- return null;
-
- }
-
- @Override
- public List<ContactPerson> getContactPersonInformation() {
- try {
- return pvpBasicConfig.getIdpContacts();
-
- } catch (EaafException e) {
- log.error("Can NOT build PVP metadata configuration.", e);
- throw new RuntimeException("Can NOT build PVP metadata configuration.");
-
- }
-
- }
-
- @Override
- public Organization getOrgansiationInformation() {
- try {
- return pvpBasicConfig.getIdpOrganisation();
-
- } catch (EaafException e) {
- log.error("Can NOT build PVP metadata configuration.", e);
- throw new RuntimeException("Can NOT build PVP metadata configuration.");
-
- }
- }
-
- @Override
- public Credential getMetadataSigningCredentials() throws CredentialsNotAvailableException {
- return pvpIDPCredentials.getIdpMetaDataSigningCredential();
-
- }
-
- @Override
- public Credential getRequestorResponseSigningCredentials() throws CredentialsNotAvailableException {
- return pvpIDPCredentials.getIdpAssertionSigningCredential();
-
- }
-
- @Override
- public Credential getEncryptionCredentials() throws CredentialsNotAvailableException {
- return null;
-
-
- }
-
- @Override
- public String getIdpWebSsoPostBindingUrl() {
- try {
- return pvpBasicConfig.getIdpSsoPostService(authUrl);
-
- } catch (EaafException e) {
- log.error("Can NOT build PVP metadata configuration.", e);
- throw new RuntimeException("Can NOT build PVP metadata configuration.");
-
- }
-
- }
-
- @Override
- public String getIdpWebSsoRedirectBindingUrl() {
- try {
- return pvpBasicConfig.getIdpSsoRedirectService(authUrl);
-
- } catch (EaafException e) {
- log.error("Can NOT build PVP metadata configuration.", e);
- throw new RuntimeException("Can NOT build PVP metadata configuration.");
-
- }
- }
-
- @Override
- public String getIdpSloPostBindingUrl() {
- return null;
-
- }
-
- @Override
- public String getIdpSloRedirectBindingUrl() {
- return null;
-
- }
-
- @Override
- public String getSpAssertionConsumerServicePostBindingUrl() {
- return null;
-
- }
-
- @Override
- public String getSpAssertionConsumerServiceRedirectBindingUrl() {
- return null;
-
- }
-
- @Override
- public String getSpSloPostBindingUrl() {
- return null;
-
- }
-
- @Override
- public String getSpSloRedirectBindingUrl() {
- return null;
-
- }
-
- @Override
- public String getSpSloSoapBindingUrl() {
- return null;
-
- }
-
- @Override
- public List<Attribute> getIdpPossibleAttributes() {
- return PvpAttributeBuilder.buildSupportedEmptyAttributes();
-
- }
-
- @Override
- public List<String> getIdpPossibleNameIdTypes() {
- return Arrays.asList(NameIDType.PERSISTENT,
- NameIDType.TRANSIENT,
- NameIDType.UNSPECIFIED);
- }
-
- @Override
- public List<RequestedAttribute> getSpRequiredAttributes() {
- return null;
-
- }
-
- @Override
- public List<String> getSpAllowedNameIdTypes() {
- return null;
-
- }
-
- @Override
- public boolean wantAssertionSigned() {
- return false;
-
- }
-
- @Override
- public boolean wantAuthnRequestSigned() {
- return true;
-
- }
-
-}
diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/config/PvpEndPointConfiguration.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/config/PvpEndPointConfiguration.java
new file mode 100644
index 00000000..fb7cb625
--- /dev/null
+++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/config/PvpEndPointConfiguration.java
@@ -0,0 +1,91 @@
+/*
+ * Copyright 2018 A-SIT Plus GmbH
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "License");
+ * You may not use this work except in compliance with the License.
+ * You may obtain a copy of the License at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.asitplus.eidas.specific.connector.config;
+
+import java.util.List;
+
+import org.opensaml.saml2.metadata.ContactPerson;
+import org.opensaml.saml2.metadata.Organization;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Service;
+
+import at.asitplus.eidas.specific.connector.MsEidasNodeConstants;
+import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
+import at.gv.egiz.eaaf.core.exceptions.EaafException;
+import at.gv.egiz.eaaf.modules.pvp2.api.IPvp2BasicConfiguration;
+
+@Service("PVPEndPointConfiguration")
+public class PvpEndPointConfiguration implements IPvp2BasicConfiguration {
+ private static final Logger log = LoggerFactory.getLogger(PvpEndPointConfiguration.class);
+
+ @Autowired(required = true)
+ IConfiguration basicConfiguration;
+
+ @Override
+ public String getIdpEntityId(String authUrl) throws EaafException {
+ return removePostFix(authUrl) + MsEidasNodeConstants.ENDPOINT_PVP_METADATA;
+
+ }
+
+ @Override
+ public String getIdpSsoPostService(String authUrl) throws EaafException {
+ return removePostFix(authUrl) + MsEidasNodeConstants.ENDPOINT_PVP_POST;
+
+ }
+
+ @Override
+ public String getIdpSsoRedirectService(String authUrl) throws EaafException {
+ return removePostFix(authUrl) + MsEidasNodeConstants.ENDPOINT_PVP_REDIRECT;
+
+ }
+
+ @Override
+ public Object getIdpSsoSoapService(String extractAuthUrlFromRequest) throws EaafException {
+ log.warn("PVP S-Profile End-Point does NOT support SOAP Binding");
+ return null;
+
+ }
+
+ @Override
+ public List<ContactPerson> getIdpContacts() throws EaafException {
+ // Return contact person, if it shall be included in metadata
+ return null;
+ }
+
+ @Override
+ public Organization getIdpOrganisation() throws EaafException {
+ // Return organization, if it shall be included in metadata
+ return null;
+ }
+
+ private String removePostFix(String url) {
+ if (url != null && url.endsWith("/")) {
+ return url.substring(0, url.length() - 1);
+ } else {
+ return url;
+ }
+ }
+}
diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/config/PvpMetadataConfiguration.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/config/PvpMetadataConfiguration.java
new file mode 100644
index 00000000..f1828f87
--- /dev/null
+++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/config/PvpMetadataConfiguration.java
@@ -0,0 +1,269 @@
+/*
+ * Copyright 2018 A-SIT Plus GmbH
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "License");
+ * You may not use this work except in compliance with the License.
+ * You may obtain a copy of the License at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.asitplus.eidas.specific.connector.config;
+
+import java.util.Arrays;
+import java.util.List;
+
+import org.opensaml.saml2.core.Attribute;
+import org.opensaml.saml2.core.NameIDType;
+import org.opensaml.saml2.metadata.ContactPerson;
+import org.opensaml.saml2.metadata.Organization;
+import org.opensaml.saml2.metadata.RequestedAttribute;
+import org.opensaml.xml.security.credential.Credential;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import at.asitplus.eidas.specific.connector.MsEidasNodeConstants;
+import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
+import at.gv.egiz.eaaf.core.exceptions.EaafException;
+import at.gv.egiz.eaaf.modules.pvp2.api.IPvp2BasicConfiguration;
+import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvpMetadataBuilderConfiguration;
+import at.gv.egiz.eaaf.modules.pvp2.exception.CredentialsNotAvailableException;
+import at.gv.egiz.eaaf.modules.pvp2.impl.builder.PvpAttributeBuilder;
+import at.gv.egiz.eaaf.modules.pvp2.impl.utils.AbstractCredentialProvider;
+
+public class PvpMetadataConfiguration implements IPvpMetadataBuilderConfiguration {
+ private static final Logger log = LoggerFactory.getLogger(PvpMetadataConfiguration.class);
+
+ private final IConfiguration basicConfig;
+ private final String authUrl;
+ private final AbstractCredentialProvider pvpIdpCredentials;
+ private final IPvp2BasicConfiguration pvpBasicConfig;
+
+ /**
+ * Configuration object to create PVP2 S-Profile metadata.
+ *
+ * @param basicConfig Application configuration
+ * @param authUrl Public-URL Prefix of the application
+ * @param pvpBasicConfig PVP2 configuration object
+ * @param pvpIdpCredentials PVP2 credentials
+ */
+ public PvpMetadataConfiguration(IConfiguration basicConfig, String authUrl,
+ IPvp2BasicConfiguration pvpBasicConfig, AbstractCredentialProvider pvpIdpCredentials) {
+ this.authUrl = authUrl;
+ this.pvpIdpCredentials = pvpIdpCredentials;
+ this.basicConfig = basicConfig;
+ this.pvpBasicConfig = pvpBasicConfig;
+
+ }
+
+ @Override
+ public String getSpNameForLogging() {
+ return "PVP2 S-Profile IDP";
+ }
+
+ @Override
+ public int getMetadataValidUntil() {
+ return Integer.parseInt(basicConfig.getBasicConfiguration(
+ MsEidasNodeConstants.PROP_CONFIG_PVP2_METADATA_VALIDITY,
+ String.valueOf(MsEidasNodeConstants.DEFAULT_PVP_METADATA_VALIDITY)));
+
+ }
+
+ @Override
+ public boolean buildEntitiesDescriptorAsRootElement() {
+ return false;
+
+ }
+
+ @Override
+ public boolean buildIdpSsoDescriptor() {
+ return true;
+
+ }
+
+ @Override
+ public boolean buildSpSsoDescriptor() {
+ return false;
+
+ }
+
+ @Override
+ public String getEntityID() {
+ try {
+ return pvpBasicConfig.getIdpEntityId(authUrl);
+
+ } catch (final EaafException e) {
+ log.error("Can NOT build PVP metadata configuration.", e);
+ throw new RuntimeException("Can NOT build PVP metadata configuration.");
+
+ }
+
+ }
+
+ @Override
+ public String getEntityFriendlyName() {
+ return null;
+
+ }
+
+ @Override
+ public List<ContactPerson> getContactPersonInformation() {
+ try {
+ return pvpBasicConfig.getIdpContacts();
+
+ } catch (final EaafException e) {
+ log.error("Can NOT build PVP metadata configuration.", e);
+ throw new RuntimeException("Can NOT build PVP metadata configuration.");
+
+ }
+
+ }
+
+ @Override
+ public Organization getOrgansiationInformation() {
+ try {
+ return pvpBasicConfig.getIdpOrganisation();
+
+ } catch (final EaafException e) {
+ log.error("Can NOT build PVP metadata configuration.", e);
+ throw new RuntimeException("Can NOT build PVP metadata configuration.");
+
+ }
+ }
+
+ @Override
+ public Credential getMetadataSigningCredentials() throws CredentialsNotAvailableException {
+ return pvpIdpCredentials.getIdpMetaDataSigningCredential();
+
+ }
+
+ @Override
+ public Credential getRequestorResponseSigningCredentials() throws CredentialsNotAvailableException {
+ return pvpIdpCredentials.getIdpAssertionSigningCredential();
+
+ }
+
+ @Override
+ public Credential getEncryptionCredentials() throws CredentialsNotAvailableException {
+ return null;
+
+ }
+
+ @Override
+ public String getIdpWebSsoPostBindingUrl() {
+ try {
+ return pvpBasicConfig.getIdpSsoPostService(authUrl);
+
+ } catch (final EaafException e) {
+ log.error("Can NOT build PVP metadata configuration.", e);
+ throw new RuntimeException("Can NOT build PVP metadata configuration.");
+
+ }
+
+ }
+
+ @Override
+ public String getIdpWebSsoRedirectBindingUrl() {
+ try {
+ return pvpBasicConfig.getIdpSsoRedirectService(authUrl);
+
+ } catch (final EaafException e) {
+ log.error("Can NOT build PVP metadata configuration.", e);
+ throw new RuntimeException("Can NOT build PVP metadata configuration.");
+
+ }
+ }
+
+ @Override
+ public String getIdpSloPostBindingUrl() {
+ return null;
+
+ }
+
+ @Override
+ public String getIdpSloRedirectBindingUrl() {
+ return null;
+
+ }
+
+ @Override
+ public String getSpAssertionConsumerServicePostBindingUrl() {
+ return null;
+
+ }
+
+ @Override
+ public String getSpAssertionConsumerServiceRedirectBindingUrl() {
+ return null;
+
+ }
+
+ @Override
+ public String getSpSloPostBindingUrl() {
+ return null;
+
+ }
+
+ @Override
+ public String getSpSloRedirectBindingUrl() {
+ return null;
+
+ }
+
+ @Override
+ public String getSpSloSoapBindingUrl() {
+ return null;
+
+ }
+
+ @Override
+ public List<Attribute> getIdpPossibleAttributes() {
+ return PvpAttributeBuilder.buildSupportedEmptyAttributes();
+
+ }
+
+ @Override
+ public List<String> getIdpPossibleNameIdTypes() {
+ return Arrays.asList(NameIDType.PERSISTENT,
+ NameIDType.TRANSIENT,
+ NameIDType.UNSPECIFIED);
+ }
+
+ @Override
+ public List<RequestedAttribute> getSpRequiredAttributes() {
+ return null;
+
+ }
+
+ @Override
+ public List<String> getSpAllowedNameIdTypes() {
+ return null;
+
+ }
+
+ @Override
+ public boolean wantAssertionSigned() {
+ return false;
+
+ }
+
+ @Override
+ public boolean wantAuthnRequestSigned() {
+ return true;
+
+ }
+
+}
diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/config/StaticResourceConfiguration.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/config/StaticResourceConfiguration.java
index 97842262..81ab02ce 100644
--- a/connector/src/main/java/at/asitplus/eidas/specific/connector/config/StaticResourceConfiguration.java
+++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/config/StaticResourceConfiguration.java
@@ -1,6 +1,6 @@
-/*******************************************************************************
+/*
* Copyright 2019 A-SIT Plus GmbH
- * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
* A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
*
* Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
@@ -19,7 +19,8 @@
* file for details on the various modules and licenses.
* The "NOTICE" text file is part of the distribution. Any derivative works
* that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
+ */
+
package at.asitplus.eidas.specific.connector.config;
import java.net.MalformedURLException;
@@ -33,129 +34,164 @@ import org.springframework.context.annotation.Configuration;
import org.springframework.context.support.ReloadableResourceBundleMessageSource;
import org.springframework.web.servlet.config.annotation.EnableWebMvc;
import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry;
-import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
+import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
import org.springframework.web.servlet.i18n.CookieLocaleResolver;
import org.thymeleaf.templateresolver.FileTemplateResolver;
-import at.asitplus.eidas.specific.connector.MSeIDASNodeConstants;
+import at.asitplus.eidas.specific.connector.MsEidasNodeConstants;
import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
import at.gv.egiz.eaaf.core.impl.utils.FileUtils;
/**
+ * Spring configurator for Web resources.
+ *
* @author tlenz
*
*/
@Configuration
@EnableWebMvc
-public class StaticResourceConfiguration extends WebMvcConfigurerAdapter {
- private static final Logger log = LoggerFactory.getLogger(StaticResourceConfiguration.class);
- private static final String[] CLASSPATH_RESOURCE_LOCATIONS = {
- "/"
- };
-
- private static final String DEFAULT_MESSAGE_SOURCE = "classpath:properties/status_messages";
-
- @Autowired private IConfiguration basicConfig;
-
-
- @Override
- public void addResourceHandlers(ResourceHandlerRegistry registry) {
- String staticResources = basicConfig.getBasicConfiguration(MSeIDASNodeConstants.PROP_CONFIG_WEBCONTENT_STATIC_PATH);
- try {
- if (StringUtils.isNotEmpty(staticResources)) {
- String absPath = FileUtils.makeAbsoluteUrl(staticResources , basicConfig.getConfigurationRootDirectory());
- if (!absPath.endsWith("/"))
- absPath += "/";
-
- registry.addResourceHandler("/static/**").addResourceLocations(absPath);
- log.info("Add Ressourcefolder: " + absPath + " for static Web content");
-
- } else
- log.debug("No Ressourcefolder for static Web content");
-
- } catch (MalformedURLException e) {
- log.warn("Can NOT initialize ressourcefolder for static Web content", e);
-
- }
-
- registry.addResourceHandler("/**").addResourceLocations(CLASSPATH_RESOURCE_LOCATIONS);
-
- }
-
- @Bean
- public ReloadableResourceBundleMessageSource internalMessageSource(){
- final ReloadableResourceBundleMessageSource messageSource = new ReloadableResourceBundleMessageSource();
-
- //add default message source
- messageSource.setBasename(DEFAULT_MESSAGE_SOURCE);
- messageSource.setDefaultEncoding("UTF-8");
- return messageSource;
-
- }
-
- @Bean
- public ReloadableResourceBundleMessageSource messageSource(){
- final ReloadableResourceBundleMessageSource messageSource = new ReloadableResourceBundleMessageSource();
- messageSource.setDefaultEncoding("UTF-8");
- messageSource.setParentMessageSource(internalMessageSource());
-
- final String staticResources = basicConfig.getBasicConfiguration(MSeIDASNodeConstants.PROP_CONFIG_WEBCONTENT_PROPERTIES_PATH);
- try {
- if (StringUtils.isNotEmpty(staticResources)) {
- final String absPath = FileUtils.makeAbsoluteUrl(staticResources , basicConfig.getConfigurationRootDirectory());
- messageSource.setBasename(absPath);
-
- } else
- log.debug("No Ressourcefolder for dynamic Web content templates");
-
- } catch (final MalformedURLException e) {
- log.warn("Can NOT initialize ressourcefolder for dynamic Web content templates", e);
-
- }
-
- return messageSource;
-
- }
-
- @Bean
- public CookieLocaleResolver localeResolver(){
- final CookieLocaleResolver localeResolver = new CookieLocaleResolver();
- localeResolver.setCookieName("currentLanguage");
- localeResolver.setCookieMaxAge(3600);
- return localeResolver;
- }
-
- @Bean(name="templateResolver")
- public FileTemplateResolver templateResolver() {
- final String staticResources = basicConfig.getBasicConfiguration(MSeIDASNodeConstants.PROP_CONFIG_WEBCONTENT_TEMPLATES_PATH);
- try {
- if (StringUtils.isNotEmpty(staticResources)) {
- String absPath = FileUtils.makeAbsoluteUrl(staticResources , basicConfig.getConfigurationRootDirectory());
- if (!absPath.endsWith("/"))
- absPath += "/";
-
- if (absPath.startsWith("file:"))
- absPath = absPath.substring("file:".length());
-
- final FileTemplateResolver viewResolver = new FileTemplateResolver();
- viewResolver.setPrefix(absPath);
- viewResolver.setSuffix(".html");
- viewResolver.setTemplateMode("HTML5");
- viewResolver.setCacheable(false);
-
- log.info("Add Ressourcefolder: " + absPath + " for dynamic Web content templates");
- return viewResolver ;
-
- } else
- log.debug("No Ressourcefolder for dynamic Web content templates");
-
- } catch (final MalformedURLException e) {
- log.warn("Can NOT initialize ressourcefolder for dynamic Web content templates", e);
-
- }
-
- //TODO: implement some backup solution
- return null;
-
- }
+public class StaticResourceConfiguration implements WebMvcConfigurer {
+ private static final Logger log = LoggerFactory.getLogger(StaticResourceConfiguration.class);
+ private static final String[] CLASSPATH_RESOURCE_LOCATIONS = {
+ "/"
+ };
+
+ private static final String DEFAULT_MESSAGE_SOURCE = "classpath:properties/status_messages";
+
+ @Autowired
+ private IConfiguration basicConfig;
+
+ @Override
+ public void addResourceHandlers(ResourceHandlerRegistry registry) {
+ final String staticResources = basicConfig.getBasicConfiguration(
+ MsEidasNodeConstants.PROP_CONFIG_WEBCONTENT_STATIC_PATH);
+ try {
+ if (StringUtils.isNotEmpty(staticResources)) {
+ String absPath = FileUtils.makeAbsoluteUrl(staticResources, basicConfig
+ .getConfigurationRootDirectory());
+ if (!absPath.endsWith("/")) {
+ absPath += "/";
+ }
+
+ registry.addResourceHandler("/static/**").addResourceLocations(absPath);
+ log.info("Add Ressourcefolder: " + absPath + " for static Web content");
+
+ } else {
+ log.debug("No Ressourcefolder for static Web content");
+ }
+
+ } catch (final MalformedURLException e) {
+ log.warn("Can NOT initialize ressourcefolder for static Web content", e);
+
+ }
+
+ registry.addResourceHandler("/**").addResourceLocations(CLASSPATH_RESOURCE_LOCATIONS);
+
+ }
+
+ /**
+ * Internal i18n message source.
+ *
+ * @return
+ */
+ @Bean
+ public ReloadableResourceBundleMessageSource internalMessageSource() {
+ final ReloadableResourceBundleMessageSource messageSource = new ReloadableResourceBundleMessageSource();
+
+ // add default message source
+ messageSource.setBasename(DEFAULT_MESSAGE_SOURCE);
+ messageSource.setDefaultEncoding("UTF-8");
+ return messageSource;
+
+ }
+
+ /**
+ * External i18n message source.
+ *
+ * @return
+ */
+ @Bean
+ public ReloadableResourceBundleMessageSource messageSource() {
+ final ReloadableResourceBundleMessageSource messageSource = new ReloadableResourceBundleMessageSource();
+ messageSource.setDefaultEncoding("UTF-8");
+ messageSource.setParentMessageSource(internalMessageSource());
+
+ final String staticResources = basicConfig.getBasicConfiguration(
+ MsEidasNodeConstants.PROP_CONFIG_WEBCONTENT_PROPERTIES_PATH);
+ try {
+ if (StringUtils.isNotEmpty(staticResources)) {
+ final String absPath = FileUtils.makeAbsoluteUrl(staticResources, basicConfig
+ .getConfigurationRootDirectory());
+ messageSource.setBasename(absPath);
+
+ } else {
+ log.debug("No Ressourcefolder for dynamic Web content templates");
+ }
+
+ } catch (final MalformedURLException e) {
+ log.warn("Can NOT initialize ressourcefolder for dynamic Web content templates", e);
+
+ }
+
+ return messageSource;
+
+ }
+
+ /**
+ * Cookie based i18n language selector.
+ *
+ * @return
+ */
+ @Bean
+ public CookieLocaleResolver localeResolver() {
+ final CookieLocaleResolver localeResolver = new CookieLocaleResolver();
+ localeResolver.setCookieName("currentLanguage");
+ localeResolver.setCookieMaxAge(3600);
+ return localeResolver;
+ }
+
+
+ /**
+ * Thymeleaf based template resolver.
+ *
+ * @return
+ */
+ @Bean(name = "templateResolver")
+ public FileTemplateResolver templateResolver() {
+ final String staticResources = basicConfig.getBasicConfiguration(
+ MsEidasNodeConstants.PROP_CONFIG_WEBCONTENT_TEMPLATES_PATH);
+ try {
+ if (StringUtils.isNotEmpty(staticResources)) {
+ String absPath = FileUtils.makeAbsoluteUrl(staticResources, basicConfig
+ .getConfigurationRootDirectory());
+ if (!absPath.endsWith("/")) {
+ absPath += "/";
+ }
+
+ if (absPath.startsWith("file:")) {
+ absPath = absPath.substring("file:".length());
+ }
+
+ final FileTemplateResolver viewResolver = new FileTemplateResolver();
+ viewResolver.setPrefix(absPath);
+ viewResolver.setSuffix(".html");
+ viewResolver.setTemplateMode("HTML5");
+ viewResolver.setCacheable(false);
+
+ log.info("Add Ressourcefolder: " + absPath + " for dynamic Web content templates");
+ return viewResolver;
+
+ } else {
+ log.debug("No Ressourcefolder for dynamic Web content templates");
+ }
+
+ } catch (final MalformedURLException e) {
+ log.warn("Can NOT initialize ressourcefolder for dynamic Web content templates", e);
+
+ }
+
+ // TODO: implement some backup solution
+ return null;
+
+ }
}
diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/controller/MonitoringController.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/controller/MonitoringController.java
index 14095ffc..2776ec53 100644
--- a/connector/src/main/java/at/asitplus/eidas/specific/connector/controller/MonitoringController.java
+++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/controller/MonitoringController.java
@@ -1,6 +1,6 @@
-/*******************************************************************************
+/*
* Copyright 2018 A-SIT Plus GmbH
- * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
* A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
*
* Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
@@ -19,7 +19,8 @@
* file for details on the various modules and licenses.
* The "NOTICE" text file is part of the distribution. Any derivative works
* that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
+*/
+
package at.asitplus.eidas.specific.connector.controller;
import java.io.IOException;
@@ -42,7 +43,7 @@ import org.springframework.web.bind.annotation.ExceptionHandler;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
-import at.asitplus.eidas.specific.connector.MSeIDASNodeConstants;
+import at.asitplus.eidas.specific.connector.MsEidasNodeConstants;
import at.gv.egiz.eaaf.core.api.data.EaafConstants;
import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP;
import at.gv.egiz.eaaf.core.api.storage.ITransactionStorage;
@@ -56,197 +57,225 @@ import at.gv.egiz.eaaf.modules.pvp2.impl.utils.AbstractCredentialProvider;
@Controller
public class MonitoringController {
- private static final Logger log = LoggerFactory.getLogger(MonitoringController.class);
-
- private static final String MESSAGE_OK = "OK";
- private static final String MESSAGE_ERROR = "ERROR";
- private static final String MESSAGE_SKIPPED = "SKIPPED";
-
- private static final String TEST_STORAGE = "Storage: ";
- private static final String TEST_CONFIG = "Config: ";
- private static final String TEST_PVPMETADATA = "PVP_metadata: ";
- private static final String TEST_EIDASNODEMETADATA = "eIDASNode_metadata: ";
-
- @Autowired private ITransactionStorage storage;
- @Autowired private IConfigurationWithSP config;
-
- @Autowired private PvpMetadataBuilder metadatabuilder;
- @Autowired private IPvpMetadataConfigurationFactory configFactory;
- private AbstractCredentialProvider pvpIDPCredentials;
-
- /**
- * Sets a specific credential provider for PVP S-Profile IDP component.
- * @param pvpIDPCredentials credential provider
- */
- public void setPvpIDPCredentials(AbstractCredentialProvider pvpIDPCredentials) {
- this.pvpIDPCredentials = pvpIDPCredentials;
-
- }
-
- @ExceptionHandler({Throwable.class})
- public void genericExceptionHandler(HttpServletResponse resp, Exception exception) throws IOException {
- log.error("Monitoring Servlet receives an error." , exception);
- resp.setContentType(EaafConstants.CONTENTTYPE_HTML_UTF8);
- resp.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
- resp.getWriter().write("Reason: "
- + StringEscapeUtils.escapeHtml4(StringEscapeUtils.escapeEcmaScript(exception.getMessage())));
- return;
-
- }
-
- @RequestMapping(value = {MSeIDASNodeConstants.ENDPOINT_MONITORING_MONITOR},
- method = {RequestMethod.GET} )
- public void startFullTest(HttpServletRequest req, HttpServletResponse resp) throws IOException {
- resp.setContentType(EaafConstants.CONTENTTYPE_HTML_UTF8);
-
- try {
- testConfig();
- testStorage();
- testPVPMetadata();
- testEidasNodeMetadata();
- resp.setStatus(HttpServletResponse.SC_OK);
- resp.getWriter().write(MESSAGE_OK);
-
- } catch (Exception e) {
- resp.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
- resp.getWriter().write(MESSAGE_ERROR);
-
- }
-
-
- }
-
- @RequestMapping(value = {MSeIDASNodeConstants.ENDPOINT_MONITORING_VERIFY},
- method = {RequestMethod.GET} )
-
- public void startSingleTests(HttpServletRequest req, HttpServletResponse resp) throws IOException {
- String result = StringUtils.EMPTY;
- try {
- result += testConfig() + "<br>";
- } catch (Exception e) {
- result += e.getMessage() + "<br>";
- }
-
- try {
- result += testStorage() + "<br>";
- } catch (Exception e) {
- result += e.getMessage() + "<br>";
- }
-
- try {
- result += testPVPMetadata() + "<br>";
- } catch (Exception e) {
- result += e.getMessage() + "<br>";
- }
-
- try {
- result += testEidasNodeMetadata() + "<br>";
- } catch (Exception e) {
- result += e.getMessage() + "<br>";
- }
-
- resp.setContentType(EaafConstants.CONTENTTYPE_HTML_UTF8);
- resp.setStatus(HttpServletResponse.SC_OK);
- resp.getWriter().write(result);
-
- }
-
- private String testStorage( ) throws Exception {
- try {
- String key = Random.nextHexRandom16();
- String value = Random.nextHexRandom16();
-
- storage.put(key, value, -1);
- String result = storage.get(key, String.class);
- storage.remove(key);
-
- if (result != null && result.equals(value))
- return TEST_STORAGE + MESSAGE_OK;
- else
- log.warn("Montioring: TestValue: " + value + " does NOT match in Storage test");
-
- } catch (EaafException e) {
- log.warn("Montioring: Can not read/write to storage.", e);
-
- }
-
- throw new Exception(TEST_STORAGE + MESSAGE_ERROR);
-
- }
-
- private String testConfig( ) throws Exception {
- try {
- if (config.getBasicConfigurationWithPrefix(MSeIDASNodeConstants.PROP_CONFIG_SP_LIST_PREFIX) != null
- && config.getBasicConfigurationWithPrefix(MSeIDASNodeConstants.PROP_CONFIG_SP_LIST_PREFIX).size() > 0)
- return TEST_CONFIG + MESSAGE_OK;
-
- else
- log.warn("Montioring: Can not read from configuration file.");
-
- } catch (Exception e) {
- log.warn("Montioring: Can not read from configuration file.", e);
- }
-
- throw new Exception(TEST_CONFIG + MESSAGE_ERROR);
-
- }
-
- private String testPVPMetadata() throws Exception {
- try {
- //build metadata
- IPvpMetadataBuilderConfiguration metadataConfig =
- configFactory.generateMetadataBuilderConfiguration(
- "http://localhost/monitoring",
- pvpIDPCredentials);
- metadatabuilder.buildPvpMetadata(metadataConfig);
- return TEST_PVPMETADATA + MESSAGE_OK;
-
- } catch (Exception | TransformerFactoryConfigurationError e) {
- log.warn("Monitoring: Has an error in '" + TEST_PVPMETADATA + "': " + e.getMessage(), e);
- throw new Exception(TEST_PVPMETADATA + MESSAGE_ERROR, e);
-
- }
-
- }
-
- private String testEidasNodeMetadata() throws Exception {
- try {
- String urlString = config.getBasicConfiguration(MSeIDASNodeConstants.PROP_CONFIG_MONITORING_EIDASNODE_METADATAURL);
- if (StringUtils.isEmpty(urlString)) {
- log.debug("No eIDASNode metadata URL. Skipping test ... ");
- return TEST_EIDASNODEMETADATA + MESSAGE_SKIPPED;
-
- }
-
- //create HTTP client
- //TODO: update if we switch to openSAML3
- HttpClient httpClient = new HttpClient();
-
- //set parameters
- HttpClientParams params = new HttpClientParams();
- params.setSoTimeout(5*1000);
- httpClient.setParams(params );
-
- //request URL
- HttpMethod method = new GetMethod(urlString);
- int respCode = httpClient.executeMethod(method);
- if (respCode != 200) {
- log.warn("Monitoring: Has an error in '" + TEST_EIDASNODEMETADATA + "': " + " HTTP responsecode: " + respCode);
- throw new Exception(TEST_EIDASNODEMETADATA + MESSAGE_ERROR);
-
- }
-
- //parse metadata
- DomUtils.parseXmlNonValidating(method.getResponseBodyAsStream());
-
- return TEST_EIDASNODEMETADATA + MESSAGE_OK;
-
- } catch (Exception | TransformerFactoryConfigurationError e) {
- log.warn("Monitoring: Has an error in '" + TEST_EIDASNODEMETADATA + "': " + e.getMessage(), e);
- throw new Exception(TEST_EIDASNODEMETADATA + MESSAGE_ERROR, e);
-
- }
-
- }
-
+ private static final Logger log = LoggerFactory.getLogger(MonitoringController.class);
+
+ private static final String MESSAGE_OK = "OK";
+ private static final String MESSAGE_ERROR = "ERROR";
+ private static final String MESSAGE_SKIPPED = "SKIPPED";
+
+ private static final String TEST_STORAGE = "Storage: ";
+ private static final String TEST_CONFIG = "Config: ";
+ private static final String TEST_PVPMETADATA = "PVP_metadata: ";
+ private static final String TEST_EIDASNODEMETADATA = "eIDASNode_metadata: ";
+
+ @Autowired
+ private ITransactionStorage storage;
+ @Autowired
+ private IConfigurationWithSP config;
+
+ @Autowired
+ private PvpMetadataBuilder metadatabuilder;
+ @Autowired
+ private IPvpMetadataConfigurationFactory configFactory;
+ private AbstractCredentialProvider pvpIdpCredentials;
+
+ /**
+ * Sets a specific credential provider for PVP S-Profile IDP component.
+ *
+ * @param pvpIdpCredentials credential provider
+ */
+ public void setPvpIdpCredentials(AbstractCredentialProvider pvpIdpCredentials) {
+ this.pvpIdpCredentials = pvpIdpCredentials;
+
+ }
+
+ /**
+ * Generic exception handling that wrote an error-message to html response.
+ *
+ * @param resp Http response object
+ * @param exception Error
+ * @throws IOException In case of a html response error.
+ */
+ @ExceptionHandler({ Throwable.class })
+ public void genericExceptionHandler(HttpServletResponse resp, Exception exception) throws IOException {
+ log.error("Monitoring Servlet receives an error.", exception);
+ resp.setContentType(EaafConstants.CONTENTTYPE_HTML_UTF8);
+ resp.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
+ resp.getWriter().write("Reason: "
+ + StringEscapeUtils.escapeHtml4(StringEscapeUtils.escapeEcmaScript(exception.getMessage())));
+
+ }
+
+ /**
+ * MS-Connector status-monitoring end-point.
+ *
+ * @param req http request
+ * @param resp http response
+ * @throws IOException In case of a general processing error
+ */
+ @RequestMapping(value = { MsEidasNodeConstants.ENDPOINT_MONITORING_MONITOR },
+ method = { RequestMethod.GET })
+ public void startFullTest(HttpServletRequest req, HttpServletResponse resp) throws IOException {
+ resp.setContentType(EaafConstants.CONTENTTYPE_HTML_UTF8);
+
+ try {
+ testConfig();
+ testStorage();
+ testPvpMetadata();
+ testEidasNodeMetadata();
+ resp.setStatus(HttpServletResponse.SC_OK);
+ resp.getWriter().write(MESSAGE_OK);
+
+ } catch (final Exception e) {
+ resp.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
+ resp.getWriter().write(MESSAGE_ERROR);
+
+ }
+
+ }
+
+ /**
+ * MS-Connector internal verify monitoring end-point.
+ *
+ * @param req http request object
+ * @param resp http response object
+ * @throws IOException In case of an internal processing error
+ */
+ @RequestMapping(value = { MsEidasNodeConstants.ENDPOINT_MONITORING_VERIFY },
+ method = { RequestMethod.GET })
+
+ public void startSingleTests(HttpServletRequest req, HttpServletResponse resp) throws IOException {
+ String result = StringUtils.EMPTY;
+ try {
+ result += testConfig() + "<br>";
+ } catch (final Exception e) {
+ result += e.getMessage() + "<br>";
+ }
+
+ try {
+ result += testStorage() + "<br>";
+ } catch (final Exception e) {
+ result += e.getMessage() + "<br>";
+ }
+
+ try {
+ result += testPvpMetadata() + "<br>";
+ } catch (final Exception e) {
+ result += e.getMessage() + "<br>";
+ }
+
+ try {
+ result += testEidasNodeMetadata() + "<br>";
+ } catch (final Exception e) {
+ result += e.getMessage() + "<br>";
+ }
+
+ resp.setContentType(EaafConstants.CONTENTTYPE_HTML_UTF8);
+ resp.setStatus(HttpServletResponse.SC_OK);
+ resp.getWriter().write(result);
+
+ }
+
+ private String testStorage() throws Exception {
+ try {
+ final String key = Random.nextHexRandom16();
+ final String value = Random.nextHexRandom16();
+
+ storage.put(key, value, -1);
+ final String result = storage.get(key, String.class);
+ storage.remove(key);
+
+ if (result != null && result.equals(value)) {
+ return TEST_STORAGE + MESSAGE_OK;
+ } else {
+ log.warn("Montioring: TestValue: " + value + " does NOT match in Storage test");
+ }
+
+ } catch (final EaafException e) {
+ log.warn("Montioring: Can not read/write to storage.", e);
+
+ }
+
+ throw new Exception(TEST_STORAGE + MESSAGE_ERROR);
+
+ }
+
+ private String testConfig() throws Exception {
+ try {
+ if (config.getBasicConfigurationWithPrefix(MsEidasNodeConstants.PROP_CONFIG_SP_LIST_PREFIX) != null
+ && config.getBasicConfigurationWithPrefix(MsEidasNodeConstants.PROP_CONFIG_SP_LIST_PREFIX)
+ .size() > 0) {
+ return TEST_CONFIG + MESSAGE_OK;
+ } else {
+ log.warn("Montioring: Can not read from configuration file.");
+ }
+
+ } catch (final Exception e) {
+ log.warn("Montioring: Can not read from configuration file.", e);
+ }
+
+ throw new Exception(TEST_CONFIG + MESSAGE_ERROR);
+
+ }
+
+ private String testPvpMetadata() throws Exception {
+ try {
+ // build metadata
+ final IPvpMetadataBuilderConfiguration metadataConfig =
+ configFactory.generateMetadataBuilderConfiguration(
+ "http://localhost/monitoring",
+ pvpIdpCredentials);
+ metadatabuilder.buildPvpMetadata(metadataConfig);
+ return TEST_PVPMETADATA + MESSAGE_OK;
+
+ } catch (Exception | TransformerFactoryConfigurationError e) {
+ log.warn("Monitoring: Has an error in '" + TEST_PVPMETADATA + "': " + e.getMessage(), e);
+ throw new Exception(TEST_PVPMETADATA + MESSAGE_ERROR, e);
+
+ }
+
+ }
+
+ private String testEidasNodeMetadata() throws Exception {
+ try {
+ final String urlString = config.getBasicConfiguration(
+ MsEidasNodeConstants.PROP_CONFIG_MONITORING_EIDASNODE_METADATAURL);
+ if (StringUtils.isEmpty(urlString)) {
+ log.debug("No eIDASNode metadata URL. Skipping test ... ");
+ return TEST_EIDASNODEMETADATA + MESSAGE_SKIPPED;
+
+ }
+
+ // create HTTP client
+ // TODO: update if we switch to openSAML3
+ final HttpClient httpClient = new HttpClient();
+
+ // set parameters
+ final HttpClientParams params = new HttpClientParams();
+ params.setSoTimeout(5 * 1000);
+ httpClient.setParams(params);
+
+ // request URL
+ final HttpMethod method = new GetMethod(urlString);
+ final int respCode = httpClient.executeMethod(method);
+ if (respCode != 200) {
+ log.warn("Monitoring: Has an error in '" + TEST_EIDASNODEMETADATA + "': " + " HTTP responsecode: "
+ + respCode);
+ throw new Exception(TEST_EIDASNODEMETADATA + MESSAGE_ERROR);
+
+ }
+
+ // parse metadata
+ DomUtils.parseXmlNonValidating(method.getResponseBodyAsStream());
+
+ return TEST_EIDASNODEMETADATA + MESSAGE_OK;
+
+ } catch (Exception | TransformerFactoryConfigurationError e) {
+ log.warn("Monitoring: Has an error in '" + TEST_EIDASNODEMETADATA + "': " + e.getMessage(), e);
+ throw new Exception(TEST_EIDASNODEMETADATA + MESSAGE_ERROR, e);
+
+ }
+
+ }
+
}
diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/controller/PVP2SProfileEndpoint.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/controller/PVP2SProfileEndpoint.java
deleted file mode 100644
index 19230c62..00000000
--- a/connector/src/main/java/at/asitplus/eidas/specific/connector/controller/PVP2SProfileEndpoint.java
+++ /dev/null
@@ -1,81 +0,0 @@
-/*******************************************************************************
- * Copyright 2018 A-SIT Plus GmbH
- * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
- * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "License");
- * You may not use this work except in compliance with the License.
- * You may obtain a copy of the License at:
- * https://joinup.ec.europa.eu/news/understanding-eupl-v12
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-package at.asitplus.eidas.specific.connector.controller;
-
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import org.springframework.stereotype.Controller;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RequestMethod;
-
-import at.asitplus.eidas.specific.connector.MSeIDASNodeConstants;
-import at.gv.egiz.eaaf.core.exceptions.EaafException;
-import at.gv.egiz.eaaf.modules.pvp2.idp.impl.AbstractPvp2XProtocol;
-import at.gv.egiz.eaaf.modules.pvp2.idp.impl.PvpSProfilePendingRequest;
-
-@Controller
-public class PVP2SProfileEndpoint extends AbstractPvp2XProtocol{
-
- public static final String NAME = PVP2SProfileEndpoint.class.getName();
- public static final String PROTOCOL_ID = "pvp2-s";
-
- @RequestMapping(value = MSeIDASNodeConstants.ENDPOINT_PVP_METADATA, method = {RequestMethod.POST, RequestMethod.GET})
- public void PVPMetadataRequest(HttpServletRequest req, HttpServletResponse resp) throws EaafException {
- super.pvpMetadataRequest(req, resp);
-
- }
-
- @RequestMapping(value = MSeIDASNodeConstants.ENDPOINT_PVP_POST, method = {RequestMethod.POST})
- public void PVPIDPPostRequest(HttpServletRequest req, HttpServletResponse resp) throws EaafException {
- super.pvpIdpPostRequest(req, resp);
-
- }
-
- @RequestMapping(value = MSeIDASNodeConstants.ENDPOINT_PVP_REDIRECT, method = {RequestMethod.GET})
- public void PVPIDPRedirecttRequest(HttpServletRequest req, HttpServletResponse resp) throws EaafException {
- super.pvpIdpRedirecttRequest(req, resp);
-
- }
-
-
- @Override
- public String getAuthProtocolIdentifier() {
- return PROTOCOL_ID;
- }
-
- @Override
- public String getName() {
- return NAME;
- }
-
- @Override
- protected boolean childPreProcess(HttpServletRequest arg0, HttpServletResponse arg1, PvpSProfilePendingRequest arg2)
- throws Throwable {
- return false;
- }
-
-
-}
diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/controller/ProcessEngineSignalController.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/controller/ProcessEngineSignalController.java
index bb98f483..1bf1ad67 100644
--- a/connector/src/main/java/at/asitplus/eidas/specific/connector/controller/ProcessEngineSignalController.java
+++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/controller/ProcessEngineSignalController.java
@@ -1,6 +1,6 @@
-/*******************************************************************************
+/*
* Copyright 2018 A-SIT Plus GmbH
- * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
* A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
*
* Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
@@ -19,7 +19,8 @@
* file for details on the various modules and licenses.
* The "NOTICE" text file is part of the distribution. Any derivative works
* that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
+ */
+
package at.asitplus.eidas.specific.connector.controller;
import java.io.IOException;
@@ -31,23 +32,26 @@ import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
-import at.asitplus.eidas.specific.connector.MSeIDASNodeConstants;
+import at.asitplus.eidas.specific.connector.MsEidasNodeConstants;
import at.gv.egiz.eaaf.core.exceptions.EaafException;
import at.gv.egiz.eaaf.core.impl.idp.controller.AbstractProcessEngineSignalController;
/**
+ * Default process-engine signaling controller.
+ *
* @author tlenz
*
*/
@Controller
public class ProcessEngineSignalController extends AbstractProcessEngineSignalController {
-
- @RequestMapping(value = {MSeIDASNodeConstants.ENDPOINT_COUNTRYSELECTION
- },
- method = {RequestMethod.POST, RequestMethod.GET})
- public void performGenericAuthenticationProcess(HttpServletRequest req, HttpServletResponse resp) throws IOException, EaafException {
- signalProcessManagement(req, resp);
-
- }
+
+ @RequestMapping(value = {
+ MsEidasNodeConstants.ENDPOINT_COUNTRYSELECTION
+ },
+ method = { RequestMethod.POST, RequestMethod.GET })
+ public void performGenericAuthenticationProcess(HttpServletRequest req, HttpServletResponse resp)
+ throws IOException, EaafException {
+ signalProcessManagement(req, resp);
+
+ }
}
- \ No newline at end of file
diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/controller/Pvp2SProfileEndpoint.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/controller/Pvp2SProfileEndpoint.java
new file mode 100644
index 00000000..d2ec5a7c
--- /dev/null
+++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/controller/Pvp2SProfileEndpoint.java
@@ -0,0 +1,80 @@
+/*
+ * Copyright 2018 A-SIT Plus GmbH
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "License");
+ * You may not use this work except in compliance with the License.
+ * You may obtain a copy of the License at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.asitplus.eidas.specific.connector.controller;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.springframework.stereotype.Controller;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestMethod;
+
+import at.asitplus.eidas.specific.connector.MsEidasNodeConstants;
+import at.gv.egiz.eaaf.core.exceptions.EaafException;
+import at.gv.egiz.eaaf.modules.pvp2.idp.impl.AbstractPvp2XProtocol;
+import at.gv.egiz.eaaf.modules.pvp2.idp.impl.PvpSProfilePendingRequest;
+
+@Controller
+public class Pvp2SProfileEndpoint extends AbstractPvp2XProtocol {
+
+ public static final String NAME = Pvp2SProfileEndpoint.class.getName();
+ public static final String PROTOCOL_ID = "pvp2-s";
+
+ @RequestMapping(value = MsEidasNodeConstants.ENDPOINT_PVP_METADATA, method = { RequestMethod.POST,
+ RequestMethod.GET })
+ public void pvpMetadataRequest(HttpServletRequest req, HttpServletResponse resp) throws EaafException {
+ super.pvpMetadataRequest(req, resp);
+
+ }
+
+ @RequestMapping(value = MsEidasNodeConstants.ENDPOINT_PVP_POST, method = { RequestMethod.POST })
+ public void pvpIdpPostRequest(HttpServletRequest req, HttpServletResponse resp) throws EaafException {
+ super.pvpIdpPostRequest(req, resp);
+
+ }
+
+ @RequestMapping(value = MsEidasNodeConstants.ENDPOINT_PVP_REDIRECT, method = { RequestMethod.GET })
+ public void pvpIdpRedirecttRequest(HttpServletRequest req, HttpServletResponse resp) throws EaafException {
+ super.pvpIdpRedirecttRequest(req, resp);
+
+ }
+
+ @Override
+ public String getAuthProtocolIdentifier() {
+ return PROTOCOL_ID;
+ }
+
+ @Override
+ public String getName() {
+ return NAME;
+ }
+
+ @Override
+ protected boolean childPreProcess(HttpServletRequest arg0, HttpServletResponse arg1,
+ PvpSProfilePendingRequest arg2)
+ throws Throwable {
+ return false;
+ }
+
+}
diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/interceptor/WebFrontEndSecurityInterceptor.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/interceptor/WebFrontEndSecurityInterceptor.java
index e60b535c..d90cd22b 100644
--- a/connector/src/main/java/at/asitplus/eidas/specific/connector/interceptor/WebFrontEndSecurityInterceptor.java
+++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/interceptor/WebFrontEndSecurityInterceptor.java
@@ -1,6 +1,6 @@
-/*******************************************************************************
+/*
* Copyright 2018 A-SIT Plus GmbH
- * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
* A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
*
* Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
@@ -19,7 +19,8 @@
* file for details on the various modules and licenses.
* The "NOTICE" text file is part of the distribution. Any derivative works
* that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
+*/
+
package at.asitplus.eidas.specific.connector.interceptor;
import javax.servlet.http.HttpServletRequest;
@@ -29,47 +30,61 @@ import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;
/**
+ * Spring interceptor to inject securtiy headers into http response.
+ *
* @author tlenz
*
*/
public class WebFrontEndSecurityInterceptor implements HandlerInterceptor {
-
- /* (non-Javadoc)
- * @see org.springframework.web.servlet.HandlerInterceptor#preHandle(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, java.lang.Object)
- */
- @Override
- public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler)
- throws Exception {
- //set security headers
- response.setHeader("Expires", "Sat, 6 May 1995 12:00:00 GMT");
- response.setHeader("Pragma", "no-cache");
- response.setHeader("Cache-control", "no-store, no-cache, must-revalidate");
-
- return true;
-
- }
+ /*
+ * (non-Javadoc)
+ *
+ * @see
+ * org.springframework.web.servlet.HandlerInterceptor#preHandle(javax.servlet.
+ * http.HttpServletRequest, javax.servlet.http.HttpServletResponse,
+ * java.lang.Object)
+ */
+ @Override
+ public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler)
+ throws Exception {
+
+ // set security headers
+ response.setHeader("Expires", "Sat, 6 May 1995 12:00:00 GMT");
+ response.setHeader("Pragma", "no-cache");
+ response.setHeader("Cache-control", "no-store, no-cache, must-revalidate");
- /* (non-Javadoc)
- * @see org.springframework.web.servlet.HandlerInterceptor#postHandle(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, java.lang.Object, org.springframework.web.servlet.ModelAndView)
- */
- @Override
- public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler,
- ModelAndView modelAndView) throws Exception {
+ return true;
-
-
+ }
+ /*
+ * (non-Javadoc)
+ *
+ * @see
+ * org.springframework.web.servlet.HandlerInterceptor#postHandle(javax.servlet.
+ * http.HttpServletRequest, javax.servlet.http.HttpServletResponse,
+ * java.lang.Object, org.springframework.web.servlet.ModelAndView)
+ */
+ @Override
+ public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler,
+ ModelAndView modelAndView) throws Exception {
- }
+ }
- /* (non-Javadoc)
- * @see org.springframework.web.servlet.HandlerInterceptor#afterCompletion(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, java.lang.Object, java.lang.Exception)
- */
- @Override
- public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex)
- throws Exception {
+ /*
+ * (non-Javadoc)
+ *
+ * @see
+ * org.springframework.web.servlet.HandlerInterceptor#afterCompletion(javax.
+ * servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse,
+ * java.lang.Object, java.lang.Exception)
+ */
+ @Override
+ public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler,
+ Exception ex)
+ throws Exception {
- }
+ }
}
diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/logger/RevisionLogger.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/logger/RevisionLogger.java
index faaf1e57..16385e10 100644
--- a/connector/src/main/java/at/asitplus/eidas/specific/connector/logger/RevisionLogger.java
+++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/logger/RevisionLogger.java
@@ -1,6 +1,6 @@
-/*******************************************************************************
+/*
* Copyright 2018 A-SIT Plus GmbH
- * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
* A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
*
* Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
@@ -19,7 +19,8 @@
* file for details on the various modules and licenses.
* The "NOTICE" text file is part of the distribution. Any derivative works
* that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
+*/
+
package at.asitplus.eidas.specific.connector.logger;
import java.util.Date;
@@ -28,7 +29,7 @@ import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
-import at.asitplus.eidas.specific.connector.MSeIDASNodeConstants;
+import at.asitplus.eidas.specific.connector.MsEidasNodeConstants;
import at.gv.egiz.components.eventlog.api.Event;
import at.gv.egiz.components.eventlog.api.EventConstants;
import at.gv.egiz.components.eventlog.api.EventLogFactory;
@@ -39,68 +40,71 @@ import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration;
import at.gv.egiz.eaaf.core.api.logging.IRevisionLogger;
public class RevisionLogger extends EventLogFactory implements IRevisionLogger {
- private static final Logger log = LoggerFactory.getLogger(RevisionLogger.class);
-
- @Autowired private IConfiguration basicConfig;
-
- @Override
- public void logEvent(ISpConfiguration oaConfig, int eventCode, String message) {
- logEvent(createNewEvent(new Date().getTime(), eventCode, message));
-
- }
-
- @Override
- public void logEvent(IRequest pendingRequest, int eventCode) {
- logEvent(createNewEvent(new Date().getTime(), eventCode,
- pendingRequest.getUniqueSessionIdentifier(), pendingRequest.getUniqueTransactionIdentifier()));
-
- }
-
- @Override
- public void logEvent(IRequest pendingRequest, int eventCode, String message) {
- logEvent(createNewEvent(new Date().getTime(), eventCode, message,
- pendingRequest.getUniqueSessionIdentifier(), pendingRequest.getUniqueTransactionIdentifier()));
-
- }
-
- @Override
- public void logEvent(int eventCode, String message) {
- logEvent(createNewEvent(new Date().getTime(), eventCode, message));
-
- }
-
- @Override
- public void logEvent(String sessionID, String transactionID, int eventCode, String message) {
- logEvent(createNewEvent(new Date().getTime(), eventCode, message, sessionID, transactionID));
-
- }
-
- @Override
- public void logEvent(String sessionID, String transactionID, int eventCode) {
- logEvent(createNewEvent(new Date().getTime(), eventCode, sessionID, transactionID));
-
- }
-
- private void logEvent(Event event) {
- try {
- if (event.getEventCode() >= 1100) {
- if ( (event.getEventCode() == EventConstants.TRANSACTION_IP)
- && !basicConfig.getBasicConfigurationBoolean(
- MSeIDASNodeConstants.PROP_CONFIG_REVISIONLOG_LOG_IP_ADDRESS_OF_USER, true) ) {
- log.trace("Ignore Event: " + event.getEventCode() + " because IP adresse logging prohibited");
- return;
-
- }
-
- getEventLog().logEvent(event);
-
- } else
- log.trace("Ignore Event: " + event.getEventCode() + " because session functionallity is not implemented");
-
- } catch (EventLoggingException e) {
- log.warn("Event logging FAILED! Reason: " + e.getMessage());
-
- }
-
- }
+ private static final Logger log = LoggerFactory.getLogger(RevisionLogger.class);
+
+ @Autowired
+ private IConfiguration basicConfig;
+
+ @Override
+ public void logEvent(ISpConfiguration oaConfig, int eventCode, String message) {
+ logEvent(createNewEvent(new Date().getTime(), eventCode, message));
+
+ }
+
+ @Override
+ public void logEvent(IRequest pendingRequest, int eventCode) {
+ logEvent(createNewEvent(new Date().getTime(), eventCode,
+ pendingRequest.getUniqueSessionIdentifier(), pendingRequest.getUniqueTransactionIdentifier()));
+
+ }
+
+ @Override
+ public void logEvent(IRequest pendingRequest, int eventCode, String message) {
+ logEvent(createNewEvent(new Date().getTime(), eventCode, message,
+ pendingRequest.getUniqueSessionIdentifier(), pendingRequest.getUniqueTransactionIdentifier()));
+
+ }
+
+ @Override
+ public void logEvent(int eventCode, String message) {
+ logEvent(createNewEvent(new Date().getTime(), eventCode, message));
+
+ }
+
+ @Override
+ public void logEvent(String sessionID, String transactionID, int eventCode, String message) {
+ logEvent(createNewEvent(new Date().getTime(), eventCode, message, sessionID, transactionID));
+
+ }
+
+ @Override
+ public void logEvent(String sessionID, String transactionID, int eventCode) {
+ logEvent(createNewEvent(new Date().getTime(), eventCode, sessionID, transactionID));
+
+ }
+
+ private void logEvent(Event event) {
+ try {
+ if (event.getEventCode() >= 1100) {
+ if (event.getEventCode() == EventConstants.TRANSACTION_IP
+ && !basicConfig.getBasicConfigurationBoolean(
+ MsEidasNodeConstants.PROP_CONFIG_REVISIONLOG_LOG_IP_ADDRESS_OF_USER, true)) {
+ log.trace("Ignore Event: " + event.getEventCode() + " because IP adresse logging prohibited");
+ return;
+
+ }
+
+ getEventLog().logEvent(event);
+
+ } else {
+ log.trace("Ignore Event: " + event.getEventCode()
+ + " because session functionallity is not implemented");
+ }
+
+ } catch (final EventLoggingException e) {
+ log.warn("Event logging FAILED! Reason: " + e.getMessage());
+
+ }
+
+ }
}
diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/logger/StatisticLogger.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/logger/StatisticLogger.java
index e742c748..3483f367 100644
--- a/connector/src/main/java/at/asitplus/eidas/specific/connector/logger/StatisticLogger.java
+++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/logger/StatisticLogger.java
@@ -1,6 +1,6 @@
-/*******************************************************************************
+/*
* Copyright 2018 A-SIT Plus GmbH
- * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
* A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
*
* Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
@@ -19,7 +19,8 @@
* file for details on the various modules and licenses.
* The "NOTICE" text file is part of the distribution. Any derivative works
* that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
+*/
+
package at.asitplus.eidas.specific.connector.logger;
import org.apache.commons.lang3.StringUtils;
@@ -27,7 +28,7 @@ import org.joda.time.DateTime;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
-import at.asitplus.eidas.specific.connector.MSeIDASNodeConstants;
+import at.asitplus.eidas.specific.connector.MsEidasNodeConstants;
import at.gv.egiz.eaaf.core.api.IRequest;
import at.gv.egiz.eaaf.core.api.idp.IAuthData;
import at.gv.egiz.eaaf.core.api.logging.IStatisticLogger;
@@ -35,104 +36,106 @@ import at.gv.egiz.eaaf.core.exceptions.EaafException;
public class StatisticLogger implements IStatisticLogger {
- private static final Logger log = LoggerFactory.getLogger(StatisticLogger.class);
-
- private static final String DATEFORMATER = "yyyy.MM.dd-HH:mm:ss+z";
- private static final String STATUS_SUCCESS = "success";
- private static final String STATUS_ERROR = "error";
-
- @Override
- public void logSuccessOperation(IRequest protocolRequest, IAuthData authData, boolean isSSOSession) {
- log.info(buildLogMessage(
- protocolRequest.getUniqueTransactionIdentifier(),
- protocolRequest.getSpEntityId(),
- protocolRequest.getRawData(MSeIDASNodeConstants.DATA_REQUESTERID),
- protocolRequest.getServiceProviderConfiguration().getAreaSpecificTargetIdentifier(),
- authData.getCiticenCountryCode(),
- STATUS_SUCCESS ,
- StringUtils.EMPTY,
- StringUtils.EMPTY));
-
-
- }
-
- @Override
- public void logErrorOperation(Throwable throwable) {
- String errorId = "TODO";
- if (throwable instanceof EaafException)
- errorId = ((EaafException) throwable).getErrorId();
-
- log.info(buildLogMessage(
- StringUtils.EMPTY,
- StringUtils.EMPTY,
- StringUtils.EMPTY,
- StringUtils.EMPTY,
- StringUtils.EMPTY,
- STATUS_ERROR,
- errorId,
- throwable.getMessage()));
-
-
- }
-
- @Override
- public void logErrorOperation(Throwable throwable, IRequest errorRequest) {
- String errorId = "TODO";
- if (throwable instanceof EaafException)
- errorId = ((EaafException) throwable).getErrorId();
-
- if (errorRequest != null)
- log.info(buildLogMessage(
- errorRequest.getUniqueTransactionIdentifier(),
- errorRequest.getSpEntityId(),
- errorRequest.getRawData(MSeIDASNodeConstants.DATA_REQUESTERID),
- errorRequest.getServiceProviderConfiguration().getAreaSpecificTargetIdentifier(),
- StringUtils.EMPTY,
- STATUS_ERROR,
- errorId,
- throwable.getMessage()));
-
- else
- log.info(buildLogMessage(
- StringUtils.EMPTY,
- StringUtils.EMPTY,
- StringUtils.EMPTY,
- StringUtils.EMPTY,
- StringUtils.EMPTY,
- STATUS_ERROR,
- errorId,
- throwable.getMessage()));
-
- }
-
- @Override
- public void internalTesting() throws Exception {
- log.trace("Not implemented for a File-based logger");
-
- }
-
- private String buildLogMessage(String tId, String moaIDEntityId, Object requesterId, String target, String cc,
- String status, String errorCode, String errorMsg) {
- String logMsg = StringUtils.EMPTY;
-
- //data,tId,MOAID-Id,SP-Id,bPKTarget,CC,status,error-code,error-msg
-
- logMsg += DateTime.now().toString(DATEFORMATER ) + ",";
- logMsg += tId + ",";
- logMsg += moaIDEntityId + ",";
-
- if (requesterId instanceof String && StringUtils.isNotEmpty((String)requesterId))
- logMsg += (String)requesterId + ",";
- else
- logMsg += StringUtils.EMPTY + ",";
-
- logMsg += target + ",";
- logMsg += cc + ",";
-
- logMsg += status + ",";
- logMsg += errorCode + ",";
- logMsg += errorMsg;
-
- return logMsg;
- }
+ private static final Logger log = LoggerFactory.getLogger(StatisticLogger.class);
+
+ private static final String DATEFORMATER = "yyyy.MM.dd-HH:mm:ss+z";
+ private static final String STATUS_SUCCESS = "success";
+ private static final String STATUS_ERROR = "error";
+
+ @Override
+ public void logSuccessOperation(IRequest protocolRequest, IAuthData authData, boolean isSsoSession) {
+ log.info(buildLogMessage(
+ protocolRequest.getUniqueTransactionIdentifier(),
+ protocolRequest.getSpEntityId(),
+ protocolRequest.getRawData(MsEidasNodeConstants.DATA_REQUESTERID),
+ protocolRequest.getServiceProviderConfiguration().getAreaSpecificTargetIdentifier(),
+ authData.getCiticenCountryCode(),
+ STATUS_SUCCESS,
+ StringUtils.EMPTY,
+ StringUtils.EMPTY));
+
+ }
+
+ @Override
+ public void logErrorOperation(Throwable throwable) {
+ String errorId = "TODO";
+ if (throwable instanceof EaafException) {
+ errorId = ((EaafException) throwable).getErrorId();
+ }
+
+ log.info(buildLogMessage(
+ StringUtils.EMPTY,
+ StringUtils.EMPTY,
+ StringUtils.EMPTY,
+ StringUtils.EMPTY,
+ StringUtils.EMPTY,
+ STATUS_ERROR,
+ errorId,
+ throwable.getMessage()));
+
+ }
+
+ @Override
+ public void logErrorOperation(Throwable throwable, IRequest errorRequest) {
+ String errorId = "TODO";
+ if (throwable instanceof EaafException) {
+ errorId = ((EaafException) throwable).getErrorId();
+ }
+
+ if (errorRequest != null) {
+ log.info(buildLogMessage(
+ errorRequest.getUniqueTransactionIdentifier(),
+ errorRequest.getSpEntityId(),
+ errorRequest.getRawData(MsEidasNodeConstants.DATA_REQUESTERID),
+ errorRequest.getServiceProviderConfiguration().getAreaSpecificTargetIdentifier(),
+ StringUtils.EMPTY,
+ STATUS_ERROR,
+ errorId,
+ throwable.getMessage()));
+ } else {
+ log.info(buildLogMessage(
+ StringUtils.EMPTY,
+ StringUtils.EMPTY,
+ StringUtils.EMPTY,
+ StringUtils.EMPTY,
+ StringUtils.EMPTY,
+ STATUS_ERROR,
+ errorId,
+ throwable.getMessage()));
+ }
+
+ }
+
+ @Override
+ public void internalTesting() throws Exception {
+ log.trace("Not implemented for a File-based logger");
+
+ }
+
+ private String buildLogMessage(String transId, String entityId, Object requesterId, String target,
+ String cc,
+ String status, String errorCode, String errorMsg) {
+ String logMsg = StringUtils.EMPTY;
+
+ // data,tId,MOAID-Id,SP-Id,bPKTarget,CC,status,error-code,error-msg
+
+ logMsg += DateTime.now().toString(DATEFORMATER) + ",";
+ logMsg += transId + ",";
+ logMsg += entityId + ",";
+
+ if (requesterId instanceof String && StringUtils.isNotEmpty((String) requesterId)) {
+ logMsg += (String) requesterId + ",";
+ } else {
+ logMsg += StringUtils.EMPTY + ",";
+ }
+
+ logMsg += target + ",";
+ logMsg += cc + ",";
+
+ logMsg += status + ",";
+ logMsg += errorCode + ",";
+ logMsg += errorMsg;
+
+ return logMsg;
+ }
}
diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/mapper/LoALevelMapper.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/mapper/LoALevelMapper.java
index f92ccf28..564160be 100644
--- a/connector/src/main/java/at/asitplus/eidas/specific/connector/mapper/LoALevelMapper.java
+++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/mapper/LoALevelMapper.java
@@ -1,6 +1,6 @@
-/*******************************************************************************
+/*
* Copyright 2018 A-SIT Plus GmbH
- * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
* A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
*
* Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
@@ -19,9 +19,8 @@
* file for details on the various modules and licenses.
* The "NOTICE" text file is part of the distribution. Any derivative works
* that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
+*/
+
package at.asitplus.eidas.specific.connector.mapper;
import org.slf4j.Logger;
@@ -32,30 +31,30 @@ import at.gv.egiz.eaaf.core.api.data.EaafConstants;
import at.gv.egiz.eaaf.core.api.data.ILoALevelMapper;
@Service("LoALevelMapper")
-public class LoALevelMapper implements ILoALevelMapper{
- private static final Logger log = LoggerFactory.getLogger(LoALevelMapper.class);
-
- @Override
- public String mapToSecClass(String LoA) {
- log.info("Mapping to PVP SecClass is NOT supported");
- return null;
- }
-
- @Override
- public String mapToEidasLoa(String LoA) {
- if (LoA.startsWith(EaafConstants.EIDAS_LOA_PREFIX))
- return LoA;
-
- else
- log.info("Can NOT map '" + LoA + "' to eIDAS LoA");
-
- return null;
-
- }
-
- @Override
- public String mapEidasQaaToStorkQaa(String eidasqaaLevel) {
- return null;
- }
+public class LoALevelMapper implements ILoALevelMapper {
+ private static final Logger log = LoggerFactory.getLogger(LoALevelMapper.class);
+
+ @Override
+ public String mapToSecClass(String loa) {
+ log.info("Mapping to PVP SecClass is NOT supported");
+ return null;
+ }
+
+ @Override
+ public String mapToEidasLoa(String loa) {
+ if (loa.startsWith(EaafConstants.EIDAS_LOA_PREFIX)) {
+ return loa;
+ } else {
+ log.info("Can NOT map '" + loa + "' to eIDAS LoA");
+ }
+
+ return null;
+
+ }
+
+ @Override
+ public String mapEidasQaaToStorkQaa(String eidasqaaLevel) {
+ return null;
+ }
}
diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/processes/CountrySelectionProcessImpl.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/processes/CountrySelectionProcessImpl.java
index e4492a3f..805148f7 100644
--- a/connector/src/main/java/at/asitplus/eidas/specific/connector/processes/CountrySelectionProcessImpl.java
+++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/processes/CountrySelectionProcessImpl.java
@@ -1,6 +1,6 @@
-/*******************************************************************************
+/*
* Copyright 2018 A-SIT Plus GmbH
- * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
* A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
*
* Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
@@ -19,47 +19,50 @@
* file for details on the various modules and licenses.
* The "NOTICE" text file is part of the distribution. Any derivative works
* that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
+*/
+
package at.asitplus.eidas.specific.connector.processes;
import org.apache.commons.lang3.StringUtils;
-import at.asitplus.eidas.specific.connector.MSeIDASNodeConstants;
+import at.asitplus.eidas.specific.connector.MsEidasNodeConstants;
import at.gv.egiz.eaaf.core.api.IRequest;
import at.gv.egiz.eaaf.core.api.idp.auth.modules.AuthModule;
import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
/**
+ * Auth-Process selector for User's country selection.
+ *
* @author tlenz
*
*/
public class CountrySelectionProcessImpl implements AuthModule {
- @Override
- public int getPriority() {
- return 0;
-
- }
+ @Override
+ public int getPriority() {
+ return 0;
+
+ }
+
+ @Override
+ public String selectProcess(ExecutionContext context, IRequest pendingReq) {
+ final Object selectedCountryObj = context.get(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY);
+ if (selectedCountryObj != null && selectedCountryObj instanceof String) {
+ final String selectedCountry = (String) selectedCountryObj;
+ if (StringUtils.isNotEmpty(selectedCountry)) {
+ return null;
+ }
+
+ }
+
+ return "CountrySelectionProcess";
+
+ }
- @Override
- public String selectProcess(ExecutionContext context, IRequest pendingReq) {
- Object selectedCountryObj = context.get(MSeIDASNodeConstants.REQ_PARAM_SELECTED_COUNTRY);
- if (selectedCountryObj != null && selectedCountryObj instanceof String) {
- String selectedCountry = (String) selectedCountryObj;
- if (StringUtils.isNotEmpty(selectedCountry))
- return null;
-
- }
-
- return "CountrySelectionProcess";
-
-
- }
+ @Override
+ public String[] getProcessDefinitions() {
+ return new String[] { "classpath:processes/CountrySelection.process.xml" };
- @Override
- public String[] getProcessDefinitions() {
- return new String[] { "classpath:processes/CountrySelection.process.xml" };
-
- }
+ }
}
diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/processes/tasks/EvaluateCountrySelectionTask.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/processes/tasks/EvaluateCountrySelectionTask.java
index 9a91d407..727653b3 100644
--- a/connector/src/main/java/at/asitplus/eidas/specific/connector/processes/tasks/EvaluateCountrySelectionTask.java
+++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/processes/tasks/EvaluateCountrySelectionTask.java
@@ -1,6 +1,6 @@
-/*******************************************************************************
+/*
* Copyright 2018 A-SIT Plus GmbH
- * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
* A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
*
* Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
@@ -19,7 +19,8 @@
* file for details on the various modules and licenses.
* The "NOTICE" text file is part of the distribution. Any derivative works
* that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
+*/
+
package at.asitplus.eidas.specific.connector.processes.tasks;
import java.util.Enumeration;
@@ -33,48 +34,50 @@ import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Component;
-import at.asitplus.eidas.specific.connector.MSeIDASNodeConstants;
+import at.asitplus.eidas.specific.connector.MsEidasNodeConstants;
import at.gv.egiz.eaaf.core.api.data.EaafConstants;
import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
import at.gv.egiz.eaaf.core.impl.idp.controller.tasks.AbstractLocaleAuthServletTask;
/**
+ * Evaluate the User's country selection.
+ *
* @author tlenz
*
*/
@Component("EvaluateCountrySelectionTask")
-public class EvaluateCountrySelectionTask extends AbstractLocaleAuthServletTask {
- private static final Logger log = LoggerFactory.getLogger(EvaluateCountrySelectionTask.class);
-
-
- @Override
- public void executeWithLocale(ExecutionContext executionContext, HttpServletRequest request, HttpServletResponse response)
- throws TaskExecutionException {
- try {
-
- // set parameter execution context
- Enumeration<String> reqParamNames = request.getParameterNames();
- while(reqParamNames.hasMoreElements()) {
- String paramName = reqParamNames.nextElement();
- if (StringUtils.isNotEmpty(paramName) &&
- !EaafConstants.PROCESS_ENGINE_PENDINGREQUESTID.equalsIgnoreCase(paramName)) {
- for (String el : MSeIDASNodeConstants.COUNTRY_SELECTION_PARAM_WHITELIST) {
- if (el.equalsIgnoreCase(paramName))
- executionContext.put(paramName,
- StringEscapeUtils.escapeHtml(request.getParameter(paramName)));
- }
- }
- }
-
- log.info("Country selection finished. Starting auth. process for country ... ");
-
-
- } catch (Exception e) {
- log.warn("EvaluateBKUSelectionTask has an internal error", e);
- throw new TaskExecutionException(pendingReq, e.getMessage(), e);
-
- }
- }
+public class EvaluateCountrySelectionTask extends AbstractLocaleAuthServletTask {
+ private static final Logger log = LoggerFactory.getLogger(EvaluateCountrySelectionTask.class);
+
+ @Override
+ public void executeWithLocale(ExecutionContext executionContext, HttpServletRequest request,
+ HttpServletResponse response)
+ throws TaskExecutionException {
+ try {
+
+ // set parameter execution context
+ final Enumeration<String> reqParamNames = request.getParameterNames();
+ while (reqParamNames.hasMoreElements()) {
+ final String paramName = reqParamNames.nextElement();
+ if (StringUtils.isNotEmpty(paramName)
+ && !EaafConstants.PROCESS_ENGINE_PENDINGREQUESTID.equalsIgnoreCase(paramName)) {
+ for (final String el : MsEidasNodeConstants.COUNTRY_SELECTION_PARAM_WHITELIST) {
+ if (el.equalsIgnoreCase(paramName)) {
+ executionContext.put(paramName,
+ StringEscapeUtils.escapeHtml(request.getParameter(paramName)));
+ }
+ }
+ }
+ }
+
+ log.info("Country selection finished. Starting auth. process for country ... ");
+
+ } catch (final Exception e) {
+ log.warn("EvaluateBKUSelectionTask has an internal error", e);
+ throw new TaskExecutionException(pendingReq, e.getMessage(), e);
+
+ }
+ }
}
diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/processes/tasks/GenerateCountrySelectionFrameTask.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/processes/tasks/GenerateCountrySelectionFrameTask.java
index 5f3fb20a..bf7453de 100644
--- a/connector/src/main/java/at/asitplus/eidas/specific/connector/processes/tasks/GenerateCountrySelectionFrameTask.java
+++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/processes/tasks/GenerateCountrySelectionFrameTask.java
@@ -1,6 +1,6 @@
-/*******************************************************************************
+/*
* Copyright 2018 A-SIT Plus GmbH
- * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
* A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
*
* Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
@@ -19,7 +19,8 @@
* file for details on the various modules and licenses.
* The "NOTICE" text file is part of the distribution. Any derivative works
* that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
+*/
+
package at.asitplus.eidas.specific.connector.processes.tasks;
import javax.servlet.http.HttpServletRequest;
@@ -30,8 +31,8 @@ import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
-import at.asitplus.eidas.specific.connector.MSConnectorEventCodes;
-import at.asitplus.eidas.specific.connector.MSeIDASNodeConstants;
+import at.asitplus.eidas.specific.connector.MsConnectorEventCodes;
+import at.asitplus.eidas.specific.connector.MsEidasNodeConstants;
import at.asitplus.eidas.specific.connector.gui.StaticGuiBuilderConfiguration;
import at.gv.egiz.eaaf.core.api.gui.IGuiBuilderConfiguration;
import at.gv.egiz.eaaf.core.api.gui.ISpringMvcGuiFormBuilder;
@@ -43,42 +44,49 @@ import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
/**
+ * Create country-selection page.
+ *
* @author tlenz
*
*/
@Component("GenerateCountrySelectionFrameTask")
public class GenerateCountrySelectionFrameTask extends AbstractAuthServletTask {
- private static final Logger log = LoggerFactory.getLogger(GenerateCountrySelectionFrameTask.class);
-
- @Autowired ISpringMvcGuiFormBuilder guiBuilder;
- @Autowired IConfiguration basicConfig;
-
- @Override
- public void execute(ExecutionContext executionContext, HttpServletRequest request, HttpServletResponse response)
- throws TaskExecutionException {
- try {
- revisionsLogger.logEvent(pendingReq, MSConnectorEventCodes.STARTING_COUNTRY_SELECTION);
-
- IGuiBuilderConfiguration config = new StaticGuiBuilderConfiguration(
- basicConfig,
- pendingReq,
- MSeIDASNodeConstants.TEMPLATE_HTML_COUNTRYSELECTION,
- MSeIDASNodeConstants.ENDPOINT_COUNTRYSELECTION);
-
- guiBuilder.build(request, response, config, "BKU-Selection form");
-
- } catch (GuiBuildException e) {
- log.warn("Can not build GUI:'BKU-Selection'. Msg:" + e.getMessage());
- throw new TaskExecutionException(pendingReq,
- "Can not build GUI. Msg:" + e.getMessage(),
- new EaafException("gui.00", new Object[]{e.getMessage()}, e));
-
- } catch (Exception e) {
- log.warn("FinalizeAuthenticationTask has an internal error", e);
- throw new TaskExecutionException(pendingReq, e.getMessage(), e);
-
- }
-
- }
+ private static final Logger log = LoggerFactory.getLogger(GenerateCountrySelectionFrameTask.class);
+
+ @Autowired
+ ISpringMvcGuiFormBuilder guiBuilder;
+ @Autowired
+ IConfiguration basicConfig;
+
+
+ @Override
+ public void execute(ExecutionContext executionContext, HttpServletRequest request,
+ HttpServletResponse response)
+ throws TaskExecutionException {
+ try {
+ revisionsLogger.logEvent(pendingReq, MsConnectorEventCodes.STARTING_COUNTRY_SELECTION);
+
+ final IGuiBuilderConfiguration config = new StaticGuiBuilderConfiguration(
+ basicConfig,
+ pendingReq,
+ MsEidasNodeConstants.TEMPLATE_HTML_COUNTRYSELECTION,
+ MsEidasNodeConstants.ENDPOINT_COUNTRYSELECTION,
+ resourceLoader);
+
+ guiBuilder.build(request, response, config, "BKU-Selection form");
+
+ } catch (final GuiBuildException e) {
+ log.warn("Can not build GUI:'BKU-Selection'. Msg:" + e.getMessage());
+ throw new TaskExecutionException(pendingReq,
+ "Can not build GUI. Msg:" + e.getMessage(),
+ new EaafException("gui.00", new Object[] { e.getMessage() }, e));
+
+ } catch (final Exception e) {
+ log.warn("FinalizeAuthenticationTask has an internal error", e);
+ throw new TaskExecutionException(pendingReq, e.getMessage(), e);
+
+ }
+
+ }
}
diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/provider/PVPEndPointCredentialProvider.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/provider/PVPEndPointCredentialProvider.java
deleted file mode 100644
index 2259acd5..00000000
--- a/connector/src/main/java/at/asitplus/eidas/specific/connector/provider/PVPEndPointCredentialProvider.java
+++ /dev/null
@@ -1,116 +0,0 @@
-/*******************************************************************************
- * Copyright 2018 A-SIT Plus GmbH
- * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
- * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "License");
- * You may not use this work except in compliance with the License.
- * You may obtain a copy of the License at:
- * https://joinup.ec.europa.eu/news/understanding-eupl-v12
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-package at.asitplus.eidas.specific.connector.provider;
-
-import java.net.MalformedURLException;
-
-import org.apache.commons.lang3.StringUtils;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Autowired;
-
-import at.asitplus.eidas.specific.connector.MSeIDASNodeConstants;
-import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
-import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException;
-import at.gv.egiz.eaaf.core.exceptions.EaafException;
-import at.gv.egiz.eaaf.core.impl.utils.FileUtils;
-import at.gv.egiz.eaaf.modules.pvp2.impl.utils.AbstractCredentialProvider;
-
-public class PVPEndPointCredentialProvider extends AbstractCredentialProvider {
- private static final Logger log = LoggerFactory.getLogger(PVPEndPointCredentialProvider.class);
-
- @Autowired(required=true) IConfiguration basicConfiguration;
-
- @Override
- public String getFriendlyName() {
- return "PVP2 S-Profile EndPoint";
- }
-
- @Override
- public String getKeyStoreFilePath() throws EaafException {
- try {
- String path = basicConfiguration.getBasicConfiguration(MSeIDASNodeConstants.PROP_CONFIG_PVP2_KEYSTORE_PATH);
- if (StringUtils.isEmpty(path)) {
- log.error(getFriendlyName() + " | Path to keyStore is NULL or EMPTY");
- throw new EaafConfigurationException("config.27",
- new Object[] {getFriendlyName() + " | Path to keyStore is NULL or EMPTY"});
-
- }
-
- return FileUtils.makeAbsoluteUrl(
- path,
- basicConfiguration.getConfigurationRootDirectory());
-
- } catch (MalformedURLException e) {
- log.error(getFriendlyName() + " | Path to keyStore NOT valid.", e);
- throw new EaafConfigurationException("config.27",
- new Object[] {getFriendlyName() + " | Path to keyStore NOT valid."}, e);
-
- }
-
- }
-
- @Override
- public String getKeyStorePassword() {
- return basicConfiguration.getBasicConfiguration(MSeIDASNodeConstants.PROP_CONFIG_PVP2_KEYSTORE_PASSWORD);
-
- }
-
- @Override
- public String getMetadataKeyAlias() {
- return basicConfiguration.getBasicConfiguration(MSeIDASNodeConstants.PROP_CONFIG_PVP2_KEY_METADATA_ALIAS);
- }
-
- @Override
- public String getMetadataKeyPassword() {
- return basicConfiguration.getBasicConfiguration(MSeIDASNodeConstants.PROP_CONFIG_PVP2_KEY_METADATA_PASSWORD);
-
- }
-
- @Override
- public String getSignatureKeyAlias() {
- return basicConfiguration.getBasicConfiguration(MSeIDASNodeConstants.PROP_CONFIG_PVP2_KEY_SIGNING_ALIAS);
-
- }
-
- @Override
- public String getSignatureKeyPassword() {
- return basicConfiguration.getBasicConfiguration(MSeIDASNodeConstants.PROP_CONFIG_PVP2_KEY_SIGNING_PASSWORD);
-
- }
-
- @Override
- public String getEncryptionKeyAlias() {
- return null;
-
- }
-
- @Override
- public String getEncryptionKeyPassword() {
- return null;
-
- }
-
-}
diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/provider/PVPMetadataProvider.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/provider/PVPMetadataProvider.java
deleted file mode 100644
index 4db6ac5a..00000000
--- a/connector/src/main/java/at/asitplus/eidas/specific/connector/provider/PVPMetadataProvider.java
+++ /dev/null
@@ -1,146 +0,0 @@
-/*******************************************************************************
- * Copyright 2018 A-SIT Plus GmbH
- * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
- * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "License");
- * You may not use this work except in compliance with the License.
- * You may obtain a copy of the License at:
- * https://joinup.ec.europa.eu/news/understanding-eupl-v12
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-package at.asitplus.eidas.specific.connector.provider;
-
-import java.io.IOException;
-import java.security.cert.CertificateException;
-import java.util.List;
-
-import org.apache.commons.httpclient.HttpClient;
-import org.apache.commons.httpclient.params.HttpClientParams;
-import org.apache.commons.lang3.StringUtils;
-import org.opensaml.saml2.metadata.provider.MetadataProvider;
-import org.opensaml.xml.parse.BasicParserPool;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.stereotype.Service;
-
-import at.asitplus.eidas.specific.connector.MSeIDASNodeConstants;
-import at.asitplus.eidas.specific.connector.verification.MetadataSignatureVerificationFilter;
-import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP;
-import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration;
-import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException;
-import at.gv.egiz.eaaf.core.impl.utils.FileUtils;
-import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2MetadataException;
-import at.gv.egiz.eaaf.modules.pvp2.impl.metadata.AbstractChainingMetadataProvider;
-import at.gv.egiz.eaaf.modules.pvp2.impl.metadata.MetadataFilterChain;
-import at.gv.egiz.eaaf.modules.pvp2.impl.validation.metadata.PvpEntityCategoryFilter;
-import at.gv.egiz.eaaf.modules.pvp2.impl.validation.metadata.SchemaValidationFilter;
-
-@Service("PVPMetadataProvider")
-public class PVPMetadataProvider extends AbstractChainingMetadataProvider{
- private static final Logger log = LoggerFactory.getLogger(PVPMetadataProvider.class);
-
- @Autowired(required=true) IConfigurationWithSP basicConfig;
-
- @Override
- protected String getMetadataUrl(String entityId) throws EaafConfigurationException {
- ISpConfiguration spConfig = basicConfig.getServiceProviderConfiguration(entityId);
- if (spConfig != null) {
- String metadataURL = entityId;
-
- String metadataURLFromConfig = spConfig.getConfigurationValue(MSeIDASNodeConstants.PROP_CONFIG_SP_PVP2_METADATA_URL);
- if (StringUtils.isNotEmpty(metadataURLFromConfig)) {
- log.debug("Use metdataURL from configuration for EntityId: " + entityId);
- metadataURL = metadataURLFromConfig;
-
- }
-
- return metadataURL;
-
- } else
- log.info("No ServiceProvider with entityId: " + entityId + " in configuration.");
-
- return null;
- }
-
- @Override
- protected MetadataProvider createNewMetadataProvider(String entityId)
- throws EaafConfigurationException, IOException, CertificateException {
- ISpConfiguration spConfig = basicConfig.getServiceProviderConfiguration(entityId);
- if (spConfig != null) {
- try {
- String metadataURL = spConfig.getConfigurationValue(MSeIDASNodeConstants.PROP_CONFIG_SP_PVP2_METADATA_URL);
- if (StringUtils.isEmpty(metadataURL)) {
- log.debug("Use EntityId: " + entityId + " instead of explicite metadataURL ... ");
- metadataURL = entityId;
-
- }
- String trustStoreUrl = FileUtils.makeAbsoluteUrl(
- spConfig.getConfigurationValue(MSeIDASNodeConstants.PROP_CONFIG_SP_PVP2_METADATA_TRUSTSTORE),
- authConfig.getConfigurationRootDirectory());
- String trustStorePassword = spConfig.getConfigurationValue(MSeIDASNodeConstants.PROP_CONFIG_SP_PVP2_METADATA_TRUSTSTORE_PASSWORD);
-
- return createNewSimpleMetadataProvider(metadataURL,
- buildMetadataFilterChain(spConfig, metadataURL, trustStoreUrl, trustStorePassword),
- spConfig.getConfigurationValue(MSeIDASNodeConstants.PROP_CONFIG_SP_UNIQUEIDENTIFIER),
- getTimer(),
- new BasicParserPool(),
- createHttpClient(metadataURL));
-
- } catch (Pvp2MetadataException e) {
- log.info("Can NOT initialize Metadata signature-verification filter. Reason: " + e.getMessage());
- throw new EaafConfigurationException("config.27",
- new Object[] {"Can NOT initialize Metadata signature-verification filter. Reason: " + e.getMessage()}, e);
-
- }
-
- } else
- log.info("No ServiceProvider with entityId: " + entityId + " in configuration.");
-
- return null;
- }
-
- @Override
- protected List<String> getAllMetadataUrlsFromConfiguration() throws EaafConfigurationException {
- // TODO Auto-generated method stub
- return null;
- }
-
- private HttpClient createHttpClient(String metadataURL) {
- HttpClient httpClient = new HttpClient();
- HttpClientParams httpClientParams = new HttpClientParams();
- httpClientParams.setSoTimeout(MSeIDASNodeConstants.METADATA_SOCKED_TIMEOUT);
- httpClient.setParams(httpClientParams);
- return httpClient;
-
- }
-
- private MetadataFilterChain buildMetadataFilterChain(ISpConfiguration oaParam, String metadataURL, String trustStoreUrl, String trustStorePassword) throws CertificateException, Pvp2MetadataException{
- MetadataFilterChain filterChain = new MetadataFilterChain();
- filterChain.getFilters().add(new SchemaValidationFilter(
- basicConfig.getBasicConfigurationBoolean(MSeIDASNodeConstants.PROP_CONFIG_PVP_SCHEME_VALIDATION, true)));
-
- filterChain.getFilters().add(
- new MetadataSignatureVerificationFilter(
- trustStoreUrl, trustStorePassword, metadataURL));
-
- filterChain.getFilters().add(new PvpEntityCategoryFilter(
- basicConfig.getBasicConfigurationBoolean(MSeIDASNodeConstants.PROP_CONFIG_PVP_ENABLE_ENTITYCATEGORIES, true)));
-
- return filterChain;
- }
-}
diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/provider/PvpEndPointCredentialProvider.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/provider/PvpEndPointCredentialProvider.java
new file mode 100644
index 00000000..92373328
--- /dev/null
+++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/provider/PvpEndPointCredentialProvider.java
@@ -0,0 +1,119 @@
+/*
+ * Copyright 2018 A-SIT Plus GmbH
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "License");
+ * You may not use this work except in compliance with the License.
+ * You may obtain a copy of the License at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.asitplus.eidas.specific.connector.provider;
+
+import java.net.MalformedURLException;
+
+import org.apache.commons.lang3.StringUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+
+import at.asitplus.eidas.specific.connector.MsEidasNodeConstants;
+import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
+import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException;
+import at.gv.egiz.eaaf.core.exceptions.EaafException;
+import at.gv.egiz.eaaf.core.impl.utils.FileUtils;
+import at.gv.egiz.eaaf.modules.pvp2.impl.utils.AbstractCredentialProvider;
+
+public class PvpEndPointCredentialProvider extends AbstractCredentialProvider {
+ private static final Logger log = LoggerFactory.getLogger(PvpEndPointCredentialProvider.class);
+
+ @Autowired(required = true)
+ IConfiguration basicConfiguration;
+
+ @Override
+ public String getFriendlyName() {
+ return "PVP2 S-Profile EndPoint";
+ }
+
+ @Override
+ public String getKeyStoreFilePath() throws EaafException {
+ try {
+ final String path = basicConfiguration.getBasicConfiguration(
+ MsEidasNodeConstants.PROP_CONFIG_PVP2_KEYSTORE_PATH);
+ if (StringUtils.isEmpty(path)) {
+ log.error(getFriendlyName() + " | Path to keyStore is NULL or EMPTY");
+ throw new EaafConfigurationException("config.27",
+ new Object[] { getFriendlyName() + " | Path to keyStore is NULL or EMPTY" });
+
+ }
+
+ return FileUtils.makeAbsoluteUrl(
+ path,
+ basicConfiguration.getConfigurationRootDirectory());
+
+ } catch (final MalformedURLException e) {
+ log.error(getFriendlyName() + " | Path to keyStore NOT valid.", e);
+ throw new EaafConfigurationException("config.27",
+ new Object[] { getFriendlyName() + " | Path to keyStore NOT valid." }, e);
+
+ }
+
+ }
+
+ @Override
+ public String getKeyStorePassword() {
+ return basicConfiguration.getBasicConfiguration(MsEidasNodeConstants.PROP_CONFIG_PVP2_KEYSTORE_PASSWORD);
+
+ }
+
+ @Override
+ public String getMetadataKeyAlias() {
+ return basicConfiguration.getBasicConfiguration(MsEidasNodeConstants.PROP_CONFIG_PVP2_KEY_METADATA_ALIAS);
+ }
+
+ @Override
+ public String getMetadataKeyPassword() {
+ return basicConfiguration.getBasicConfiguration(
+ MsEidasNodeConstants.PROP_CONFIG_PVP2_KEY_METADATA_PASSWORD);
+
+ }
+
+ @Override
+ public String getSignatureKeyAlias() {
+ return basicConfiguration.getBasicConfiguration(MsEidasNodeConstants.PROP_CONFIG_PVP2_KEY_SIGNING_ALIAS);
+
+ }
+
+ @Override
+ public String getSignatureKeyPassword() {
+ return basicConfiguration.getBasicConfiguration(
+ MsEidasNodeConstants.PROP_CONFIG_PVP2_KEY_SIGNING_PASSWORD);
+
+ }
+
+ @Override
+ public String getEncryptionKeyAlias() {
+ return null;
+
+ }
+
+ @Override
+ public String getEncryptionKeyPassword() {
+ return null;
+
+ }
+
+}
diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/provider/PVPMetadataConfigurationFactory.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/provider/PvpMetadataConfigurationFactory.java
index 6965a407..8b0419d0 100644
--- a/connector/src/main/java/at/asitplus/eidas/specific/connector/provider/PVPMetadataConfigurationFactory.java
+++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/provider/PvpMetadataConfigurationFactory.java
@@ -1,6 +1,6 @@
-/*******************************************************************************
+/*
* Copyright 2018 A-SIT Plus GmbH
- * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
* A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
*
* Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
@@ -19,15 +19,14 @@
* file for details on the various modules and licenses.
* The "NOTICE" text file is part of the distribution. Any derivative works
* that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
+*/
+
package at.asitplus.eidas.specific.connector.provider;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
-import at.asitplus.eidas.specific.connector.config.PVPMetadataConfiguration;
+import at.asitplus.eidas.specific.connector.config.PvpMetadataConfiguration;
import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
import at.gv.egiz.eaaf.modules.pvp2.api.IPvp2BasicConfiguration;
import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvpMetadataBuilderConfiguration;
@@ -35,16 +34,18 @@ import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvpMetadataConfigurationFactor
import at.gv.egiz.eaaf.modules.pvp2.impl.utils.AbstractCredentialProvider;
@Service("PVPMetadataConfigurationFactory")
-public class PVPMetadataConfigurationFactory implements IPvpMetadataConfigurationFactory {
-
- @Autowired private IConfiguration basicConfig;
- @Autowired private IPvp2BasicConfiguration pvpBasicConfig;
-
- @Override
- public IPvpMetadataBuilderConfiguration generateMetadataBuilderConfiguration(String authURL,
- AbstractCredentialProvider pvpIDPCredentials) {
- return new PVPMetadataConfiguration(basicConfig, authURL, pvpBasicConfig, pvpIDPCredentials);
-
- }
+public class PvpMetadataConfigurationFactory implements IPvpMetadataConfigurationFactory {
+
+ @Autowired
+ private IConfiguration basicConfig;
+ @Autowired
+ private IPvp2BasicConfiguration pvpBasicConfig;
+
+ @Override
+ public IPvpMetadataBuilderConfiguration generateMetadataBuilderConfiguration(String authUrl,
+ AbstractCredentialProvider pvpIdpCredentials) {
+ return new PvpMetadataConfiguration(basicConfig, authUrl, pvpBasicConfig, pvpIdpCredentials);
+
+ }
}
diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/provider/PvpMetadataProvider.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/provider/PvpMetadataProvider.java
new file mode 100644
index 00000000..6a223fd0
--- /dev/null
+++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/provider/PvpMetadataProvider.java
@@ -0,0 +1,155 @@
+/*
+ * Copyright 2018 A-SIT Plus GmbH
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "License");
+ * You may not use this work except in compliance with the License.
+ * You may obtain a copy of the License at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.asitplus.eidas.specific.connector.provider;
+
+import java.io.IOException;
+import java.security.cert.CertificateException;
+import java.util.List;
+
+import org.apache.commons.httpclient.HttpClient;
+import org.apache.commons.httpclient.params.HttpClientParams;
+import org.apache.commons.lang3.StringUtils;
+import org.opensaml.saml2.metadata.provider.MetadataProvider;
+import org.opensaml.xml.parse.BasicParserPool;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Service;
+
+import at.asitplus.eidas.specific.connector.MsEidasNodeConstants;
+import at.asitplus.eidas.specific.connector.verification.MetadataSignatureVerificationFilter;
+import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP;
+import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration;
+import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException;
+import at.gv.egiz.eaaf.core.impl.utils.FileUtils;
+import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2MetadataException;
+import at.gv.egiz.eaaf.modules.pvp2.impl.metadata.AbstractChainingMetadataProvider;
+import at.gv.egiz.eaaf.modules.pvp2.impl.metadata.MetadataFilterChain;
+import at.gv.egiz.eaaf.modules.pvp2.impl.validation.metadata.PvpEntityCategoryFilter;
+import at.gv.egiz.eaaf.modules.pvp2.impl.validation.metadata.SchemaValidationFilter;
+
+@Service("PVPMetadataProvider")
+public class PvpMetadataProvider extends AbstractChainingMetadataProvider {
+ private static final Logger log = LoggerFactory.getLogger(PvpMetadataProvider.class);
+
+ @Autowired(required = true)
+ IConfigurationWithSP basicConfig;
+
+ @Override
+ protected String getMetadataUrl(String entityId) throws EaafConfigurationException {
+ final ISpConfiguration spConfig = basicConfig.getServiceProviderConfiguration(entityId);
+ if (spConfig != null) {
+ String metadataUrl = entityId;
+
+ final String metadataUrlFromConfig = spConfig.getConfigurationValue(
+ MsEidasNodeConstants.PROP_CONFIG_SP_PVP2_METADATA_URL);
+ if (StringUtils.isNotEmpty(metadataUrlFromConfig)) {
+ log.debug("Use metdataURL from configuration for EntityId: " + entityId);
+ metadataUrl = metadataUrlFromConfig;
+
+ }
+
+ return metadataUrl;
+
+ } else {
+ log.info("No ServiceProvider with entityId: " + entityId + " in configuration.");
+ }
+
+ return null;
+ }
+
+ @Override
+ protected MetadataProvider createNewMetadataProvider(String entityId)
+ throws EaafConfigurationException, IOException, CertificateException {
+ final ISpConfiguration spConfig = basicConfig.getServiceProviderConfiguration(entityId);
+ if (spConfig != null) {
+ try {
+ String metadataUrl = spConfig.getConfigurationValue(
+ MsEidasNodeConstants.PROP_CONFIG_SP_PVP2_METADATA_URL);
+ if (StringUtils.isEmpty(metadataUrl)) {
+ log.debug("Use EntityId: " + entityId + " instead of explicite metadataURL ... ");
+ metadataUrl = entityId;
+
+ }
+ final String trustStoreUrl = FileUtils.makeAbsoluteUrl(
+ spConfig.getConfigurationValue(MsEidasNodeConstants.PROP_CONFIG_SP_PVP2_METADATA_TRUSTSTORE),
+ authConfig.getConfigurationRootDirectory());
+ final String trustStorePassword = spConfig.getConfigurationValue(
+ MsEidasNodeConstants.PROP_CONFIG_SP_PVP2_METADATA_TRUSTSTORE_PASSWORD);
+
+ return createNewSimpleMetadataProvider(metadataUrl,
+ buildMetadataFilterChain(metadataUrl, trustStoreUrl, trustStorePassword),
+ spConfig.getConfigurationValue(MsEidasNodeConstants.PROP_CONFIG_SP_UNIQUEIDENTIFIER),
+ getTimer(),
+ new BasicParserPool(),
+ createHttpClient());
+
+ } catch (final Pvp2MetadataException e) {
+ log.info("Can NOT initialize Metadata signature-verification filter. Reason: " + e.getMessage());
+ throw new EaafConfigurationException("config.27",
+ new Object[] { "Can NOT initialize Metadata signature-verification filter. Reason: " + e
+ .getMessage() }, e);
+
+ }
+
+ } else {
+ log.info("No ServiceProvider with entityId: " + entityId + " in configuration.");
+ }
+
+ return null;
+ }
+
+ @Override
+ protected List<String> getAllMetadataUrlsFromConfiguration() throws EaafConfigurationException {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ private HttpClient createHttpClient() {
+ final HttpClient httpClient = new HttpClient();
+ final HttpClientParams httpClientParams = new HttpClientParams();
+ httpClientParams.setSoTimeout(MsEidasNodeConstants.METADATA_SOCKED_TIMEOUT);
+ httpClient.setParams(httpClientParams);
+ return httpClient;
+
+ }
+
+ private MetadataFilterChain buildMetadataFilterChain(String metadataUrl,
+ String trustStoreUrl, String trustStorePassword) throws CertificateException, Pvp2MetadataException {
+ final MetadataFilterChain filterChain = new MetadataFilterChain();
+ filterChain.getFilters().add(new SchemaValidationFilter(
+ basicConfig.getBasicConfigurationBoolean(MsEidasNodeConstants.PROP_CONFIG_PVP_SCHEME_VALIDATION,
+ true)));
+
+ filterChain.getFilters().add(
+ new MetadataSignatureVerificationFilter(
+ trustStoreUrl, trustStorePassword, metadataUrl));
+
+ filterChain.getFilters().add(new PvpEntityCategoryFilter(
+ basicConfig.getBasicConfigurationBoolean(MsEidasNodeConstants.PROP_CONFIG_PVP_ENABLE_ENTITYCATEGORIES,
+ true)));
+
+ return filterChain;
+ }
+}
diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/provider/StatusMessageProvider.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/provider/StatusMessageProvider.java
index f4dee848..d38da6fe 100644
--- a/connector/src/main/java/at/asitplus/eidas/specific/connector/provider/StatusMessageProvider.java
+++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/provider/StatusMessageProvider.java
@@ -1,6 +1,6 @@
-/*******************************************************************************
+/*
* Copyright 2018 A-SIT Plus GmbH
- * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
* A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
*
* Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
@@ -19,15 +19,13 @@
* file for details on the various modules and licenses.
* The "NOTICE" text file is part of the distribution. Any derivative works
* that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
+*/
+
package at.asitplus.eidas.specific.connector.provider;
import java.text.MessageFormat;
import java.util.Locale;
import java.util.MissingResourceException;
-import java.util.PropertyResourceBundle;
import java.util.ResourceBundle;
import org.slf4j.Logger;
@@ -39,94 +37,97 @@ import at.gv.egiz.eaaf.core.exceptions.EaafException;
@Service("StatusMessageProvider")
public class StatusMessageProvider implements IStatusMessenger {
- private static final Logger log = LoggerFactory.getLogger(StatusMessageProvider.class);
-
- private static final String ERROR_MESSAGES_UNAVAILABLE = "Error messages can NOT be load from application. Only errorCode: {0} is availabe" ;
- private static final String ERROR_NO_MESSAGE = "No errormesseage for error with number.={0}";
-
- private static final String ERROR_EXTERNALERROR_CODES_UNAVAILABLE = "External error-codes can NOT be load from application. Only internal errorCode: {0} is availabe" ;
- private static final String ERROR_NO_EXTERNALERROR_CODE = "No external error for internal error with number.={0}";
-
- //internal messanges
- private static final String DEFAULT_MESSAGE_RESOURCES = "properties/status_messages_en";
- private static final Locale DEFAULT_MESSAGE_LOCALES = new Locale("en", "GB");
- private ResourceBundle messages;
-
- //external error codes
- private static final String DEFAULT_EXTERNALERROR_RESOURCES = "properties/external_statuscodes_map";
- private static final Locale DEFAULT_EXTERNALERROR_LOCALES = new Locale("en", "GB");
- private ResourceBundle externalError = null;
-
- @Override
- public String getMessageWithoutDefault(String messageId, Object[] parameters) {
- // initialize messages
- if (messages == null) {
- this.messages = PropertyResourceBundle.getBundle(
- DEFAULT_MESSAGE_RESOURCES,
- DEFAULT_MESSAGE_LOCALES);
-
- }
-
- // create the message
- if (messages == null) {
- return MessageFormat.format(ERROR_MESSAGES_UNAVAILABLE, new Object[] { messageId });
-
- } else {
- String rawMessage = messages.getString(messageId);
- return MessageFormat.format(rawMessage, parameters);
-
- }
- }
-
- @Override
- public String getMessage(String messageId, Object[] parameters) {
- try {
- return getMessageWithoutDefault(messageId, parameters);
-
- } catch (MissingResourceException e2) {
- return MessageFormat.format(ERROR_NO_MESSAGE, new Object[] { messageId });
-
- }
- }
-
- @Override
- public String getResponseErrorCode(Throwable throwable) {
- String errorCode = IStatusMessenger.CODES_EXTERNAL_ERROR_GENERIC;
- if (throwable instanceof EaafException) {
- errorCode = ((EaafException) throwable).getErrorId();
-
- }
- //TODO: maybe more internal switches are required
-
- return errorCode;
-
- }
-
- @Override
- public String mapInternalErrorToExternalError(String intErrorCode) {
- // initialize messages
- if (externalError == null) {
- this.externalError = PropertyResourceBundle.getBundle(
- DEFAULT_EXTERNALERROR_RESOURCES,
- DEFAULT_EXTERNALERROR_LOCALES);
-
- }
-
- // create the message
- if (externalError == null) {
- log.warn(MessageFormat.format(ERROR_EXTERNALERROR_CODES_UNAVAILABLE, new Object[] { intErrorCode }));
- return IStatusMessenger.CODES_EXTERNAL_ERROR_GENERIC;
-
- } else {
- try {
- return externalError.getString(intErrorCode);
-
- } catch (MissingResourceException e2) {
- log.info(MessageFormat.format(ERROR_NO_EXTERNALERROR_CODE, new Object[] { intErrorCode }));
- return IStatusMessenger.CODES_EXTERNAL_ERROR_GENERIC;
-
- }
- }
- }
+ private static final Logger log = LoggerFactory.getLogger(StatusMessageProvider.class);
+
+ private static final String ERROR_MESSAGES_UNAVAILABLE =
+ "Error messages can NOT be load from application. Only errorCode: {0} is availabe";
+ private static final String ERROR_NO_MESSAGE = "No errormesseage for error with number.={0}";
+
+ private static final String ERROR_EXTERNALERROR_CODES_UNAVAILABLE =
+ "External error-codes can NOT be load from application. Only internal errorCode: {0} is availabe";
+ private static final String ERROR_NO_EXTERNALERROR_CODE =
+ "No external error for internal error with number.={0}";
+
+ // internal messanges
+ private static final String DEFAULT_MESSAGE_RESOURCES = "properties/status_messages_en";
+ private static final Locale DEFAULT_MESSAGE_LOCALES = new Locale("en", "GB");
+ private ResourceBundle messages;
+
+ // external error codes
+ private static final String DEFAULT_EXTERNALERROR_RESOURCES = "properties/external_statuscodes_map";
+ private static final Locale DEFAULT_EXTERNALERROR_LOCALES = new Locale("en", "GB");
+ private ResourceBundle externalError = null;
+
+ @Override
+ public String getMessageWithoutDefault(String messageId, Object[] parameters) {
+ // initialize messages
+ if (messages == null) {
+ this.messages = ResourceBundle.getBundle(
+ DEFAULT_MESSAGE_RESOURCES,
+ DEFAULT_MESSAGE_LOCALES);
+
+ }
+
+ // create the message
+ if (messages == null) {
+ return MessageFormat.format(ERROR_MESSAGES_UNAVAILABLE, new Object[] { messageId });
+
+ } else {
+ final String rawMessage = messages.getString(messageId);
+ return MessageFormat.format(rawMessage, parameters);
+
+ }
+ }
+
+ @Override
+ public String getMessage(String messageId, Object[] parameters) {
+ try {
+ return getMessageWithoutDefault(messageId, parameters);
+
+ } catch (final MissingResourceException e2) {
+ return MessageFormat.format(ERROR_NO_MESSAGE, new Object[] { messageId });
+
+ }
+ }
+
+ @Override
+ public String getResponseErrorCode(Throwable throwable) {
+ String errorCode = IStatusMessenger.CODES_EXTERNAL_ERROR_GENERIC;
+ if (throwable instanceof EaafException) {
+ errorCode = ((EaafException) throwable).getErrorId();
+
+ }
+ // TODO: maybe more internal switches are required
+
+ return errorCode;
+
+ }
+
+ @Override
+ public String mapInternalErrorToExternalError(String intErrorCode) {
+ // initialize messages
+ if (externalError == null) {
+ this.externalError = ResourceBundle.getBundle(
+ DEFAULT_EXTERNALERROR_RESOURCES,
+ DEFAULT_EXTERNALERROR_LOCALES);
+
+ }
+
+ // create the message
+ if (externalError == null) {
+ log.warn(MessageFormat.format(ERROR_EXTERNALERROR_CODES_UNAVAILABLE, new Object[] { intErrorCode }));
+ return IStatusMessenger.CODES_EXTERNAL_ERROR_GENERIC;
+
+ } else {
+ try {
+ return externalError.getString(intErrorCode);
+
+ } catch (final MissingResourceException e2) {
+ log.info(MessageFormat.format(ERROR_NO_EXTERNALERROR_CODE, new Object[] { intErrorCode }));
+ return IStatusMessenger.CODES_EXTERNAL_ERROR_GENERIC;
+
+ }
+ }
+ }
}
diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/storage/CacheWithEidasBackend.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/storage/CacheWithEidasBackend.java
new file mode 100644
index 00000000..87ebda92
--- /dev/null
+++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/storage/CacheWithEidasBackend.java
@@ -0,0 +1,35 @@
+/*
+ * Copyright 2018 A-SIT Plus GmbH
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "License");
+ * You may not use this work except in compliance with the License.
+ * You may obtain a copy of the License at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.asitplus.eidas.specific.connector.storage;
+
+import eu.eidas.auth.commons.cache.ConcurrentCacheService;
+import eu.eidas.auth.commons.tx.AbstractCache;
+
+public class CacheWithEidasBackend extends AbstractCache<String, TransactionStoreElement> {
+
+ protected CacheWithEidasBackend(ConcurrentCacheService concurrentMapService) {
+ super(concurrentMapService);
+ }
+
+}
diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/storage/CacheWitheIDASBackend.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/storage/CacheWitheIDASBackend.java
deleted file mode 100644
index 4bcced82..00000000
--- a/connector/src/main/java/at/asitplus/eidas/specific/connector/storage/CacheWitheIDASBackend.java
+++ /dev/null
@@ -1,50 +0,0 @@
-/*******************************************************************************
- * Copyright 2018 A-SIT Plus GmbH
- * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
- * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "License");
- * You may not use this work except in compliance with the License.
- * You may obtain a copy of the License at:
- * https://joinup.ec.europa.eu/news/understanding-eupl-v12
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-package at.asitplus.eidas.specific.connector.storage;
-
-import eu.eidas.auth.commons.cache.ConcurrentCacheService;
-import eu.eidas.auth.commons.tx.AbstractCache;
-
-public class CacheWitheIDASBackend extends AbstractCache<String, TransactionStoreElement> {
-
- protected CacheWitheIDASBackend(ConcurrentCacheService concurrentMapService) {
- super(concurrentMapService);
- }
-
-// public List<String> clean(Date now, long dataTimeOut) {
-// List<String> result = new ArrayList<String>();
-// Iterator<String> iterator = map.keySet().iterator();
-// while (iterator.hasNext()) {
-// String key = iterator.next();
-// if (map.containsKey(key)) {
-// TransactionStoreElement element = map.get(key);
-// if (now.getTime() - element.getCreated().getTime() > dataTimeOut)
-// result.add(key);
-// }
-// }
-//
-// return result;
-//
-// }
-
-}
diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/storage/EidasCacheTransactionStoreDecorator.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/storage/EidasCacheTransactionStoreDecorator.java
new file mode 100644
index 00000000..557e245a
--- /dev/null
+++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/storage/EidasCacheTransactionStoreDecorator.java
@@ -0,0 +1,152 @@
+/*
+ * Copyright 2018 A-SIT Plus GmbH
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "License");
+ * You may not use this work except in compliance with the License.
+ * You may obtain a copy of the License at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.asitplus.eidas.specific.connector.storage;
+
+import java.util.Arrays;
+import java.util.Date;
+import java.util.List;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+
+import at.gv.egiz.eaaf.core.api.storage.ITransactionStorage;
+import at.gv.egiz.eaaf.core.exceptions.EaafException;
+import at.gv.egiz.eaaf.core.exceptions.EaafStorageException;
+
+public class EidasCacheTransactionStoreDecorator implements ITransactionStorage {
+ private static final Logger log = LoggerFactory.getLogger(EidasCacheTransactionStoreDecorator.class);
+
+ @Autowired(required = true)
+ private CacheWithEidasBackend storage;
+
+ @Override
+ public void changeKey(String oldKey, String newKey, Object value) throws EaafException {
+ if (containsKey(oldKey)) {
+ final TransactionStoreElement el = storage.get(oldKey);
+ el.setKey(newKey);
+ el.setData(value);
+ storage.put(newKey, el);
+ boolean delResult = storage.remove(oldKey);
+ log.trace("Object: {} removed from cache: {}", oldKey, delResult);
+
+ } else {
+ throw new EaafStorageException("No element in TransactionStorage with key: " + oldKey);
+ }
+
+ }
+
+ @Override
+ public List<String> clean(Date now, long dataTimeOut) {
+ log.info("Clean is NOT implemented, because its not needed");
+ return Arrays.asList();
+
+ }
+
+ @Override
+ public boolean containsKey(String key) {
+ return storage.containsKey(key);
+
+ }
+
+ @Override
+ public Object get(String key) throws EaafException {
+ if (key != null && containsKey(key)) {
+ final TransactionStoreElement element = storage.get(key);
+ return element.getData();
+
+ } else {
+ return null;
+ }
+ }
+
+ @Override
+ public <T> T get(String key, Class<T> type) throws EaafException {
+ return get(key, type, -1);
+
+ }
+
+ @Override
+ public <T> T get(String key, Class<T> type, long dataTimeOut) throws EaafException {
+ if (key != null && containsKey(key)) {
+ final TransactionStoreElement value = storage.get(key);
+
+ if (dataTimeOut > -1) {
+ final long now = new Date().getTime();
+ if (now - value.getCreated().getTime() > dataTimeOut) {
+ log.info("Transaction-Data with key: " + key + " is out of time.");
+ throw new EaafStorageException("Transaction-Data with key: " + key + " is out of time.");
+
+ }
+ }
+
+ if (type.isAssignableFrom(value.getData().getClass())) {
+ return (T) value.getData();
+
+ } else {
+ log.warn("Can NOT cast '" + value.getClass() + "' to '" + type + "'");
+ }
+
+ }
+
+ return null;
+ }
+
+ @Override
+ public Object getRaw(String key) throws EaafException {
+ return storage.get(key);
+
+ }
+
+ @Override
+ public void put(String key, Object value, int dataTimeOut) throws EaafException {
+ final TransactionStoreElement element = new TransactionStoreElement();
+ element.setKey(key);
+ element.setData(value);
+ storage.put(key, element);
+
+ }
+
+ @Override
+ public void putRaw(String key, Object value) throws EaafException {
+ if (value instanceof TransactionStoreElement) {
+ storage.put(((TransactionStoreElement) value).getKey(), (TransactionStoreElement) value);
+ } else {
+ log.info(value.getClass().getName() + " is NOT a RAW element of " + ITransactionStorage.class
+ .getName());
+ }
+
+ }
+
+ @Override
+ public void remove(String key) {
+ if (containsKey(key)) {
+ log.debug("Remove element with key: " + key + " from " + ITransactionStorage.class.getName());
+ boolean delResult = storage.remove(key);
+ log.trace("Object: {} removed from cache: {}", key, delResult);
+
+ }
+ }
+
+}
diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/storage/SimpleInMemoryTransactionStorage.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/storage/SimpleInMemoryTransactionStorage.java
index 58ab7930..26d442cb 100644
--- a/connector/src/main/java/at/asitplus/eidas/specific/connector/storage/SimpleInMemoryTransactionStorage.java
+++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/storage/SimpleInMemoryTransactionStorage.java
@@ -1,6 +1,6 @@
-/*******************************************************************************
+/*
* Copyright 2018 A-SIT Plus GmbH
- * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
* A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
*
* Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
@@ -19,9 +19,8 @@
* file for details on the various modules and licenses.
* The "NOTICE" text file is part of the distribution. Any derivative works
* that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
+*/
+
package at.asitplus.eidas.specific.connector.storage;
import java.util.ArrayList;
@@ -29,6 +28,7 @@ import java.util.Date;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
+import java.util.Map.Entry;
import java.util.concurrent.ConcurrentHashMap;
import org.slf4j.Logger;
@@ -40,124 +40,132 @@ import at.gv.egiz.eaaf.core.exceptions.EaafException;
import at.gv.egiz.eaaf.core.exceptions.EaafStorageException;
@Service("SimpleInMemoryTransactionStorage")
-public class SimpleInMemoryTransactionStorage implements ITransactionStorage{
- private static final Logger log = LoggerFactory.getLogger(SimpleInMemoryTransactionStorage.class);
-
- private Map<String, TransactionStoreElement> storage = new ConcurrentHashMap<String, TransactionStoreElement>();
-
- @Override
- public void changeKey(String oldKey, String newKey, Object value) throws EaafException {
- if (containsKey(oldKey)) {
- TransactionStoreElement el = storage.get(oldKey);
- el.setKey(newKey);
- storage.put(newKey, el);
- storage.remove(oldKey);
-
- } else
- throw new EaafStorageException("No element in TransactionStorage with key: " + oldKey);
-
- }
-
- @Override
- public List<String> clean(Date now, long dataTimeOut) {
- List<String> result = new ArrayList<String>();
- Iterator<String> iterator = storage.keySet().iterator();
- while (iterator.hasNext()) {
- String key = iterator.next();
- synchronized (storage) {
- if (storage.containsKey(key)) {
- TransactionStoreElement element = storage.get(key);
- if (now.getTime() - element.getCreated().getTime() > dataTimeOut)
- result.add(key);
- }
- }
- }
-
- return result;
-
- }
-
- @Override
- public boolean containsKey(String key) {
- if (key != null)
- return storage.containsKey(key);
- else
- return false;
-
- }
-
- @Override
- public Object get(String key) throws EaafException {
- if (key != null && containsKey(key)) {
- TransactionStoreElement element = storage.get(key);
- return element.getData();
-
- } else
- return null;
- }
-
- @Override
- public <T> T get(String key, Class<T> type) throws EaafException {
- return get(key, type, -1);
-
- }
-
- @Override
- public <T> T get(String key, Class<T> type, long dataTimeOut) throws EaafException {
- if (key != null && containsKey(key)) {
- TransactionStoreElement value = storage.get(key);
-
- if (dataTimeOut > -1) {
- long now = new Date().getTime();
- if (now - value.getCreated().getTime() > dataTimeOut) {
- log.info("Transaction-Data with key: " + key + " is out of time.");
- throw new EaafStorageException("Transaction-Data with key: " + key + " is out of time.");
-
- }
- }
-
- if (type.isAssignableFrom(value.getData().getClass())) {
- return (T) value.getData();
-
- } else
- log.warn("Can NOT cast '" + value.getClass() + "' to '" + type + "'");
-
- }
-
- return null;
- }
-
- @Override
- public Object getRaw(String key) throws EaafException {
- return storage.get(key);
-
- }
-
- @Override
- public void put(String key, Object value, int dataTimeOut) throws EaafException {
- TransactionStoreElement element = new TransactionStoreElement();
- element.setKey(key);
- element.setData(value);
- storage.put(key, element);
-
- }
-
- @Override
- public void putRaw(String key, Object value) throws EaafException {
- if (value instanceof TransactionStoreElement)
- storage.put(((TransactionStoreElement) value).getKey(), (TransactionStoreElement) value);
- else
- log.info(value.getClass().getName() + " is NOT a RAW element of " + ITransactionStorage.class.getName());
-
- }
-
- @Override
- public void remove(String key) {
- if (containsKey(key)) {
- log.debug("Remove element with key: " + key + " from " + ITransactionStorage.class.getName());
- storage.remove(key);
-
- }
- }
+public class SimpleInMemoryTransactionStorage implements ITransactionStorage {
+ private static final Logger log = LoggerFactory.getLogger(SimpleInMemoryTransactionStorage.class);
+
+ private final Map<String, TransactionStoreElement> storage =
+ new ConcurrentHashMap<>();
+
+ @Override
+ public void changeKey(String oldKey, String newKey, Object value) throws EaafException {
+ if (containsKey(oldKey)) {
+ final TransactionStoreElement el = storage.get(oldKey);
+ el.setKey(newKey);
+ storage.put(newKey, el);
+ storage.remove(oldKey);
+
+ } else {
+ throw new EaafStorageException("No element in TransactionStorage with key: " + oldKey);
+ }
+
+ }
+
+ @Override
+ public List<String> clean(Date now, long dataTimeOut) {
+ final List<String> result = new ArrayList<>();
+ final Iterator<Entry<String, TransactionStoreElement>> iterator = storage.entrySet().iterator();
+ while (iterator.hasNext()) {
+ final Entry<String, TransactionStoreElement> key = iterator.next();
+ synchronized (storage) {
+ if (storage.containsKey(key.getKey())) {
+ final TransactionStoreElement element = key.getValue();
+ if (now.getTime() - element.getCreated().getTime() > dataTimeOut) {
+ result.add(key.getKey());
+ }
+ }
+ }
+ }
+
+ return result;
+
+ }
+
+ @Override
+ public boolean containsKey(String key) {
+ if (key != null) {
+ return storage.containsKey(key);
+ } else {
+ return false;
+ }
+
+ }
+
+ @Override
+ public Object get(String key) throws EaafException {
+ if (key != null && containsKey(key)) {
+ final TransactionStoreElement element = storage.get(key);
+ return element.getData();
+
+ } else {
+ return null;
+ }
+ }
+
+ @Override
+ public <T> T get(String key, Class<T> type) throws EaafException {
+ return get(key, type, -1);
+
+ }
+
+ @Override
+ public <T> T get(String key, Class<T> type, long dataTimeOut) throws EaafException {
+ if (key != null && containsKey(key)) {
+ final TransactionStoreElement value = storage.get(key);
+
+ if (dataTimeOut > -1) {
+ final long now = new Date().getTime();
+ if (now - value.getCreated().getTime() > dataTimeOut) {
+ log.info("Transaction-Data with key: " + key + " is out of time.");
+ throw new EaafStorageException("Transaction-Data with key: " + key + " is out of time.");
+
+ }
+ }
+
+ if (type.isAssignableFrom(value.getData().getClass())) {
+ return (T) value.getData();
+
+ } else {
+ log.warn("Can NOT cast '" + value.getClass() + "' to '" + type + "'");
+ }
+
+ }
+
+ return null;
+ }
+
+ @Override
+ public Object getRaw(String key) throws EaafException {
+ return storage.get(key);
+
+ }
+
+ @Override
+ public void put(String key, Object value, int dataTimeOut) throws EaafException {
+ final TransactionStoreElement element = new TransactionStoreElement();
+ element.setKey(key);
+ element.setData(value);
+ storage.put(key, element);
+
+ }
+
+ @Override
+ public void putRaw(String key, Object value) throws EaafException {
+ if (value instanceof TransactionStoreElement) {
+ storage.put(((TransactionStoreElement) value).getKey(), (TransactionStoreElement) value);
+ } else {
+ log.info(value.getClass().getName() + " is NOT a RAW element of " + ITransactionStorage.class
+ .getName());
+ }
+
+ }
+
+ @Override
+ public void remove(String key) {
+ if (containsKey(key)) {
+ log.debug("Remove element with key: " + key + " from " + ITransactionStorage.class.getName());
+ storage.remove(key);
+
+ }
+ }
}
diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/storage/TransactionStoreElement.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/storage/TransactionStoreElement.java
index d0907f20..4e9e737f 100644
--- a/connector/src/main/java/at/asitplus/eidas/specific/connector/storage/TransactionStoreElement.java
+++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/storage/TransactionStoreElement.java
@@ -1,6 +1,6 @@
-/*******************************************************************************
+/*
* Copyright 2018 A-SIT Plus GmbH
- * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
* A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
*
* Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
@@ -19,40 +19,52 @@
* file for details on the various modules and licenses.
* The "NOTICE" text file is part of the distribution. Any derivative works
* that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
+*/
+
package at.asitplus.eidas.specific.connector.storage;
import java.io.Serializable;
import java.util.Date;
-public class TransactionStoreElement implements Serializable{
-
- private static final long serialVersionUID = 1L;
- private String key = null;
- private Object data = null;
- private Date created;
-
- public String getKey() {
- return key;
- }
- public void setKey(String key) {
- this.key = key;
- }
- public Object getData() {
- return data;
- }
- public void setData(Object data) {
- this.data = data;
- }
- public Date getCreated() {
- return created;
- }
- public void setCreated(Date created) {
- this.created = created;
- }
-
-
-
+public class TransactionStoreElement implements Serializable {
+
+ private static final long serialVersionUID = 1L;
+ private String key = null;
+ private Object data = null;
+ private Date created;
+
+ public String getKey() {
+ return key;
+ }
+
+ public void setKey(String key) {
+ this.key = key;
+ }
+
+ public Object getData() {
+ return data;
+ }
+
+ public void setData(Object data) {
+ this.data = data;
+ }
+
+ public Date getCreated() {
+ return copyOrNull(created);
+ }
+
+ public void setCreated(Date created) {
+ this.created = copyOrNull(created);
+ }
+
+ private Date copyOrNull(Date in) {
+ if (in != null) {
+ return new Date(in.getTime());
+
+ }
+
+ return null;
+
+ }
+
}
diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/storage/eIDASCacheTransactionStoreDecorator.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/storage/eIDASCacheTransactionStoreDecorator.java
deleted file mode 100644
index be7812f4..00000000
--- a/connector/src/main/java/at/asitplus/eidas/specific/connector/storage/eIDASCacheTransactionStoreDecorator.java
+++ /dev/null
@@ -1,143 +0,0 @@
-/*******************************************************************************
- * Copyright 2018 A-SIT Plus GmbH
- * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
- * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "License");
- * You may not use this work except in compliance with the License.
- * You may obtain a copy of the License at:
- * https://joinup.ec.europa.eu/news/understanding-eupl-v12
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-package at.asitplus.eidas.specific.connector.storage;
-
-import java.util.Arrays;
-import java.util.Date;
-import java.util.List;
-
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Autowired;
-
-import at.gv.egiz.eaaf.core.api.storage.ITransactionStorage;
-import at.gv.egiz.eaaf.core.exceptions.EaafException;
-import at.gv.egiz.eaaf.core.exceptions.EaafStorageException;
-
-public class eIDASCacheTransactionStoreDecorator implements ITransactionStorage{
- private static final Logger log = LoggerFactory.getLogger(eIDASCacheTransactionStoreDecorator.class);
-
- @Autowired(required=true) private CacheWitheIDASBackend storage;
-
- @Override
- public void changeKey(String oldKey, String newKey, Object value) throws EaafException {
- if (containsKey(oldKey)) {
- TransactionStoreElement el = storage.get(oldKey);
- el.setKey(newKey);
- el.setData(value);
- storage.put(newKey, el);
- storage.remove(oldKey);
-
- } else
- throw new EaafStorageException("No element in TransactionStorage with key: " + oldKey);
-
- }
-
- @Override
- public List<String> clean(Date now, long dataTimeOut) {
- log.info("Clean is NOT implemented, because its not needed");
- return Arrays.asList();
-
- }
-
- @Override
- public boolean containsKey(String key) {
- return storage.containsKey(key);
-
- }
-
- @Override
- public Object get(String key) throws EaafException {
- if (key != null && containsKey(key)) {
- TransactionStoreElement element = storage.get(key);
- return element.getData();
-
- } else
- return null;
- }
-
- @Override
- public <T> T get(String key, Class<T> type) throws EaafException {
- return get(key, type, -1);
-
- }
-
- @Override
- public <T> T get(String key, Class<T> type, long dataTimeOut) throws EaafException {
- if (key != null && containsKey(key)) {
- TransactionStoreElement value = storage.get(key);
-
- if (dataTimeOut > -1) {
- long now = new Date().getTime();
- if (now - value.getCreated().getTime() > dataTimeOut) {
- log.info("Transaction-Data with key: " + key + " is out of time.");
- throw new EaafStorageException("Transaction-Data with key: " + key + " is out of time.");
-
- }
- }
-
- if (type.isAssignableFrom(value.getData().getClass())) {
- return (T) value.getData();
-
- } else
- log.warn("Can NOT cast '" + value.getClass() + "' to '" + type + "'");
-
- }
-
- return null;
- }
-
- @Override
- public Object getRaw(String key) throws EaafException {
- return storage.get(key);
-
- }
-
- @Override
- public void put(String key, Object value, int dataTimeOut) throws EaafException {
- TransactionStoreElement element = new TransactionStoreElement();
- element.setKey(key);
- element.setData(value);
- storage.put(key, element);
-
- }
-
- @Override
- public void putRaw(String key, Object value) throws EaafException {
- if (value instanceof TransactionStoreElement)
- storage.put(((TransactionStoreElement) value).getKey(), (TransactionStoreElement) value);
- else
- log.info(value.getClass().getName() + " is NOT a RAW element of " + ITransactionStorage.class.getName());
-
- }
-
- @Override
- public void remove(String key) {
- if (containsKey(key)) {
- log.debug("Remove element with key: " + key + " from " + ITransactionStorage.class.getName());
- storage.remove(key);
-
- }
- }
-
-}
diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/verification/AuthnRequestValidator.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/verification/AuthnRequestValidator.java
index c49c0b28..0230521c 100644
--- a/connector/src/main/java/at/asitplus/eidas/specific/connector/verification/AuthnRequestValidator.java
+++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/verification/AuthnRequestValidator.java
@@ -1,6 +1,6 @@
-/*******************************************************************************
+/*
* Copyright 2018 A-SIT Plus GmbH
- * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
* A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
*
* Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
@@ -19,7 +19,8 @@
* file for details on the various modules and licenses.
* The "NOTICE" text file is part of the distribution. Any derivative works
* that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
+*/
+
package at.asitplus.eidas.specific.connector.verification;
import java.util.ArrayList;
@@ -31,8 +32,8 @@ import org.apache.commons.lang3.StringUtils;
import org.opensaml.saml2.core.AuthnContextClassRef;
import org.opensaml.saml2.core.AuthnContextComparisonTypeEnumeration;
import org.opensaml.saml2.core.AuthnRequest;
-import org.opensaml.saml2.core.NameID;
import org.opensaml.saml2.core.NameIDPolicy;
+import org.opensaml.saml2.core.NameIDType;
import org.opensaml.saml2.core.RequestedAuthnContext;
import org.opensaml.saml2.core.Scoping;
import org.opensaml.saml2.metadata.SPSSODescriptor;
@@ -41,7 +42,7 @@ import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
-import at.asitplus.eidas.specific.connector.MSeIDASNodeConstants;
+import at.asitplus.eidas.specific.connector.MsEidasNodeConstants;
import at.asitplus.eidas.specific.connector.config.ServiceProviderConfiguration;
import at.gv.egiz.eaaf.core.api.IRequest;
import at.gv.egiz.eaaf.core.api.data.EaafConstants;
@@ -58,215 +59,230 @@ import eu.eidas.auth.commons.protocol.eidas.LevelOfAssurance;
public class AuthnRequestValidator implements IAuthnRequestValidator {
- private static final Logger log = LoggerFactory.getLogger(AuthnRequestValidator.class);
-
- @Autowired(required=true) private IConfiguration basicConfig;
-
- @Override
- public void validate(HttpServletRequest httpReq, IRequest pendingReq, AuthnRequest authnReq,
- SPSSODescriptor spSSODescriptor) throws AuthnRequestValidatorException {
- try {
- //validate NameIDPolicy
- NameIDPolicy nameIDPolicy = authnReq.getNameIDPolicy();
- if (nameIDPolicy != null) {
- String nameIDFormat = nameIDPolicy.getFormat();
- if (nameIDFormat != null) {
- if ( !(NameID.TRANSIENT.equals(nameIDFormat) ||
- NameID.PERSISTENT.equals(nameIDFormat)) ) {
-
- throw new NameIdFormatNotSupportedException(nameIDFormat);
-
- }
-
- } else
- log.trace("Find NameIDPolicy, but NameIDFormat is 'null'");
- } else
- log.trace("AuthnRequest includes no 'NameIDPolicy'");
-
-
- //post-process RequesterId
- String spEntityId = extractScopeRequsterId(authnReq);
- if (StringUtils.isEmpty(spEntityId)) {
- log.info("NO service-provider entityID in Authn. request. Stop authn. process ... ");
- throw new AuthnRequestValidatorException("pvp2.22",
- new Object[] {"NO relaying-party entityID in Authn. request"}, pendingReq);
-
- } else
- pendingReq.setRawDataToTransaction(MSeIDASNodeConstants.DATA_REQUESTERID, spEntityId);
-
-
- //post-process ProviderName
- String providerName = authnReq.getProviderName();
- if (StringUtils.isEmpty(providerName))
- log.info("Authn. request contains NO SP friendlyName");
- else
- pendingReq.setRawDataToTransaction(MSeIDASNodeConstants.DATA_PROVIDERNAME, spEntityId);
-
- //post-process requested LoA
- List<String> reqLoA = extractLoA(authnReq);
-
- LevelOfAssurance minimumLoAFromConfig = LevelOfAssurance.fromString(basicConfig.getBasicConfiguration(
- MSeIDASNodeConstants.PROP_EIDAS_REQUEST_LOA_MINIMUM_LEVEL,
- EaafConstants.EIDAS_LOA_HIGH));
- if (minimumLoAFromConfig == null) {
- log.warn("Can not load minimum LoA from configuration. Use LoA: {} as default", EaafConstants.EIDAS_LOA_HIGH);
- minimumLoAFromConfig = LevelOfAssurance.HIGH;
-
- }
-
- log.trace("Validate requested LoA to connector configuration minimum LoA: {} ...", minimumLoAFromConfig);
- List<String> allowedLoA = new ArrayList<>();
- for (String loa : reqLoA) {
- try {
- LevelOfAssurance intLoa = LevelOfAssurance.fromString(loa);
- String selectedLoA = EaafConstants.EIDAS_LOA_HIGH;
- if (intLoa != null &&
- intLoa.numericValue() >= minimumLoAFromConfig.numericValue()) {
- log.info("Client: {} requested LoA: {} will be upgraded to: {}",
- pendingReq.getServiceProviderConfiguration().getUniqueIdentifier(),
- loa,
- minimumLoAFromConfig);
- selectedLoA = intLoa.getValue();
-
- }
-
- if (!allowedLoA.contains(selectedLoA)) {
- log.debug("Allow LoA: {} for Client: {}",
- selectedLoA,
- pendingReq.getServiceProviderConfiguration().getUniqueIdentifier());
- allowedLoA.add(selectedLoA);
-
- }
-
- } catch (IllegalArgumentException e) {
- log.warn("LoA: {} is currently NOT supported and it will be ignored.", loa);
-
- }
-
- }
-
- pendingReq.getServiceProviderConfiguration(ServiceProviderConfiguration.class).setRequiredLoA(allowedLoA);
-
- //post-process requested LoA comparison-level
- String reqLoAComperison = extractComparisonLevel(authnReq);
- pendingReq.getServiceProviderConfiguration(ServiceProviderConfiguration.class).setLoAMachtingMode(reqLoAComperison);
-
- //validate and process requested attributes
- boolean sectorDetected = false;
- List<XMLObject> requestedAttributes = authnReq.getExtensions().getUnknownXMLObjects();
- for (XMLObject reqAttrObj : requestedAttributes) {
- if (reqAttrObj instanceof EaafRequestedAttributes) {
- EaafRequestedAttributes reqAttr = (EaafRequestedAttributes)reqAttrObj;
- if (reqAttr.getAttributes() != null && reqAttr.getAttributes().size() != 0 ) {
- for (EaafRequestedAttribute el : reqAttr.getAttributes()) {
- log.trace("Processing req. attribute '" + el.getName() + "' ... ");
- if (el.getName().equals(PvpAttributeDefinitions.EID_SECTOR_FOR_IDENTIFIER_NAME)) {
- if (el.getAttributeValues() != null && el.getAttributeValues().size() == 1) {
- String sectorId = el.getAttributeValues().get(0).getDOM().getTextContent();
- ServiceProviderConfiguration spConfig = pendingReq.getServiceProviderConfiguration(ServiceProviderConfiguration.class);
-
- try {
- spConfig.setbPKTargetIdentifier(sectorId);
- sectorDetected = true;
-
- } catch (EaafException e) {
- log.info("Requested sector: " + sectorId + " DOES NOT match to allowed sectors for SP: " + spConfig.getUniqueIdentifier());
- }
-
- } else
- log.info("Req. attribute '" + el.getName() + "' contains NO or MORE THEN ONE attribute-values. Ignore full req. attribute");
-
- } else
- log.debug("Ignore req. attribute: " + el.getName());
-
- }
-
- } else
- log.debug("No requested Attributes in Authn. Request");
-
- } else
- log.info("Ignore unknown requested attribute: " + reqAttrObj.getElementQName().toString());
-
- }
-
- if (!sectorDetected) {
- log.info("Authn.Req validation FAILED. Reason: Contains NO or NO VALID target-sector information.");
- throw new AuthnRequestValidatorException("pvp2.22", new Object[] {"NO or NO VALID target-sector information"});
-
- }
-
- } catch (EaafStorageException e) {
- log.info("Can NOT store Authn. Req. data into pendingRequest." , e);
- throw new AuthnRequestValidatorException("internal.02", null, e);
-
- }
-
- }
-
- private String extractComparisonLevel(AuthnRequest authnReq) {
- if (authnReq.getRequestedAuthnContext() != null) {
- RequestedAuthnContext authContext = authnReq.getRequestedAuthnContext();
- return authContext.getComparison().toString();
-
- }
-
- return null;
- }
-
- private List<String> extractLoA(AuthnRequest authnReq) throws AuthnRequestValidatorException {
- List<String> result = new ArrayList<String>();
- if (authnReq.getRequestedAuthnContext() != null) {
- RequestedAuthnContext authContext = authnReq.getRequestedAuthnContext();
- if (authContext.getComparison().equals(AuthnContextComparisonTypeEnumeration.MINIMUM)) {
- if (authContext.getAuthnContextClassRefs().isEmpty()) {
- log.debug("Authn. Req. contains no requested LoA");
-
- } else if (authContext.getAuthnContextClassRefs().size() > 1) {
- log.info("Authn. Req. contains MORE THAN ONE requested LoA, but "
- + AuthnContextComparisonTypeEnumeration.MINIMUM + " allows only one" );
- throw new AuthnRequestValidatorException("pvp2.22",
- new Object[] {"Authn. Req. contains MORE THAN ONE requested LoA, but "
- + AuthnContextComparisonTypeEnumeration.MINIMUM + " allows only one"});
-
- } else
- result.add(authContext.getAuthnContextClassRefs().get(0).getAuthnContextClassRef());
-
- } else if (authContext.getComparison().equals(AuthnContextComparisonTypeEnumeration.EXACT)) {
- for (AuthnContextClassRef el : authContext.getAuthnContextClassRefs())
- result.add(el.getAuthnContextClassRef());
-
- } else {
- log.info("Currently only '" + AuthnContextComparisonTypeEnumeration.MINIMUM + "' and '"
- + AuthnContextComparisonTypeEnumeration.EXACT + "' are supported");
- throw new AuthnRequestValidatorException("pvp2.22",
- new Object[] {"Currently only '" + AuthnContextComparisonTypeEnumeration.MINIMUM + "' and '"
- + AuthnContextComparisonTypeEnumeration.EXACT + "' are supported"});
-
- }
-
- }
-
- return result;
- }
-
- private String extractScopeRequsterId(AuthnRequest authnReq) {
- if (authnReq.getScoping() != null) {
- Scoping scoping = authnReq.getScoping();
- if (scoping.getRequesterIDs() != null &&
- scoping.getRequesterIDs().size() > 0) {
- if (scoping.getRequesterIDs().size() == 1)
- return scoping.getRequesterIDs().get(0).getRequesterID();
-
- else {
- log.info("Authn. request contains more than on RequesterIDs! Only use first one");
- return scoping.getRequesterIDs().get(0).getRequesterID();
-
- }
- }
- }
-
- return null;
- }
-
+ private static final Logger log = LoggerFactory.getLogger(AuthnRequestValidator.class);
+
+ @Autowired(required = true)
+ private IConfiguration basicConfig;
+
+ @Override
+ public void validate(HttpServletRequest httpReq, IRequest pendingReq, AuthnRequest authnReq,
+ SPSSODescriptor spSsoDescriptor) throws AuthnRequestValidatorException {
+ try {
+ // validate NameIDPolicy
+ final NameIDPolicy nameIdPolicy = authnReq.getNameIDPolicy();
+ if (nameIdPolicy != null) {
+ final String nameIdFormat = nameIdPolicy.getFormat();
+ if (nameIdFormat != null) {
+ if (!(NameIDType.TRANSIENT.equals(nameIdFormat)
+ || NameIDType.PERSISTENT.equals(nameIdFormat))) {
+
+ throw new NameIdFormatNotSupportedException(nameIdFormat);
+
+ }
+
+ } else {
+ log.trace("Find NameIDPolicy, but NameIDFormat is 'null'");
+ }
+ } else {
+ log.trace("AuthnRequest includes no 'NameIDPolicy'");
+ }
+
+ // post-process RequesterId
+ final String spEntityId = extractScopeRequsterId(authnReq);
+ if (StringUtils.isEmpty(spEntityId)) {
+ log.info("NO service-provider entityID in Authn. request. Stop authn. process ... ");
+ throw new AuthnRequestValidatorException("pvp2.22",
+ new Object[] { "NO relaying-party entityID in Authn. request" }, pendingReq);
+
+ } else {
+ pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, spEntityId);
+ }
+
+ // post-process ProviderName
+ final String providerName = authnReq.getProviderName();
+ if (StringUtils.isEmpty(providerName)) {
+ log.info("Authn. request contains NO SP friendlyName");
+ } else {
+ pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_PROVIDERNAME, spEntityId);
+ }
+
+ // post-process requested LoA
+ final List<String> reqLoA = extractLoA(authnReq);
+
+ LevelOfAssurance minimumLoAFromConfig = LevelOfAssurance.fromString(basicConfig.getBasicConfiguration(
+ MsEidasNodeConstants.PROP_EIDAS_REQUEST_LOA_MINIMUM_LEVEL,
+ EaafConstants.EIDAS_LOA_HIGH));
+ if (minimumLoAFromConfig == null) {
+ log.warn("Can not load minimum LoA from configuration. Use LoA: {} as default",
+ EaafConstants.EIDAS_LOA_HIGH);
+ minimumLoAFromConfig = LevelOfAssurance.HIGH;
+
+ }
+
+ log.trace("Validate requested LoA to connector configuration minimum LoA: {} ...",
+ minimumLoAFromConfig);
+ final List<String> allowedLoA = new ArrayList<>();
+ for (final String loa : reqLoA) {
+ try {
+ final LevelOfAssurance intLoa = LevelOfAssurance.fromString(loa);
+ String selectedLoA = EaafConstants.EIDAS_LOA_HIGH;
+ if (intLoa != null
+ && intLoa.numericValue() >= minimumLoAFromConfig.numericValue()) {
+ log.info("Client: {} requested LoA: {} will be upgraded to: {}",
+ pendingReq.getServiceProviderConfiguration().getUniqueIdentifier(),
+ loa,
+ minimumLoAFromConfig);
+ selectedLoA = intLoa.getValue();
+
+ }
+
+ if (!allowedLoA.contains(selectedLoA)) {
+ log.debug("Allow LoA: {} for Client: {}",
+ selectedLoA,
+ pendingReq.getServiceProviderConfiguration().getUniqueIdentifier());
+ allowedLoA.add(selectedLoA);
+
+ }
+
+ } catch (final IllegalArgumentException e) {
+ log.warn("LoA: {} is currently NOT supported and it will be ignored.", loa);
+
+ }
+
+ }
+
+ pendingReq.getServiceProviderConfiguration(ServiceProviderConfiguration.class).setRequiredLoA(
+ allowedLoA);
+
+ // post-process requested LoA comparison-level
+ final String reqLoAComperison = extractComparisonLevel(authnReq);
+ pendingReq.getServiceProviderConfiguration(ServiceProviderConfiguration.class).setLoAMachtingMode(
+ reqLoAComperison);
+
+ // validate and process requested attributes
+ boolean sectorDetected = false;
+ final List<XMLObject> requestedAttributes = authnReq.getExtensions().getUnknownXMLObjects();
+ for (final XMLObject reqAttrObj : requestedAttributes) {
+ if (reqAttrObj instanceof EaafRequestedAttributes) {
+ final EaafRequestedAttributes reqAttr = (EaafRequestedAttributes) reqAttrObj;
+ if (reqAttr.getAttributes() != null && reqAttr.getAttributes().size() != 0) {
+ for (final EaafRequestedAttribute el : reqAttr.getAttributes()) {
+ log.trace("Processing req. attribute '" + el.getName() + "' ... ");
+ if (el.getName().equals(PvpAttributeDefinitions.EID_SECTOR_FOR_IDENTIFIER_NAME)) {
+ if (el.getAttributeValues() != null && el.getAttributeValues().size() == 1) {
+ final String sectorId = el.getAttributeValues().get(0).getDOM().getTextContent();
+ final ServiceProviderConfiguration spConfig = pendingReq.getServiceProviderConfiguration(
+ ServiceProviderConfiguration.class);
+
+ try {
+ spConfig.setBpkTargetIdentifier(sectorId);
+ sectorDetected = true;
+
+ } catch (final EaafException e) {
+ log.info("Requested sector: " + sectorId + " DOES NOT match to allowed sectors for SP: "
+ + spConfig.getUniqueIdentifier());
+ }
+
+ } else {
+ log.info("Req. attribute '" + el.getName()
+ + "' contains NO or MORE THEN ONE attribute-values. Ignore full req. attribute");
+ }
+
+ } else {
+ log.debug("Ignore req. attribute: " + el.getName());
+ }
+
+ }
+
+ } else {
+ log.debug("No requested Attributes in Authn. Request");
+ }
+
+ } else {
+ log.info("Ignore unknown requested attribute: " + reqAttrObj.getElementQName().toString());
+ }
+
+ }
+
+ if (!sectorDetected) {
+ log.info("Authn.Req validation FAILED. Reason: Contains NO or NO VALID target-sector information.");
+ throw new AuthnRequestValidatorException("pvp2.22", new Object[] {
+ "NO or NO VALID target-sector information" });
+
+ }
+
+ } catch (final EaafStorageException e) {
+ log.info("Can NOT store Authn. Req. data into pendingRequest.", e);
+ throw new AuthnRequestValidatorException("internal.02", null, e);
+
+ }
+
+ }
+
+ private String extractComparisonLevel(AuthnRequest authnReq) {
+ if (authnReq.getRequestedAuthnContext() != null) {
+ final RequestedAuthnContext authContext = authnReq.getRequestedAuthnContext();
+ return authContext.getComparison().toString();
+
+ }
+
+ return null;
+ }
+
+ private List<String> extractLoA(AuthnRequest authnReq) throws AuthnRequestValidatorException {
+ final List<String> result = new ArrayList<>();
+ if (authnReq.getRequestedAuthnContext() != null) {
+ final RequestedAuthnContext authContext = authnReq.getRequestedAuthnContext();
+ if (authContext.getComparison().equals(AuthnContextComparisonTypeEnumeration.MINIMUM)) {
+ if (authContext.getAuthnContextClassRefs().isEmpty()) {
+ log.debug("Authn. Req. contains no requested LoA");
+
+ } else if (authContext.getAuthnContextClassRefs().size() > 1) {
+ log.info("Authn. Req. contains MORE THAN ONE requested LoA, but "
+ + AuthnContextComparisonTypeEnumeration.MINIMUM + " allows only one");
+ throw new AuthnRequestValidatorException("pvp2.22",
+ new Object[] { "Authn. Req. contains MORE THAN ONE requested LoA, but "
+ + AuthnContextComparisonTypeEnumeration.MINIMUM + " allows only one" });
+
+ } else {
+ result.add(authContext.getAuthnContextClassRefs().get(0).getAuthnContextClassRef());
+ }
+
+ } else if (authContext.getComparison().equals(AuthnContextComparisonTypeEnumeration.EXACT)) {
+ for (final AuthnContextClassRef el : authContext.getAuthnContextClassRefs()) {
+ result.add(el.getAuthnContextClassRef());
+ }
+
+ } else {
+ log.info("Currently only '" + AuthnContextComparisonTypeEnumeration.MINIMUM + "' and '"
+ + AuthnContextComparisonTypeEnumeration.EXACT + "' are supported");
+ throw new AuthnRequestValidatorException("pvp2.22",
+ new Object[] { "Currently only '" + AuthnContextComparisonTypeEnumeration.MINIMUM + "' and '"
+ + AuthnContextComparisonTypeEnumeration.EXACT + "' are supported" });
+
+ }
+
+ }
+
+ return result;
+ }
+
+ private String extractScopeRequsterId(AuthnRequest authnReq) {
+ if (authnReq.getScoping() != null) {
+ final Scoping scoping = authnReq.getScoping();
+ if (scoping.getRequesterIDs() != null
+ && scoping.getRequesterIDs().size() > 0) {
+ if (scoping.getRequesterIDs().size() == 1) {
+ return scoping.getRequesterIDs().get(0).getRequesterID();
+ } else {
+ log.info("Authn. request contains more than on RequesterIDs! Only use first one");
+ return scoping.getRequesterIDs().get(0).getRequesterID();
+
+ }
+ }
+ }
+
+ return null;
+ }
}
diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/verification/MetadataSignatureVerificationFilter.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/verification/MetadataSignatureVerificationFilter.java
index eeaea135..b6dd249a 100644
--- a/connector/src/main/java/at/asitplus/eidas/specific/connector/verification/MetadataSignatureVerificationFilter.java
+++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/verification/MetadataSignatureVerificationFilter.java
@@ -1,6 +1,6 @@
-/*******************************************************************************
+/*
* Copyright 2018 A-SIT Plus GmbH
- * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
* A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
*
* Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
@@ -19,9 +19,8 @@
* file for details on the various modules and licenses.
* The "NOTICE" text file is part of the distribution. Any derivative works
* that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
+*/
+
package at.asitplus.eidas.specific.connector.verification;
import java.io.IOException;
@@ -49,116 +48,128 @@ import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2MetadataException;
import at.gv.egiz.eaaf.modules.pvp2.idp.exception.SamlRequestNotSignedException;
import at.gv.egiz.eaaf.modules.pvp2.impl.validation.metadata.AbstractMetadataSignatureFilter;
-public class MetadataSignatureVerificationFilter extends AbstractMetadataSignatureFilter{
- private static final Logger log = LoggerFactory.getLogger(MetadataSignatureVerificationFilter.class);
-
- private String metadataURL;
- private List<BasicX509Credential> trustedCredential = new ArrayList<BasicX509Credential>();
-
- public MetadataSignatureVerificationFilter(String trustStorePath, String trustStorePassword, String metadataURL)
- throws Pvp2MetadataException {
- this.metadataURL = metadataURL;
-
- log.trace("Initialize metadata signature-verification filter with truststore: " + trustStorePath + " ... ");
- try {
- KeyStore keyStore = KeyStoreUtils.loadKeyStore(trustStorePath, trustStorePassword);
- if (keyStore != null) {
- //load trusted certificates
- Enumeration<String> aliases = keyStore.aliases();
- while(aliases.hasMoreElements()) {
- String el = aliases.nextElement();
- log.trace("Process TrustStoreEntry: " + el);
- if (keyStore.isCertificateEntry(el)) {
- Certificate cert = keyStore.getCertificate(el);
- if (cert != null && cert instanceof X509Certificate) {
- BasicX509Credential trustedCert = new BasicX509Credential();
- trustedCert.setEntityCertificate((X509Certificate) cert);
- this.trustedCredential.add(trustedCert);
- log.debug("Add cert: " + ((X509Certificate) cert).getSubjectDN() + " as trusted for metadata: " + metadataURL);
-
- } else
- log.info("Can not process entry: " + el + ". Reason: " + cert.toString());
-
- }
- }
-
-
- } else
- throw new Pvp2MetadataException("pvp2.26",
- new Object[] {"Can not open trustStore: " + trustStorePath + " for metadata: " + metadataURL});
-
- } catch (KeyStoreException | IOException e) {
- log.warn("Can not open trustStore: " + trustStorePath + " for metadata: " + metadataURL + " Reason: " + e.getMessage(), e);
- throw new Pvp2MetadataException("pvp2.26",
- new Object[] {"Can not open trustStore: " + trustStorePath + " for metadata"}, e);
-
- }
-
-
- }
-
-
- @Override
- protected void verify(EntityDescriptor desc) throws Pvp2MetadataException {
- try {
- internalVerify(desc);
-
- } catch (EaafException e) {
- log.info("Metadata verification FAILED for: " + metadataURL + " Reason: " +e.getMessage());
- throw new Pvp2MetadataException("pvp2.26",
- new Object[] {"Metadata verification FAILED for: " + metadataURL + " Reason: " +e.getMessage()}, e);
-
- }
- }
-
- @Override
- protected void verify(EntitiesDescriptor desc) throws Pvp2MetadataException {
- throw new Pvp2MetadataException("pvp2.26",
- new Object[] {"EntitiesDescritors are NOT supported"});
-
- }
-
- @Override
- protected void verify(EntityDescriptor entity, EntitiesDescriptor desc) throws Pvp2MetadataException {
- throw new Pvp2MetadataException("pvp2.26",
- new Object[] {"EntitiesDescritors are NOT supported"});
-
- }
-
- private void internalVerify(SignableSAMLObject signedElement)
- throws EaafException {
- if (signedElement.getSignature() == null) {
- throw new SamlRequestNotSignedException();
- }
-
- try {
- SAMLSignatureProfileValidator sigValidator = new SAMLSignatureProfileValidator();
- sigValidator.validate(signedElement.getSignature());
- } catch (ValidationException e) {
- log.error("Failed to validate Signature", e);
- throw new SamlRequestNotSignedException(e);
- }
-
- boolean isTrusted = false;
- for (BasicX509Credential cred : trustedCredential) {
- SignatureValidator sigValidator = new SignatureValidator(cred);
- try {
- sigValidator.validate(signedElement.getSignature());
- isTrusted = true;
-
- } catch (ValidationException e) {
- log.info("Failed to verfiy Signature with cert: " + cred.getEntityCertificate().getSubjectDN()
- + " Reason: " + e.getMessage());
-
- }
- }
-
- if (!isTrusted) {
- log.warn("PVP2 metadata: " + metadataURL + " are NOT trusted!");
- throw new SamlRequestNotSignedException();
-
- }
-
- }
+public class MetadataSignatureVerificationFilter extends AbstractMetadataSignatureFilter {
+ private static final Logger log = LoggerFactory.getLogger(MetadataSignatureVerificationFilter.class);
+
+ private final String metadataUrl;
+ private final List<BasicX509Credential> trustedCredential = new ArrayList<>();
+
+ /**
+ * SAML2 Metadata signature verifier that checks signer certificates based on local TrustStores.
+ *
+ * @param trustStorePath Path to truststore
+ * @param trustStorePassword TrustStore password
+ * @param metadataUrl URL to PVP2 metadata
+ * @throws Pvp2MetadataException In case of a verification error
+ */
+ public MetadataSignatureVerificationFilter(String trustStorePath, String trustStorePassword,
+ String metadataUrl)
+ throws Pvp2MetadataException {
+ this.metadataUrl = metadataUrl;
+
+ log.trace("Initialize metadata signature-verification filter with truststore: " + trustStorePath
+ + " ... ");
+ try {
+ final KeyStore keyStore = KeyStoreUtils.loadKeyStore(trustStorePath, trustStorePassword);
+ if (keyStore != null) {
+ // load trusted certificates
+ final Enumeration<String> aliases = keyStore.aliases();
+ while (aliases.hasMoreElements()) {
+ final String el = aliases.nextElement();
+ log.trace("Process TrustStoreEntry: " + el);
+ if (keyStore.isCertificateEntry(el)) {
+ final Certificate cert = keyStore.getCertificate(el);
+ if (cert != null && cert instanceof X509Certificate) {
+ final BasicX509Credential trustedCert = new BasicX509Credential();
+ trustedCert.setEntityCertificate((X509Certificate) cert);
+ this.trustedCredential.add(trustedCert);
+ log.debug("Add cert: " + ((X509Certificate) cert).getSubjectDN() + " as trusted for metadata: "
+ + metadataUrl);
+
+ } else {
+ log.info("Can not process entry: " + el + ". Reason: is null");
+ }
+
+ }
+ }
+
+ } else {
+ throw new Pvp2MetadataException("pvp2.26",
+ new Object[] { "Can not open trustStore: " + trustStorePath + " for metadata: " + metadataUrl });
+ }
+
+ } catch (KeyStoreException | IOException e) {
+ log.warn("Can not open trustStore: " + trustStorePath + " for metadata: " + metadataUrl + " Reason: "
+ + e.getMessage(), e);
+ throw new Pvp2MetadataException("pvp2.26",
+ new Object[] { "Can not open trustStore: " + trustStorePath + " for metadata" }, e);
+
+ }
+
+ }
+
+ @Override
+ protected void verify(EntityDescriptor desc) throws Pvp2MetadataException {
+ try {
+ internalVerify(desc);
+
+ } catch (final EaafException e) {
+ log.info("Metadata verification FAILED for: " + metadataUrl + " Reason: " + e.getMessage());
+ throw new Pvp2MetadataException("pvp2.26",
+ new Object[] { "Metadata verification FAILED for: " + metadataUrl + " Reason: " + e.getMessage() },
+ e);
+
+ }
+ }
+
+ @Override
+ protected void verify(EntitiesDescriptor desc) throws Pvp2MetadataException {
+ throw new Pvp2MetadataException("pvp2.26",
+ new Object[] { "EntitiesDescritors are NOT supported" });
+
+ }
+
+ @Override
+ protected void verify(EntityDescriptor entity, EntitiesDescriptor desc) throws Pvp2MetadataException {
+ throw new Pvp2MetadataException("pvp2.26",
+ new Object[] { "EntitiesDescritors are NOT supported" });
+
+ }
+
+ private void internalVerify(SignableSAMLObject signedElement)
+ throws EaafException {
+ if (signedElement.getSignature() == null) {
+ throw new SamlRequestNotSignedException();
+ }
+
+ try {
+ final SAMLSignatureProfileValidator sigValidator = new SAMLSignatureProfileValidator();
+ sigValidator.validate(signedElement.getSignature());
+ } catch (final ValidationException e) {
+ log.error("Failed to validate Signature", e);
+ throw new SamlRequestNotSignedException(e);
+ }
+
+ boolean isTrusted = false;
+ for (final BasicX509Credential cred : trustedCredential) {
+ final SignatureValidator sigValidator = new SignatureValidator(cred);
+ try {
+ sigValidator.validate(signedElement.getSignature());
+ isTrusted = true;
+
+ } catch (final ValidationException e) {
+ log.info("Failed to verfiy Signature with cert: " + cred.getEntityCertificate().getSubjectDN()
+ + " Reason: " + e.getMessage());
+
+ }
+ }
+
+ if (!isTrusted) {
+ log.warn("PVP2 metadata: " + metadataUrl + " are NOT trusted!");
+ throw new SamlRequestNotSignedException();
+
+ }
+
+ }
}
diff --git a/connector/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider b/connector/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider
index d68a187a..4c2aef74 100644
--- a/connector/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider
+++ b/connector/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider
@@ -1 +1 @@
-at.asitplus.eidas.specific.connector.MSSpecificeIDASNodeSpringResourceProvider \ No newline at end of file
+at.asitplus.eidas.specific.connector.MsSpecificEidasNodeSpringResourceProvider \ No newline at end of file
diff --git a/connector/src/main/resources/applicationContext.xml b/connector/src/main/resources/applicationContext.xml
index 9105bb56..76682a2e 100644
--- a/connector/src/main/resources/applicationContext.xml
+++ b/connector/src/main/resources/applicationContext.xml
@@ -1,37 +1,39 @@
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xmlns:context="http://www.springframework.org/schema/context"
- xmlns:mvc="http://www.springframework.org/schema/mvc"
- xsi:schemaLocation="
- http://www.springframework.org/schema/beans
- http://www.springframework.org/schema/beans/spring-beans.xsd
- http://www.springframework.org/schema/context
- http://www.springframework.org/schema/context/spring-context.xsd
- http://www.springframework.org/schema/mvc
- http://www.springframework.org/schema/mvc/spring-mvc.xsd
- http://www.springframework.org/schema/tx
- http://www.springframework.org/schema/tx/spring-tx.xsd
- "
->
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns:context="http://www.springframework.org/schema/context"
+ xmlns:mvc="http://www.springframework.org/schema/mvc"
+ xsi:schemaLocation="
+ http://www.springframework.org/schema/beans
+ http://www.springframework.org/schema/beans/spring-beans.xsd
+ http://www.springframework.org/schema/context
+ http://www.springframework.org/schema/context/spring-context.xsd
+ http://www.springframework.org/schema/mvc
+ http://www.springframework.org/schema/mvc/spring-mvc.xsd
+ http://www.springframework.org/schema/tx
+ http://www.springframework.org/schema/tx/spring-tx.xsd">
- <context:annotation-config />
- <mvc:annotation-driven />
-
- <mvc:default-servlet-handler/>
-
- <mvc:interceptors>
- <bean class="at.asitplus.eidas.specific.connector.interceptor.WebFrontEndSecurityInterceptor" />
- <bean class="org.springframework.web.servlet.i18n.LocaleChangeInterceptor">
- <property name="paramName" value="lang" />
- </bean>
- </mvc:interceptors>
+ <context:annotation-config />
+ <mvc:annotation-driven />
- <context:property-placeholder location="${eidas.ms.configuration}"/>
+ <mvc:default-servlet-handler />
+
+ <mvc:interceptors>
+ <bean
+ class="at.asitplus.eidas.specific.connector.interceptor.WebFrontEndSecurityInterceptor" />
+ <bean
+ class="org.springframework.web.servlet.i18n.LocaleChangeInterceptor">
+ <property name="paramName" value="lang" />
+ </bean>
+ </mvc:interceptors>
+
+ <context:property-placeholder
+ location="${eidas.ms.configuration}" />
+
+ <bean id="BasicMSSpecificNodeConfig"
+ class="at.asitplus.eidas.specific.connector.config.BasicConfigurationProvider">
+ <constructor-arg
+ value="#{systemProperties['eidas.ms.configuration']}" />
+ </bean>
- <bean id="BasicMSSpecificNodeConfig"
- class="at.asitplus.eidas.specific.connector.config.BasicConfigurationProvider">
- <constructor-arg value="#{systemProperties['eidas.ms.configuration']}"/>
- </bean>
-
</beans>
diff --git a/connector/src/main/resources/logback.xml b/connector/src/main/resources/logback.xml
index b46c95de..a0a9995e 100644
--- a/connector/src/main/resources/logback.xml
+++ b/connector/src/main/resources/logback.xml
@@ -1,105 +1,131 @@
<?xml version="1.0" encoding="UTF-8"?>
-<!-- For assistance related to logback-translator or configuration -->
+<!-- For assistance related to logback-translator or configuration -->
<!-- files in general, please contact the logback user mailing list -->
-<!-- at http://www.qos.ch/mailman/listinfo/logback-user -->
-<!-- -->
-<!-- For professional support please see -->
-<!-- http://www.qos.ch/shop/products/professionalSupport -->
-<!-- -->
+<!-- at http://www.qos.ch/mailman/listinfo/logback-user -->
+<!-- -->
+<!-- For professional support please see -->
+<!-- http://www.qos.ch/shop/products/professionalSupport -->
+<!-- -->
<configuration>
- <appender name="msnode" class="ch.qos.logback.core.rolling.RollingFileAppender">
- <!--See also http://logback.qos.ch/manual/appenders.html#RollingFileAppender-->
+ <appender name="msnode"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <!--See also http://logback.qos.ch/manual/appenders.html#RollingFileAppender -->
<File>${catalina.base}/logs/eidas-ms-reversion.log</File>
<encoder>
<pattern>%5p | %d{dd HH:mm:ss,SSS} | %t | %m%n</pattern>
</encoder>
- <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
+ <rollingPolicy
+ class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
<maxIndex>9999</maxIndex>
- <FileNamePattern>${catalina.base}/logs/eidas-ms-reversion.log.%i</FileNamePattern>
+ <FileNamePattern>${catalina.base}/logs/eidas-ms-reversion.log.%i
+ </FileNamePattern>
</rollingPolicy>
- <triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
+ <triggeringPolicy
+ class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
<MaxFileSize>10000KB</MaxFileSize>
</triggeringPolicy>
</appender>
- <appender name="EIDASNODE" class="ch.qos.logback.core.rolling.RollingFileAppender">
- <!--See also http://logback.qos.ch/manual/appenders.html#RollingFileAppender-->
+ <appender name="EIDASNODE"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <!--See also http://logback.qos.ch/manual/appenders.html#RollingFileAppender -->
<File>${catalina.base}/logs/eIDAS_node.log</File>
<encoder>
<pattern>%5p | %d{dd HH:mm:ss,SSS} | %t | %m%n</pattern>
</encoder>
- <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
+ <rollingPolicy
+ class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
<maxIndex>9999</maxIndex>
- <FileNamePattern>${catalina.base}/logs/eIDAS_node.log.%i</FileNamePattern>
+ <FileNamePattern>${catalina.base}/logs/eIDAS_node.log.%i
+ </FileNamePattern>
</rollingPolicy>
- <triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
+ <triggeringPolicy
+ class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
<MaxFileSize>10000KB</MaxFileSize>
</triggeringPolicy>
</appender>
- <appender name="reversion" class="ch.qos.logback.core.rolling.RollingFileAppender">
- <!--See also http://logback.qos.ch/manual/appenders.html#RollingFileAppender-->
+ <appender name="reversion"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <!--See also http://logback.qos.ch/manual/appenders.html#RollingFileAppender -->
<File>${catalina.base}/logs/eidas-ms-reversion.log</File>
<encoder>
<pattern>%5p | %d{dd HH:mm:ss,SSS} | %t | %m%n</pattern>
</encoder>
- <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
+ <rollingPolicy
+ class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
<maxIndex>9999</maxIndex>
- <FileNamePattern>${catalina.base}/logs/eidas-ms-reversion.log.%i</FileNamePattern>
+ <FileNamePattern>${catalina.base}/logs/eidas-ms-reversion.log.%i
+ </FileNamePattern>
</rollingPolicy>
- <triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
+ <triggeringPolicy
+ class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
<MaxFileSize>10000KB</MaxFileSize>
</triggeringPolicy>
</appender>
- <appender name="statistic" class="ch.qos.logback.core.rolling.RollingFileAppender">
- <!--See also http://logback.qos.ch/manual/appenders.html#RollingFileAppender-->
+ <appender name="statistic"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <!--See also http://logback.qos.ch/manual/appenders.html#RollingFileAppender -->
<File>${catalina.base}/logs/eidas-ms-statistic.log</File>
<encoder>
<pattern>%m%n</pattern>
</encoder>
- <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
+ <rollingPolicy
+ class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
<maxIndex>9999</maxIndex>
- <FileNamePattern>${catalina.base}/logs/eidas-ms-statistic.log.%i</FileNamePattern>
+ <FileNamePattern>${catalina.base}/logs/eidas-ms-statistic.log.%i
+ </FileNamePattern>
</rollingPolicy>
- <triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
+ <triggeringPolicy
+ class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
<MaxFileSize>10000KB</MaxFileSize>
</triggeringPolicy>
</appender>
- <appender name="stdout" class="ch.qos.logback.core.rolling.RollingFileAppender">
- <!--See also http://logback.qos.ch/manual/appenders.html#RollingFileAppender-->
+ <appender name="stdout"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <!--See also http://logback.qos.ch/manual/appenders.html#RollingFileAppender -->
<File>${catalina.base}/logs/console.log</File>
<encoder>
<pattern>%5p | %d{dd HH:mm:ss,SSS} | %t | %m%n</pattern>
</encoder>
- <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
+ <rollingPolicy
+ class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
<maxIndex>9999</maxIndex>
- <FileNamePattern>${catalina.base}/logs/console.log.%i</FileNamePattern>
+ <FileNamePattern>${catalina.base}/logs/console.log.%i
+ </FileNamePattern>
</rollingPolicy>
- <triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
+ <triggeringPolicy
+ class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
<MaxFileSize>10000KB</MaxFileSize>
</triggeringPolicy>
</appender>
- <appender name="console" class="ch.qos.logback.core.ConsoleAppender">
+ <appender name="console"
+ class="ch.qos.logback.core.ConsoleAppender">
<encoder>
<pattern>%5p | %d{dd HH:mm:ss,SSS} | %20c | %10t | %m%n</pattern>
</encoder>
</appender>
<logger name="at.gv.egiz.eaaf" level="info">
- <appender-ref ref="msnode"/>
+ <appender-ref ref="msnode" />
</logger>
<logger name="eu.eidas" additivity="false" level="info">
- <appender-ref ref="EIDASNODE"/>
+ <appender-ref ref="EIDASNODE" />
</logger>
- <logger name="at.gv.egiz.eidas.specific" additivity="false" level="info">
- <appender-ref ref="msnode"/>
+ <logger name="at.gv.egiz.eidas.specific" additivity="false"
+ level="info">
+ <appender-ref ref="msnode" />
</logger>
- <logger name="at.gv.egiz.eidas.specific.connector.logger.RevisionLogger" additivity="false" level="info">
- <appender-ref ref="reversion"/>
+ <logger
+ name="at.gv.egiz.eidas.specific.connector.logger.RevisionLogger"
+ additivity="false" level="info">
+ <appender-ref ref="reversion" />
</logger>
- <logger name="at.gv.egiz.eidas.specific.connector.logger.StatisticLogger" additivity="false" level="info">
- <appender-ref ref="statistic"/>
+ <logger
+ name="at.gv.egiz.eidas.specific.connector.logger.StatisticLogger"
+ additivity="false" level="info">
+ <appender-ref ref="statistic" />
</logger>
<root level="info">
- <appender-ref ref="stdout"/>
- <appender-ref ref="console"/>
+ <appender-ref ref="stdout" />
+ <appender-ref ref="console" />
</root>
</configuration>
diff --git a/connector/src/main/resources/processes/CountrySelection.process.xml b/connector/src/main/resources/processes/CountrySelection.process.xml
index 575bbf0d..9c76e9a9 100644
--- a/connector/src/main/resources/processes/CountrySelection.process.xml
+++ b/connector/src/main/resources/processes/CountrySelection.process.xml
@@ -1,17 +1,29 @@
<?xml version="1.0" encoding="UTF-8"?>
-<pd:ProcessDefinition id="CountrySelectionProcess" xmlns:pd="http://reference.e-government.gv.at/namespace/moa/process/definition/v1">
+<pd:ProcessDefinition id="CountrySelectionProcess"
+ xmlns:pd="http://reference.e-government.gv.at/namespace/moa/process/definition/v1">
- <pd:Task id="initializeCountrySelection" class="GenerateCountrySelectionFrameTask"/>
- <pd:Task id="parseCountrySelection" class="EvaluateCountrySelectionTask" async="true"/>
- <pd:Task id="restartAuthProzessManagement" class="RestartAuthProzessManagement"/>
+ <pd:Task id="initializeCountrySelection"
+ class="GenerateCountrySelectionFrameTask" />
+ <pd:Task id="parseCountrySelection"
+ class="EvaluateCountrySelectionTask" async="true" />
+ <pd:Task id="restartAuthProzessManagement"
+ class="RestartAuthProzessManagement" />
- <pd:StartEvent id="start" />
- <pd:Transition from="start" to="initializeCountrySelection" />
- <pd:Transition from="initializeCountrySelection" to="parseCountrySelection" />
-
- <pd:Transition from="parseCountrySelection" to="initializeCountrySelection" conditionExpression="ctx['changeLanguage']"/>
- <pd:Transition from="parseCountrySelection" to="restartAuthProzessManagement" />
- <pd:Transition from="restartAuthProzessManagement" to="end" />
- <pd:EndEvent id="end" />
+ <pd:StartEvent id="start" />
+
+ <pd:Transition from="start"
+ to="initializeCountrySelection" />
+ <pd:Transition from="initializeCountrySelection"
+ to="parseCountrySelection" />
+
+ <pd:Transition from="parseCountrySelection"
+ to="initializeCountrySelection"
+ conditionExpression="ctx['changeLanguage']" />
+ <pd:Transition from="parseCountrySelection"
+ to="restartAuthProzessManagement" />
+ <pd:Transition from="restartAuthProzessManagement"
+ to="end" />
+
+ <pd:EndEvent id="end" />
</pd:ProcessDefinition>
diff --git a/connector/src/main/resources/specific_eIDAS_connector.beans.xml b/connector/src/main/resources/specific_eIDAS_connector.beans.xml
index 32b1685d..e7a46657 100644
--- a/connector/src/main/resources/specific_eIDAS_connector.beans.xml
+++ b/connector/src/main/resources/specific_eIDAS_connector.beans.xml
@@ -1,129 +1,129 @@
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xmlns:context="http://www.springframework.org/schema/context"
- xmlns:tx="http://www.springframework.org/schema/tx"
- xmlns:aop="http://www.springframework.org/schema/aop"
- xmlns:mvc="http://www.springframework.org/schema/mvc"
- xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd
- http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
- http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd
- http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd
- http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc.xsd">
-
- <context:annotation-config />
- <mvc:annotation-driven />
- <mvc:default-servlet-handler/>
-
- <bean id="WebResourceConfiguration"
- class="at.asitplus.eidas.specific.connector.config.StaticResourceConfiguration" />
-
- <bean id="ProcessEngineSignalController"
- class="at.asitplus.eidas.specific.connector.controller.ProcessEngineSignalController" />
-
- <bean id="MonitoringController"
- class="at.asitplus.eidas.specific.connector.controller.MonitoringController">
- <property name="pvpIDPCredentials">
- <ref bean="PVPEndPointCredentialProvider" />
- </property>
- </bean>
-
- <bean id="AuthenticationManager"
- class="at.asitplus.eidas.specific.connector.auth.AuthenticationManager" />
-
- <bean id="AuthenticationDataBuilder"
- class="at.asitplus.eidas.specific.connector.builder.AuthenticationDataBuilder" />
-
- <bean id="PVPEndPointConfiguration"
- class="at.asitplus.eidas.specific.connector.config.PVPEndPointConfiguration"/>
-
- <bean id="PVPEndPointCredentialProvider"
- class="at.asitplus.eidas.specific.connector.provider.PVPEndPointCredentialProvider" />
-
- <bean id="PVPMetadataConfigurationFactory"
- class="at.asitplus.eidas.specific.connector.provider.PVPMetadataConfigurationFactory" />
-
- <bean id="PVP2XProtocol"
- class="at.asitplus.eidas.specific.connector.controller.PVP2SProfileEndpoint">
- <property name="pvpIDPCredentials">
- <ref bean="PVPEndPointCredentialProvider" />
- </property>
- </bean>
-
- <bean id="AuthnRequestValidator"
- class="at.asitplus.eidas.specific.connector.verification.AuthnRequestValidator" />
-
- <bean id="SAMLVerificationEngine"
- class="at.gv.egiz.eaaf.modules.pvp2.impl.verification.SAMLVerificationEngine" />
-
- <bean id="pvpMetadataService"
- class="at.gv.egiz.eaaf.modules.pvp2.idp.impl.MetadataAction">
- <property name="pvpIDPCredentials">
- <ref bean="PVPEndPointCredentialProvider" />
- </property>
- </bean>
-
- <bean id="PVPAuthenticationRequestAction"
- class="at.gv.egiz.eaaf.modules.pvp2.idp.impl.AuthenticationAction">
- <property name="pvpIDPCredentials">
- <ref bean="PVPEndPointCredentialProvider" />
- </property>
- </bean>
-
- <bean id="eaafProtocolAuthenticationService"
- class="at.gv.egiz.eaaf.core.impl.idp.auth.services.ProtocolAuthenticationService">
- <property name="guiBuilder" ref="mvcGUIBuilderImpl"/>
- </bean>
-
- <bean id="securePendingRequestIdGeneration"
- class="at.gv.egiz.eaaf.core.impl.utils.SecurePendingRequestIdGenerationStrategy"/>
-
- <bean id="PVPMetadataProvider"
- class="at.asitplus.eidas.specific.connector.provider.PVPMetadataProvider" />
-
- <bean id="PVPSubjectNameGenerator"
- class="at.asitplus.eidas.specific.connector.builder.PVPSubjectNameGenerator"/>
-
- <bean id="LoALevelMapper"
- class="at.asitplus.eidas.specific.connector.mapper.LoALevelMapper"/>
-
- <bean id="GUIBuilderConfigurationFactory"
- class="at.asitplus.eidas.specific.connector.gui.GUIBuilderConfigurationFactory" />
-
- <bean id="velocityGUIBuilderImpl"
- class="at.asitplus.eidas.specific.connector.gui.DefaultVelocityGUIBuilderImpl"/>
-
- <bean id="mvcGUIBuilderImpl"
- class="at.asitplus.eidas.specific.connector.gui.SpringMVCGUIFormBuilderImpl"/>
-
- <bean id="templateEngine"
- class="org.thymeleaf.spring5.SpringTemplateEngine">
- <property name="templateResolver" ref="templateResolver" />
- </bean>
-
- <bean class="org.thymeleaf.spring5.view.ThymeleafViewResolver">
- <property name="order" value="2"/>
- <property name="templateEngine" ref="templateEngine" />
- <property name="characterEncoding" value="UTF-8"/>
- </bean>
-
- <bean id="StatusMessageProvider"
- class="at.asitplus.eidas.specific.connector.provider.StatusMessageProvider" />
-
- <bean id="eidasRevisionLogger"
- class="at.asitplus.eidas.specific.connector.logger.RevisionLogger" />
-
- <bean id="eidasStatisticLogger"
- class="at.asitplus.eidas.specific.connector.logger.StatisticLogger" />
-
-
- <!-- Tasks -->
- <bean id="GenerateCountrySelectionFrameTask"
- class="at.asitplus.eidas.specific.connector.processes.tasks.GenerateCountrySelectionFrameTask"
- scope="prototype"/>
-
- <bean id="EvaluateCountrySelectionTask"
- class="at.asitplus.eidas.specific.connector.processes.tasks.EvaluateCountrySelectionTask"
- scope="prototype"/>
-
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns:context="http://www.springframework.org/schema/context"
+ xmlns:tx="http://www.springframework.org/schema/tx"
+ xmlns:aop="http://www.springframework.org/schema/aop"
+ xmlns:mvc="http://www.springframework.org/schema/mvc"
+ xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd
+ http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
+ http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd
+ http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd
+ http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc.xsd">
+
+ <context:annotation-config />
+ <mvc:annotation-driven />
+ <mvc:default-servlet-handler />
+
+ <bean id="WebResourceConfiguration"
+ class="at.asitplus.eidas.specific.connector.config.StaticResourceConfiguration" />
+
+ <bean id="ProcessEngineSignalController"
+ class="at.asitplus.eidas.specific.connector.controller.ProcessEngineSignalController" />
+
+ <bean id="MonitoringController"
+ class="at.asitplus.eidas.specific.connector.controller.MonitoringController">
+ <property name="pvpIDPCredentials">
+ <ref bean="PVPEndPointCredentialProvider" />
+ </property>
+ </bean>
+
+ <bean id="AuthenticationManager"
+ class="at.asitplus.eidas.specific.connector.auth.AuthenticationManager" />
+
+ <bean id="AuthenticationDataBuilder"
+ class="at.asitplus.eidas.specific.connector.builder.AuthenticationDataBuilder" />
+
+ <bean id="PVPEndPointConfiguration"
+ class="at.asitplus.eidas.specific.connector.config.PVPEndPointConfiguration" />
+
+ <bean id="PVPEndPointCredentialProvider"
+ class="at.asitplus.eidas.specific.connector.provider.PVPEndPointCredentialProvider" />
+
+ <bean id="PVPMetadataConfigurationFactory"
+ class="at.asitplus.eidas.specific.connector.provider.PVPMetadataConfigurationFactory" />
+
+ <bean id="PVP2XProtocol"
+ class="at.asitplus.eidas.specific.connector.controller.PVP2SProfileEndpoint">
+ <property name="pvpIDPCredentials">
+ <ref bean="PVPEndPointCredentialProvider" />
+ </property>
+ </bean>
+
+ <bean id="AuthnRequestValidator"
+ class="at.asitplus.eidas.specific.connector.verification.AuthnRequestValidator" />
+
+ <bean id="SAMLVerificationEngine"
+ class="at.gv.egiz.eaaf.modules.pvp2.impl.verification.SAMLVerificationEngine" />
+
+ <bean id="pvpMetadataService"
+ class="at.gv.egiz.eaaf.modules.pvp2.idp.impl.MetadataAction">
+ <property name="pvpIDPCredentials">
+ <ref bean="PVPEndPointCredentialProvider" />
+ </property>
+ </bean>
+
+ <bean id="PVPAuthenticationRequestAction"
+ class="at.gv.egiz.eaaf.modules.pvp2.idp.impl.AuthenticationAction">
+ <property name="pvpIDPCredentials">
+ <ref bean="PVPEndPointCredentialProvider" />
+ </property>
+ </bean>
+
+ <bean id="eaafProtocolAuthenticationService"
+ class="at.gv.egiz.eaaf.core.impl.idp.auth.services.ProtocolAuthenticationService">
+ <property name="guiBuilder" ref="mvcGUIBuilderImpl" />
+ </bean>
+
+ <bean id="securePendingRequestIdGeneration"
+ class="at.gv.egiz.eaaf.core.impl.utils.SecurePendingRequestIdGenerationStrategy" />
+
+ <bean id="PVPMetadataProvider"
+ class="at.asitplus.eidas.specific.connector.provider.PVPMetadataProvider" />
+
+ <bean id="PVPSubjectNameGenerator"
+ class="at.asitplus.eidas.specific.connector.builder.PVPSubjectNameGenerator" />
+
+ <bean id="LoALevelMapper"
+ class="at.asitplus.eidas.specific.connector.mapper.LoALevelMapper" />
+
+ <bean id="GUIBuilderConfigurationFactory"
+ class="at.asitplus.eidas.specific.connector.gui.GUIBuilderConfigurationFactory" />
+
+ <bean id="velocityGUIBuilderImpl"
+ class="at.asitplus.eidas.specific.connector.gui.DefaultVelocityGUIBuilderImpl" />
+
+ <bean id="mvcGUIBuilderImpl"
+ class="at.asitplus.eidas.specific.connector.gui.SpringMVCGUIFormBuilderImpl" />
+
+ <bean id="templateEngine"
+ class="org.thymeleaf.spring5.SpringTemplateEngine">
+ <property name="templateResolver" ref="templateResolver" />
+ </bean>
+
+ <bean class="org.thymeleaf.spring5.view.ThymeleafViewResolver">
+ <property name="order" value="2" />
+ <property name="templateEngine" ref="templateEngine" />
+ <property name="characterEncoding" value="UTF-8" />
+ </bean>
+
+ <bean id="StatusMessageProvider"
+ class="at.asitplus.eidas.specific.connector.provider.StatusMessageProvider" />
+
+ <bean id="eidasRevisionLogger"
+ class="at.asitplus.eidas.specific.connector.logger.RevisionLogger" />
+
+ <bean id="eidasStatisticLogger"
+ class="at.asitplus.eidas.specific.connector.logger.StatisticLogger" />
+
+
+ <!-- Tasks -->
+ <bean id="GenerateCountrySelectionFrameTask"
+ class="at.asitplus.eidas.specific.connector.processes.tasks.GenerateCountrySelectionFrameTask"
+ scope="prototype" />
+
+ <bean id="EvaluateCountrySelectionTask"
+ class="at.asitplus.eidas.specific.connector.processes.tasks.EvaluateCountrySelectionTask"
+ scope="prototype" />
+
</beans> \ No newline at end of file
diff --git a/connector/src/main/resources/specific_eIDAS_connector.storage.beans.xml b/connector/src/main/resources/specific_eIDAS_connector.storage.beans.xml
index a460dea6..9ee5cf88 100644
--- a/connector/src/main/resources/specific_eIDAS_connector.storage.beans.xml
+++ b/connector/src/main/resources/specific_eIDAS_connector.storage.beans.xml
@@ -1,51 +1,49 @@
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xmlns:context="http://www.springframework.org/schema/context"
- xmlns:tx="http://www.springframework.org/schema/tx"
- xmlns:aop="http://www.springframework.org/schema/aop"
- xmlns:mvc="http://www.springframework.org/schema/mvc"
- xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd
- http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
- http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd
- http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd
- http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc.xsd">
-
- <import resource="classpath:specificCommunicationDefinitionApplicationContext.xml"/>
-
-<!-- <bean id="SimpleInMemoryTransactionStorage"
- class="at.asitplus.eidas.specific.connector.storage.SimpleInMemoryTransactionStorage" /> -->
-
- <bean id="eIDASCacheTransactionStoreDecorator"
- class="at.asitplus.eidas.specific.connector.storage.eIDASCacheTransactionStoreDecorator"/>
-
- <bean id="CacheWitheIDASBackend" class="at.asitplus.eidas.specific.connector.storage.CacheWitheIDASBackend">
- <constructor-arg ref="msNodeCacheImpl"/>
- </bean>
-
- <bean id="msNodeCacheImpl" class="eu.eidas.auth.cache.ConcurrentCacheServiceIgniteSpecificCommunicationImpl">
- <property name="igniteInstanceInitializerSpecificCommunication" ref="eidasIgniteInstanceInitializerSpecificCommunication"/>
- <property name="cacheName" value="msConnectorCache"/>
- </bean>
-
-
- <!-- bean id="defaultHazelcastInstance" class="java.lang.String">
- <constructor-arg value="eidasHazelcastInstance"/>
- </bean>
-
- <bean id="eidasHazelcastInstanceInitializer" class=" eu.eidas.auth.commons.cache.HazelcastInstanceInitializer" init-method="initializeInstance" lazy-init="true">
- <property name="hazelcastConfigfileName" value="#{eidasConfigRepository}hazelcast.xml"/>
- <property name="hazelcastInstanceName" ref="defaultHazelcastInstance"/>
- </bean>
-
- <bean id="springServiceCMapspecificMSSpCorProviderProd" class="eu.eidas.auth.commons.cache.ConcurrentMapServiceDistributedImpl" lazy-init="true">
- <property name="hazelcastInstanceInitializer" ref="eidasHazelcastInstanceInitializer"/>
- <property name="cacheName" value="specificSpRequestCorrelationCacheService"/>
- </bean>
-
- <bean id="springServiceCMapspecificMSSpCorProviderDev" class="eu.eidas.auth.commons.cache.ConcurrentMapServiceDefaultImpl">
- <property name="expireAfterAccess" value="1800"/>
- <property name="maximumSize" value="1000"/>
- </bean -->
-
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns:context="http://www.springframework.org/schema/context"
+ xmlns:tx="http://www.springframework.org/schema/tx"
+ xmlns:aop="http://www.springframework.org/schema/aop"
+ xmlns:mvc="http://www.springframework.org/schema/mvc"
+ xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd
+ http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
+ http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd
+ http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd
+ http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc.xsd">
+
+ <import
+ resource="classpath:specificCommunicationDefinitionApplicationContext.xml" />
+
+ <!-- <bean id="SimpleInMemoryTransactionStorage" class="at.asitplus.eidas.specific.connector.storage.SimpleInMemoryTransactionStorage"
+ /> -->
+
+ <bean id="eIDASCacheTransactionStoreDecorator"
+ class="at.asitplus.eidas.specific.connector.storage.eIDASCacheTransactionStoreDecorator" />
+
+ <bean id="CacheWitheIDASBackend"
+ class="at.asitplus.eidas.specific.connector.storage.CacheWitheIDASBackend">
+ <constructor-arg ref="msNodeCacheImpl" />
+ </bean>
+
+ <bean id="msNodeCacheImpl"
+ class="eu.eidas.auth.cache.ConcurrentCacheServiceIgniteSpecificCommunicationImpl">
+ <property
+ name="igniteInstanceInitializerSpecificCommunication"
+ ref="eidasIgniteInstanceInitializerSpecificCommunication" />
+ <property name="cacheName" value="msConnectorCache" />
+ </bean>
+
+
+ <!-- bean id="defaultHazelcastInstance" class="java.lang.String"> <constructor-arg
+ value="eidasHazelcastInstance"/> </bean> <bean id="eidasHazelcastInstanceInitializer"
+ class=" eu.eidas.auth.commons.cache.HazelcastInstanceInitializer" init-method="initializeInstance"
+ lazy-init="true"> <property name="hazelcastConfigfileName" value="#{eidasConfigRepository}hazelcast.xml"/>
+ <property name="hazelcastInstanceName" ref="defaultHazelcastInstance"/> </bean>
+ <bean id="springServiceCMapspecificMSSpCorProviderProd" class="eu.eidas.auth.commons.cache.ConcurrentMapServiceDistributedImpl"
+ lazy-init="true"> <property name="hazelcastInstanceInitializer" ref="eidasHazelcastInstanceInitializer"/>
+ <property name="cacheName" value="specificSpRequestCorrelationCacheService"/>
+ </bean> <bean id="springServiceCMapspecificMSSpCorProviderDev" class="eu.eidas.auth.commons.cache.ConcurrentMapServiceDefaultImpl">
+ <property name="expireAfterAccess" value="1800"/> <property name="maximumSize"
+ value="1000"/> </bean -->
+
</beans> \ No newline at end of file
diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/CountrySelectionProcessImplTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/CountrySelectionProcessImplTest.java
new file mode 100644
index 00000000..9e6e1003
--- /dev/null
+++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/CountrySelectionProcessImplTest.java
@@ -0,0 +1,115 @@
+package at.asitplus.eidas.specific.connector.test;
+
+import java.util.HashMap;
+import java.util.Map;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.core.io.Resource;
+import org.springframework.core.io.ResourceLoader;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import at.asitplus.eidas.specific.connector.MsEidasNodeConstants;
+import at.asitplus.eidas.specific.connector.processes.CountrySelectionProcessImpl;
+import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants;
+import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
+import at.gv.egiz.eaaf.core.impl.idp.auth.modules.ModuleRegistration;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.DummyConfiguration;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySpConfiguration;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
+import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration("/spring/SpringTest-context_basic_test.xml")
+public class CountrySelectionProcessImplTest {
+
+ @Autowired ModuleRegistration moduleReg;
+ @Autowired ResourceLoader loader;
+
+ private final ExecutionContext executionContext = new ExecutionContextImpl();
+ private DummySpConfiguration oaParam;
+ private TestRequestImpl pendingReq;
+ private CountrySelectionProcessImpl authProcess = new CountrySelectionProcessImpl();
+
+ /**
+ * jUnit class initializer.
+ *
+ */
+ public static void classInitializer() {
+ final String current = new java.io.File(".").toURI().toString();
+ System.setProperty("eidas.ms.configuration", current + "../basicConfig/default_config.properties");
+
+ }
+
+ /**
+ * jUnit test set-up.
+ *
+ */
+ @Before
+ public void initialize() {
+ Map<String, String> configMap = new HashMap<String, String>();
+ configMap.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "http://test.com/test");
+ IConfiguration basicConfig = new DummyConfiguration();
+ oaParam = new DummySpConfiguration(configMap, basicConfig);
+ pendingReq = new TestRequestImpl();
+ pendingReq.setSpConfig(oaParam);
+ }
+
+ @Test
+ public void checkProcessDefinition() {
+ Assert.assertNotNull("AuthModule is null", authProcess);
+ Assert.assertNotNull("AuthModule process is null", authProcess.getProcessDefinitions());
+
+ for (String el : authProcess.getProcessDefinitions()) {
+ Resource res = loader.getResource(el);
+ Assert.assertTrue("AuthProcess description not extist", res.exists());
+
+ }
+ }
+
+ @Test
+ public void noCountrySelected() throws Exception {
+ final String result =
+ moduleReg.selectProcess(executionContext, pendingReq);
+ Assert.assertNotNull("Process is null", result);
+ Assert.assertEquals("Process Id not match", "CountrySelectionProcess", result);
+
+ }
+
+ @Test
+ public void selectCountryValid() throws Exception {
+ executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, RandomStringUtils.randomAlphanumeric(2));
+ final String result =
+ moduleReg.selectProcess(executionContext, pendingReq);
+
+ Assert.assertNull("Select wrong process", result);
+
+ }
+
+ @Test
+ public void selectCountryWrongType() throws Exception {
+ executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, 1);
+ final String result =
+ moduleReg.selectProcess(executionContext, pendingReq);
+ Assert.assertNotNull("Process is null", result);
+ Assert.assertEquals("Process Id not match", "CountrySelectionProcess", result);
+
+ }
+
+ @Test
+ public void selectCountryEmpty() throws Exception {
+ executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "");
+ final String result =
+ moduleReg.selectProcess(executionContext, pendingReq);
+ Assert.assertNotNull("Process is null", result);
+ Assert.assertEquals("Process Id not match", "CountrySelectionProcess", result);
+
+ }
+
+}
diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MsConnectorSpringResourceProviderTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MsConnectorSpringResourceProviderTest.java
new file mode 100644
index 00000000..5d73e3de
--- /dev/null
+++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MsConnectorSpringResourceProviderTest.java
@@ -0,0 +1,56 @@
+package at.asitplus.eidas.specific.connector.test;
+
+import java.io.IOException;
+import java.io.InputStream;
+
+import org.apache.commons.io.IOUtils;
+import org.junit.Assert;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.junit.runners.BlockJUnit4ClassRunner;
+import org.springframework.core.io.Resource;
+
+import at.asitplus.eidas.specific.connector.MsSpecificEidasNodeSpringResourceProvider;
+import at.gv.egiz.eaaf.core.test.TestConstants;
+
+
+
+@RunWith(BlockJUnit4ClassRunner.class)
+public class MsConnectorSpringResourceProviderTest {
+
+ @Test
+ public void testSpringConfig() {
+ final MsSpecificEidasNodeSpringResourceProvider test =
+ new MsSpecificEidasNodeSpringResourceProvider();
+ for (final Resource el : test.getResourcesToLoad()) {
+ try {
+ IOUtils.toByteArray(el.getInputStream());
+
+ } catch (final IOException e) {
+ Assert.fail("Ressouce: " + el.getFilename() + " not found");
+ }
+
+ }
+
+ Assert.assertNotNull("no Name", test.getName());
+ Assert.assertNull("Find package definitions", test.getPackagesToScan());
+
+ }
+
+ @Test
+ public void testSpILoaderConfig() {
+ final InputStream el = this.getClass().getResourceAsStream(TestConstants.TEST_SPI_LOADER_PATH);
+ try {
+ final String spiFile = IOUtils.toString(el, "UTF-8");
+
+ Assert.assertEquals("Wrong classpath in SPI file",
+ MsSpecificEidasNodeSpringResourceProvider.class.getName(), spiFile);
+
+
+ } catch (final IOException e) {
+ Assert.fail("Ressouce: " + TestConstants.TEST_SPI_LOADER_PATH + " not found");
+
+ }
+ }
+
+}
diff --git a/connector/src/test/resources/spring/SpringTest-context_basic_test.xml b/connector/src/test/resources/spring/SpringTest-context_basic_test.xml
new file mode 100644
index 00000000..8121c0b5
--- /dev/null
+++ b/connector/src/test/resources/spring/SpringTest-context_basic_test.xml
@@ -0,0 +1,22 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans xmlns="http://www.springframework.org/schema/beans"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns:context="http://www.springframework.org/schema/context"
+ xmlns:tx="http://www.springframework.org/schema/tx"
+ xmlns:aop="http://www.springframework.org/schema/aop"
+ xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd
+ http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
+ http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd
+ http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd">
+
+ <context:annotation-config />
+
+ <import resource="classpath:/SpringTest-context_authManager.xml" />
+
+ <bean id="BasicMSSpecificNodeConfig"
+ class="at.asitplus.eidas.specific.connector.config.BasicConfigurationProvider">
+ <constructor-arg
+ value="#{systemProperties['eidas.ms.configuration'] != null ? systemProperties['eidas.ms.configuration'] : 'file:/F:/Projekte/configs/ms_connector/default_config.properties' }" />
+ </bean>
+
+</beans> \ No newline at end of file
diff --git a/connector_lib/pom.xml b/connector_lib/pom.xml
index 0771f3e5..ec9e57f7 100644
--- a/connector_lib/pom.xml
+++ b/connector_lib/pom.xml
@@ -1,6 +1,8 @@
<?xml version="1.0"?>
-<project xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd" xmlns="http://maven.apache.org/POM/4.0.0"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+<project
+ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"
+ xmlns="http://maven.apache.org/POM/4.0.0"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>at.asitplus.eidas</groupId>
@@ -11,33 +13,33 @@
<artifactId>connector_lib</artifactId>
<name>ms_specific_connector_lib</name>
<packaging>jar</packaging>
-
+
<url>http://maven.apache.org</url>
<properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
</properties>
<dependencies>
<dependency>
- <groupId>at.gv.egiz.eaaf</groupId>
- <artifactId>eaaf-core</artifactId>
- </dependency>
+ <groupId>at.gv.egiz.eaaf</groupId>
+ <artifactId>eaaf-core</artifactId>
+ </dependency>
+
+ <dependency>
+ <groupId>javax.servlet</groupId>
+ <artifactId>javax.servlet-api</artifactId>
+ <scope>provided</scope>
+ </dependency>
- <dependency>
- <groupId>javax.servlet</groupId>
- <artifactId>javax.servlet-api</artifactId>
- <scope>provided</scope>
- </dependency>
-
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<scope>test</scope>
</dependency>
</dependencies>
-
- <build>
+
+ <build>
<finalName>msConnectorLib</finalName>
-
+
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
@@ -47,23 +49,23 @@
<target>1.8</target>
</configuration>
</plugin>
-
+
<!-- enable co-existence of testng and junit -->
- <plugin>
- <artifactId>maven-surefire-plugin</artifactId>
- <configuration>
- <threadCount>1</threadCount>
- </configuration>
- <dependencies>
- <dependency>
- <groupId>org.apache.maven.surefire</groupId>
- <artifactId>surefire-junit47</artifactId>
- <version>${surefire.version}</version>
- </dependency>
- </dependencies>
- </plugin>
-
+ <plugin>
+ <artifactId>maven-surefire-plugin</artifactId>
+ <configuration>
+ <threadCount>1</threadCount>
+ </configuration>
+ <dependencies>
+ <dependency>
+ <groupId>org.apache.maven.surefire</groupId>
+ <artifactId>surefire-junit47</artifactId>
+ <version>${surefire.version}</version>
+ </dependency>
+ </dependencies>
+ </plugin>
+
</plugins>
</build>
-
+
</project>
diff --git a/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/MSConnectorEventCodes.java b/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/MSConnectorEventCodes.java
deleted file mode 100644
index ac0d35ef..00000000
--- a/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/MSConnectorEventCodes.java
+++ /dev/null
@@ -1,44 +0,0 @@
-/*******************************************************************************
- * Copyright 2018 A-SIT Plus GmbH
- * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
- * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "License");
- * You may not use this work except in compliance with the License.
- * You may obtain a copy of the License at:
- * https://joinup.ec.europa.eu/news/understanding-eupl-v12
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-package at.asitplus.eidas.specific.connector;
-
-public class MSConnectorEventCodes {
-
- public static final int STARTING_COUNTRY_SELECTION = 4100;
- public static final int COUNTRY_SELECTED = 4101;
-
- public static final int PROCESS_STOPPED_BY_USER = 4102;
-
- public static final int EIDAS_NODE_CONNECTED = 6101;
- public static final int RESPONSE_FROM_EIDAS_NODE = 6102;
- public static final int RESPONSE_FROM_EIDAS_NODE_VALID = 6103;
- public static final int RESPONSE_FROM_EIDAS_NODE_NOT_VALID = 6104;
- public static final int RESPONSE_FROM_EIDAS_MDSDATA = 6105;
-
- public static final int SZR_IDL_RECEIVED = 6200;
- public static final int SZR_BPK_RECEIVED = 6201;
-
- public static final int SZR_ERNB_EIDAS_RAW_ID = 6210;
- public static final int SZR_ERNB_EIDAS_ERNB_ID = 6211;
-
-}
diff --git a/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/MSeIDASNodeConstants.java b/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/MSeIDASNodeConstants.java
deleted file mode 100644
index 9e6c1a3b..00000000
--- a/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/MSeIDASNodeConstants.java
+++ /dev/null
@@ -1,123 +0,0 @@
-/*******************************************************************************
- * Copyright 2018 A-SIT Plus GmbH
- * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
- * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "License");
- * You may not use this work except in compliance with the License.
- * You may obtain a copy of the License at:
- * https://joinup.ec.europa.eu/news/understanding-eupl-v12
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-package at.asitplus.eidas.specific.connector;
-
-import java.util.Arrays;
-import java.util.List;
-
-import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants;
-
-public class MSeIDASNodeConstants {
- // ************ configuration properties ************
- public static final String PROP_CONFIG_APPLICATION_PREFIX = "eidas.ms.";
- public static final String PROP_CONFIG_APPLICATION_PUBLIC_URL_PREFIX = "context.url.prefix";
- public static final String PROP_CONFIG_APPLICATION_PUBLIC_URL_REQUEST_VALIDATION = "context.url.request.validation";
- public static final String PROP_CONFIG_REVISIONLOG_LOG_IP_ADDRESS_OF_USER = "revisionlog.logIPAddressOfUser";
- public static final String PROP_CONFIG_REVISIONLOG_WRITE_MDS_INTO_REVISION_LOG = "revisionlog.write.MDS.into.revisionlog";
- public static final String PROP_CONFIG_TECHNICALLOG_WRITE_MDS_INTO_TECH_LOG = "technicallog.write.MDS.into.techlog";
-
- public static final String PROP_CONFIG_WEBCONTENT_STATIC_PATH = "webcontent.static.directory";
- public static final String PROP_CONFIG_WEBCONTENT_PROPERTIES_PATH = "webcontent.properties";
- public static final String PROP_CONFIG_WEBCONTENT_TEMPLATES_PATH = "webcontent.templates";
-
- public static final String PROP_CONFIG_MONITORING_EIDASNODE_METADATAURL = "monitoring.eIDASNode.metadata.url";
-
- private static final String PROP_CONFIG_PVP2_PREFIX = "pvp2.";
- public static final String PROP_CONFIG_PVP2_KEYSTORE_PATH = PROP_CONFIG_PVP2_PREFIX + "keystore.path";
- public static final String PROP_CONFIG_PVP2_KEYSTORE_PASSWORD = PROP_CONFIG_PVP2_PREFIX + "keystore.password";
- public static final String PROP_CONFIG_PVP2_KEY_METADATA_ALIAS = PROP_CONFIG_PVP2_PREFIX + "key.metadata.alias";
- public static final String PROP_CONFIG_PVP2_KEY_METADATA_PASSWORD = PROP_CONFIG_PVP2_PREFIX + "key.metadata.password";
- public static final String PROP_CONFIG_PVP2_KEY_SIGNING_ALIAS = PROP_CONFIG_PVP2_PREFIX + "key.signing.alias";
- public static final String PROP_CONFIG_PVP2_KEY_SIGNING_PASSWORD = PROP_CONFIG_PVP2_PREFIX + "key.signing.password";
- public static final String PROP_CONFIG_PVP2_METADATA_VALIDITY = PROP_CONFIG_PVP2_PREFIX + "metadata.validity";
-
- //TODO: is not implemented yet
- public static final String PROP_CONFIG_SP_VALIDATION_DISABLED = "configuration.sp.disableRegistrationRequirement";
-
- public static final String PROP_EIDAS_REQUEST_LOA_MINIMUM_LEVEL = "auth.eIDAS.node_v2.loa.requested.minimum";
-
- public static final String PROP_CONFIG_SP_LIST_PREFIX = "sp.";
- public static final String PROP_CONFIG_SP_UNIQUEIDENTIFIER = EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER;
- public static final String PROP_CONFIG_SP_FRIENDLYNAME = "friendlyName";
- public static final String PROP_CONFIG_SP_PVP2_METADATA_URL = "pvp2.metadata.url";
- public static final String PROP_CONFIG_SP_PVP2_METADATA_TRUSTSTORE = "pvp2.metadata.truststore";
- public static final String PROP_CONFIG_SP_PVP2_METADATA_TRUSTSTORE_PASSWORD = "pvp2.metadata.truststore.password";
- public static final String PROP_CONFIG_SP_POLICY_ALLOWED_TARGETS = "policy.allowed.requested.targets";
- public static final String PROP_CONFIG_SP_POLICY_BASEIDTRANSFER_RESTRICTION = "policy.hasBaseIdTransferRestriction";
-
- public static final String PROP_CONFIG_PVP_SCHEME_VALIDATION = "configuration.pvp.scheme.validation";
- public static final String PROP_CONFIG_PVP_ENABLE_ENTITYCATEGORIES = "configuration.pvp.enable.entitycategories";
-
- // ********** default values ***************
-
- //Default policy for SP-targets requested by MOA-ID to ms-specific eIDAS Connector
- public static final String POLICY_DEFAULT_ALLOWED_TARGETS = ".*";
- // EAAFConstants.URN_PREFIX_CDID.replaceAll("\\.", "\\\\.").replaceAll("\\+", "\\\\+") + ".*";
-
- public static final int METADATA_SOCKED_TIMEOUT = 20 * 1000; //20 seconds metadata socked timeout
- public static final int DEFAULT_PVP_METADATA_VALIDITY = 24; //24 hours
- public static final int DEFAULT_PVP_ASSERTION_VALIDITY = 5; //5 minutes
-
-
- // ************ application end-points *************
- public static final String ENDPOINT_PVP_METADATA = "/pvp/metadata";
- public static final String ENDPOINT_PVP_POST = "/pvp/post";
- public static final String ENDPOINT_PVP_REDIRECT = "/pvp/redirect";
-
- public static final String ENDPOINT_COUNTRYSELECTION = "/myHomeCountry";
-
- public static final String ENDPOINT_MONITORING_MONITOR = "/monitoring";
- public static final String ENDPOINT_MONITORING_VERIFY = "/verify";
-
-
- // ************ paths and templates ************
- public static final String CLASSPATH_TEMPLATE_DIR = "/templates/";
- public static final String FILESYSTEM_TEMPLATE_DIR = "./templates/";
-
- public static final String TEMPLATE_HTML_ERROR = "error_message.html";
- public static final String TEMPLATE_HTML_PVP_POSTBINDING = "pvp2_post_binding.html";
- public static final String TEMPLATE_HTML_COUNTRYSELECTION = "countrySelection.html";
-
-
- // ************ execution context and generic data ************
- public static final String REQ_PARAM_SELECTED_COUNTRY = "selectedCountry";
- public static final String REQ_PARAM_SELECTED_ENVIRONMENT = "selectedEnvironment";
- public static final String REQ_PARAM_STOP_PROCESS = "stopAuthProcess";
-
- public static final String REQ_PARAM_SELECTED_ENVIRONMENT_VALUE_PRODUCTION = "prod";
- public static final String REQ_PARAM_SELECTED_ENVIRONMENT_VALUE_QS = "qs";
- public static final String REQ_PARAM_SELECTED_ENVIRONMENT_VALUE_TESTING = "test";
- public static final String REQ_PARAM_SELECTED_ENVIRONMENT_VALUE_DEVELOPMENT = "dev";
-
- public static final String DATA_REQUESTERID = "req_requesterId";
- public static final String DATA_PROVIDERNAME = "req_providerName";
- public static final String DATA_REQUESTED_LOA_LIST = "req_requestedLoA";
- public static final String DATA_REQUESTED_LOA_COMPERISON = "req_requestedLoAComperision";
-
- public static final List<String> COUNTRY_SELECTION_PARAM_WHITELIST =
- Arrays.asList(REQ_PARAM_SELECTED_COUNTRY, REQ_PARAM_SELECTED_ENVIRONMENT);
-
-
-}
diff --git a/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/MsConnectorEventCodes.java b/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/MsConnectorEventCodes.java
new file mode 100644
index 00000000..9c80f4ad
--- /dev/null
+++ b/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/MsConnectorEventCodes.java
@@ -0,0 +1,45 @@
+/*
+ * Copyright 2018 A-SIT Plus GmbH
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "License");
+ * You may not use this work except in compliance with the License.
+ * You may obtain a copy of the License at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+package at.asitplus.eidas.specific.connector;
+
+public class MsConnectorEventCodes {
+
+ public static final int STARTING_COUNTRY_SELECTION = 4100;
+ public static final int COUNTRY_SELECTED = 4101;
+
+ public static final int PROCESS_STOPPED_BY_USER = 4102;
+
+ public static final int EIDAS_NODE_CONNECTED = 6101;
+ public static final int RESPONSE_FROM_EIDAS_NODE = 6102;
+ public static final int RESPONSE_FROM_EIDAS_NODE_VALID = 6103;
+ public static final int RESPONSE_FROM_EIDAS_NODE_NOT_VALID = 6104;
+ public static final int RESPONSE_FROM_EIDAS_MDSDATA = 6105;
+
+ public static final int SZR_IDL_RECEIVED = 6200;
+ public static final int SZR_BPK_RECEIVED = 6201;
+
+ public static final int SZR_ERNB_EIDAS_RAW_ID = 6210;
+ public static final int SZR_ERNB_EIDAS_ERNB_ID = 6211;
+
+}
diff --git a/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/MsEidasNodeConstants.java b/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/MsEidasNodeConstants.java
new file mode 100644
index 00000000..c13fcbf2
--- /dev/null
+++ b/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/MsEidasNodeConstants.java
@@ -0,0 +1,136 @@
+/*
+ * Copyright 2018 A-SIT Plus GmbH
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "License");
+ * You may not use this work except in compliance with the License.
+ * You may obtain a copy of the License at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.asitplus.eidas.specific.connector;
+
+import java.util.Arrays;
+import java.util.List;
+
+import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants;
+
+public class MsEidasNodeConstants {
+ // ************ configuration properties ************
+ public static final String PROP_CONFIG_APPLICATION_PREFIX = "eidas.ms.";
+ public static final String PROP_CONFIG_APPLICATION_PUBLIC_URL_PREFIX = "context.url.prefix";
+ public static final String PROP_CONFIG_APPLICATION_PUBLIC_URL_REQUEST_VALIDATION =
+ "context.url.request.validation";
+ public static final String PROP_CONFIG_REVISIONLOG_LOG_IP_ADDRESS_OF_USER =
+ "revisionlog.logIPAddressOfUser";
+ public static final String PROP_CONFIG_REVISIONLOG_WRITE_MDS_INTO_REVISION_LOG =
+ "revisionlog.write.MDS.into.revisionlog";
+ public static final String PROP_CONFIG_TECHNICALLOG_WRITE_MDS_INTO_TECH_LOG =
+ "technicallog.write.MDS.into.techlog";
+
+ public static final String PROP_CONFIG_WEBCONTENT_STATIC_PATH = "webcontent.static.directory";
+ public static final String PROP_CONFIG_WEBCONTENT_PROPERTIES_PATH = "webcontent.properties";
+ public static final String PROP_CONFIG_WEBCONTENT_TEMPLATES_PATH = "webcontent.templates";
+
+ public static final String PROP_CONFIG_MONITORING_EIDASNODE_METADATAURL =
+ "monitoring.eIDASNode.metadata.url";
+
+ private static final String PROP_CONFIG_PVP2_PREFIX = "pvp2.";
+ public static final String PROP_CONFIG_PVP2_KEYSTORE_PATH = PROP_CONFIG_PVP2_PREFIX + "keystore.path";
+ public static final String PROP_CONFIG_PVP2_KEYSTORE_PASSWORD = PROP_CONFIG_PVP2_PREFIX
+ + "keystore.password";
+ public static final String PROP_CONFIG_PVP2_KEY_METADATA_ALIAS = PROP_CONFIG_PVP2_PREFIX
+ + "key.metadata.alias";
+ public static final String PROP_CONFIG_PVP2_KEY_METADATA_PASSWORD = PROP_CONFIG_PVP2_PREFIX
+ + "key.metadata.password";
+ public static final String PROP_CONFIG_PVP2_KEY_SIGNING_ALIAS = PROP_CONFIG_PVP2_PREFIX
+ + "key.signing.alias";
+ public static final String PROP_CONFIG_PVP2_KEY_SIGNING_PASSWORD = PROP_CONFIG_PVP2_PREFIX
+ + "key.signing.password";
+ public static final String PROP_CONFIG_PVP2_METADATA_VALIDITY = PROP_CONFIG_PVP2_PREFIX
+ + "metadata.validity";
+
+ // TODO: is not implemented yet
+ public static final String PROP_CONFIG_SP_VALIDATION_DISABLED =
+ "configuration.sp.disableRegistrationRequirement";
+
+ public static final String PROP_EIDAS_REQUEST_LOA_MINIMUM_LEVEL =
+ "auth.eIDAS.node_v2.loa.requested.minimum";
+
+ public static final String PROP_CONFIG_SP_LIST_PREFIX = "sp.";
+ public static final String PROP_CONFIG_SP_UNIQUEIDENTIFIER = EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER;
+ public static final String PROP_CONFIG_SP_FRIENDLYNAME = "friendlyName";
+ public static final String PROP_CONFIG_SP_PVP2_METADATA_URL = "pvp2.metadata.url";
+ public static final String PROP_CONFIG_SP_PVP2_METADATA_TRUSTSTORE = "pvp2.metadata.truststore";
+ public static final String PROP_CONFIG_SP_PVP2_METADATA_TRUSTSTORE_PASSWORD =
+ "pvp2.metadata.truststore.password";
+ public static final String PROP_CONFIG_SP_POLICY_ALLOWED_TARGETS = "policy.allowed.requested.targets";
+ public static final String PROP_CONFIG_SP_POLICY_BASEIDTRANSFER_RESTRICTION =
+ "policy.hasBaseIdTransferRestriction";
+
+ public static final String PROP_CONFIG_PVP_SCHEME_VALIDATION = "configuration.pvp.scheme.validation";
+ public static final String PROP_CONFIG_PVP_ENABLE_ENTITYCATEGORIES =
+ "configuration.pvp.enable.entitycategories";
+
+ // ********** default values ***************
+
+ // Default policy for SP-targets requested by MOA-ID to ms-specific eIDAS
+ // Connector
+ public static final String POLICY_DEFAULT_ALLOWED_TARGETS = ".*";
+ // EAAFConstants.URN_PREFIX_CDID.replaceAll("\\.", "\\\\.").replaceAll("\\+",
+ // "\\\\+") + ".*";
+
+ public static final int METADATA_SOCKED_TIMEOUT = 20 * 1000; // 20 seconds metadata socked timeout
+ public static final int DEFAULT_PVP_METADATA_VALIDITY = 24; // 24 hours
+ public static final int DEFAULT_PVP_ASSERTION_VALIDITY = 5; // 5 minutes
+
+ // ************ application end-points *************
+ public static final String ENDPOINT_PVP_METADATA = "/pvp/metadata";
+ public static final String ENDPOINT_PVP_POST = "/pvp/post";
+ public static final String ENDPOINT_PVP_REDIRECT = "/pvp/redirect";
+
+ public static final String ENDPOINT_COUNTRYSELECTION = "/myHomeCountry";
+
+ public static final String ENDPOINT_MONITORING_MONITOR = "/monitoring";
+ public static final String ENDPOINT_MONITORING_VERIFY = "/verify";
+
+ // ************ paths and templates ************
+ public static final String CLASSPATH_TEMPLATE_DIR = "/templates/";
+ public static final String FILESYSTEM_TEMPLATE_DIR = "./templates/";
+
+ public static final String TEMPLATE_HTML_ERROR = "error_message.html";
+ public static final String TEMPLATE_HTML_PVP_POSTBINDING = "pvp2_post_binding.html";
+ public static final String TEMPLATE_HTML_COUNTRYSELECTION = "countrySelection.html";
+
+ // ************ execution context and generic data ************
+ public static final String REQ_PARAM_SELECTED_COUNTRY = "selectedCountry";
+ public static final String REQ_PARAM_SELECTED_ENVIRONMENT = "selectedEnvironment";
+ public static final String REQ_PARAM_STOP_PROCESS = "stopAuthProcess";
+
+ public static final String REQ_PARAM_SELECTED_ENVIRONMENT_VALUE_PRODUCTION = "prod";
+ public static final String REQ_PARAM_SELECTED_ENVIRONMENT_VALUE_QS = "qs";
+ public static final String REQ_PARAM_SELECTED_ENVIRONMENT_VALUE_TESTING = "test";
+ public static final String REQ_PARAM_SELECTED_ENVIRONMENT_VALUE_DEVELOPMENT = "dev";
+
+ public static final String DATA_REQUESTERID = "req_requesterId";
+ public static final String DATA_PROVIDERNAME = "req_providerName";
+ public static final String DATA_REQUESTED_LOA_LIST = "req_requestedLoA";
+ public static final String DATA_REQUESTED_LOA_COMPERISON = "req_requestedLoAComperision";
+
+ public static final List<String> COUNTRY_SELECTION_PARAM_WHITELIST =
+ Arrays.asList(REQ_PARAM_SELECTED_COUNTRY, REQ_PARAM_SELECTED_ENVIRONMENT);
+
+}
diff --git a/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/config/BasicConfigurationProvider.java b/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/config/BasicConfigurationProvider.java
index 4a9bc8e4..355c63f2 100644
--- a/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/config/BasicConfigurationProvider.java
+++ b/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/config/BasicConfigurationProvider.java
@@ -1,6 +1,6 @@
-/*******************************************************************************
+/*
* Copyright 2018 A-SIT Plus GmbH
- * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
* A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
*
* Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
@@ -19,21 +19,21 @@
* file for details on the various modules and licenses.
* The "NOTICE" text file is part of the distribution. Any derivative works
* that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
+*/
+
package at.asitplus.eidas.specific.connector.config;
import java.net.URL;
import java.util.HashMap;
import java.util.Map;
+import java.util.Map.Entry;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Service;
-import at.asitplus.eidas.specific.connector.MSeIDASNodeConstants;
+import at.asitplus.eidas.specific.connector.MsEidasNodeConstants;
import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration;
import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException;
import at.gv.egiz.eaaf.core.exceptions.EaafException;
@@ -41,104 +41,113 @@ import at.gv.egiz.eaaf.core.impl.idp.conf.AbstractConfigurationImpl;
import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils;
@Service("BasicMSSpecificNodeConfig")
-public class BasicConfigurationProvider extends AbstractConfigurationImpl{
- private static final Logger log = LoggerFactory.getLogger(BasicConfigurationProvider.class);
-
- private Map<String, ISpConfiguration> spConfigCache = new HashMap<String, ISpConfiguration>();
-
- public BasicConfigurationProvider(String configPath) throws EaafConfigurationException {
- super(configPath);
-
- }
-
- @Override
- public ISpConfiguration getServiceProviderConfiguration(String entityId) throws EaafConfigurationException {
- if (!spConfigCache.containsKey(entityId)) {
- log.debug("SP: " + entityId + " is NOT cached. Starting load operation ... ");
- Map<String, String> allSPs = getBasicConfigurationWithPrefix(MSeIDASNodeConstants.PROP_CONFIG_SP_LIST_PREFIX);
- for (String key : allSPs.keySet()) {
- if (key.endsWith(MSeIDASNodeConstants.PROP_CONFIG_SP_UNIQUEIDENTIFIER) &&
- allSPs.get(key).equals(entityId)) {
- String listId = KeyValueUtils.getParentKey(key);
- log.trace("Find SP configuration with list-Id: " + listId + ". Extracting configuration elements ... ");
- Map<String, String> spConfig = KeyValueUtils.getSubSetWithPrefix(allSPs, listId + KeyValueUtils.KEY_DELIMITER);
- spConfigCache.put(entityId,
- new ServiceProviderConfiguration(spConfig, this));
- break;
- }
- }
-
- if (spConfigCache.containsKey(entityId))
- log.info("SP: " + entityId + " is loaded. Continuing auth. process ... ");
- else {
- log.warn("SP: " + entityId + " is NOT found in configuration. Stopping auth. process ... ");
- return null;
-
- }
-
- } else
- log.trace("SP: " + entityId + " is already cached. Use configuration from there ... ");
-
-
- return spConfigCache.get(entityId);
- }
-
- @Override
- public <T> T getServiceProviderConfiguration(String entityId, Class<T> decorator) throws EaafConfigurationException {
- ISpConfiguration spConfig = getServiceProviderConfiguration(entityId);
- if (spConfig != null && decorator != null) {
- if (decorator.isInstance(spConfig))
- return (T)spConfig;
- else
- log.error("SPConfig: " + spConfig.getClass().getName() + " is NOT instance of: " + decorator.getName());
-
- }
-
- return null;
-
- }
-
- @Override
- public String validateIdpUrl(URL url) throws EaafException {
- log.trace("Validate requested URL: " + url);
- String urlPrefixFromConfig = getBasicConfiguration(MSeIDASNodeConstants.PROP_CONFIG_APPLICATION_PUBLIC_URL_PREFIX);
- if (StringUtils.isEmpty(urlPrefixFromConfig)) {
- log.warn("Application config containts NO URL prefix");
- throw new EaafConfigurationException("config.27",
- new Object[] {"Application config containts NO "
- + getApplicationSpecificKeyPrefix() + MSeIDASNodeConstants.PROP_CONFIG_APPLICATION_PUBLIC_URL_PREFIX });
-
- }
-
- //remove last slash
- if (urlPrefixFromConfig.endsWith("/"))
- urlPrefixFromConfig = urlPrefixFromConfig.substring(0, urlPrefixFromConfig.length()-1);
-
- if (getBasicConfigurationBoolean(
- MSeIDASNodeConstants.PROP_CONFIG_APPLICATION_PUBLIC_URL_REQUEST_VALIDATION, false)) {
- if (url != null && url.toExternalForm().startsWith(urlPrefixFromConfig))
- return urlPrefixFromConfig;
-
- log.info("URL: " + url + " does NOT match to allowed application prefix: " + urlPrefixFromConfig);
- return null;
-
- } else {
- return urlPrefixFromConfig;
-
- }
- }
-
- @Override
- public String getApplicationSpecificKeyPrefix() {
- return MSeIDASNodeConstants.PROP_CONFIG_APPLICATION_PREFIX;
-
- }
-
- @Override
- protected String getBackupConfigPath() {
- return null;
-
- }
-
+public class BasicConfigurationProvider extends AbstractConfigurationImpl {
+ private static final Logger log = LoggerFactory.getLogger(BasicConfigurationProvider.class);
+
+ private final Map<String, ISpConfiguration> spConfigCache = new HashMap<>();
+
+ public BasicConfigurationProvider(String configPath) throws EaafConfigurationException {
+ super(configPath);
+
+ }
+
+ @Override
+ public ISpConfiguration getServiceProviderConfiguration(String entityId) throws EaafConfigurationException {
+ if (!spConfigCache.containsKey(entityId)) {
+ log.debug("SP: " + entityId + " is NOT cached. Starting load operation ... ");
+ final Map<String, String> allSPs = getBasicConfigurationWithPrefix(
+ MsEidasNodeConstants.PROP_CONFIG_SP_LIST_PREFIX);
+ for (Entry<String, String> entry : allSPs.entrySet()) {
+ if (entry.getKey().endsWith(MsEidasNodeConstants.PROP_CONFIG_SP_UNIQUEIDENTIFIER)
+ && entry.getValue().equals(entityId)) {
+ final String listId = KeyValueUtils.getParentKey(entry.getKey());
+ log.trace("Find SP configuration with list-Id: " + listId
+ + ". Extracting configuration elements ... ");
+ final Map<String, String> spConfig = KeyValueUtils.getSubSetWithPrefix(allSPs, listId
+ + KeyValueUtils.KEY_DELIMITER);
+ spConfigCache.put(entityId,
+ new ServiceProviderConfiguration(spConfig, this));
+ break;
+ }
+ }
+
+ if (spConfigCache.containsKey(entityId)) {
+ log.info("SP: " + entityId + " is loaded. Continuing auth. process ... ");
+ } else {
+ log.warn("SP: " + entityId + " is NOT found in configuration. Stopping auth. process ... ");
+ return null;
+
+ }
+
+ } else {
+ log.trace("SP: " + entityId + " is already cached. Use configuration from there ... ");
+ }
+
+ return spConfigCache.get(entityId);
+ }
+
+ @Override
+ public <T> T getServiceProviderConfiguration(String entityId, Class<T> decorator)
+ throws EaafConfigurationException {
+ final ISpConfiguration spConfig = getServiceProviderConfiguration(entityId);
+ if (spConfig != null && decorator != null) {
+ if (decorator.isInstance(spConfig)) {
+ return (T) spConfig;
+ } else {
+ log.error("SPConfig: " + spConfig.getClass().getName() + " is NOT instance of: " + decorator
+ .getName());
+ }
+
+ }
+
+ return null;
+
+ }
+
+ @Override
+ public String validateIdpUrl(URL url) throws EaafException {
+ log.trace("Validate requested URL: " + url);
+ String urlPrefixFromConfig = getBasicConfiguration(
+ MsEidasNodeConstants.PROP_CONFIG_APPLICATION_PUBLIC_URL_PREFIX);
+ if (StringUtils.isEmpty(urlPrefixFromConfig)) {
+ log.warn("Application config containts NO URL prefix");
+ throw new EaafConfigurationException("config.27",
+ new Object[] { "Application config containts NO "
+ + getApplicationSpecificKeyPrefix()
+ + MsEidasNodeConstants.PROP_CONFIG_APPLICATION_PUBLIC_URL_PREFIX });
+
+ }
+
+ // remove last slash
+ if (urlPrefixFromConfig.endsWith("/")) {
+ urlPrefixFromConfig = urlPrefixFromConfig.substring(0, urlPrefixFromConfig.length() - 1);
+ }
+
+ if (getBasicConfigurationBoolean(
+ MsEidasNodeConstants.PROP_CONFIG_APPLICATION_PUBLIC_URL_REQUEST_VALIDATION, false)) {
+ if (url != null && url.toExternalForm().startsWith(urlPrefixFromConfig)) {
+ return urlPrefixFromConfig;
+ }
+
+ log.info("URL: " + url + " does NOT match to allowed application prefix: " + urlPrefixFromConfig);
+ return null;
+
+ } else {
+ return urlPrefixFromConfig;
+
+ }
+ }
+
+ @Override
+ public String getApplicationSpecificKeyPrefix() {
+ return MsEidasNodeConstants.PROP_CONFIG_APPLICATION_PREFIX;
+
+ }
+
+ @Override
+ protected String getBackupConfigPath() {
+ return null;
+
+ }
}
diff --git a/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/config/ServiceProviderConfiguration.java b/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/config/ServiceProviderConfiguration.java
index f5b52fa4..6f7eace3 100644
--- a/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/config/ServiceProviderConfiguration.java
+++ b/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/config/ServiceProviderConfiguration.java
@@ -1,6 +1,6 @@
-/*******************************************************************************
+/*
* Copyright 2018 A-SIT Plus GmbH
- * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
* A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
*
* Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
@@ -19,9 +19,8 @@
* file for details on the various modules and licenses.
* The "NOTICE" text file is part of the distribution. Any derivative works
* that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
+*/
+
package at.asitplus.eidas.specific.connector.config;
import java.util.Arrays;
@@ -33,130 +32,127 @@ import java.util.regex.Pattern;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
-import at.asitplus.eidas.specific.connector.MSeIDASNodeConstants;
+import at.asitplus.eidas.specific.connector.MsEidasNodeConstants;
import at.gv.egiz.eaaf.core.api.data.EaafConstants;
import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
import at.gv.egiz.eaaf.core.exceptions.EaafException;
import at.gv.egiz.eaaf.core.impl.idp.conf.SpConfigurationImpl;
-public class ServiceProviderConfiguration extends SpConfigurationImpl {
- private static final long serialVersionUID = 1L;
- private static final Logger log = LoggerFactory.getLogger(ServiceProviderConfiguration.class);
-
- private List<String> minimumLoA = Arrays.asList(EaafConstants.EIDAS_LOA_HIGH);
- private String bPKTargetIdentifier;
- private String loaMachtingMode = EaafConstants.EIDAS_LOA_MATCHING_MINIMUM;
-
- public ServiceProviderConfiguration(Map<String, String> spConfig, IConfiguration authConfig) {
- super(spConfig, authConfig);
-
- }
-
- @Override
- public boolean hasBaseIdInternalProcessingRestriction() {
- return false;
-
- }
-
- @Override
- public boolean hasBaseIdTransferRestriction() {
- Boolean spConfigPolicy = isConfigurationValue(MSeIDASNodeConstants.PROP_CONFIG_SP_POLICY_BASEIDTRANSFER_RESTRICTION);
- if (spConfigPolicy != null)
- return spConfigPolicy;
-
- else {
- log.trace("SP configuration defines no baseID transfer restriction. Enforce default policy ...");
- for (String el : getTargetsWithNoBaseIdTransferRestriction()) {
- if (this.bPKTargetIdentifier != null && this.bPKTargetIdentifier.startsWith(el)) {
- log.debug("SP-Target: " + this.bPKTargetIdentifier + " has NO baseID transfer restriction in default policy");
- return false;
-
- }
- }
- }
-
- log.debug("Default-policy defines baseID transfer restriction for SP-Target: " + this.bPKTargetIdentifier);
- return true;
- }
-
- @Override
- public List<String> getRequiredLoA() {
- return minimumLoA;
-
- }
-
- public String getLoAMatchingMode() {
- return loaMachtingMode;
-
- }
-
-
- @Override
- public String getAreaSpecificTargetIdentifier() {
- return bPKTargetIdentifier;
- }
-
-
- @Override
- public String getFriendlyName() {
- return getConfigurationValue(
- MSeIDASNodeConstants.PROP_CONFIG_SP_FRIENDLYNAME,
- "NO FRIENDLYNAME SET");
-
- }
-
- /**
- * Set the minimum level of eIDAS authentication for this SP
- * <br>
- * <b>Default:</b> http://eidas.europa.eu/LoA/high
- * <br>
- * <b>Info:</b> In case of MINIMUM matching-mode, only one entry is allowed
- *
- * @param minimumLoA eIDAS LoA URIs
- */
-
- public void setRequiredLoA(List<String> minimumLoA) {
- this.minimumLoA = minimumLoA;
- }
-
- /**
- * Set the mode of operation for LoA matching for this SP
- * <b>
- * <b>Default: minimum</b>
- * <br>
- * <b>Info:</b> Currently only 'minimum' and 'exact' are supported
- *
- * @param mode LoA matching mode according to SAML2 core specification
- */
- public void setLoAMachtingMode(String mode) {
- this.loaMachtingMode = mode;
- }
-
-
- /**
- * Set the bPK Target for this service provider
- *
- * @param bPKTargetIdentifier
- * @throws EAAFException If the bPKTargetIdentifier is NOT ALLOWED for this service provider
- */
- public void setbPKTargetIdentifier(String bPKTargetIdentifier) throws EaafException {
- String allowedTargetIdentifierRegExPattern = getConfigurationValue(
- MSeIDASNodeConstants.PROP_CONFIG_SP_POLICY_ALLOWED_TARGETS,
- MSeIDASNodeConstants.POLICY_DEFAULT_ALLOWED_TARGETS);
- log.trace("Use bPK-target regex pattern: " + allowedTargetIdentifierRegExPattern);
-
- Pattern p = Pattern.compile(allowedTargetIdentifierRegExPattern);
- Matcher m = p.matcher(bPKTargetIdentifier);
- if (m.matches()) {
- log.debug("Requested bPK-target: " + bPKTargetIdentifier + " matches regex pattern");
- this.bPKTargetIdentifier = bPKTargetIdentifier;
-
- } else {
- log.warn("Requested bPK-target: " + bPKTargetIdentifier + " does NOT match regex pattern.");
- throw new EaafException("auth.37", new Object[] {bPKTargetIdentifier, getUniqueIdentifier()});
-
- }
-
- }
-
+public class ServiceProviderConfiguration extends SpConfigurationImpl {
+ private static final long serialVersionUID = 1L;
+ private static final Logger log = LoggerFactory.getLogger(ServiceProviderConfiguration.class);
+
+ private List<String> minimumLoA = Arrays.asList(EaafConstants.EIDAS_LOA_HIGH);
+ private String bpkTargetIdentifier;
+ private String loaMachtingMode = EaafConstants.EIDAS_LOA_MATCHING_MINIMUM;
+
+ public ServiceProviderConfiguration(Map<String, String> spConfig, IConfiguration authConfig) {
+ super(spConfig, authConfig);
+
+ }
+
+ @Override
+ public boolean hasBaseIdInternalProcessingRestriction() {
+ return false;
+
+ }
+
+ @Override
+ public boolean hasBaseIdTransferRestriction() {
+ final Boolean spConfigPolicy = isConfigurationValue(
+ MsEidasNodeConstants.PROP_CONFIG_SP_POLICY_BASEIDTRANSFER_RESTRICTION);
+ if (spConfigPolicy != null) {
+ return spConfigPolicy;
+ } else {
+ log.trace("SP configuration defines no baseID transfer restriction. Enforce default policy ...");
+ for (final String el : getTargetsWithNoBaseIdTransferRestriction()) {
+ if (this.bpkTargetIdentifier != null && this.bpkTargetIdentifier.startsWith(el)) {
+ log.debug("SP-Target: " + this.bpkTargetIdentifier
+ + " has NO baseID transfer restriction in default policy");
+ return false;
+
+ }
+ }
+ }
+
+ log.debug("Default-policy defines baseID transfer restriction for SP-Target: "
+ + this.bpkTargetIdentifier);
+ return true;
+ }
+
+ @Override
+ public List<String> getRequiredLoA() {
+ return minimumLoA;
+
+ }
+
+ @Override
+ public String getLoAMatchingMode() {
+ return loaMachtingMode;
+
+ }
+
+ @Override
+ public String getAreaSpecificTargetIdentifier() {
+ return bpkTargetIdentifier;
+ }
+
+ @Override
+ public String getFriendlyName() {
+ return getConfigurationValue(
+ MsEidasNodeConstants.PROP_CONFIG_SP_FRIENDLYNAME,
+ "NO FRIENDLYNAME SET");
+
+ }
+
+ /**
+ * Set the minimum level of eIDAS authentication for this SP <br>
+ * <b>Default:</b> http://eidas.europa.eu/LoA/high <br>
+ * <b>Info:</b> In case of MINIMUM matching-mode, only one entry is allowed
+ *
+ * @param minimumLoA eIDAS LoA URIs
+ */
+
+ public void setRequiredLoA(List<String> minimumLoA) {
+ this.minimumLoA = minimumLoA;
+ }
+
+ /**
+ * Set the mode of operation for LoA matching for this SP. <b>Default:
+ * minimum</b> <br>
+ * <b>Info:</b> Currently only 'minimum' and 'exact' are supported
+ *
+ * @param mode LoA matching mode according to SAML2 core specification
+ */
+ public void setLoAMachtingMode(String mode) {
+ this.loaMachtingMode = mode;
+ }
+
+ /**
+ * Set the bPK Target for this service provider.
+ *
+ * @param bpkTargetIdentifier Set the bPK sector
+ * @throws EAAFException If the bPKTargetIdentifier is NOT ALLOWED for this
+ * service provider
+ */
+ public void setBpkTargetIdentifier(String bpkTargetIdentifier) throws EaafException {
+ final String allowedTargetIdentifierRegExPattern = getConfigurationValue(
+ MsEidasNodeConstants.PROP_CONFIG_SP_POLICY_ALLOWED_TARGETS,
+ MsEidasNodeConstants.POLICY_DEFAULT_ALLOWED_TARGETS);
+ log.trace("Use bPK-target regex pattern: " + allowedTargetIdentifierRegExPattern);
+
+ final Pattern p = Pattern.compile(allowedTargetIdentifierRegExPattern);
+ final Matcher m = p.matcher(bpkTargetIdentifier);
+ if (m.matches()) {
+ log.debug("Requested bPK-target: " + bpkTargetIdentifier + " matches regex pattern");
+ this.bpkTargetIdentifier = bpkTargetIdentifier;
+
+ } else {
+ log.warn("Requested bPK-target: " + bpkTargetIdentifier + " does NOT match regex pattern.");
+ throw new EaafException("auth.37", new Object[] { bpkTargetIdentifier, getUniqueIdentifier() });
+
+ }
+
+ }
+
}
diff --git a/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/gui/DefaultVelocityGUIBuilderImpl.java b/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/gui/DefaultVelocityGuiBuilderImpl.java
index 802a22ff..7abc6fcb 100644
--- a/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/gui/DefaultVelocityGUIBuilderImpl.java
+++ b/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/gui/DefaultVelocityGuiBuilderImpl.java
@@ -1,6 +1,6 @@
-/*******************************************************************************
+/*
* Copyright 2018 A-SIT Plus GmbH
- * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
* A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
*
* Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
@@ -19,7 +19,8 @@
* file for details on the various modules and licenses.
* The "NOTICE" text file is part of the distribution. Any derivative works
* that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
+*/
+
package at.asitplus.eidas.specific.connector.gui;
import java.io.InputStream;
@@ -33,31 +34,33 @@ import at.gv.egiz.eaaf.core.exceptions.GuiBuildException;
import at.gv.egiz.eaaf.core.impl.gui.AbstractVelocityGuiFormBuilderImpl;
@Service("DefaultVelocityGUIBuilderImpl")
-public class DefaultVelocityGUIBuilderImpl extends AbstractVelocityGuiFormBuilderImpl {
- private static final Logger log = LoggerFactory.getLogger(DefaultVelocityGUIBuilderImpl.class);
-
- private static final String CLASSPATH_HTMLTEMPLATES_DIR = "templates/";
-
- public DefaultVelocityGUIBuilderImpl() throws GuiBuildException {
- super();
-
- }
-
- @Override
- protected InputStream getInternalTemplate(IVelocityGuiBuilderConfiguration config) throws GuiBuildException {
- String viewName = config.getViewName();
- log.debug("GUI template:" + viewName + " is not found in configuration directory. "
- + " Load template from project library ... ");
- String pathLocation = getInternalClasspathTemplateDir(config, CLASSPATH_HTMLTEMPLATES_DIR) + viewName;
- try {
- InputStream is = Thread.currentThread().getContextClassLoader().getResourceAsStream(pathLocation);
- return is;
-
- } catch (Exception e1) {
- log.error("GUI template:" + pathLocation + " is NOT loadable from classpath!", e1);
- throw new GuiBuildException("GUI template:" + pathLocation + " is NOT loadable from classpath!", e1);
-
- }
- }
+public class DefaultVelocityGuiBuilderImpl extends AbstractVelocityGuiFormBuilderImpl {
+ private static final Logger log = LoggerFactory.getLogger(DefaultVelocityGuiBuilderImpl.class);
+
+ private static final String CLASSPATH_HTMLTEMPLATES_DIR = "templates/";
+
+ public DefaultVelocityGuiBuilderImpl() throws GuiBuildException {
+ super();
+
+ }
+
+ @Override
+ protected InputStream getInternalTemplate(IVelocityGuiBuilderConfiguration config)
+ throws GuiBuildException {
+ final String viewName = config.getViewName();
+ log.debug("GUI template:" + viewName + " is not found in configuration directory. "
+ + " Load template from project library ... ");
+ final String pathLocation = getInternalClasspathTemplateDir(config, CLASSPATH_HTMLTEMPLATES_DIR)
+ + viewName;
+ try {
+ final InputStream is = Thread.currentThread().getContextClassLoader().getResourceAsStream(pathLocation);
+ return is;
+
+ } catch (final Exception e1) {
+ log.error("GUI template:" + pathLocation + " is NOT loadable from classpath!", e1);
+ throw new GuiBuildException("GUI template:" + pathLocation + " is NOT loadable from classpath!", e1);
+
+ }
+ }
}
diff --git a/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/gui/GuiBuilderConfigurationFactory.java b/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/gui/GuiBuilderConfigurationFactory.java
index 14198892..9cef3db3 100644
--- a/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/gui/GuiBuilderConfigurationFactory.java
+++ b/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/gui/GuiBuilderConfigurationFactory.java
@@ -1,6 +1,6 @@
-/*******************************************************************************
+/*
* Copyright 2018 A-SIT Plus GmbH
- * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
* A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
*
* Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
@@ -19,18 +19,18 @@
* file for details on the various modules and licenses.
* The "NOTICE" text file is part of the distribution. Any derivative works
* that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
+*/
+
package at.asitplus.eidas.specific.connector.gui;
import java.net.MalformedURLException;
import java.net.URI;
import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.core.io.ResourceLoader;
import org.springframework.stereotype.Service;
-import at.asitplus.eidas.specific.connector.MSeIDASNodeConstants;
+import at.asitplus.eidas.specific.connector.MsEidasNodeConstants;
import at.gv.egiz.eaaf.core.api.IRequest;
import at.gv.egiz.eaaf.core.api.gui.IGuiBuilderConfiguration;
import at.gv.egiz.eaaf.core.api.gui.IGuiBuilderConfigurationFactory;
@@ -39,17 +39,21 @@ import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
@Service("GUIBuilderConfigurationFactory")
public class GuiBuilderConfigurationFactory implements IGuiBuilderConfigurationFactory {
- @Autowired(required=true) private IConfiguration basicConfig;
-
- @Override
- public IGuiBuilderConfiguration getDefaultErrorGui(String authURL) {
- return new StaticGuiBuilderConfiguration(basicConfig, authURL, MSeIDASNodeConstants.TEMPLATE_HTML_ERROR, null);
- }
-
- @Override
- public IVelocityGuiBuilderConfiguration getSpSpecificSaml2PostConfiguration(IRequest pendingReq, String viewName, URI configRootContextDir)
- throws MalformedURLException {
- return new StaticGuiBuilderConfiguration(basicConfig, pendingReq,MSeIDASNodeConstants.TEMPLATE_HTML_PVP_POSTBINDING , null);
- }
+ @Autowired(required = true) private IConfiguration basicConfig;
+ @Autowired(required = true) private ResourceLoader resourceLoader;
+
+ @Override
+ public IGuiBuilderConfiguration getDefaultErrorGui(String authUrl) {
+ return new StaticGuiBuilderConfiguration(basicConfig, authUrl, MsEidasNodeConstants.TEMPLATE_HTML_ERROR,
+ null, resourceLoader);
+ }
+
+ @Override
+ public IVelocityGuiBuilderConfiguration getSpSpecificSaml2PostConfiguration(IRequest pendingReq,
+ String viewName, URI configRootContextDir)
+ throws MalformedURLException {
+ return new StaticGuiBuilderConfiguration(basicConfig, pendingReq,
+ MsEidasNodeConstants.TEMPLATE_HTML_PVP_POSTBINDING, null, resourceLoader);
+ }
}
diff --git a/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/gui/SpringMvcGuiFormBuilderImpl.java b/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/gui/SpringMvcGuiFormBuilderImpl.java
index 63028db2..70ab73ad 100644
--- a/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/gui/SpringMvcGuiFormBuilderImpl.java
+++ b/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/gui/SpringMvcGuiFormBuilderImpl.java
@@ -11,6 +11,7 @@ import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.HttpStatus;
import org.springframework.web.servlet.LocaleResolver;
import org.springframework.web.servlet.ModelAndView;
import org.springframework.web.servlet.View;
@@ -21,90 +22,102 @@ import at.gv.egiz.eaaf.core.api.gui.ISpringMvcGuiFormBuilder;
import at.gv.egiz.eaaf.core.exceptions.GuiBuildException;
public class SpringMvcGuiFormBuilderImpl implements ISpringMvcGuiFormBuilder {
- private static final Logger log = LoggerFactory.getLogger(SpringMvcGuiFormBuilderImpl.class);
-
- private @Autowired(required=false) ViewResolver[] viewResolvers;
- private @Autowired(required=false) LocaleResolver localeResolver;
-
- @Override
- public void build(HttpServletRequest httpReq, HttpServletResponse httpResp, IGuiBuilderConfiguration config,
- String loggerName) throws GuiBuildException {
- build(httpReq, httpResp, config, null, loggerName);
-
- }
-
- @Override
- public void build(HttpServletRequest httpReq, HttpServletResponse httpResp, IGuiBuilderConfiguration config,
- String contentType, String loggerName) throws GuiBuildException {
- try {
- final ModelAndView mav = new ModelAndView(config.getViewName());
- if (config.getViewParameters() != null)
- mav.addAllObjects(config.getViewParameters());
-
- render(mav, httpReq, httpResp);
-
- } catch (final Exception e) {
- log.info("Can NOT generate GUI for illustration", e);
- throw new GuiBuildException(e.getMessage(), e);
-
- }
-
- }
-
- protected void render(ModelAndView mv, HttpServletRequest request, HttpServletResponse response) throws Exception {
- // Determine locale for request and apply it to the response.
- final Locale locale =
- (this.localeResolver != null ? this.localeResolver.resolveLocale(request) : request.getLocale());
- response.setLocale(locale);
-
- View view;
- final String viewName = mv.getViewName();
- if (viewName != null) {
- // We need to resolve the view name.
- view = resolveViewName(viewName, mv.getModelMap(), locale, request);
- if (view == null)
- throw new ServletException("Could not resolve view with name '" + mv.getViewName() + "' ");
-
- } else {
- // No need to lookup: the ModelAndView object contains the actual View object.
- view = mv.getView();
- if (view == null)
- throw new ServletException("ModelAndView [" + mv + "] neither contains a view name nor a " + "View object ");
-
- }
-
- // Delegate to the View object for rendering.
- if (log.isTraceEnabled())
- log.trace("Rendering view [" + view + "] ");
-
- try {
- if (mv.getStatus() != null)
- response.setStatus(mv.getStatus().value());
-
- view.render(mv.getModelMap(), request, response);
-
- } catch (final Exception ex) {
- if (log.isDebugEnabled())
- log.debug("Error rendering view [" + view + "]", ex);
-
- throw ex;
-
- }
-
- }
-
- protected View resolveViewName(String viewName, @Nullable Map<String, Object> model,
- Locale locale, HttpServletRequest request) throws Exception {
- if (viewResolvers != null) {
- for (final ViewResolver viewResolver : this.viewResolvers) {
- final View view = viewResolver.resolveViewName(viewName, locale);
- if (view != null)
- return view;
-
- }
- }
-
- return null;
- }
+ private static final Logger log = LoggerFactory.getLogger(SpringMvcGuiFormBuilderImpl.class);
+
+ private @Autowired(required = false) ViewResolver[] viewResolvers;
+ private @Autowired(required = false) LocaleResolver localeResolver;
+
+ @Override
+ public void build(HttpServletRequest httpReq, HttpServletResponse httpResp, IGuiBuilderConfiguration config,
+ String loggerName) throws GuiBuildException {
+ build(httpReq, httpResp, config, null, loggerName);
+
+ }
+
+ @Override
+ public void build(HttpServletRequest httpReq, HttpServletResponse httpResp, IGuiBuilderConfiguration config,
+ String contentType, String loggerName) throws GuiBuildException {
+ try {
+ final ModelAndView mav = new ModelAndView(config.getViewName());
+ if (config.getViewParameters() != null) {
+ mav.addAllObjects(config.getViewParameters());
+ }
+
+ render(mav, httpReq, httpResp);
+
+ } catch (final Exception e) {
+ log.info("Can NOT generate GUI for illustration", e);
+ throw new GuiBuildException(e.getMessage(), e);
+
+ }
+
+ }
+
+ protected void render(ModelAndView mv, HttpServletRequest request, HttpServletResponse response)
+ throws Exception {
+ // Determine locale for request and apply it to the response.
+ final Locale locale =
+ this.localeResolver != null ? this.localeResolver.resolveLocale(request) : request.getLocale();
+ response.setLocale(locale);
+
+ View view;
+ final String viewName = mv.getViewName();
+ if (viewName != null) {
+ // We need to resolve the view name.
+ view = resolveViewName(viewName, mv.getModelMap(), locale, request);
+ if (view == null) {
+ throw new ServletException("Could not resolve view with name '" + mv.getViewName() + "' ");
+ }
+
+ } else {
+ // No need to lookup: the ModelAndView object contains the actual View object.
+ view = mv.getView();
+ if (view == null) {
+ throw new ServletException("ModelAndView [" + mv + "] neither contains a view name nor a "
+ + "View object ");
+ }
+
+ }
+
+ // Delegate to the View object for rendering.
+ if (log.isTraceEnabled()) {
+ log.trace("Rendering view [{}] ", view);
+
+ }
+
+ try {
+ HttpStatus status = mv.getStatus();
+ if (status != null) {
+ response.setStatus(status.value());
+
+ }
+
+ view.render(mv.getModelMap(), request, response);
+
+ } catch (final Exception ex) {
+ if (log.isDebugEnabled()) {
+ log.debug("Error rendering view [" + view + "]", ex);
+ }
+
+ throw ex;
+
+ }
+
+ }
+
+ protected View resolveViewName(String viewName, @Nullable Map<String, Object> model,
+ Locale locale, HttpServletRequest request) throws Exception {
+ if (viewResolvers != null) {
+ for (final ViewResolver viewResolver : this.viewResolvers) {
+ final View view = viewResolver.resolveViewName(viewName, locale);
+ if (view != null) {
+ return view;
+ }
+
+ }
+ }
+
+ return null;
+ }
}
diff --git a/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/gui/StaticGuiBuilderConfiguration.java b/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/gui/StaticGuiBuilderConfiguration.java
index db35c6e6..65000ffa 100644
--- a/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/gui/StaticGuiBuilderConfiguration.java
+++ b/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/gui/StaticGuiBuilderConfiguration.java
@@ -1,6 +1,6 @@
-/*******************************************************************************
+/*
* Copyright 2018 A-SIT Plus GmbH
- * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
* A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
*
* Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
@@ -19,25 +19,20 @@
* file for details on the various modules and licenses.
* The "NOTICE" text file is part of the distribution. Any derivative works
* that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
+*/
+
package at.asitplus.eidas.specific.connector.gui;
-import java.io.File;
-import java.io.FileInputStream;
-import java.io.FileNotFoundException;
+import java.io.IOException;
import java.io.InputStream;
-import java.net.MalformedURLException;
-import java.net.URI;
-import java.net.URISyntaxException;
-import java.net.URL;
import org.apache.commons.lang.StringEscapeUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
+import org.springframework.core.io.Resource;
+import org.springframework.core.io.ResourceLoader;
-import at.asitplus.eidas.specific.connector.MSeIDASNodeConstants;
+import at.asitplus.eidas.specific.connector.MsEidasNodeConstants;
import at.gv.egiz.eaaf.core.api.IRequest;
import at.gv.egiz.eaaf.core.api.gui.GroupDefinition;
import at.gv.egiz.eaaf.core.api.gui.IVelocityGuiBuilderConfiguration;
@@ -46,87 +41,108 @@ import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
import at.gv.egiz.eaaf.core.impl.gui.AbstractGuiFormBuilderConfiguration;
import at.gv.egiz.eaaf.core.impl.utils.FileUtils;
-public class StaticGuiBuilderConfiguration extends AbstractGuiFormBuilderConfiguration implements IVelocityGuiBuilderConfiguration, ModifyableGuiBuilderConfiguration {
- private static final Logger log = LoggerFactory.getLogger(StaticGuiBuilderConfiguration.class);
-
- private IRequest pendingReq = null;
- private IConfiguration basicConfig = null;
-
- public StaticGuiBuilderConfiguration(IConfiguration basicConfig, String authURL, String viewName, String formSubmitEndpoint) {
- super(authURL, viewName, formSubmitEndpoint);
- this.basicConfig = basicConfig;
- }
-
- public StaticGuiBuilderConfiguration(IConfiguration basicConfig, IRequest pendingReq, String viewName, String formSubmitEndpoint) {
- super(pendingReq.getAuthUrl(), viewName, formSubmitEndpoint);
- this.pendingReq = pendingReq;
- this.basicConfig = basicConfig;
-
- }
-
- @Override
- public String getClasspathTemplateDir() {
- return MSeIDASNodeConstants.CLASSPATH_TEMPLATE_DIR;
-
- }
-
- @Override
- public String getDefaultContentType() {
- return null;
-
- }
-
- @Override
- public InputStream getTemplate(String viewName) {
- String templateURL = MSeIDASNodeConstants.FILESYSTEM_TEMPLATE_DIR + viewName;
- try {
- String absURL = FileUtils.makeAbsoluteUrl(templateURL, this.basicConfig.getConfigurationRootDirectory());
- if (!absURL.startsWith("file:")) {
- log.warn("Path to template looks like NOT absolut: " + absURL + ". Template loading FAILED");
-
- } else {
- log.debug("Load template URL for view: " + viewName + " from: " + absURL);
- URI uri = new URL(absURL).toURI();
- return new FileInputStream(new File(uri));
-
- }
-
-
- } catch (MalformedURLException | URISyntaxException | FileNotFoundException e) {
- log.info("Can can build filesytem path to template: " + templateURL
- + " Reason: " + e.getMessage());
-
- }
-
- return null;
- }
-
- @Override
- public void putCustomParameterWithOutEscaption(GroupDefinition group, String key, Object value) {
- log.info("Add GUI-Template parameters WITHOUT escaption ARE NOT supported!!!!!");
-
- }
-
- @Override
- public void putCustomParameter(GroupDefinition group, String key, String value) {
- setViewParameter(getFromGroup(), key, StringEscapeUtils.escapeHtml(value));
-
- }
-
- @Override
- protected void putSpecificViewParameters() {
- if (pendingReq != null) {
- setViewParameter(getFromGroup(), PARAM_PENDINGREQUESTID, StringEscapeUtils.escapeHtml(pendingReq.getPendingRequestId()));
- setViewParameter(getFromGroup(), PARAM_PENDINGREQUESTID_DEPRECATED, StringEscapeUtils.escapeHtml(pendingReq.getPendingRequestId()));
-
- }
-
- }
-
- @Override
- protected GroupDefinition getFromGroup() {
- return null;
-
- }
+public class StaticGuiBuilderConfiguration extends AbstractGuiFormBuilderConfiguration implements
+ IVelocityGuiBuilderConfiguration, ModifyableGuiBuilderConfiguration {
+ private static final Logger log = LoggerFactory.getLogger(StaticGuiBuilderConfiguration.class);
+
+ private IRequest pendingReq = null;
+ private IConfiguration basicConfig = null;
+ private ResourceLoader resourceLoader;
+
+ /**
+ * Static resource configuration for GUI Builder implementations.
+ *
+ * @param basicConfig basicConfig
+ * @param authUrl Public URL of the application
+ * @param viewName Name of the template
+ * @param formSubmitEndpoint Form Submit end-point, if template contains a form.
+ * @param resourceLoader Spring ResourceLoader implementation
+ */
+ public StaticGuiBuilderConfiguration(IConfiguration basicConfig, String authUrl, String viewName,
+ String formSubmitEndpoint, ResourceLoader resourceLoader) {
+ super(authUrl, viewName, formSubmitEndpoint);
+ this.basicConfig = basicConfig;
+ this.resourceLoader = resourceLoader;
+
+ }
+
+ /**
+ * Static resource configuration for GUI Builder implementations.
+ *
+ * @param basicConfig Application configuration
+ * @param pendingReq Current pending request
+ * @param viewName Name of the template
+ * @param formSubmitEndpoint Form Submit end-point, if template contains a form.
+ * @param resourceLoader Spring ResourceLoader implementation
+ */
+ public StaticGuiBuilderConfiguration(IConfiguration basicConfig, IRequest pendingReq, String viewName,
+ String formSubmitEndpoint, ResourceLoader resourceLoader) {
+ super(pendingReq.getAuthUrl(), viewName, formSubmitEndpoint);
+ this.pendingReq = pendingReq;
+ this.basicConfig = basicConfig;
+ this.resourceLoader = resourceLoader;
+
+ }
+
+ @Override
+ public String getClasspathTemplateDir() {
+ return MsEidasNodeConstants.CLASSPATH_TEMPLATE_DIR;
+
+ }
+
+ @Override
+ public String getDefaultContentType() {
+ return null;
+
+ }
+
+ @Override
+ public InputStream getTemplate(String viewName) {
+ final String templateUrl = MsEidasNodeConstants.FILESYSTEM_TEMPLATE_DIR + viewName;
+ try {
+ final String absUrl = FileUtils.makeAbsoluteUrl(templateUrl, this.basicConfig
+ .getConfigurationRootDirectory());
+ log.debug("Load template URL for view: " + viewName + " from: " + absUrl);
+ Resource resource = resourceLoader.getResource(absUrl);
+ return resource.getInputStream();
+
+ } catch (IOException e) {
+ log.info("Can can build filesytem path to template: " + templateUrl
+ + " Reason: " + e.getMessage());
+
+ }
+
+ return null;
+ }
+
+ @Override
+ public void putCustomParameterWithOutEscaption(GroupDefinition group, String key, Object value) {
+ log.info("Add GUI-Template parameters WITHOUT escaption ARE NOT supported!!!!!");
+
+ }
+
+ @Override
+ public void putCustomParameter(GroupDefinition group, String key, String value) {
+ setViewParameter(getFromGroup(), key, StringEscapeUtils.escapeHtml(value));
+
+ }
+
+ @Override
+ protected void putSpecificViewParameters() {
+ if (pendingReq != null) {
+ setViewParameter(getFromGroup(), PARAM_PENDINGREQUESTID, StringEscapeUtils.escapeHtml(pendingReq
+ .getPendingRequestId()));
+ setViewParameter(getFromGroup(), PARAM_PENDINGREQUESTID_DEPRECATED, StringEscapeUtils.escapeHtml(
+ pendingReq.getPendingRequestId()));
+
+ }
+
+ }
+
+ @Override
+ protected GroupDefinition getFromGroup() {
+ return null;
+
+ }
}
diff --git a/eidas_modules/authmodule-eIDAS-v2/pom.xml b/eidas_modules/authmodule-eIDAS-v2/pom.xml
index 069684e3..3e37d2fb 100644
--- a/eidas_modules/authmodule-eIDAS-v2/pom.xml
+++ b/eidas_modules/authmodule-eIDAS-v2/pom.xml
@@ -1,238 +1,261 @@
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
- <modelVersion>4.0.0</modelVersion>
- <parent>
- <groupId>at.asitplus.eidas.ms_specific</groupId>
- <artifactId>modules</artifactId>
- <version>1.0.3-snapshot</version>
- </parent>
- <groupId>at.asitplus.eidas.ms_specific.modules</groupId>
- <artifactId>authmodule-eIDAS-v2</artifactId>
- <name>eIDAS v2 authentication module</name>
- <description>eIDAS module based on eIDAS node reference implementation v2.x</description>
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+ <parent>
+ <groupId>at.asitplus.eidas.ms_specific</groupId>
+ <artifactId>modules</artifactId>
+ <version>1.0.3-snapshot</version>
+ </parent>
+ <groupId>at.asitplus.eidas.ms_specific.modules</groupId>
+ <artifactId>authmodule-eIDAS-v2</artifactId>
+ <name>eIDAS v2 authentication module</name>
+ <description>eIDAS module based on eIDAS node reference implementation v2.x</description>
- <properties>
- <eidas-commons.version>2.3.0</eidas-commons.version>
- <eidas-light-commons.version>2.3.0</eidas-light-commons.version>
- <eidas-specific-communication-definition.version>2.3.0</eidas-specific-communication-definition.version>
- <eidas-jcache-ignite-specific-communication.version>2.3.0</eidas-jcache-ignite-specific-communication.version>
- <org.xerial.sqlite-jdbc.version>3.23.1</org.xerial.sqlite-jdbc.version>
- </properties>
+ <properties>
+ <eidas-commons.version>2.3.0</eidas-commons.version>
+ <eidas-light-commons.version>2.3.0</eidas-light-commons.version>
+ <eidas-specific-communication-definition.version>2.3.0</eidas-specific-communication-definition.version>
+ <eidas-jcache-ignite-specific-communication.version>2.3.0</eidas-jcache-ignite-specific-communication.version>
+ <org.xerial.sqlite-jdbc.version>3.23.1</org.xerial.sqlite-jdbc.version>
+ </properties>
- <profiles>
- <profile>
- <id>default</id>
- <activation>
- <activeByDefault>true</activeByDefault>
- </activation>
- <repositories>
- <repository>
- <id>egiz-commons</id>
- <url>https://apps.egiz.gv.at/maven/</url>
- <releases>
- <enabled>true</enabled>
- </releases>
- </repository>
- <repository>
- <id>eIDASNode-local</id>
- <name>local</name>
- <url>file:${basedir}/repository</url>
- </repository>
- </repositories>
- </profile>
- </profiles>
+ <profiles>
+ <profile>
+ <id>default</id>
+ <activation>
+ <activeByDefault>true</activeByDefault>
+ </activation>
+ <repositories>
+ <repository>
+ <id>egiz-commons</id>
+ <url>https://apps.egiz.gv.at/maven/</url>
+ <releases>
+ <enabled>true</enabled>
+ </releases>
+ </repository>
+ <repository>
+ <id>eIDASNode-local</id>
+ <name>local</name>
+ <url>file:${basedir}/repository</url>
+ </repository>
+ </repositories>
+ </profile>
+ </profiles>
- <dependencies>
- <dependency>
- <groupId>at.gv.egiz.components</groupId>
- <artifactId>egiz-spring-api</artifactId>
- </dependency>
- <dependency>
- <groupId>at.asitplus.eidas.ms_specific</groupId>
- <artifactId>connector_lib</artifactId>
- </dependency>
- <dependency>
- <groupId>at.gv.egiz.eaaf</groupId>
- <artifactId>eaaf-core</artifactId>
- </dependency>
+ <dependencies>
+ <dependency>
+ <groupId>at.gv.egiz.components</groupId>
+ <artifactId>egiz-spring-api</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>at.asitplus.eidas.ms_specific</groupId>
+ <artifactId>connector_lib</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>at.gv.egiz.eaaf</groupId>
+ <artifactId>eaaf-core</artifactId>
+ </dependency>
- <!-- eIDAS reference implemenation libs -->
- <dependency>
- <groupId>eu.eidas</groupId>
- <artifactId>eidas-commons</artifactId>
- <version>${eidas-commons.version}</version>
- <!--scope>provided</scope -->
- <exclusions>
- <exclusion>
- <groupId>log4j</groupId>
- <artifactId>log4j</artifactId>
- </exclusion>
- <exclusion>
- <artifactId>log4j-over-slf4j</artifactId>
- <groupId>org.slf4j</groupId>
- </exclusion>
- </exclusions>
- </dependency>
+ <!-- eIDAS reference implemenation libs -->
+ <dependency>
+ <groupId>eu.eidas</groupId>
+ <artifactId>eidas-commons</artifactId>
+ <version>${eidas-commons.version}</version>
+ <!--scope>provided</scope -->
+ <exclusions>
+ <exclusion>
+ <groupId>log4j</groupId>
+ <artifactId>log4j</artifactId>
+ </exclusion>
+ <exclusion>
+ <artifactId>log4j-over-slf4j</artifactId>
+ <groupId>org.slf4j</groupId>
+ </exclusion>
+ </exclusions>
+ </dependency>
- <dependency>
- <groupId>eu.eidas</groupId>
- <artifactId>eidas-light-commons</artifactId>
- <version>${eidas-light-commons.version}</version>
- </dependency>
+ <dependency>
+ <groupId>eu.eidas</groupId>
+ <artifactId>eidas-light-commons</artifactId>
+ <version>${eidas-light-commons.version}</version>
+ </dependency>
- <dependency>
- <groupId>eu.eidas</groupId>
- <artifactId>eidas-specific-communication-definition</artifactId>
- <version>${eidas-specific-communication-definition.version}</version>
- </dependency>
-
- <dependency>
- <groupId>eu.eidas</groupId>
- <artifactId>eidas-jcache-ignite-specific-communication</artifactId>
- <version>${eidas-jcache-ignite-specific-communication.version}</version>
- </dependency>
-
- <!-- other third party libs -->
- <dependency>
- <groupId>org.apache.commons</groupId>
- <artifactId>commons-lang3</artifactId>
- </dependency>
- <dependency>
- <groupId>com.google.guava</groupId>
- <artifactId>guava</artifactId>
- </dependency>
- <dependency>
- <groupId>joda-time</groupId>
- <artifactId>joda-time</artifactId>
- </dependency>
- <dependency>
- <groupId>org.apache.commons</groupId>
- <artifactId>commons-text</artifactId>
- </dependency>
- <dependency>
- <groupId>org.springframework</groupId>
- <artifactId>spring-webmvc</artifactId>
- </dependency>
- <dependency>
- <groupId>org.apache.cxf</groupId>
- <artifactId>cxf-rt-frontend-jaxws</artifactId>
- </dependency>
- <dependency>
- <groupId>org.apache.cxf</groupId>
- <artifactId>cxf-rt-transports-http</artifactId>
- </dependency>
-<!-- <dependency>
- <groupId>org.xerial</groupId>
- <artifactId>sqlite-jdbc</artifactId>
- <version>${org.xerial.sqlite-jdbc.version}</version>
- </dependency> -->
-
- <dependency>
- <groupId>javax.servlet</groupId>
- <artifactId>javax.servlet-api</artifactId>
- <scope>provided</scope>
- </dependency>
-
- <!-- Testing -->
- <dependency>
- <groupId>junit</groupId>
- <artifactId>junit</artifactId>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>org.springframework</groupId>
- <artifactId>spring-test</artifactId>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>com.github.skjolber</groupId>
- <artifactId>mockito-soap-cxf</artifactId>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>at.gv.egiz.eaaf</groupId>
- <artifactId>eaaf-core</artifactId>
- <scope>test</scope>
- <type>test-jar</type>
- </dependency>
- </dependencies>
-
- <build>
- <resources>
- <resource>
- <directory>src/main/resources</directory>
- </resource>
- <resource>
- <directory>target/generated/cxf</directory>
- </resource>
- </resources>
-
- <plugins>
- <plugin>
- <groupId>org.apache.maven.plugins</groupId>
- <artifactId>maven-compiler-plugin</artifactId>
- <configuration>
- <source>1.8</source>
- <target>1.8</target>
- </configuration>
- </plugin>
- <plugin>
- <groupId>org.apache.cxf</groupId>
- <artifactId>cxf-codegen-plugin</artifactId>
- <dependencies>
- <dependency>
- <groupId>xerces</groupId>
- <artifactId>xercesImpl</artifactId>
- <version>2.8.1</version>
- </dependency>
- <dependency>
- <groupId>com.sun.xml.bind</groupId>
- <artifactId>jaxb-impl</artifactId>
- <version>2.2.5</version>
- </dependency>
- <dependency>
- <groupId>com.sun.xml.bind</groupId>
- <artifactId>jaxb-xjc</artifactId>
- <version>2.2.5</version>
- </dependency>
- </dependencies>
- <executions>
- <execution>
- <id>generate-sources</id>
- <phase>generate-sources</phase>
- <configuration>
- <sourceRoot>${project.build.directory}/generated/cxf</sourceRoot>
- <wsdlOptions>
- <wsdlOption>
- <wsdl>${basedir}/src/main/resources/szr_client/SZR-1.1.WSDL</wsdl>
- <extraargs>
- <extraarg>-verbose </extraarg>
- </extraargs>
- </wsdlOption>
- </wsdlOptions>
- </configuration>
- <goals>
- <goal>wsdl2java</goal>
- </goals>
- </execution>
- </executions>
- </plugin>
-
+ <dependency>
+ <groupId>eu.eidas</groupId>
+ <artifactId>eidas-specific-communication-definition</artifactId>
+ <version>${eidas-specific-communication-definition.version}</version>
+ </dependency>
+
+ <dependency>
+ <groupId>eu.eidas</groupId>
+ <artifactId>eidas-jcache-ignite-specific-communication</artifactId>
+ <version>${eidas-jcache-ignite-specific-communication.version}</version>
+ </dependency>
+
+ <!-- other third party libs -->
+ <dependency>
+ <groupId>org.apache.commons</groupId>
+ <artifactId>commons-lang3</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>com.google.guava</groupId>
+ <artifactId>guava</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>joda-time</groupId>
+ <artifactId>joda-time</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.commons</groupId>
+ <artifactId>commons-text</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.springframework</groupId>
+ <artifactId>spring-webmvc</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.cxf</groupId>
+ <artifactId>cxf-rt-frontend-jaxws</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.cxf</groupId>
+ <artifactId>cxf-rt-transports-http</artifactId>
+ </dependency>
+ <!-- <dependency> <groupId>org.xerial</groupId> <artifactId>sqlite-jdbc</artifactId>
+ <version>${org.xerial.sqlite-jdbc.version}</version> </dependency> -->
+
+ <dependency>
+ <groupId>javax.servlet</groupId>
+ <artifactId>javax.servlet-api</artifactId>
+ <scope>provided</scope>
+ </dependency>
+
+ <!-- Testing -->
+ <dependency>
+ <groupId>junit</groupId>
+ <artifactId>junit</artifactId>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.springframework</groupId>
+ <artifactId>spring-test</artifactId>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>com.github.skjolber</groupId>
+ <artifactId>mockito-soap-cxf</artifactId>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>at.gv.egiz.eaaf</groupId>
+ <artifactId>eaaf_core_utils</artifactId>
+ <scope>test</scope>
+ <type>test-jar</type>
+ </dependency>
+ <dependency>
+ <groupId>at.gv.egiz.eaaf</groupId>
+ <artifactId>eaaf-core</artifactId>
+ <scope>test</scope>
+ <type>test-jar</type>
+ </dependency>
+ </dependencies>
+
+ <build>
+ <resources>
+ <resource>
+ <directory>src/main/resources</directory>
+ </resource>
+ <resource>
+ <directory>target/generated/cxf</directory>
+ </resource>
+ </resources>
+
+ <plugins>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-compiler-plugin</artifactId>
+ <configuration>
+ <source>1.8</source>
+ <target>1.8</target>
+ </configuration>
+ </plugin>
+ <plugin>
+ <groupId>org.apache.cxf</groupId>
+ <artifactId>cxf-codegen-plugin</artifactId>
+ <dependencies>
+ <dependency>
+ <groupId>xerces</groupId>
+ <artifactId>xercesImpl</artifactId>
+ <version>2.8.1</version>
+ </dependency>
+ <dependency>
+ <groupId>com.sun.xml.bind</groupId>
+ <artifactId>jaxb-impl</artifactId>
+ <version>2.2.5</version>
+ </dependency>
+ <dependency>
+ <groupId>com.sun.xml.bind</groupId>
+ <artifactId>jaxb-xjc</artifactId>
+ <version>2.2.5</version>
+ </dependency>
+ </dependencies>
+ <executions>
+ <execution>
+ <id>generate-sources</id>
+ <phase>generate-sources</phase>
+ <configuration>
+ <sourceRoot>${project.build.directory}/generated/cxf</sourceRoot>
+ <wsdlOptions>
+ <wsdlOption>
+ <wsdl>${basedir}/src/main/resources/szr_client/SZR-1.1.WSDL</wsdl>
+ <extraargs>
+ <extraarg>-verbose </extraarg>
+ </extraargs>
+ </wsdlOption>
+ </wsdlOptions>
+ </configuration>
+ <goals>
+ <goal>wsdl2java</goal>
+ </goals>
+ </execution>
+ </executions>
+ </plugin>
+ <plugin>
+ <groupId>com.github.spotbugs</groupId>
+ <artifactId>spotbugs-maven-plugin</artifactId>
+ <executions>
+ <execution>
+ <id>spotbugs_validate</id>
+ <phase>test</phase>
+ <goals>
+ <goal>check</goal>
+ </goals>
+ </execution>
+ </executions>
+ <configuration>
+ <failOnError>true</failOnError>
+ <excludeFilterFile>spotbugs_exclude.xml</excludeFilterFile>
+ </configuration>
+ </plugin>
+
+
<!-- enable co-existence of testng and junit -->
- <plugin>
- <artifactId>maven-surefire-plugin</artifactId>
- <configuration>
- <threadCount>1</threadCount>
- </configuration>
- <dependencies>
- <dependency>
- <groupId>org.apache.maven.surefire</groupId>
- <artifactId>surefire-junit47</artifactId>
- <version>${surefire.version}</version>
- </dependency>
- </dependencies>
- </plugin>
- </plugins>
- </build>
+ <plugin>
+ <artifactId>maven-surefire-plugin</artifactId>
+ <configuration>
+ <threadCount>1</threadCount>
+ </configuration>
+ <dependencies>
+ <dependency>
+ <groupId>org.apache.maven.surefire</groupId>
+ <artifactId>surefire-junit47</artifactId>
+ <version>${surefire.version}</version>
+ </dependency>
+ </dependencies>
+ </plugin>
+ </plugins>
+ </build>
</project> \ No newline at end of file
diff --git a/eidas_modules/authmodule-eIDAS-v2/spotbugs_exclude.xml b/eidas_modules/authmodule-eIDAS-v2/spotbugs_exclude.xml
new file mode 100644
index 00000000..90d418ff
--- /dev/null
+++ b/eidas_modules/authmodule-eIDAS-v2/spotbugs_exclude.xml
@@ -0,0 +1,6 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<FindBugsFilter>
+ <Match>
+ <Class name="~szrservices.SZRException"/>
+ </Match>
+</FindBugsFilter> \ No newline at end of file
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java
new file mode 100644
index 00000000..b0eb8fc1
--- /dev/null
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java
@@ -0,0 +1,167 @@
+/*
+ * Copyright 2018 A-SIT Plus GmbH
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "License");
+ * You may not use this work except in compliance with the License.
+ * You may obtain a copy of the License at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.asitplus.eidas.specific.modules.auth.eidas.v2;
+
+import at.gv.egiz.eaaf.core.api.data.EaafConstants;
+
+public class Constants {
+
+ public static final String DATA_REQUESTERID = "req_requesterId";
+ public static final String DATA_PROVIDERNAME = "req_providerName";
+ public static final String DATA_REQUESTED_LOA_LIST = "req_requestedLoA";
+ public static final String DATA_REQUESTED_LOA_COMPERISON = "req_requestedLoAComperision";
+ public static final String DATA_FULL_EIDAS_RESPONSE = "resp_fulleIDASResponse";
+
+ // templates for post-binding forwarding
+ public static final String TEMPLATE_POST_FORWARD_NAME = "eidas_node_forward.html";
+ public static final String TEMPLATE_POST_FORWARD_ENDPOINT = "endPoint";
+ public static final String TEMPLATE_POST_FORWARD_TOKEN_NAME = "tokenName";
+ public static final String TEMPLATE_POST_FORWARD_TOKEN_VALUE = "tokenValue";
+
+ // configuration properties
+ public static final String CONIG_PROPS_EIDAS_PREFIX = "auth.eIDAS";
+ public static final String CONIG_PROPS_EIDAS_NODE = CONIG_PROPS_EIDAS_PREFIX + ".node_v2";
+ public static final String CONIG_PROPS_EIDAS_NODE_COUNTRYCODE = CONIG_PROPS_EIDAS_NODE + ".countrycode";
+ public static final String CONIG_PROPS_EIDAS_NODE_PUBLICSECTOR_TARGETS = CONIG_PROPS_EIDAS_NODE
+ + ".publicSectorTargets";
+ public static final String CONIG_PROPS_EIDAS_NODE_ENTITYID = CONIG_PROPS_EIDAS_NODE + ".entityId";
+ public static final String CONIG_PROPS_EIDAS_NODE_FORWARD_URL = CONIG_PROPS_EIDAS_NODE
+ + ".forward.endpoint";
+ public static final String CONIG_PROPS_EIDAS_NODE_FORWARD_METHOD = CONIG_PROPS_EIDAS_NODE
+ + ".forward.method";
+ public static final String CONIG_PROPS_EIDAS_NODE_ATTRIBUTES_REQUESTED_DEFAULT_ONLYNATURAL =
+ CONIG_PROPS_EIDAS_NODE + ".attributes.requested.onlynatural.";
+ public static final String CONIG_PROPS_EIDAS_NODE_ATTRIBUTES_REQUESTED_CC_SPECIFIC_ONLYNATURAL =
+ CONIG_PROPS_EIDAS_NODE + ".attributes.requested.{0}.onlynatural.";
+ public static final String CONIG_PROPS_EIDAS_NODE_ATTRIBUTES_REQUESTED_REPRESENTATION =
+ CONIG_PROPS_EIDAS_NODE + ".attributes.requested.representation.";
+ public static final String CONIG_PROPS_EIDAS_NODE_WORKAROUND_ADD_ALWAYS_PROVIDERNAME =
+ CONIG_PROPS_EIDAS_NODE + ".workarounds.addAlwaysProviderName";
+ public static final String CONIG_PROPS_EIDAS_NODE_WORKAROUND_USEREQUESTIDASTRANSACTIONIDENTIFIER =
+ CONIG_PROPS_EIDAS_NODE + ".workarounds.useRequestIdAsTransactionIdentifier";
+ public static final String CONIG_PROPS_EIDAS_NODE_WORKAROUND_USE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP =
+ CONIG_PROPS_EIDAS_NODE + ".workarounds.useStaticProviderNameForPublicSPs";
+ public static final String CONIG_PROPS_EIDAS_NODE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP = CONIG_PROPS_EIDAS_NODE
+ + ".staticProviderNameForPublicSPs";
+ public static final String DEFAULT_PROPS_EIDAS_NODE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP = "ERnB";
+
+ public static final String FORWARD_METHOD_POST = "POST";
+ public static final String FORWARD_METHOD_GET = "GET";
+
+ public static final String CONIG_PROPS_EIDAS_SZRCLIENT = CONIG_PROPS_EIDAS_PREFIX + ".szrclient";
+ public static final String CONIG_PROPS_EIDAS_SZRCLIENT_USETESTSERVICE = CONIG_PROPS_EIDAS_SZRCLIENT
+ + ".useTestService";
+ public static final String CONIG_PROPS_EIDAS_SZRCLIENT_DEBUG_TRACEMESSAGES = CONIG_PROPS_EIDAS_SZRCLIENT
+ + ".debug.logfullmessages";
+ public static final String CONIG_PROPS_EIDAS_SZRCLIENT_DEBUG_USEDUMMY = CONIG_PROPS_EIDAS_SZRCLIENT
+ + ".debug.useDummySolution";
+ public static final String CONIG_PROPS_EIDAS_SZRCLIENT_TIMEOUT_CONNECTION = CONIG_PROPS_EIDAS_SZRCLIENT
+ + ".timeout.connection";
+ public static final String CONIG_PROPS_EIDAS_SZRCLIENT_TIMEOUT_RESPONSE = CONIG_PROPS_EIDAS_SZRCLIENT
+ + ".timeout.response";
+ public static final String CONIG_PROPS_EIDAS_SZRCLIENT_ENDPOINT_PROD = CONIG_PROPS_EIDAS_SZRCLIENT
+ + ".endpoint.prod";
+ public static final String CONIG_PROPS_EIDAS_SZRCLIENT_ENDPOINT_TEST = CONIG_PROPS_EIDAS_SZRCLIENT
+ + ".endpoint.test";
+ public static final String CONIG_PROPS_EIDAS_SZRCLIENT_SSL_KEYSTORE_PATH = CONIG_PROPS_EIDAS_SZRCLIENT
+ + ".ssl.keyStore.path";
+ public static final String CONIG_PROPS_EIDAS_SZRCLIENT_SSL_KEYSTORE_PASSWORD = CONIG_PROPS_EIDAS_SZRCLIENT
+ + ".ssl.keyStore.password";
+ public static final String CONIG_PROPS_EIDAS_SZRCLIENT_SSL_TRUSTSTORE_PATH = CONIG_PROPS_EIDAS_SZRCLIENT
+ + ".ssl.trustStore.path";
+ public static final String CONIG_PROPS_EIDAS_SZRCLIENT_SSL_TRUSTSTORE_PASSWORD = CONIG_PROPS_EIDAS_SZRCLIENT
+ + ".ssl.trustStore.password";
+
+ public static final String CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_EDOCUMENTTYPE = CONIG_PROPS_EIDAS_SZRCLIENT
+ + ".params.documenttype";
+ public static final String CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_VKZ = CONIG_PROPS_EIDAS_SZRCLIENT
+ + ".params.vkz";
+ public static final String CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_ISSUING_DATE = CONIG_PROPS_EIDAS_SZRCLIENT
+ + ".params.issuingdate";
+ public static final String CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_ISSUING_AUTHORITY =
+ CONIG_PROPS_EIDAS_SZRCLIENT + ".params.issuingauthority";
+ public static final String CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_KEYS_USEDUMMY = CONIG_PROPS_EIDAS_SZRCLIENT
+ + ".params.usedummykeys";
+ public static final String CONIG_PROPS_EIDAS_SZRCLIENT_DEBUG_USESRZFORBPKGENERATION =
+ CONIG_PROPS_EIDAS_SZRCLIENT + ".params.useSZRForbPKCalculation";
+ public static final String CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_SETPLACEOFBIRTHIFAVAILABLE =
+ CONIG_PROPS_EIDAS_SZRCLIENT + ".params.setPlaceOfBirthIfAvailable";
+ public static final String CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_SETBIRTHNAMEIFAVAILABLE =
+ CONIG_PROPS_EIDAS_SZRCLIENT + ".params.setBirthNameIfAvailable";
+
+ public static final String CONIG_PROPS_EIDAS_SZRCLIENT_WORKAROUND_REVISIONLOGDATASTORE_ACTIVE =
+ CONIG_PROPS_EIDAS_SZRCLIENT + ".revisionlog.eidmapping.active";
+
+ @Deprecated
+ public static final String CONIG_PROPS_EIDAS_SZRCLIENT_WORKAROUND_SQLLITEDATASTORE_URL =
+ CONIG_PROPS_EIDAS_SZRCLIENT + ".workarounds.datastore.sqlite.url";
+ @Deprecated
+ public static final String CONIG_PROPS_EIDAS_SZRCLIENT_WORKAROUND_SQLLITEDATASTORE_ACTIVE =
+ CONIG_PROPS_EIDAS_SZRCLIENT + ".workarounds.datastore.sqlite.active";
+
+ // http endpoint descriptions
+ public static final String eIDAS_HTTP_ENDPOINT_SP_POST = "/eidas/light/sp/post";
+ public static final String eIDAS_HTTP_ENDPOINT_SP_REDIRECT = "/eidas/light/sp/redirect";
+ public static final String eIDAS_HTTP_ENDPOINT_IDP_COLLEAGUEREQUEST = "/eidas/light/ColleagueRequest";
+ public static final String eIDAS_HTTP_ENDPOINT_METADATA = "/eidas/light/metadata";
+
+ // eIDAS request parameters
+ public static final String eIDAS_REQ_NAMEID_FORMAT = "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent";
+
+ // eIDAS attribute names
+ public static final String eIDAS_ATTR_PERSONALIDENTIFIER = "PersonIdentifier";
+ public static final String eIDAS_ATTR_DATEOFBIRTH = "DateOfBirth";
+ public static final String eIDAS_ATTR_CURRENTGIVENNAME = "FirstName";
+ public static final String eIDAS_ATTR_CURRENTFAMILYNAME = "FamilyName";
+ public static final String eIDAS_ATTR_PLACEOFBIRTH = "PlaceOfBirth";
+ public static final String eIDAS_ATTR_BIRTHNAME = "BirthName";
+ public static final String eIDAS_ATTR_CURRENTADDRESS = "CurrentAddress";
+
+ public static final String eIDAS_ATTR_LEGALPERSONIDENTIFIER = "LegalPersonIdentifier";
+ public static final String eIDAS_ATTR_LEGALNAME = "LegalName";
+
+ public static final String POLICY_DEFAULT_ALLOWED_TARGETS =
+ EaafConstants.URN_PREFIX_CDID.replaceAll("\\.", "\\\\.").replaceAll("\\+", "\\\\+") + ".*";
+
+ // SAML2 Constants
+ public static final String SUCCESS_URI = "urn:oasis:names:tc:SAML:2.0:status:Success";
+
+ public static final String HTTP_CLIENT_DEFAULT_TIMEOUT_CONNECTION = "30"; // seconds
+ public static final String HTTP_CLIENT_DEFAULT_TIMEOUT_RESPONSE = "60"; // seconds
+
+ public static final String SZR_SCHEMA_LOCATIONS =
+ "urn:SZRServices" + " " + "/szr_client/szr.xsd";
+
+ // Default values for SZR communication
+ public static final String SZR_CONSTANTS_DEFAULT_DOCUMENT_TYPE = "ELEKTR_DOKUMENT";
+
+ // TODO remove!!!
+ public static final String SZR_CONSTANTS_DEFAULT_ISSUING_DATE = "2014-01-01";
+ public static final String SZR_CONSTANTS_DEFAULT_ISSUING_AUTHORITY = "ms-specific eIDAS-Node for AT";
+ public static final String SZR_CONSTANTS_DEFAULT_PUBKEY_EXPONENT = "AQAB";
+ public static final String SZR_CONSTANTS_DEFAULT_PUBKEY_MODULUS =
+ "AJZyj/+sdCMDRq9RkvbFcgSTVn/OfS8EUE81ddwP8MNuJ1kd1SWBUJPaQX2JLJHrL54mkOhrkhH2M/zcuOTu8nW9TOEg"
+ + "XGjrRB/0HpiYKpV+VDJViyyc/GacNLxN4Anw4pima6gHYaJIw9hQkL/nuO2hyh8PGJd7rxeFXJmbLy+X";
+
+}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/EidasAuthenticationModulImpl.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/EidasAuthenticationModulImpl.java
new file mode 100644
index 00000000..41c74217
--- /dev/null
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/EidasAuthenticationModulImpl.java
@@ -0,0 +1,84 @@
+/*
+ * Copyright 2018 A-SIT Plus GmbH
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "License");
+ * You may not use this work except in compliance with the License.
+ * You may obtain a copy of the License at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.asitplus.eidas.specific.modules.auth.eidas.v2;
+
+import org.apache.commons.lang3.StringUtils;
+
+import at.asitplus.eidas.specific.connector.MsEidasNodeConstants;
+import at.gv.egiz.eaaf.core.api.IRequest;
+import at.gv.egiz.eaaf.core.api.idp.auth.modules.AuthModule;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
+
+/**
+ * eIDAS authentication-process selector.
+ *
+ * @author tlenz
+ *
+ */
+public class EidasAuthenticationModulImpl implements AuthModule {
+
+ private int priority = 1;
+
+ @Override
+ public int getPriority() {
+ return priority;
+ }
+
+ /**
+ * Sets the priority of this module. Default value is {@code 0}.
+ *
+ * @param priority The priority.
+ */
+ public void setPriority(int priority) {
+ this.priority = priority;
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see at.gv.egovernment.moa.id.auth.modules.AuthModule#selectProcess(at.gv.
+ * egovernment.moa.id.process.api.ExecutionContext)
+ */
+ @Override
+ public String selectProcess(ExecutionContext context, IRequest pendingReq) {
+ if (StringUtils.isNotBlank((String) context.get(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY))
+ || StringUtils.isNotBlank((String) context.get(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY))) {
+ return "eIDASAuthentication_v2";
+ } else {
+ return null;
+ }
+
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see at.gv.egovernment.moa.id.auth.modules.AuthModule#getProcessDefinitions()
+ */
+ @Override
+ public String[] getProcessDefinitions() {
+ return new String[] { "classpath:eIDAS.Authentication.process.xml" };
+ }
+
+}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/EidasAuthenticationSpringResourceProvider.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/EidasAuthenticationSpringResourceProvider.java
new file mode 100644
index 00000000..535e4f97
--- /dev/null
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/EidasAuthenticationSpringResourceProvider.java
@@ -0,0 +1,52 @@
+/*
+ * Copyright 2018 A-SIT Plus GmbH
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "License");
+ * You may not use this work except in compliance with the License.
+ * You may obtain a copy of the License at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.asitplus.eidas.specific.modules.auth.eidas.v2;
+
+import org.springframework.core.io.ClassPathResource;
+import org.springframework.core.io.Resource;
+
+import at.gv.egiz.components.spring.api.SpringResourceProvider;
+
+public class EidasAuthenticationSpringResourceProvider implements SpringResourceProvider {
+
+ @Override
+ public String getName() {
+ return "Auth. module for eIDAS Ref. Impl. v2.x";
+ }
+
+ @Override
+ public String[] getPackagesToScan() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public Resource[] getResourcesToLoad() {
+ final ClassPathResource eidasAuthConfig = new ClassPathResource("/eidas_v2_auth.beans.xml",
+ EidasAuthenticationSpringResourceProvider.class);
+
+ return new Resource[] { eidasAuthConfig };
+ }
+
+}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/EidasSignalServlet.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/EidasSignalServlet.java
new file mode 100644
index 00000000..e9302f6d
--- /dev/null
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/EidasSignalServlet.java
@@ -0,0 +1,161 @@
+/*
+ * Copyright 2018 A-SIT Plus GmbH
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "License");
+ * You may not use this work except in compliance with the License.
+ * You may obtain a copy of the License at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.asitplus.eidas.specific.modules.auth.eidas.v2;
+
+import java.io.IOException;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.apache.commons.lang3.StringUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.ApplicationContext;
+import org.springframework.stereotype.Controller;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestMethod;
+
+import com.google.common.collect.ImmutableSortedSet;
+
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasSAuthenticationException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry;
+import at.gv.egiz.eaaf.core.exceptions.EaafException;
+import at.gv.egiz.eaaf.core.impl.idp.controller.AbstractProcessEngineSignalController;
+import eu.eidas.auth.commons.EidasParameterKeys;
+import eu.eidas.auth.commons.light.ILightResponse;
+import eu.eidas.specificcommunication.SpecificCommunicationDefinitionBeanNames;
+import eu.eidas.specificcommunication.exception.SpecificCommunicationException;
+import eu.eidas.specificcommunication.protocol.impl.SpecificConnectorCommunicationServiceImpl;
+
+/**
+ * Controler implementation for eIDAS Node communication.
+ *
+ * @author tlenz
+ *
+ */
+@Controller
+public class EidasSignalServlet extends AbstractProcessEngineSignalController {
+
+ private static final Logger log = LoggerFactory.getLogger(EidasSignalServlet.class);
+ @Autowired
+ private ApplicationContext context;
+ @Autowired
+ private EidasAttributeRegistry attrRegistry;
+
+ /**
+ * eIDAS Node communication end-point implementation.
+ *
+ */
+ public EidasSignalServlet() {
+ super();
+ log.debug("Registering servlet {} with mappings '{}' and '{}'.",
+ getClass().getName(), Constants.eIDAS_HTTP_ENDPOINT_SP_POST,
+ Constants.eIDAS_HTTP_ENDPOINT_SP_REDIRECT);
+
+ }
+
+ @RequestMapping(value = {
+ Constants.eIDAS_HTTP_ENDPOINT_SP_POST,
+ Constants.eIDAS_HTTP_ENDPOINT_SP_REDIRECT
+ },
+ method = { RequestMethod.POST, RequestMethod.GET })
+ public void restoreEidasAuthProcess(HttpServletRequest req, HttpServletResponse resp) throws IOException,
+ EaafException {
+ signalProcessManagement(req, resp);
+ }
+
+ /**
+ * Protocol specific implementation to get the pending-requestID from http
+ * request object.
+ *
+ * @param request The http Servlet-Request object
+ * @return The Pending-request id
+ *
+ */
+ @Override
+ public String getPendingRequestId(HttpServletRequest request) {
+ // String sessionId = super.getPendingRequestId(request);
+
+ try {
+ // get token from Request
+ final String tokenBase64 = request.getParameter(EidasParameterKeys.TOKEN.toString());
+ if (StringUtils.isEmpty(tokenBase64)) {
+ log.warn("NO eIDAS message token found.");
+ throw new EidasSAuthenticationException("eidas.04", null);
+
+ }
+ log.trace("Receive eIDAS-node token: " + tokenBase64 + " Starting transaction-restore process ... ");
+
+ final SpecificConnectorCommunicationServiceImpl specificConnectorCommunicationService =
+ (SpecificConnectorCommunicationServiceImpl) context.getBean(
+ SpecificCommunicationDefinitionBeanNames.SPECIFIC_CONNECTOR_COMMUNICATION_SERVICE.toString());
+ final ILightResponse eidasResponse = specificConnectorCommunicationService.getAndRemoveResponse(
+ tokenBase64,
+ ImmutableSortedSet.copyOf(attrRegistry.getCoreAttributeRegistry().getAttributes()));
+
+ String pendingReqId = null;
+ if (StringUtils.isEmpty(eidasResponse.getRelayState())) {
+ log.debug("eIDAS Node returns no RelayState. ");
+
+ if (authConfig.getBasicConfigurationBoolean(
+ Constants.CONIG_PROPS_EIDAS_NODE_WORKAROUND_USEREQUESTIDASTRANSACTIONIDENTIFIER,
+ false)) {
+ log.trace("Use lightRequestId to recover session ... ");
+ pendingReqId = transactionStorage.get(eidasResponse.getInResponseToId(), String.class);
+ if (StringUtils.isNotEmpty(pendingReqId)) {
+ log.debug("Restoring session with lightRequestId ... ");
+ transactionStorage.remove(eidasResponse.getInResponseToId());
+
+ }
+ }
+
+ } else {
+ log.debug("Find transaction identifier in SAML2 'RelayState': " + eidasResponse.getRelayState());
+ pendingReqId = eidasResponse.getRelayState();
+
+ }
+
+ if (StringUtils.isNotEmpty(pendingReqId)) {
+ request.setAttribute(Constants.DATA_FULL_EIDAS_RESPONSE, eidasResponse);
+ return pendingReqId;
+
+ }
+
+ log.info("NO transaction identifier found! Stopping process ....");
+ log.trace("FullResponse: " + eidasResponse.toString());
+
+ } catch (final SpecificCommunicationException e) {
+ log.warn("Can NOT load eIDAS Response from cache.", e);
+ log.debug("eIDAS response token was: " + request.getParameter(EidasParameterKeys.TOKEN.toString()));
+
+ } catch (final Exception e) {
+ log.warn("Unable to retrieve moa session id.", e);
+
+ }
+
+ return null;
+ }
+
+}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/EidasPersonalIdStoreDao.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/EidasPersonalIdStoreDao.java
new file mode 100644
index 00000000..c7acdb15
--- /dev/null
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/EidasPersonalIdStoreDao.java
@@ -0,0 +1,158 @@
+/*
+ * Copyright 2018 A-SIT Plus GmbH
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "License");
+ * You may not use this work except in compliance with the License.
+ * You may obtain a copy of the License at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.dao;
+
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.Iterator;
+import java.util.List;
+
+import at.gv.egiz.eaaf.core.impl.data.Pair;
+
+@Deprecated
+public class EidasPersonalIdStoreDao {
+ public static final String NAME = "foreigneIDMap";
+
+ // Enum with all cols of this table
+ public enum Cols {
+ timestamp, transactionId, eidasId, eidasSourceCountry, eidasDestinationCountry, ernbId
+ }
+
+ public enum T {
+ ID("INTEGER"),
+ BIGINT("VARCHAR(265)"),
+ URI("VARCHAR(256)"),
+ DATE("Long"),
+ TEXT("TEXT"),
+ Long("BIGINT"),
+ Int("INTEGER"),
+ BLOB("BLOB"),
+ CC("CHAR(2)"),
+ BOOL("INTEGER");
+
+ private final String type;
+
+ T(String el) {
+ type = el;
+ }
+
+ @Override
+ public String toString() {
+ return type;
+ }
+ }
+
+ // define Cols of the table
+ public static final List<Pair<String, T>> TABLE_COLS;
+
+ static {
+ final List<Pair<String, T>> cols = new ArrayList<>();
+ cols.add(Pair.newInstance(Cols.timestamp.name(), T.DATE));
+ cols.add(Pair.newInstance(Cols.transactionId.name(), T.TEXT));
+ cols.add(Pair.newInstance(Cols.eidasId.name(), T.TEXT));
+ cols.add(Pair.newInstance(Cols.eidasSourceCountry.name(), T.CC));
+ cols.add(Pair.newInstance(Cols.eidasDestinationCountry.name(), T.CC));
+ cols.add(Pair.newInstance(Cols.ernbId.name(), T.TEXT));
+
+ TABLE_COLS = Collections.unmodifiableList(cols);
+
+ }
+
+ public static final String CREATE = "CREATE TABLE " + NAME
+ + " (" + "id" + " " + T.ID.toString()
+ + " PRIMARY KEY AUTOINCREMENT, " + buildCreateTableQuery(TABLE_COLS) + ")";
+
+ public static final String INSERT = "INSERT INTO " + NAME
+ + "(" + buildInsertQueryKeys(TABLE_COLS) + ")"
+ + " VALUES (" + buildInsertQueryValues(TABLE_COLS) + ");";
+
+ public static final String SELECT_BY_ERNB_ID = "SELECT * FROM " + NAME
+ + " WHERE " + Cols.ernbId.name() + "=?;";
+
+ public static final String SELECT_BY_EIDAS_RAW_ID = "SELECT * FROM " + NAME
+ + " WHERE " + Cols.eidasId.name() + "=?"
+ + " and " + Cols.eidasSourceCountry.name() + "=?" + ";";
+
+ /**
+ * Build a part of a SQL query, which contains the cols of a table that should
+ * be created.
+ *
+ * @param cols List of DB col definitions {@link Pair}
+ * @return Part of a SQL query, which contains cols that should be created
+ */
+ private static String buildCreateTableQuery(List<Pair<String, T>> cols) {
+ StringBuffer buf = new StringBuffer();
+ for (final Pair<String, T> el : cols) {
+ buf.append(el.getFirst());
+ buf.append(" ");
+ buf.append(el.getSecond());
+ buf.append(",");
+
+ }
+ String sql = buf.toString();
+ return sql.substring(0, sql.length() - 1);
+
+ }
+
+ /**
+ * Build a part of a SQL query, which contains the cols keys of a table for
+ * insert operation.
+ *
+ * @param cols List of DB col definitions {@link Pair}
+ * @return Part of a SQL query, which contains cols that should be created
+ */
+ protected static String buildInsertQueryKeys(List<Pair<String, T>> cols) {
+
+ StringBuffer buf = new StringBuffer();
+ for (final Pair<String, T> el : cols) {
+ buf.append(el.getFirst());
+ buf.append(",");
+
+ }
+ String sql = buf.toString();
+ return sql.substring(0, sql.length() - 1);
+ }
+
+ /**
+ * Build a part of a SQL query, which contains the cols values of a table for
+ * insert operation.
+ *
+ * @param cols List of DB col definitions {@link Pair}
+ * @return Part of a SQL query, which contains cols that should be created
+ */
+ protected static String buildInsertQueryValues(List<Pair<String, T>> cols) {
+
+ StringBuffer buf = new StringBuffer();
+ Iterator<Pair<String, T>> it = cols.iterator();
+ while (it.hasNext()) {
+ buf.append("?,");
+ it.next();
+
+ }
+
+ String sql = buf.toString();
+ return sql.substring(0, sql.length() - 1);
+ }
+
+}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/ErnbEidData.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/ErnbEidData.java
new file mode 100644
index 00000000..6c7eeb6b
--- /dev/null
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/ErnbEidData.java
@@ -0,0 +1,115 @@
+/*
+ * Copyright 2018 A-SIT Plus GmbH
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "License");
+ * You may not use this work except in compliance with the License.
+ * You may obtain a copy of the License at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.dao;
+
+import java.text.SimpleDateFormat;
+
+import org.joda.time.DateTime;
+
+import at.gv.e_government.reference.namespace.persondata._20020228.PostalAddressType;
+
+public class ErnbEidData {
+
+ private String citizenCountryCode = null;
+
+ // MDS
+ private String pseudonym = null;
+ private String givenName = null;
+ private String familyName = null;
+ private DateTime dateOfBirth = null;
+
+ // additional attributes
+ private String placeOfBirth = null;
+ private String birthName = null;
+ private PostalAddressType address = null;
+
+ public String getCitizenCountryCode() {
+ return citizenCountryCode;
+ }
+
+ public void setCitizenCountryCode(String citizenCountryCode) {
+ this.citizenCountryCode = citizenCountryCode;
+ }
+
+ public String getPseudonym() {
+ return pseudonym;
+ }
+
+ public void setPseudonym(String pseudonym) {
+ this.pseudonym = pseudonym;
+ }
+
+ public String getGivenName() {
+ return givenName;
+ }
+
+ public void setGivenName(String givenName) {
+ this.givenName = givenName;
+ }
+
+ public String getFamilyName() {
+ return familyName;
+ }
+
+ public void setFamilyName(String familyName) {
+ this.familyName = familyName;
+ }
+
+ public DateTime getDateOfBirth() {
+ return dateOfBirth;
+ }
+
+ public void setDateOfBirth(DateTime dateOfBirth) {
+ this.dateOfBirth = dateOfBirth;
+ }
+
+ public String getPlaceOfBirth() {
+ return placeOfBirth;
+ }
+
+ public void setPlaceOfBirth(String placeOfBirth) {
+ this.placeOfBirth = placeOfBirth;
+ }
+
+ public String getBirthName() {
+ return birthName;
+ }
+
+ public void setBirthName(String birthName) {
+ this.birthName = birthName;
+ }
+
+ public PostalAddressType getAddress() {
+ return address;
+ }
+
+ public void setAddress(PostalAddressType address) {
+ this.address = address;
+ }
+
+ public String getFormatedDateOfBirth() {
+ return new SimpleDateFormat("yyyy-MM-dd").format(dateOfBirth.toDate());
+ }
+
+}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/exception/SQLiteServiceException.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/exception/EidPostProcessingException.java
index 181dc5e2..f4c0be67 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/exception/SQLiteServiceException.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/exception/EidPostProcessingException.java
@@ -1,6 +1,6 @@
-/*******************************************************************************
+/*
* Copyright 2018 A-SIT Plus GmbH
- * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
* A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
*
* Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
@@ -19,21 +19,22 @@
* file for details on the various modules and licenses.
* The "NOTICE" text file is part of the distribution. Any derivative works
* that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-package at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception;
+*/
-public class SQLiteServiceException extends eIDASAuthenticationException {
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.exception;
- private static final long serialVersionUID = 2278259367925102676L;
+public class EidPostProcessingException extends EidasSAuthenticationException {
- public SQLiteServiceException(String internalMsgId, Object[] params, Throwable e) {
- super(internalMsgId, params, e);
-
- }
+ private static final long serialVersionUID = 6780652273831172456L;
- public SQLiteServiceException(String internalMsgId, Object[] params) {
- super(internalMsgId, params);
-
- }
+ public EidPostProcessingException(String internalMsgId, Object[] params) {
+ super(internalMsgId, params);
+
+ }
+
+ public EidPostProcessingException(String internalMsgId, Object[] params, Throwable e) {
+ super(internalMsgId, params, e);
+
+ }
}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/exception/eIDASValidationException.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/exception/EidasAttributeException.java
index d41f5aad..49736d58 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/exception/eIDASValidationException.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/exception/EidasAttributeException.java
@@ -1,6 +1,6 @@
-/*******************************************************************************
+/*
* Copyright 2018 A-SIT Plus GmbH
- * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
* A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
*
* Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
@@ -19,18 +19,16 @@
* file for details on the various modules and licenses.
* The "NOTICE" text file is part of the distribution. Any derivative works
* that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-package at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception;
+*/
-public class eIDASValidationException extends eIDASAuthenticationException {
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.exception;
- /**
- *
- */
- private static final long serialVersionUID = 1L;
+public class EidasAttributeException extends EidasSAuthenticationException {
+ private static final long serialVersionUID = 1L;
- public eIDASValidationException(String internalMsgId, Object[] params) {
- super(internalMsgId, params);
- }
+ public EidasAttributeException(String attrbuteName) {
+ super("eidas.00", new Object[] { attrbuteName });
+
+ }
}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/exception/eIDASAuthenticationException.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/exception/EidasSAuthenticationException.java
index e468fd72..8ff218e3 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/exception/eIDASAuthenticationException.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/exception/EidasSAuthenticationException.java
@@ -1,6 +1,6 @@
-/*******************************************************************************
+/*
* Copyright 2018 A-SIT Plus GmbH
- * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
* A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
*
* Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
@@ -19,24 +19,23 @@
* file for details on the various modules and licenses.
* The "NOTICE" text file is part of the distribution. Any derivative works
* that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-package at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception;
+*/
+
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.exception;
import at.gv.egiz.eaaf.core.exceptions.EaafAuthenticationException;
-public class eIDASAuthenticationException extends EaafAuthenticationException{
+public class EidasSAuthenticationException extends EaafAuthenticationException {
+
+
+ private static final long serialVersionUID = 1L;
- /**
- *
- */
- private static final long serialVersionUID = 1L;
+ public EidasSAuthenticationException(String internalMsgId, Object[] params) {
+ super(internalMsgId, params);
+ }
- public eIDASAuthenticationException(String internalMsgId, Object[] params) {
- super(internalMsgId, params);
- }
-
- public eIDASAuthenticationException(String internalMsgId, Object[] params, Throwable e) {
- super(internalMsgId, params, e);
- }
+ public EidasSAuthenticationException(String internalMsgId, Object[] params, Throwable e) {
+ super(internalMsgId, params, e);
+ }
}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/exception/SZRCommunicationException.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/exception/EidasValidationException.java
index ea9fa6ce..2988dd6f 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/exception/SZRCommunicationException.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/exception/EidasValidationException.java
@@ -1,6 +1,6 @@
-/*******************************************************************************
+/*
* Copyright 2018 A-SIT Plus GmbH
- * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
* A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
*
* Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
@@ -19,19 +19,16 @@
* file for details on the various modules and licenses.
* The "NOTICE" text file is part of the distribution. Any derivative works
* that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-package at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception;
+*/
-public class SZRCommunicationException extends eIDASAuthenticationException {
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.exception;
- private static final long serialVersionUID = 1L;
+public class EidasValidationException extends EidasSAuthenticationException {
- public SZRCommunicationException(String internalMsgId, Object[] params) {
- super(internalMsgId, params);
- }
+ private static final long serialVersionUID = 1L;
- public SZRCommunicationException(String internalMsgId, Object[] params, Throwable e) {
- super(internalMsgId, params, e);
- }
+ public EidasValidationException(String internalMsgId, Object[] params) {
+ super(internalMsgId, params);
+ }
}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/exception/eIDASAttributeException.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/exception/SqliteServiceException.java
index ec307b7d..d48abec9 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/exception/eIDASAttributeException.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/exception/SqliteServiceException.java
@@ -1,6 +1,6 @@
-/*******************************************************************************
+/*
* Copyright 2018 A-SIT Plus GmbH
- * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
* A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
*
* Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
@@ -19,19 +19,22 @@
* file for details on the various modules and licenses.
* The "NOTICE" text file is part of the distribution. Any derivative works
* that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-package at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception;
+*/
-public class eIDASAttributeException extends eIDASAuthenticationException {
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.exception;
- /**
- *
- */
- private static final long serialVersionUID = 1L;
+public class SqliteServiceException extends EidasSAuthenticationException {
- public eIDASAttributeException(String attrbuteName) {
- super("eidas.00", new Object[] {attrbuteName});
+ private static final long serialVersionUID = 2278259367925102676L;
- }
+ public SqliteServiceException(String internalMsgId, Object[] params, Throwable e) {
+ super(internalMsgId, params, e);
+
+ }
+
+ public SqliteServiceException(String internalMsgId, Object[] params) {
+ super(internalMsgId, params);
+
+ }
}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/exception/eIDPostProcessingException.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/exception/SzrCommunicationException.java
index 05e12dbd..c736cadb 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/exception/eIDPostProcessingException.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/exception/SzrCommunicationException.java
@@ -1,6 +1,6 @@
-/*******************************************************************************
+/*
* Copyright 2018 A-SIT Plus GmbH
- * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
* A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
*
* Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
@@ -19,21 +19,20 @@
* file for details on the various modules and licenses.
* The "NOTICE" text file is part of the distribution. Any derivative works
* that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-package at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception;
+*/
-public class eIDPostProcessingException extends eIDASAuthenticationException {
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.exception;
- private static final long serialVersionUID = 6780652273831172456L;
+public class SzrCommunicationException extends EidasSAuthenticationException {
- public eIDPostProcessingException(String internalMsgId, Object[] params) {
- super(internalMsgId, params);
-
- }
-
- public eIDPostProcessingException(String internalMsgId, Object[] params, Throwable e) {
- super(internalMsgId, params, e);
-
- }
+ private static final long serialVersionUID = 1L;
+
+ public SzrCommunicationException(String internalMsgId, Object[] params) {
+ super(internalMsgId, params);
+ }
+
+ public SzrCommunicationException(String internalMsgId, Object[] params, Throwable e) {
+ super(internalMsgId, params, e);
+ }
}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/AbstractEidProcessor.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/AbstractEidProcessor.java
new file mode 100644
index 00000000..2b0e0d2f
--- /dev/null
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/AbstractEidProcessor.java
@@ -0,0 +1,357 @@
+/*
+ * Copyright 2018 A-SIT Plus GmbH
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "License");
+ * You may not use this work except in compliance with the License.
+ * You may obtain a copy of the License at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.handler;
+
+import java.util.Map;
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
+
+import org.apache.commons.lang3.StringUtils;
+import org.joda.time.DateTime;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+
+import com.google.common.collect.ImmutableSortedSet;
+
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.ErnbEidData;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidPostProcessingException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasAttributeException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.EidasResponseUtils;
+import at.gv.e_government.reference.namespace.persondata._20020228.PostalAddressType;
+import at.gv.egiz.eaaf.core.api.IRequest;
+import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP;
+import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration;
+import at.gv.egiz.eaaf.core.impl.data.Trible;
+import edu.umd.cs.findbugs.annotations.NonNull;
+import eu.eidas.auth.commons.attribute.AttributeDefinition;
+import eu.eidas.auth.commons.attribute.ImmutableAttributeMap;
+import eu.eidas.auth.commons.light.impl.LightRequest.Builder;
+import eu.eidas.auth.commons.protocol.eidas.SpType;
+import eu.eidas.auth.commons.protocol.eidas.impl.PostalAddress;
+
+public abstract class AbstractEidProcessor implements INationalEidProcessor {
+ private static final Logger log = LoggerFactory.getLogger(AbstractEidProcessor.class);
+
+ @Autowired
+ protected EidasAttributeRegistry attrRegistry;
+ @Autowired
+ protected IConfigurationWithSP basicConfig;
+
+ @Override
+ public final void preProcess(IRequest pendingReq, Builder authnRequestBuilder) {
+
+ buildProviderNameAttribute(pendingReq, authnRequestBuilder);
+ buildRequestedAttributes(authnRequestBuilder);
+
+ }
+
+ @Override
+ public final ErnbEidData postProcess(Map<String, Object> eidasAttrMap) throws EidPostProcessingException,
+ EidasAttributeException {
+ final ErnbEidData result = new ErnbEidData();
+
+ final Object eIdentifierObj = eidasAttrMap.get(Constants.eIDAS_ATTR_PERSONALIDENTIFIER);
+ final Trible<String, String, String> eIdentifier =
+ EidasResponseUtils.parseEidasPersonalIdentifier((String) eIdentifierObj);
+ result.setCitizenCountryCode(eIdentifier.getFirst());
+
+ // MDS attributes
+ result.setPseudonym(processPseudonym(eidasAttrMap.get(Constants.eIDAS_ATTR_PERSONALIDENTIFIER)));
+ result.setFamilyName(processFamilyName(eidasAttrMap.get(Constants.eIDAS_ATTR_CURRENTFAMILYNAME)));
+ result.setGivenName(processGivenName(eidasAttrMap.get(Constants.eIDAS_ATTR_CURRENTGIVENNAME)));
+ result.setDateOfBirth(processDateOfBirth(eidasAttrMap.get(Constants.eIDAS_ATTR_DATEOFBIRTH)));
+
+ // additional attributes
+ result.setPlaceOfBirth(processPlaceOfBirth(eidasAttrMap.get(Constants.eIDAS_ATTR_PLACEOFBIRTH)));
+ result.setBirthName(processBirthName(eidasAttrMap.get(Constants.eIDAS_ATTR_BIRTHNAME)));
+ result.setAddress(processAddress(eidasAttrMap.get(Constants.eIDAS_ATTR_CURRENTADDRESS)));
+
+ return result;
+
+ }
+
+
+ /**
+ * Get a Map of country-specific requested attributes.
+ *
+ * @return
+ */
+ @NonNull
+ protected abstract Map<String, Boolean> getCountrySpecificRequestedAttributes();
+
+ /**
+ * Post-Process the eIDAS CurrentAddress attribute.
+ *
+ * @param currentAddressObj eIDAS current address information
+ * @return current address or null if no attribute is available
+ * @throws EidPostProcessingException if post-processing fails
+ * @throws EidasAttributeException if eIDAS attribute is of a wrong type
+ */
+ protected PostalAddressType processAddress(Object currentAddressObj) throws EidPostProcessingException,
+ EidasAttributeException {
+
+ if (currentAddressObj != null) {
+ if (currentAddressObj instanceof PostalAddress) {
+ final PostalAddressType result = new PostalAddressType();
+ result.setPostalCode(((PostalAddress) currentAddressObj).getPostCode());
+ result.setMunicipality(((PostalAddress) currentAddressObj).getPostName());
+
+ // TODO: add more mappings
+
+ return result;
+
+ } else {
+ log.warn("eIDAS attr: " + Constants.eIDAS_ATTR_CURRENTADDRESS + " is of WRONG type");
+ throw new EidasAttributeException(Constants.eIDAS_ATTR_CURRENTADDRESS);
+
+ }
+
+ } else {
+ log.debug("NO '" + Constants.eIDAS_ATTR_CURRENTADDRESS + "' attribute. Post-Processing skipped ... ");
+ }
+
+ return null;
+
+ }
+
+ /**
+ * Post-Process the eIDAS BirthName attribute.
+ *
+ * @param birthNameObj eIDAS birthname information
+ * @return birthName or null if no attribute is available
+ * @throws EidPostProcessingException if post-processing fails
+ * @throws EidasAttributeException if eIDAS attribute is of a wrong type
+ */
+ protected String processBirthName(Object birthNameObj) throws EidPostProcessingException,
+ EidasAttributeException {
+ if (birthNameObj != null) {
+ if (birthNameObj instanceof String) {
+ return (String) birthNameObj;
+
+ } else {
+ log.warn("eIDAS attr: " + Constants.eIDAS_ATTR_BIRTHNAME + " is of WRONG type");
+ throw new EidasAttributeException(Constants.eIDAS_ATTR_BIRTHNAME);
+
+ }
+
+ } else {
+ log.debug("NO '" + Constants.eIDAS_ATTR_BIRTHNAME + "' attribute. Post-Processing skipped ... ");
+ }
+
+ return null;
+
+ }
+
+ /**
+ * Post-Process the eIDAS PlaceOfBirth attribute.
+ *
+ * @param placeOfBirthObj eIDAS Place-of-Birth information
+ * @return place of Birth or null if no attribute is available
+ * @throws EidPostProcessingException if post-processing fails
+ * @throws EidasAttributeException if eIDAS attribute is of a wrong type
+ */
+ protected String processPlaceOfBirth(Object placeOfBirthObj) throws EidPostProcessingException,
+ EidasAttributeException {
+ if (placeOfBirthObj != null) {
+ if (placeOfBirthObj instanceof String) {
+ return (String) placeOfBirthObj;
+
+ } else {
+ log.warn("eIDAS attr: " + Constants.eIDAS_ATTR_PLACEOFBIRTH + " is of WRONG type");
+ throw new EidasAttributeException(Constants.eIDAS_ATTR_PLACEOFBIRTH);
+
+ }
+
+ } else {
+ log.debug("NO '" + Constants.eIDAS_ATTR_PLACEOFBIRTH + "' attribute. Post-Processing skipped ... ");
+ }
+
+ return null;
+
+ }
+
+ /**
+ * Post-Process the eIDAS DateOfBirth attribute.
+ *
+ * @param dateOfBirthObj eIDAS date-of-birth attribute information
+ * @return formated user's date-of-birth
+ * @throws EidasAttributeException if NO attribute is available
+ * @throws EidPostProcessingException if post-processing fails
+ */
+ protected DateTime processDateOfBirth(Object dateOfBirthObj) throws EidPostProcessingException,
+ EidasAttributeException {
+ if (dateOfBirthObj == null || !(dateOfBirthObj instanceof DateTime)) {
+ throw new EidasAttributeException(Constants.eIDAS_ATTR_DATEOFBIRTH);
+ }
+
+ return (DateTime) dateOfBirthObj;
+
+ }
+
+ /**
+ * Post-Process the eIDAS GivenName attribute.
+ *
+ * @param givenNameObj eIDAS givenName attribute information
+ * @return formated user's givenname
+ * @throws EidasAttributeException if NO attribute is available
+ * @throws EidPostProcessingException if post-processing fails
+ */
+ protected String processGivenName(Object givenNameObj) throws EidPostProcessingException,
+ EidasAttributeException {
+ if (givenNameObj == null || !(givenNameObj instanceof String)) {
+ throw new EidasAttributeException(Constants.eIDAS_ATTR_CURRENTGIVENNAME);
+ }
+
+ return (String) givenNameObj;
+
+ }
+
+ /**
+ * Post-Process the eIDAS FamilyName attribute.
+ *
+ * @param familyNameObj eIDAS familyName attribute information
+ * @return formated user's familyname
+ * @throws EidasAttributeException if NO attribute is available
+ * @throws EidPostProcessingException if post-processing fails
+ */
+ protected String processFamilyName(Object familyNameObj) throws EidPostProcessingException,
+ EidasAttributeException {
+ if (familyNameObj == null || !(familyNameObj instanceof String)) {
+ throw new EidasAttributeException(Constants.eIDAS_ATTR_CURRENTFAMILYNAME);
+ }
+
+ return (String) familyNameObj;
+
+ }
+
+ /**
+ * Post-Process the eIDAS pseudonym to ERnB unique identifier.
+ *
+ * @param personalIdObj eIDAS PersonalIdentifierAttribute
+ * @return Unique personal identifier without country-code information
+ * @throws EidasAttributeException if NO attribute is available
+ * @throws EidPostProcessingException if post-processing fails
+ */
+ protected String processPseudonym(Object personalIdObj) throws EidPostProcessingException,
+ EidasAttributeException {
+ if (personalIdObj == null || !(personalIdObj instanceof String)) {
+ throw new EidasAttributeException(Constants.eIDAS_ATTR_PERSONALIDENTIFIER);
+ }
+
+ final Trible<String, String, String> eIdentifier =
+ EidasResponseUtils.parseEidasPersonalIdentifier((String) personalIdObj);
+
+ return eIdentifier.getThird();
+
+ }
+
+ private void buildRequestedAttributes(Builder authnRequestBuilder) {
+ // build and add requested attribute set
+ final Map<String, Boolean> ccSpecificReqAttr = getCountrySpecificRequestedAttributes();
+ log.debug("Get #{} country-specific requested attributes", ccSpecificReqAttr.size());
+
+ final Map<String, Boolean> mdsReqAttr = attrRegistry.getDefaultAttributeSetFromConfiguration();
+ log.trace("Get #{} default requested attributes", mdsReqAttr.size());
+
+ // put it together
+ ccSpecificReqAttr.putAll(mdsReqAttr);
+
+ // convert it to eIDAS attributes
+ final ImmutableAttributeMap reqAttrMap = translateToEidasAttributes(ccSpecificReqAttr);
+ authnRequestBuilder.requestedAttributes(reqAttrMap);
+
+ }
+
+ private ImmutableAttributeMap translateToEidasAttributes(final Map<String, Boolean> requiredAttributes) {
+ final ImmutableAttributeMap.Builder builder = ImmutableAttributeMap.builder();
+ for (final Map.Entry<String, Boolean> attribute : requiredAttributes.entrySet()) {
+ final String name = attribute.getKey();
+ final ImmutableSortedSet<AttributeDefinition<?>> byFriendlyName = attrRegistry
+ .getCoreAttributeRegistry().getByFriendlyName(name);
+ if (!byFriendlyName.isEmpty()) {
+ final AttributeDefinition<?> attributeDefinition = byFriendlyName.first();
+ builder.put(AttributeDefinition.builder(attributeDefinition).required(attribute.getValue()).build());
+
+ } else {
+ log.warn("Can NOT request UNKNOWN attribute: " + attribute.getKey() + " Ignore it!");
+ }
+
+ }
+
+ return builder.build();
+
+ }
+
+ private void buildProviderNameAttribute(IRequest pendingReq, Builder authnRequestBuilder) {
+ final ISpConfiguration spConfig = pendingReq.getServiceProviderConfiguration();
+
+ // set correct SPType for requested target sector
+ final String publicSectorTargetSelector = basicConfig.getBasicConfiguration(
+ Constants.CONIG_PROPS_EIDAS_NODE_PUBLICSECTOR_TARGETS,
+ Constants.POLICY_DEFAULT_ALLOWED_TARGETS);
+ final Pattern p = Pattern.compile(publicSectorTargetSelector);
+ final Matcher m = p.matcher(spConfig.getAreaSpecificTargetIdentifier());
+ if (m.matches()) {
+ log.debug("Map " + spConfig.getAreaSpecificTargetIdentifier() + " to 'PublicSector'");
+ authnRequestBuilder.spType(SpType.PUBLIC.getValue());
+
+ if (basicConfig.getBasicConfigurationBoolean(
+ Constants.CONIG_PROPS_EIDAS_NODE_WORKAROUND_USE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP,
+ false)) {
+ authnRequestBuilder.providerName(basicConfig.getBasicConfiguration(
+ Constants.CONIG_PROPS_EIDAS_NODE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP,
+ Constants.DEFAULT_PROPS_EIDAS_NODE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP));
+
+ } else {
+ // TODO: only for eIDAS ref. node 2.0 and 2.1 because it need 'Providername' for
+ // any SPType
+ final String providerName = pendingReq.getRawData(Constants.DATA_PROVIDERNAME, String.class);
+ if (StringUtils.isNotEmpty(providerName)
+ && basicConfig.getBasicConfigurationBoolean(
+ Constants.CONIG_PROPS_EIDAS_NODE_WORKAROUND_ADD_ALWAYS_PROVIDERNAME,
+ false)) {
+ authnRequestBuilder.providerName(providerName);
+
+ }
+ }
+
+ } else {
+ log.debug("Map " + spConfig.getAreaSpecificTargetIdentifier() + " to 'PrivateSector'");
+ authnRequestBuilder.spType(SpType.PRIVATE.getValue());
+
+ // TODO: switch to RequesterId in further version
+ // set provider name for private sector applications
+ final String providerName = pendingReq.getRawData(Constants.DATA_PROVIDERNAME, String.class);
+ if (StringUtils.isNotEmpty(providerName)) {
+ authnRequestBuilder.providerName(providerName);
+ }
+
+ }
+
+ }
+
+}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/DeEidProcessor.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/DeEidProcessor.java
new file mode 100644
index 00000000..8d8cc6b0
--- /dev/null
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/DeEidProcessor.java
@@ -0,0 +1,112 @@
+/*
+ * Copyright 2018 A-SIT Plus GmbH
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "License");
+ * You may not use this work except in compliance with the License.
+ * You may obtain a copy of the License at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.handler;
+
+import java.io.UnsupportedEncodingException;
+import java.util.Base64;
+import java.util.Map;
+
+import org.apache.commons.codec.DecoderException;
+import org.apache.commons.codec.binary.Hex;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidPostProcessingException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasAttributeException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.EidasResponseUtils;
+import at.gv.egiz.eaaf.core.impl.data.Trible;
+
+public class DeEidProcessor extends AbstractEidProcessor {
+ private static final Logger log = LoggerFactory.getLogger(DeEidProcessor.class);
+ private static final String canHandleCC = "DE";
+
+ private int priority = 1;
+
+ @Override
+ public int getPriority() {
+ return priority;
+ }
+
+ @Override
+ public boolean canHandle(String countryCode) {
+ return countryCode != null && countryCode.equalsIgnoreCase(canHandleCC);
+
+ }
+
+ public void setPriority(int priority) {
+ this.priority = priority;
+ }
+
+ @Override
+ public String getName() {
+ return "DE-PostProcessor";
+
+ }
+
+ @Override
+ protected String processPseudonym(Object uniqeIdentifierObj) throws EidPostProcessingException,
+ EidasAttributeException {
+ if (uniqeIdentifierObj == null || !(uniqeIdentifierObj instanceof String)) {
+ throw new EidasAttributeException(Constants.eIDAS_ATTR_PERSONALIDENTIFIER);
+ }
+
+ final Trible<String, String, String> eIdentifier =
+ EidasResponseUtils.parseEidasPersonalIdentifier((String) uniqeIdentifierObj);
+
+ log.trace(getName() + " starts processing of attribute: " + Constants.eIDAS_ATTR_PERSONALIDENTIFIER);
+ final String result = convertDeIdentifier(eIdentifier.getThird());
+ log.debug(getName() + " finished processing of attribute: " + Constants.eIDAS_ATTR_PERSONALIDENTIFIER);
+
+ return result;
+
+ }
+
+ private String convertDeIdentifier(String hexEncodedDeIdentifier) throws EidPostProcessingException {
+ if (hexEncodedDeIdentifier.length() != 64) {
+ throw new EidPostProcessingException("ernb.03", new Object[] {
+ "Input has wrong length, expected 64 chars" });
+ }
+
+ byte[] data;
+ try {
+ data = Hex.decodeHex(hexEncodedDeIdentifier);
+ final byte[] encoded = Base64.getEncoder().encode(data);
+ return new String(encoded, "UTF-8");
+
+ } catch (final DecoderException | UnsupportedEncodingException e) {
+ throw new EidPostProcessingException("ernb.03", null, e);
+
+ }
+
+
+ }
+
+ @Override
+ protected Map<String, Boolean> getCountrySpecificRequestedAttributes() {
+ return attrRegistry.getAttributeSetFromConfiguration(canHandleCC);
+
+ }
+
+}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/GenericEidProcessor.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/GenericEidProcessor.java
new file mode 100644
index 00000000..69949435
--- /dev/null
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/GenericEidProcessor.java
@@ -0,0 +1,61 @@
+/*
+ * Copyright 2018 A-SIT Plus GmbH
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "License");
+ * You may not use this work except in compliance with the License.
+ * You may obtain a copy of the License at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.handler;
+
+import java.util.HashMap;
+import java.util.Map;
+
+public class GenericEidProcessor extends AbstractEidProcessor {
+
+ private int priority = 0;
+
+ @Override
+ public int getPriority() {
+ return priority;
+
+ }
+
+ @Override
+ public boolean canHandle(String countryCode) {
+ return true;
+
+ }
+
+ public void setPriority(int priority) {
+ this.priority = priority;
+ }
+
+ @Override
+ public String getName() {
+ return "Default-PostProcessor";
+
+ }
+
+ @Override
+ protected Map<String, Boolean> getCountrySpecificRequestedAttributes() {
+ return new HashMap<>();
+
+ }
+
+}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/INationalEidProcessor.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/INationalEidProcessor.java
new file mode 100644
index 00000000..577efbcd
--- /dev/null
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/INationalEidProcessor.java
@@ -0,0 +1,81 @@
+/*
+ * Copyright 2018 A-SIT Plus GmbH
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "License");
+ * You may not use this work except in compliance with the License.
+ * You may obtain a copy of the License at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.handler;
+
+import java.util.Map;
+
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.ErnbEidData;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasAttributeException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidPostProcessingException;
+import at.gv.egiz.eaaf.core.api.IRequest;
+import eu.eidas.auth.commons.light.ILightRequest;
+import eu.eidas.auth.commons.light.impl.LightRequest.Builder;
+
+public interface INationalEidProcessor {
+
+ /**
+ * Get a friendlyName of this post-processor implementation.
+ *
+ * @return
+ */
+ String getName();
+
+ /**
+ * Get the priority of this eID Post-Processor <br>
+ * If more than one Post-Processor implementations can handle the eID data, the
+ * post-processor with the highest priority are selected. The Default-Processor
+ * has priority '0'
+ *
+ * @return Priority of this handler
+ */
+ int getPriority();
+
+ /**
+ * Check if this postProcessor is sensitive for a specific country.
+ *
+ * @param countryCode of the eID data that should be processed
+ * @return true if this implementation can handle the country, otherwise false
+ *
+ */
+ boolean canHandle(String countryCode);
+
+ /**
+ * Post-Process eIDAS eID data into national format.
+ *
+ * @param eidasAttrMap Map of eIDAS attributes in format friendlyName and
+ * attribute
+ * @throws EidPostProcessingException In case of a post-processing error
+ * @throws EidasAttributeException In case of an invalid eIDAS attribute
+ */
+ ErnbEidData postProcess(Map<String, Object> eidasAttrMap) throws EidPostProcessingException,
+ EidasAttributeException;
+
+ /**
+ * Pre-Process eIDAS Request to national requirements.
+ *
+ * @param pendingReq current pending request
+ * @param authnRequestBuilder eIDAS {@link ILightRequest} builder
+ */
+ void preProcess(IRequest pendingReq, Builder authnRequestBuilder);
+}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/CcSpecificEidProcessingService.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/CcSpecificEidProcessingService.java
new file mode 100644
index 00000000..09bb09d6
--- /dev/null
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/CcSpecificEidProcessingService.java
@@ -0,0 +1,135 @@
+/*
+ * Copyright 2018 A-SIT Plus GmbH
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "License");
+ * You may not use this work except in compliance with the License.
+ * You may obtain a copy of the License at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.service;
+
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Map;
+import java.util.Map.Entry;
+
+import javax.annotation.PostConstruct;
+
+import org.apache.commons.lang3.StringUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.ApplicationContext;
+import org.springframework.stereotype.Service;
+
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.ErnbEidData;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasAttributeException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidPostProcessingException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.handler.INationalEidProcessor;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.EidasResponseUtils;
+import at.gv.egiz.eaaf.core.api.IRequest;
+import at.gv.egiz.eaaf.core.impl.data.Trible;
+import eu.eidas.auth.commons.light.impl.LightRequest.Builder;
+
+@Service
+public class CcSpecificEidProcessingService implements ICcSpecificEidProcessingService {
+ private static final Logger log = LoggerFactory.getLogger(CcSpecificEidProcessingService.class);
+
+ @Autowired
+ private ApplicationContext context;
+
+ private final List<INationalEidProcessor> handlers = new ArrayList<>();
+
+ @PostConstruct
+ private void initialize() {
+ log.debug("Initialize eID PostProcessing-Service ... ");
+ final Map<String, INationalEidProcessor> postProcessors = context.getBeansOfType(
+ INationalEidProcessor.class);
+ final Iterator<Entry<String, INationalEidProcessor>> iterator = postProcessors.entrySet().iterator();
+ while (iterator.hasNext()) {
+ final Entry<String, INationalEidProcessor> el = iterator.next();
+ log.debug("Find eID-PostProcessor with name: " + el.getKey());
+ handlers.add(el.getValue());
+
+ }
+
+ log.trace("Sorting eID-PostProcessors on priority ... ");
+ Collections.sort(handlers, (thisAuthModule, otherAuthModule) -> {
+ final int thisOrder = thisAuthModule.getPriority();
+ final int otherOrder = otherAuthModule.getPriority();
+ return thisOrder < otherOrder ? 1 : thisOrder == otherOrder ? 0 : -1;
+ });
+
+ log.info("# " + handlers.size() + " eID PostProcessing services are registrated");
+
+ }
+
+ @Override
+ public void preProcess(String selectedCitizenCountry, IRequest pendingReq, Builder authnRequestBuilder)
+ throws EidPostProcessingException {
+ if (StringUtils.isEmpty(selectedCitizenCountry)) {
+ log.info("No CountryCode for eID Pre-Processor. Default Pre-Processor will be used");
+ }
+
+ for (final INationalEidProcessor el : handlers) {
+ if (el.canHandle(selectedCitizenCountry)) {
+ log.debug("Pre-Process eIDAS request for " + selectedCitizenCountry + " by using: " + el.getName());
+ el.preProcess(pendingReq, authnRequestBuilder);
+ return;
+
+ }
+ }
+
+ log.error("NO eID PostProcessor FOUND. Looks like a depentency problem!");
+ throw new EidPostProcessingException("internal.00", null);
+
+ }
+
+ @Override
+ public ErnbEidData postProcess(Map<String, Object> eidasAttrMap) throws EidPostProcessingException,
+ EidasAttributeException {
+ // extract citizen country from eIDAS unique identifier
+ final Object eIdentifierObj = eidasAttrMap.get(Constants.eIDAS_ATTR_PERSONALIDENTIFIER);
+ if (eIdentifierObj == null || !(eIdentifierObj instanceof String)) {
+ throw new EidasAttributeException(Constants.eIDAS_ATTR_PERSONALIDENTIFIER);
+ }
+
+ final Trible<String, String, String> eIdentifier =
+ EidasResponseUtils.parseEidasPersonalIdentifier((String) eIdentifierObj);
+ final String citizenCountry = eIdentifier.getFirst();
+
+ if (StringUtils.isEmpty(citizenCountry)) {
+ log.info("No CountryCode for eID PostProcessor. Default-PostProcessor will be used");
+ }
+
+ for (final INationalEidProcessor el : handlers) {
+ if (el.canHandle(citizenCountry)) {
+ log.debug("Post-Process eIDAS eID from " + citizenCountry + " by using: " + el.getName());
+ return el.postProcess(eidasAttrMap);
+
+ }
+ }
+
+ log.error("NO eID PostProcessor FOUND. Looks like a depentency problem!");
+ throw new EidPostProcessingException("internal.00", null);
+ }
+
+}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/EidasAttributeRegistry.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/EidasAttributeRegistry.java
new file mode 100644
index 00000000..98c4c2de
--- /dev/null
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/EidasAttributeRegistry.java
@@ -0,0 +1,180 @@
+/*
+ * Copyright 2018 A-SIT Plus GmbH
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "License");
+ * You may not use this work except in compliance with the License.
+ * You may obtain a copy of the License at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.service;
+
+import java.io.File;
+import java.text.MessageFormat;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+import javax.annotation.PostConstruct;
+
+import org.apache.commons.lang3.StringUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Service;
+
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP;
+import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException;
+import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils;
+import edu.umd.cs.findbugs.annotations.NonNull;
+import eu.eidas.auth.commons.attribute.AttributeRegistries;
+import eu.eidas.auth.commons.attribute.AttributeRegistry;
+
+@Service("attributeRegistry")
+public class EidasAttributeRegistry {
+ private static final Logger log = LoggerFactory.getLogger(EidasAttributeRegistry.class);
+ @Autowired
+ private IConfigurationWithSP basicConfig;
+
+ private AttributeRegistry coreAttributeRegistry;
+
+ private String eidasAttributesFile;
+ private String additionalAttributesFile;
+
+ @PostConstruct
+ private void initialize() throws RuntimeException {
+ try {
+ if (eidasAttributesFile.isEmpty()) {
+ log.error("Basic eIDAS addribute definition NOT defined");
+ throw new EaafConfigurationException("config.30",
+ new Object[] { "eidas-attributes.xml" });
+
+ }
+
+ boolean additionalAttrAvailabe = false;
+ if (!additionalAttributesFile.isEmpty()) {
+ final File file = new File(additionalAttributesFile);
+ if (file.exists()) {
+ additionalAttrAvailabe = true;
+ }
+
+ }
+
+ if (!additionalAttrAvailabe) {
+ log.info("Start eIDAS ref. impl. Core without additional eIDAS attribute definitions ... ");
+ coreAttributeRegistry = AttributeRegistries.fromFiles(eidasAttributesFile, null);
+
+ } else {
+ // load attribute definitions
+ log.info("Start eIDAS ref. impl. Core with additional eIDAS attribute definitions ... ");
+ coreAttributeRegistry = AttributeRegistries.fromFiles(eidasAttributesFile, null,
+ additionalAttributesFile);
+
+ }
+
+ } catch (final Throwable e) {
+ log.error("Can NOT initialize eIDAS attribute definition.", e);
+ throw new RuntimeException("Can NOT initialize eIDAS attribute definition.", e);
+
+ }
+ }
+
+ public AttributeRegistry getCoreAttributeRegistry() {
+ return coreAttributeRegistry;
+ }
+
+ /**
+ * Get Map of attributes that are requested by default.
+ *
+ * @return Map of AttributeIdentifier, isRequired flag
+ */
+ @NonNull
+ public Map<String, Boolean> getDefaultAttributeSetFromConfiguration() {
+ /*
+ * TODO: select set for representation if mandates should be used. It's an open
+ * task in respect to requested eIDAS attributes and isRequired flag, because
+ * there can be a decision problem in case of natural or legal person
+ * representation! From an Austrian use-case point of view, an Austrian service
+ * provider can support mandates for natural and legal persons at the same time.
+ * However, we CAN NOT request attributes for natural AND legal persons on the
+ * same time, because it's not possible to represent both simultaneously.
+ */
+ final Map<String, String> configAttributes =
+ basicConfig.getBasicConfigurationWithPrefix(
+ Constants.CONIG_PROPS_EIDAS_NODE_ATTRIBUTES_REQUESTED_DEFAULT_ONLYNATURAL);
+ return processAttributeInfosFromConfig(configAttributes);
+
+ }
+
+ /**
+ * Get a Map of attributes that are additionally requested for a specific country.
+ *
+ * @param countryCode Country Code
+ * @return Map of AttributeIdentifier, isRequired flag
+ */
+ @NonNull
+ public Map<String, Boolean> getAttributeSetFromConfiguration(String countryCode) {
+
+ /*
+ * TODO: select set for representation if mandates should be used. It's an open
+ * task in respect to requested eIDAS attributes and isRequired flag, because
+ * there can be a decision problem in case of natural or legal person
+ * representation! From an Austrian use-case point of view, an Austrian service
+ * provider can support mandates for natural and legal persons at the same time.
+ * However, we CAN NOT request attributes for natural AND legal persons on the
+ * same time, because it's not possible to represent both simultaneously.
+ */
+ final Map<String, String> configAttributes =
+ basicConfig.getBasicConfigurationWithPrefix(
+ MessageFormat.format(
+ Constants.CONIG_PROPS_EIDAS_NODE_ATTRIBUTES_REQUESTED_CC_SPECIFIC_ONLYNATURAL,
+ countryCode.toLowerCase()));
+ return processAttributeInfosFromConfig(configAttributes);
+
+ }
+
+ private Map<String, Boolean> processAttributeInfosFromConfig(Map<String, String> configAttributes) {
+
+ final Map<String, Boolean> result = new HashMap<>();
+ for (final String el : configAttributes.values()) {
+ if (StringUtils.isNotEmpty(el.trim())) {
+ final List<String> attrDef = KeyValueUtils.getListOfCsvValues(el.trim());
+ boolean isRequired = false;
+ if (attrDef.size() == 2) {
+ isRequired = Boolean.parseBoolean(attrDef.get(1));
+ }
+
+ result.put(attrDef.get(0), isRequired);
+
+ }
+ }
+
+ log.trace("Load #" + result.size() + " requested attributes from configuration");
+ return result;
+
+ }
+
+ public void setEidasAttributesFile(String eidasAttributesFile) {
+ this.eidasAttributesFile = eidasAttributesFile;
+ }
+
+ public void setAdditionalAttributesFile(String additionalAttributesFile) {
+ this.additionalAttributesFile = additionalAttributesFile;
+ }
+
+}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/EidasDataStore.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/EidasDataStore.java
new file mode 100644
index 00000000..549aa65c
--- /dev/null
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/EidasDataStore.java
@@ -0,0 +1,363 @@
+/*
+ * Copyright 2018 A-SIT Plus GmbH AT-specific eIDAS Connector has been developed
+ * in a cooperation between EGIZ, A-SIT Plus GmbH, A-SIT, and Graz University of
+ * Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "License");
+ * You may not use this work except in compliance with the License. You may
+ * obtain a copy of the License at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations under
+ * the License.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses. The "NOTICE" text file
+ * is part of the distribution. Any derivative works that you distribute must
+ * include a readable copy of the "NOTICE" text file.
+ */
+
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.service;
+
+//import java.io.File;
+//import java.io.IOException;
+//import java.sql.Connection;
+//import java.sql.DriverManager;
+//import java.sql.PreparedStatement;
+//import java.sql.ResultSet;
+//import java.sql.SQLException;
+//import java.sql.Statement;
+//import java.time.Instant;
+//import java.util.Properties;
+//
+//import javax.annotation.PostConstruct;
+//
+//import org.slf4j.Logger;
+//import org.slf4j.LoggerFactory;
+//import org.springframework.beans.factory.annotation.Autowired;
+//import org.springframework.stereotype.Component;
+//import org.sqlite.SQLiteConfig;
+//import org.sqlite.SQLiteConfig.LockingMode;
+//import org.sqlite.SQLiteConfig.SynchronousMode;
+//import org.sqlite.SQLiteErrorCode;
+//
+//import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+//import at.asitplus.eidas.specific.modules.auth.eidas.v2.DAO.eIDASPersonalIdStoreDAO;
+//import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.SQLiteServiceException;
+//import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
+//import at.gv.egiz.eaaf.core.impl.data.Pair;
+//import at.gv.egiz.eaaf.core.impl.data.Trible;
+//
+//@Component
+//@Deprecated
+//public class EidasDataStore {
+//
+// private static final String SQLITE_JDBC_DRIVER_CLASS = "org.sqlite.JDBC";
+// private static final String SQLITE_CONNECTION_PARAM = "jdbc:sqlite:%s";
+// private static final boolean sleep = true;
+// private static final int howLongToSleepOnBusyLock_ = 100;
+//
+// private static final Logger log = LoggerFactory.getLogger(EidasDataStore.class);
+//
+// @Autowired
+// private IConfiguration basicConfig;
+//
+// private String connectionUrl;
+// private Connection conn = null;
+//
+// @PostConstruct
+// private void initialize() throws SQLiteServiceException {
+// try {
+// final String sqlLiteDbUrl = basicConfig.getBasicConfiguration(
+// Constants.CONIG_PROPS_EIDAS_SZRCLIENT_WORKAROUND_SQLLITEDATASTORE_URL,
+// basicConfig.getConfigurationRootDirectory().toString() + "/sqlite/database.db"
+//
+// );
+//
+// log.info("Use SQLite database with URL: " + sqlLiteDbUrl);
+//
+// // check if SQLite lib is in Classpath
+// Class.forName(SQLITE_JDBC_DRIVER_CLASS);
+//
+// // open DB connection
+// boolean isNewFileCreated = false;
+//
+// // open file or create file if not already exists
+// final File dbFile = new File(sqlLiteDbUrl);
+// if (!dbFile.exists()) {
+// log.info("SQLite database does not exist. Creating new database file ... ");
+// dbFile.createNewFile();
+// isNewFileCreated = true;
+//
+// }
+//
+// // open database connection
+// connectionUrl = String.format(SQLITE_CONNECTION_PARAM, dbFile.getPath());
+//
+// // create DB scheme if new DB file was created
+// if (isNewFileCreated) {
+// executeUpdate(startConnection().createStatement(), eIDASPersonalIdStoreDAO.CREATE);
+// log.debug("SQLite db scheme created");
+//
+// }
+//
+// } catch (final ClassNotFoundException e) {
+// log.warn("Can NOT initialize SQLite database for temporarly identity mapping. ", e);
+// throw new SQLiteServiceException("internal.05", new Object[] { e.getMessage() }, e);
+//
+// } catch (SQLException | IOException e) {
+// log.warn("Can NOT initialize SQLite database for temporarly identity mapping. ", e);
+// throw new SQLiteServiceException("internal.05", new Object[] { e.getMessage() }, e);
+//
+// }
+//
+// }
+//
+// /**
+// * Store a mapping entry with eIDAS personal identifier (source country /
+// * destination country / personal identifier) and the identifier that is used
+// * for ERnB communication.
+// *
+// * @param transactionId Id of this authentication transaction
+// * @param eidasId eIDAS personal identifier without country prefixes
+// * @param ernbId personal identifier that is used to request the ERnB
+// * @throws SQLiteServiceException In case of a database error
+// */
+// public void storeNationalId(String transactionId, Trible<String, String, String> eidasId, String ernbId)
+// throws SQLiteServiceException {
+// try {
+// final PreparedStatement preStatment = startConnection().prepareStatement(
+// eIDASPersonalIdStoreDAO.INSERT,
+// Statement.RETURN_GENERATED_KEYS);
+//
+// for (int i = 1; i <= eIDASPersonalIdStoreDAO.TABLE_COLS.size(); i++) {
+// final Pair<String, eIDASPersonalIdStoreDAO.T> col = eIDASPersonalIdStoreDAO.TABLE_COLS.get(i - 1);
+// if (col.getFirst().equals(eIDASPersonalIdStoreDAO.COLS.timestamp.name())) {
+// preStatment.setDate(i, new java.sql.Date(Instant.now().toEpochMilli()));
+// } else if (col.getFirst().equals(eIDASPersonalIdStoreDAO.COLS.transactionId.name())) {
+// preStatment.setString(i, transactionId);
+// } else if (col.getFirst().equals(eIDASPersonalIdStoreDAO.COLS.eidasId.name())) {
+// preStatment.setString(i, eidasId.getThird());
+// } else if (col.getFirst().equals(eIDASPersonalIdStoreDAO.COLS.eidasSourceCountry.name())) {
+// preStatment.setString(i, eidasId.getFirst());
+// } else if (col.getFirst().equals(eIDASPersonalIdStoreDAO.COLS.eidasDestinationCountry.name())) {
+// preStatment.setString(i, eidasId.getSecond());
+// } else if (col.getFirst().equals(eIDASPersonalIdStoreDAO.COLS.ernbId.name())) {
+// preStatment.setString(i, ernbId);
+// } else {
+// log.warn("SQLite table:" + eIDASPersonalIdStoreDAO.NAME + " contains no col with name:" + col
+// .getFirst());
+// }
+//
+// }
+//
+// // execute SQL query
+// final int sqlResult = preStatment.executeUpdate();
+//
+// if (sqlResult != 1) {
+// log.warn("SQLite query execution FAILED!");
+// throw new SQLiteServiceException("internal.06", new Object[] { "Queryresult is '-1'" });
+//
+// }
+//
+// } catch (SQLiteServiceException | SQLException e) {
+// log.warn("SQLite query execution FAILED!", e);
+// throw new SQLiteServiceException("internal.05", new Object[] { e.getMessage() }, e);
+//
+// }
+//
+// }
+//
+// /**
+// * Get the ERnB related national identifier from mapping database.
+// *
+// * @param eidasId eIDAS related identifier
+// * @return Mapped ERnB identifier
+// * @throws SQLiteServiceException In case of a database error
+// */
+// public String getErnbNationalId(Trible<String, String, String> eidasId) throws SQLiteServiceException {
+// try {
+// final PreparedStatement preStatment = startConnection().prepareStatement(
+// eIDASPersonalIdStoreDAO.SELECT_BY_EIDAS_RAW_ID,
+// Statement.RETURN_GENERATED_KEYS);
+//
+// preStatment.setString(1, eidasId.getThird());
+// preStatment.setString(2, eidasId.getFirst());
+//
+// final ResultSet rs = preStatment.executeQuery();
+//
+// if (!rs.next()) {
+// return null;
+// } else {
+// return rs.getString(eIDASPersonalIdStoreDAO.COLS.ernbId.name());
+// }
+//
+// } catch (SQLiteServiceException | SQLException e) {
+// log.warn("SQLite query execution FAILED!", e);
+// throw new SQLiteServiceException("internal.05", new Object[] { e.getMessage() }, e);
+//
+// }
+//
+// }
+//
+// /**
+// * Get the eIDAS identifier from an ERnB identifier.
+// *
+// * @param ernbId ERnB specific identifier
+// * @return eIDAS unqiue identifier
+// * @throws SQLiteServiceException In case of a database error
+// */
+// public String getEidasRawNationalId(String ernbId) throws SQLiteServiceException {
+// try {
+// final PreparedStatement preStatment = startConnection().prepareStatement(
+// eIDASPersonalIdStoreDAO.SELECT_BY_ERNB_ID,
+// Statement.RETURN_GENERATED_KEYS);
+//
+// preStatment.setString(1, ernbId);
+//
+// final ResultSet rs = preStatment.executeQuery();
+//
+// if (!rs.next()) {
+// return null;
+// } else {
+// return rs.getString(eIDASPersonalIdStoreDAO.COLS.eidasId.name());
+// }
+//
+// } catch (SQLiteServiceException | SQLException e) {
+// log.warn("SQLite query execution FAILED!", e);
+// throw new SQLiteServiceException("internal.05", new Object[] { e.getMessage() }, e);
+//
+// }
+//
+// }
+//
+// private Connection startConnection() throws SQLiteServiceException {
+// int i = howLongToSleepOnBusyLock_;
+//
+// while (true) {
+// try {
+// if (conn == null) {
+// log.info("Initializing SQLite database with URL: " + connectionUrl + " ... ");
+// conn = DriverManager.getConnection(connectionUrl, getConnectionProperties());
+//
+// } else {
+// if (!conn.isValid(10)) {
+// log.info("SQLite connection is not valid any more --> restarting connection ...");
+// conn.close();
+// conn = DriverManager.getConnection(connectionUrl, getConnectionProperties());
+// }
+// }
+//
+// log.info("SQLite database connected");
+// return conn;
+//
+// } catch (final SQLException e) {
+// final String msg = e.getLocalizedMessage();
+// if (isBusyLocked(e)) {
+// log.warn(msg, e);
+// try {
+// if (sleep) {
+// Thread.sleep(i++);
+// }
+//
+// } catch (final InterruptedException e1) {
+// throw new SQLiteServiceException("internal.05", new Object[] { e1.getMessage() }, e1);
+//
+// }
+// continue;
+//
+// }
+// throw new SQLiteServiceException("internal.05", new Object[] { e.getMessage() }, e);
+//
+// }
+// }
+// }
+//
+// /*
+// * SQLite query code
+// */
+//
+// protected Properties getConnectionProperties() {
+// final SQLiteConfig config = new SQLiteConfig();
+// config.enforceForeignKeys(true);
+// config.setCacheSize(8000);
+// config.setLockingMode(LockingMode.NORMAL);
+// config.setSharedCache(false);
+// config.setReadUncommited(true);
+// config.setSynchronous(SynchronousMode.NORMAL);
+// return config.toProperties();
+//
+// }
+//
+// private int executeUpdate(Statement statement, String sql) throws SQLiteServiceException {
+// final int i = 10;
+//
+// int rc = -1;
+// while (true) {
+// try {
+// rc = statement.executeUpdate(sql);
+// break;
+//
+// } catch (final SQLException e) {
+// try {
+// if (executeUpdateError(e, i)) {
+// continue;
+// } else {
+// throw new SQLiteServiceException("internal.06",
+// new Object[] { e.getMessage() }, e);
+// }
+//
+// } catch (final SQLiteServiceException e1) {
+// log.warn("\n" + sql + "\n" + e1.getMessage());
+// throw e1;
+//
+// }
+// }
+// }
+//
+// return rc;
+//
+// }
+//
+// private boolean isBusyLocked(SQLException e) {
+// final int eC = e.getErrorCode();
+//
+// if (eC == SQLiteErrorCode.SQLITE_LOCKED.code
+// || eC == SQLiteErrorCode.SQLITE_BUSY.code) {
+// log.trace("SQLite db is busy looked");
+// return true;
+//
+// }
+//
+// final String msg = e.getMessage();
+// if (msg.contains("[SQLITE_LOCKED]") || msg.contains("[SQLITE_BUSY]")) {
+// log.trace("SQLite db is busy looked");
+// return true;
+// }
+//
+// return false;
+// }
+//
+// private boolean executeUpdateError(SQLException e, int theadSleepCounter) throws SQLiteServiceException {
+// if (isBusyLocked(e)) {
+// try {
+// if (sleep) {
+// Thread.sleep(theadSleepCounter++);
+// }
+//
+// } catch (final InterruptedException e1) {
+// throw new SQLiteServiceException("internal.05", new Object[] { e1.getMessage() }, e1);
+//
+// }
+//
+// return true;
+// }
+//
+// return false;
+//
+// }
+//}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/ICcSpecificEidProcessingService.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/ICcSpecificEidProcessingService.java
new file mode 100644
index 00000000..ebbc15e4
--- /dev/null
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/ICcSpecificEidProcessingService.java
@@ -0,0 +1,61 @@
+/*
+ * Copyright 2018 A-SIT Plus GmbH
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "License");
+ * You may not use this work except in compliance with the License.
+ * You may obtain a copy of the License at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.service;
+
+import java.util.Map;
+
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.ErnbEidData;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasAttributeException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidPostProcessingException;
+import at.gv.egiz.eaaf.core.api.IRequest;
+import eu.eidas.auth.commons.light.ILightRequest;
+import eu.eidas.auth.commons.light.impl.LightRequest.Builder;
+
+public interface ICcSpecificEidProcessingService {
+
+ /**
+ * Post-process eIDAS eID attributes into national format.
+ *
+ * @param eidasAttrMap Map of eIDAS attributes in format friendlyName and
+ * attribute
+ *
+ * @return eID attributes for SZR request
+ * @throws EidPostProcessingException In case of a post-processing error
+ * @throws EidasAttributeException In case of an invalid eIDAS attribute value
+ */
+ ErnbEidData postProcess(Map<String, Object> eidasAttrMap) throws EidPostProcessingException,
+ EidasAttributeException;
+
+ /**
+ * Pre Process eIDAS request into national requirements.
+ *
+ * @param selectedCC Citizen Country from selection
+ * @param pendingReq current pending request
+ * @param authnRequestBuilder eIDAS {@link ILightRequest} builder
+ * @throws EidPostProcessingException In case of a pre-processing error
+ */
+ void preProcess(String selectedCC, IRequest pendingReq, Builder authnRequestBuilder)
+ throws EidPostProcessingException;
+
+}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/szr/SzrClient.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/szr/SzrClient.java
new file mode 100644
index 00000000..763d8dab
--- /dev/null
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/szr/SzrClient.java
@@ -0,0 +1,408 @@
+/*
+ * Copyright 2018 A-SIT Plus GmbH
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "License");
+ * You may not use this work except in compliance with the License.
+ * You may obtain a copy of the License at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.szr;
+
+import java.io.ByteArrayInputStream;
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+import java.net.URL;
+import java.security.KeyManagementException;
+import java.security.KeyStore;
+import java.security.KeyStoreException;
+import java.security.NoSuchAlgorithmException;
+import java.security.SecureRandom;
+import java.security.UnrecoverableKeyException;
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Map;
+
+import javax.annotation.PostConstruct;
+import javax.net.ssl.KeyManager;
+import javax.net.ssl.KeyManagerFactory;
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.TrustManager;
+import javax.net.ssl.TrustManagerFactory;
+import javax.xml.bind.JAXBContext;
+import javax.xml.bind.Marshaller;
+import javax.xml.namespace.QName;
+import javax.xml.transform.Source;
+import javax.xml.transform.Transformer;
+import javax.xml.transform.TransformerException;
+import javax.xml.transform.TransformerFactory;
+import javax.xml.transform.stream.StreamResult;
+import javax.xml.transform.stream.StreamSource;
+import javax.xml.ws.BindingProvider;
+import javax.xml.ws.Dispatch;
+import javax.xml.ws.handler.Handler;
+
+import org.apache.commons.lang3.StringUtils;
+import org.apache.cxf.configuration.jsse.TLSClientParameters;
+import org.apache.cxf.endpoint.Client;
+import org.apache.cxf.frontend.ClientProxy;
+import org.apache.cxf.jaxws.DispatchImpl;
+import org.apache.cxf.transport.http.HTTPConduit;
+import org.apache.cxf.transports.http.configuration.HTTPClientPolicy;
+import org.apache.xpath.XPathAPI;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Service;
+import org.w3c.dom.Document;
+import org.w3c.dom.Element;
+
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.SzrCommunicationException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.LoggingHandler;
+import at.gv.egiz.eaaf.core.api.data.XmlNamespaceConstants;
+import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
+import at.gv.egiz.eaaf.core.impl.utils.DomUtils;
+import at.gv.egiz.eaaf.core.impl.utils.FileUtils;
+import at.gv.egiz.eaaf.core.impl.utils.KeyStoreUtils;
+import szrservices.GetBPK;
+import szrservices.GetBPKResponse;
+import szrservices.GetIdentityLinkEidas;
+import szrservices.GetIdentityLinkEidasResponse;
+import szrservices.IdentityLinkType;
+import szrservices.ObjectFactory;
+import szrservices.PersonInfoType;
+import szrservices.SZR;
+import szrservices.SZRException_Exception;
+
+@Service("SZRClientForeIDAS")
+public class SzrClient {
+ private static final Logger log = LoggerFactory.getLogger(SzrClient.class);
+
+ private static final String CLIENT_DEFAULT = "DefaultClient";
+ private static final String CLIENT_RAW = "RawClient";
+
+ @Autowired
+ private IConfiguration basicConfig;
+
+ // client for anything, without identitylink
+ private SZR szr = null;
+
+ // RAW client is needed for identitylink
+ private Dispatch<Source> dispatch = null;
+
+ private SzrService szrService = null;
+ private String szrUrl = null;
+ private QName qname = null;
+
+ /**
+ * Get IdentityLink of a person.
+ *
+ * @param personInfo Person identification information
+ * @return IdentityLink
+ * @throws SzrCommunicationException In case of a SZR error
+ */
+ public IdentityLinkType getIdentityLinkInRawMode(PersonInfoType personInfo)
+ throws SzrCommunicationException {
+ try {
+ final GetIdentityLinkEidas getIdl = new GetIdentityLinkEidas();
+ getIdl.setPersonInfo(personInfo);
+
+ final JAXBContext jaxbContext = JAXBContext.newInstance(ObjectFactory.class);
+ final Marshaller jaxbMarshaller = jaxbContext.createMarshaller();
+
+ final ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
+ jaxbMarshaller.marshal(getIdl, outputStream);
+ outputStream.flush();
+
+ final Source source = new StreamSource(new ByteArrayInputStream(outputStream.toByteArray()));
+ outputStream.close();
+
+ log.trace("Requesting SZR ... ");
+ final Source response = dispatch.invoke(source);
+ log.trace("Receive RAW response from SZR");
+
+ final byte[] szrResponse = sourceToByteArray(response);
+ final GetIdentityLinkEidasResponse jaxbElement = (GetIdentityLinkEidasResponse) jaxbContext
+ .createUnmarshaller().unmarshal(new ByteArrayInputStream(szrResponse));
+
+ // build response
+ log.trace(new String(szrResponse, "UTF-8"));
+
+ // ok, we have success
+ final Document doc = DomUtils.parseDocument(
+ new ByteArrayInputStream(szrResponse),
+ true,
+ XmlNamespaceConstants.ALL_SCHEMA_LOCATIONS + " " + Constants.SZR_SCHEMA_LOCATIONS,
+ null, null);
+ final String xpathExpression = "//saml:Assertion";
+ final Element nsNode = doc.createElementNS("urn:oasis:names:tc:SAML:1.0:assertion", "saml:NSNode");
+
+ log.trace("Selecting signed doc " + xpathExpression);
+ final Element documentNode = (Element) XPathAPI.selectSingleNode(doc,
+ xpathExpression, nsNode);
+ log.trace("Signed document: " + DomUtils.serializeNode(documentNode));
+
+ final IdentityLinkType idl = new IdentityLinkType();
+ idl.setAssertion(documentNode);
+ idl.setPersonInfo(jaxbElement.getGetIdentityLinkReturn().getPersonInfo());
+
+ return idl;
+
+ } catch (final Exception e) {
+ log.warn("SZR communication FAILED. Reason: " + e.getMessage(), e);
+ throw new SzrCommunicationException("ernb.02", new Object[] { e.getMessage() }, e);
+
+ }
+
+ }
+
+ /**
+ * Get bPK of person.
+ *
+ * @param personInfo Person identification information
+ * @param target requested bPK target
+ * @param vkz Verfahrenskennzeichen
+ * @return bPK for this person
+ * @throws SzrCommunicationException In case of a SZR error
+ */
+ public String getBpk(PersonInfoType personInfo, String target, String vkz)
+ throws SzrCommunicationException {
+ try {
+ final GetBPK parameters = new GetBPK();
+ parameters.setPersonInfo(personInfo);
+ parameters.setBereichsKennung(target);
+ parameters.setVKZ(vkz);
+ final GetBPKResponse result = this.szr.getBPK(parameters);
+
+ return result.getGetBPKReturn();
+
+ } catch (final SZRException_Exception e) {
+ log.warn("SZR communication FAILED. Reason: " + e.getMessage(), e);
+ throw new SzrCommunicationException("ernb.02", new Object[] { e.getMessage() }, e);
+
+ }
+
+ }
+
+ @PostConstruct
+ private void initialize() {
+ log.info("Starting SZR-Client initialization .... ");
+ final URL url = SzrClient.class.getResource("/szr_client/SZR-1.1.WSDL");
+
+ final boolean useTestSzr = basicConfig.getBasicConfigurationBoolean(
+ Constants.CONIG_PROPS_EIDAS_SZRCLIENT_USETESTSERVICE,
+ true);
+
+ if (useTestSzr) {
+ log.debug("Initializing SZR test environment configuration.");
+ qname = SzrService.SZRTestumgebung;
+ szrService = new SzrService(url, new QName("urn:SZRServices", "SZRService"));
+ szr = szrService.getSzrTestumgebung();
+ szrUrl = basicConfig.getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_SZRCLIENT_ENDPOINT_TEST);
+
+ } else {
+ log.debug("Initializing SZR productive configuration.");
+ qname = SzrService.SZRProduktionsumgebung;
+ szrService = new SzrService(url, new QName("urn:SZRServices", "SZRService"));
+ szr = szrService.getSzrProduktionsumgebung();
+ szrUrl = basicConfig.getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_SZRCLIENT_ENDPOINT_PROD);
+
+ }
+
+ // create raw client;
+ dispatch = szrService.createDispatch(qname, Source.class, javax.xml.ws.Service.Mode.PAYLOAD);
+
+ if (StringUtils.isEmpty(szrUrl)) {
+ log.error("No SZR service-URL found. SZR-Client initalisiation failed.");
+ throw new RuntimeException("No SZR service URL found. SZR-Client initalisiation failed.");
+
+ }
+
+ // check if Clients can be initialized
+ if (szr == null) {
+ log.error("SZR " + CLIENT_DEFAULT + " is 'NULL'. Something goes wrong");
+ throw new RuntimeException("SZR " + CLIENT_DEFAULT + " is 'NULL'. Something goes wrong");
+
+ }
+ if (dispatch == null) {
+ log.error("SZR " + CLIENT_RAW + " is 'NULL'. Something goes wrong");
+ throw new RuntimeException("SZR " + CLIENT_RAW + " is 'NULL'. Something goes wrong");
+
+ }
+
+ // inject handler
+ log.info("Use SZR service-URL: " + szrUrl);
+ injectBindingProvider((BindingProvider) szr, CLIENT_DEFAULT);
+ injectBindingProvider(dispatch, CLIENT_RAW);
+
+ // inject http parameters and SSL context
+ log.debug("Inject HTTP client settings ... ");
+ injectHttpClient(szr, CLIENT_DEFAULT);
+ injectHttpClient(dispatch, CLIENT_RAW);
+
+ log.info("SZR-Client initialization successfull");
+ }
+
+ private void injectHttpClient(Object raw, String clientType) {
+ // extract client from implementation
+ Client client = null;
+ if (raw instanceof DispatchImpl<?>) {
+ client = ((DispatchImpl<?>) raw).getClient();
+ } else if (raw instanceof Client) {
+ client = ClientProxy.getClient(raw);
+ } else {
+ throw new RuntimeException("SOAP Client for SZR connection is of UNSUPPORTED type: " + raw.getClass()
+ .getName());
+ }
+
+ // set basic connection policies
+ final HTTPConduit http = (HTTPConduit) client.getConduit();
+
+ // set timeout policy
+ final HTTPClientPolicy httpClientPolicy = new HTTPClientPolicy();
+ httpClientPolicy.setConnectionTimeout(
+ Integer.parseInt(basicConfig.getBasicConfiguration(
+ Constants.CONIG_PROPS_EIDAS_SZRCLIENT_TIMEOUT_CONNECTION,
+ Constants.HTTP_CLIENT_DEFAULT_TIMEOUT_CONNECTION)) * 1000);
+ httpClientPolicy.setReceiveTimeout(
+ Integer.parseInt(basicConfig.getBasicConfiguration(
+ Constants.CONIG_PROPS_EIDAS_SZRCLIENT_TIMEOUT_RESPONSE,
+ Constants.HTTP_CLIENT_DEFAULT_TIMEOUT_RESPONSE)) * 1000);
+ http.setClient(httpClientPolicy);
+
+ // inject SSL context in case of https
+ if (szrUrl.toLowerCase().startsWith("https")) {
+ log.debug("Adding SSLContext to client: " + clientType + " ... ");
+ final TLSClientParameters tlsParams = new TLSClientParameters();
+ tlsParams.setSSLSocketFactory(createSslContext(clientType).getSocketFactory());
+ http.setTlsClientParameters(tlsParams);
+ log.info("SSLContext initialized for client: " + clientType);
+
+ }
+
+ }
+
+ private void injectBindingProvider(BindingProvider bindingProvider, String clientType) {
+ final Map<String, Object> requestContext = bindingProvider.getRequestContext();
+ requestContext.put(BindingProvider.ENDPOINT_ADDRESS_PROPERTY, szrUrl);
+
+ log.trace("Adding JAX-WS request/response trace handler to client: " + clientType);
+ List<Handler> handlerList = bindingProvider.getBinding().getHandlerChain();
+ if (handlerList == null) {
+ handlerList = new ArrayList<>();
+ bindingProvider.getBinding().setHandlerChain(handlerList);
+
+ }
+
+ // add logging handler to trace messages if required
+ if (basicConfig.getBasicConfigurationBoolean(
+ Constants.CONIG_PROPS_EIDAS_SZRCLIENT_DEBUG_TRACEMESSAGES,
+ false)) {
+ final LoggingHandler loggingHandler = new LoggingHandler();
+ handlerList.add(loggingHandler);
+
+ }
+ bindingProvider.getBinding().setHandlerChain(handlerList);
+ }
+
+ private SSLContext createSslContext(String clientType) {
+ try {
+ final SSLContext context = SSLContext.getInstance("TLS");
+
+ // initialize key-mangager for SSL client-authentication
+ KeyManager[] keyManager = null;
+ final String keyStorePath = basicConfig.getBasicConfiguration(
+ Constants.CONIG_PROPS_EIDAS_SZRCLIENT_SSL_KEYSTORE_PATH);
+ final String keyStorePassword = basicConfig.getBasicConfiguration(
+ Constants.CONIG_PROPS_EIDAS_SZRCLIENT_SSL_KEYSTORE_PASSWORD);
+ if (StringUtils.isNotEmpty(keyStorePath)) {
+ log.trace("Find keyStore path: " + keyStorePath + " Injecting SSL client certificate ... ");
+ try {
+ final KeyStore keyStore = KeyStoreUtils.loadKeyStore(
+ FileUtils.makeAbsoluteUrl(keyStorePath, basicConfig.getConfigurationRootDirectory()),
+ keyStorePassword);
+
+ final KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
+ kmf.init(keyStore, keyStorePassword.toCharArray());
+ keyManager = kmf.getKeyManagers();
+ log.debug("SSL client certificate injected to client: " + clientType);
+
+ } catch (KeyStoreException | IOException | UnrecoverableKeyException e) {
+ log.error("Can NOT load SSL client certificate from path: " + keyStorePath);
+ throw new RuntimeException("Can NOT load SSL client certificate from path: " + keyStorePath, e);
+
+ }
+ } else {
+ log.debug(
+ "No KeyStore for SSL Client Auth. found. Initializing SSLContext without authentication ... ");
+
+ }
+
+ // initialize SSL TrustStore
+ TrustManager[] trustManager = null;
+ final String trustStorePath = basicConfig.getBasicConfiguration(
+ Constants.CONIG_PROPS_EIDAS_SZRCLIENT_SSL_TRUSTSTORE_PATH);
+ final String trustStorePassword = basicConfig.getBasicConfiguration(
+ Constants.CONIG_PROPS_EIDAS_SZRCLIENT_SSL_TRUSTSTORE_PASSWORD);
+ if (StringUtils.isNotEmpty(trustStorePath)) {
+ log.trace("Find trustStore path: " + trustStorePath + " Injecting SSL TrustStore ... ");
+ try {
+ final KeyStore trustStore = KeyStoreUtils.loadKeyStore(
+ FileUtils.makeAbsoluteUrl(trustStorePath, basicConfig.getConfigurationRootDirectory()),
+ trustStorePassword);
+
+ final TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509");
+ tmf.init(trustStore);
+ trustManager = tmf.getTrustManagers();
+ log.debug("SSL TrustStore injected to client: " + clientType);
+
+ } catch (KeyStoreException | IOException e) {
+ log.error("Can NOT open SSL TrustStore from path: " + trustStorePath);
+ throw new RuntimeException("Can NOT open SSL TrustStore from path: " + trustStorePath, e);
+
+ }
+
+ } else {
+ log.debug("No custom SSL TrustStore found. Initializing SSLContext with JVM default truststore ... ");
+
+ }
+
+ context.init(keyManager, trustManager, new SecureRandom());
+ return context;
+
+ } catch (NoSuchAlgorithmException | KeyManagementException e) {
+ log.error("SSLContext initialization FAILED.", e);
+ throw new RuntimeException("SSLContext initialization FAILED.", e);
+
+ }
+
+ }
+
+ private byte[] sourceToByteArray(Source result) throws TransformerException {
+ final TransformerFactory factory = TransformerFactory.newInstance();
+ final Transformer transformer = factory.newTransformer();
+ transformer.setOutputProperty("omit-xml-declaration", "yes");
+ transformer.setOutputProperty("method", "xml");
+ final ByteArrayOutputStream out = new ByteArrayOutputStream();
+ final StreamResult streamResult = new StreamResult();
+ streamResult.setOutputStream(out);
+ transformer.transform(result, streamResult);
+ return out.toByteArray();
+ }
+
+}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/szr/SzrService.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/szr/SzrService.java
new file mode 100644
index 00000000..dde868b1
--- /dev/null
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/szr/SzrService.java
@@ -0,0 +1,164 @@
+/*
+ * Copyright 2018 A-SIT Plus GmbH
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "License");
+ * You may not use this work except in compliance with the License.
+ * You may obtain a copy of the License at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.szr;
+
+import java.net.URL;
+
+import javax.xml.namespace.QName;
+import javax.xml.ws.Service;
+import javax.xml.ws.WebEndpoint;
+import javax.xml.ws.WebServiceClient;
+import javax.xml.ws.WebServiceFeature;
+
+import szrservices.SZR;
+
+/**
+ * This class was generated by Apache CXF 3.1.16 2018-07-10T09:36:01.466+02:00
+ * Generated source version: 3.1.16
+ *
+ */
+@WebServiceClient(name = "SZRService",
+ wsdlLocation = "./src/main/resources/szr_client/SZR-1.WSDL",
+ targetNamespace = "urn:SZRServices")
+public class SzrService extends Service {
+
+ public static final URL WSDL_LOCATION;
+
+ public static final QName SERVICE = new QName("urn:SZRServices", "SZRService");
+ public static final QName SZRProduktionsumgebung = new QName("urn:SZRServices", "SZRProduktionsumgebung");
+ public static final QName SZRTestumgebung = new QName("urn:SZRServices", "SZRTestumgebung");
+ public static final QName SZRBusinesspartnerTestumgebung = new QName("urn:SZRServices",
+ "SZRBusinesspartnerTestumgebung");
+
+ static {
+ URL url = SzrService.class.getResource("./src/main/resources/szr_client/SZR-1.WSDL");
+ if (url == null) {
+ url = SzrService.class.getClassLoader().getResource("/szr_client/SZR-1.WSDL");
+ }
+ if (url == null) {
+ java.util.logging.Logger.getLogger(SzrService.class.getName())
+ .log(java.util.logging.Level.INFO,
+ "Can not initialize the default wsdl from {0}", "/szr_client/SZR-1.WSDL");
+ }
+ WSDL_LOCATION = url;
+
+ }
+
+ public SzrService(URL wsdlLocation) {
+ super(wsdlLocation, SERVICE);
+ }
+
+ public SzrService(URL wsdlLocation, QName serviceName) {
+ super(wsdlLocation, serviceName);
+ }
+
+ public SzrService() {
+ super(WSDL_LOCATION, SERVICE);
+ }
+
+ public SzrService(WebServiceFeature... features) {
+ super(WSDL_LOCATION, SERVICE, features);
+ }
+
+ public SzrService(URL wsdlLocation, WebServiceFeature... features) {
+ super(wsdlLocation, SERVICE, features);
+ }
+
+ public SzrService(URL wsdlLocation, QName serviceName, WebServiceFeature... features) {
+ super(wsdlLocation, serviceName, features);
+ }
+
+ /**
+ * Get SZR Web-Service.
+ *
+ * @return returns SZR
+ */
+ @WebEndpoint(name = "SZRProduktionsumgebung")
+ public SZR getSzrProduktionsumgebung() {
+ return super.getPort(SZRProduktionsumgebung, SZR.class);
+ }
+
+ /**
+ * Get SZR Web-Service.
+ *
+ * @param features A list of {@link javax.xml.ws.WebServiceFeature} to configure
+ * on the proxy. Supported features not in the
+ * <code>features</code> parameter will have their default
+ * values.
+ * @return returns SZR
+ */
+ @WebEndpoint(name = "SZRProduktionsumgebung")
+ public SZR getSzrProduktionsumgebung(WebServiceFeature... features) {
+ return super.getPort(SZRProduktionsumgebung, SZR.class, features);
+ }
+
+ /**
+ *Get SZR Web-Service.
+ *
+ * @return returns SZR
+ */
+ @WebEndpoint(name = "SZRTestumgebung")
+ public SZR getSzrTestumgebung() {
+ return super.getPort(SZRTestumgebung, SZR.class);
+ }
+
+ /**
+ * Get SZR Web-Service.
+ *
+ * @param features A list of {@link javax.xml.ws.WebServiceFeature} to configure
+ * on the proxy. Supported features not in the
+ * <code>features</code> parameter will have their default
+ * values.
+ * @return returns SZR
+ */
+ @WebEndpoint(name = "SZRTestumgebung")
+ public SZR getSzrTestumgebung(WebServiceFeature... features) {
+ return super.getPort(SZRTestumgebung, SZR.class, features);
+ }
+
+ /**
+ * Get SZR Web-Service.
+ *
+ * @return returns SZR
+ */
+ @WebEndpoint(name = "SZRBusinesspartnerTestumgebung")
+ public SZR getSzrBusinesspartnerTestumgebung() {
+ return super.getPort(SZRBusinesspartnerTestumgebung, SZR.class);
+ }
+
+ /**
+ * Get SZR Web-Service.
+ *
+ * @param features A list of {@link javax.xml.ws.WebServiceFeature} to configure
+ * on the proxy. Supported features not in the
+ * <code>features</code> parameter will have their default
+ * values.
+ * @return returns SZR
+ */
+ @WebEndpoint(name = "SZRBusinesspartnerTestumgebung")
+ public SZR getSzrBusinesspartnerTestumgebung(WebServiceFeature... features) {
+ return super.getPort(SZRBusinesspartnerTestumgebung, SZR.class, features);
+ }
+
+}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java
new file mode 100644
index 00000000..8f49d57d
--- /dev/null
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java
@@ -0,0 +1,406 @@
+/*
+ * Copyright 2018 A-SIT Plus GmbH
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "License");
+ * You may not use this work except in compliance with the License.
+ * You may obtain a copy of the License at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks;
+
+import java.io.InputStream;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.apache.commons.lang3.StringUtils;
+import org.joda.time.DateTime;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Component;
+import org.w3c.dom.Element;
+import org.w3c.dom.Node;
+
+import com.google.common.collect.ImmutableMap;
+import com.google.common.collect.ImmutableSet;
+
+import at.asitplus.eidas.specific.connector.MsConnectorEventCodes;
+import at.asitplus.eidas.specific.connector.MsEidasNodeConstants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.ErnbEidData;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.SzrCommunicationException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasAttributeException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.ICcSpecificEidProcessingService;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.szr.SzrClient;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.EidasResponseUtils;
+import at.gv.e_government.reference.namespace.persondata._20020228.AlternativeNameType;
+import at.gv.e_government.reference.namespace.persondata._20020228.PersonNameType;
+import at.gv.e_government.reference.namespace.persondata._20020228.PhysicalPersonType;
+import at.gv.egiz.eaaf.core.api.data.EaafConstants;
+import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions;
+import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
+import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
+import at.gv.egiz.eaaf.core.exceptions.EaafException;
+import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
+import at.gv.egiz.eaaf.core.impl.data.Pair;
+import at.gv.egiz.eaaf.core.impl.idp.auth.builder.BpkBuilder;
+import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper;
+import at.gv.egiz.eaaf.core.impl.idp.auth.data.SimpleIdentityLinkAssertionParser;
+import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
+import at.gv.egiz.eaaf.core.impl.utils.DomUtils;
+import at.gv.egiz.eaaf.core.impl.utils.XPathUtils;
+import eu.eidas.auth.commons.attribute.AttributeDefinition;
+import eu.eidas.auth.commons.attribute.AttributeValue;
+import eu.eidas.auth.commons.light.ILightResponse;
+import eu.eidas.auth.commons.protocol.eidas.impl.PostalAddress;
+import szrservices.IdentityLinkType;
+import szrservices.PersonInfoType;
+import szrservices.TravelDocumentType;
+
+/**
+ * Task that creates the IdentityLink for an eIDAS authenticated person.
+ *
+ * @author tlenz
+ *
+ */
+@Component("CreateIdentityLinkTask")
+public class CreateIdentityLinkTask extends AbstractAuthServletTask {
+ private static final Logger log = LoggerFactory.getLogger(CreateIdentityLinkTask.class);
+
+ @Autowired
+ private IConfiguration basicConfig;
+ @Autowired
+ private SzrClient szrClient;
+ @Autowired
+ private ICcSpecificEidProcessingService eidPostProcessor;
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see at.gv.egovernment.moa.id.process.springweb.MoaIdTask#execute(at.gv.
+ * egovernment.moa.id.process.api.ExecutionContext,
+ * javax.servlet.http.HttpServletRequest,
+ * javax.servlet.http.HttpServletResponse)
+ */
+ @Override
+ public void execute(ExecutionContext executionContext,
+ HttpServletRequest request, HttpServletResponse response)
+ throws TaskExecutionException {
+ try {
+ final AuthProcessDataWrapper authProcessData = pendingReq.getSessionData(AuthProcessDataWrapper.class);
+ final ILightResponse eidasResponse = authProcessData.getGenericDataFromSession(
+ Constants.DATA_FULL_EIDAS_RESPONSE, ILightResponse.class);
+
+ final Map<String, Object> simpleAttrMap = convertEidasAttrToSimpleMap(eidasResponse.getAttributes()
+ .getAttributeMap());
+
+ IIdentityLink identityLink = null;
+ String bpk = null;
+
+ // post-process eIDAS attributes
+ final ErnbEidData eidData = eidPostProcessor.postProcess(simpleAttrMap);
+
+ // write MDS into technical log and revision log
+ writeMdsLogInformation(eidData);
+
+ // connect SZR-Gateway
+ if (basicConfig.getBasicConfigurationBoolean(
+ Constants.CONIG_PROPS_EIDAS_SZRCLIENT_DEBUG_USEDUMMY, false)) {
+ log.warn("SZR-Dummy IS ACTIVE! IdentityLink is NOT VALID!!!!");
+ // create fake IdL
+ // - fetch IdL template from resources
+ final InputStream s = CreateIdentityLinkTask.class.getResourceAsStream(
+ "/resources/xmldata/fakeIdL_IdL_template.xml");
+ final Element idlTemplate = DomUtils.parseXmlValidating(s);
+
+ identityLink = new SimpleIdentityLinkAssertionParser(idlTemplate).parseIdentityLink();
+
+ // replace data
+ final Element idlassertion = identityLink.getSamlAssertion();
+
+ // - set fake baseID;
+ final Node prIdentification = XPathUtils.selectSingleNode(idlassertion,
+ SimpleIdentityLinkAssertionParser.PERSON_IDENT_VALUE_XPATH);
+ prIdentification.getFirstChild().setNodeValue(eidData.getPseudonym());
+
+ // - set last name
+ final Node prFamilyName = XPathUtils.selectSingleNode(idlassertion,
+ SimpleIdentityLinkAssertionParser.PERSON_FAMILY_NAME_XPATH);
+ prFamilyName.getFirstChild().setNodeValue(eidData.getFamilyName());
+
+ // - set first name
+ final Node prGivenName = XPathUtils.selectSingleNode(idlassertion,
+ SimpleIdentityLinkAssertionParser.PERSON_GIVEN_NAME_XPATH);
+ prGivenName.getFirstChild().setNodeValue(eidData.getGivenName());
+
+ // - set date of birth
+ final Node prDateOfBirth = XPathUtils.selectSingleNode(idlassertion,
+ SimpleIdentityLinkAssertionParser.PERSON_DATE_OF_BIRTH_XPATH);
+
+ prDateOfBirth.getFirstChild().setNodeValue(eidData.getFormatedDateOfBirth());
+
+ identityLink = new SimpleIdentityLinkAssertionParser(idlassertion).parseIdentityLink();
+
+ new BpkBuilder();
+ final Pair<String, String> bpkCalc = BpkBuilder.generateAreaSpecificPersonIdentifier(
+ identityLink.getIdentificationValue(),
+ identityLink.getIdentificationType(),
+ pendingReq.getServiceProviderConfiguration().getAreaSpecificTargetIdentifier());
+ bpk = bpkCalc.getFirst();
+
+ } else {
+ // contact SZR Gateway
+ log.debug("Starting connecting SZR Gateway");
+ final PersonInfoType personInfo = new PersonInfoType();
+ final PersonNameType personName = new PersonNameType();
+ final PhysicalPersonType naturalPerson = new PhysicalPersonType();
+ final TravelDocumentType eDocument = new TravelDocumentType();
+
+ naturalPerson.setName(personName);
+ personInfo.setPerson(naturalPerson);
+ personInfo.setTravelDocument(eDocument);
+
+ // person information
+ personName.setFamilyName(eidData.getFamilyName());
+ personName.setGivenName(eidData.getGivenName());
+ naturalPerson.setDateOfBirth(eidData.getFormatedDateOfBirth());
+ eDocument.setIssuingCountry(eidData.getCitizenCountryCode());
+ eDocument.setDocumentNumber(eidData.getPseudonym());
+
+ // eID document information
+ eDocument.setDocumentType(basicConfig.getBasicConfiguration(
+ Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_EDOCUMENTTYPE,
+ Constants.SZR_CONSTANTS_DEFAULT_DOCUMENT_TYPE));
+
+ // set PlaceOfBirth if available
+ if (eidData.getPlaceOfBirth() != null) {
+ log.trace("Find 'PlaceOfBirth' attribute: " + eidData.getPlaceOfBirth());
+ if (basicConfig.getBasicConfigurationBoolean(
+ Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_SETPLACEOFBIRTHIFAVAILABLE,
+ true)) {
+ naturalPerson.setPlaceOfBirth(eidData.getPlaceOfBirth());
+ log.trace("Adding 'PlaceOfBirth' to ERnB request ... ");
+
+ }
+ }
+
+ // set BirthName if available
+ if (eidData.getBirthName() != null) {
+ log.trace("Find 'BirthName' attribute: " + eidData.getBirthName());
+ if (basicConfig.getBasicConfigurationBoolean(
+ Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_SETBIRTHNAMEIFAVAILABLE,
+ true)) {
+ final AlternativeNameType alternativeName = new AlternativeNameType();
+ naturalPerson.setAlternativeName(alternativeName);
+ alternativeName.setFamilyName(eidData.getBirthName());
+ log.trace("Adding 'BirthName' to ERnB request ... ");
+
+ }
+ }
+
+ final IdentityLinkType result = szrClient.getIdentityLinkInRawMode(personInfo);
+
+ final Element idlFromSzr = (Element) result.getAssertion();
+ identityLink = new SimpleIdentityLinkAssertionParser(idlFromSzr).parseIdentityLink();
+
+ // write ERnB inputdata into revisionlog
+ if (basicConfig.getBasicConfigurationBoolean(
+ Constants.CONIG_PROPS_EIDAS_SZRCLIENT_WORKAROUND_REVISIONLOGDATASTORE_ACTIVE, false)) {
+ revisionsLogger.logEvent(pendingReq,
+ MsConnectorEventCodes.SZR_ERNB_EIDAS_RAW_ID,
+ (String) simpleAttrMap.get(Constants.eIDAS_ATTR_PERSONALIDENTIFIER));
+ revisionsLogger.logEvent(pendingReq,
+ MsConnectorEventCodes.SZR_ERNB_EIDAS_ERNB_ID, eidData.getPseudonym());
+
+ }
+
+ // get bPK from SZR
+ if (basicConfig.getBasicConfigurationBoolean(
+ Constants.CONIG_PROPS_EIDAS_SZRCLIENT_DEBUG_USESRZFORBPKGENERATION, true)) {
+ bpk = szrClient.getBpk(
+ personInfo,
+ pendingReq.getServiceProviderConfiguration().getAreaSpecificTargetIdentifier(),
+ basicConfig.getBasicConfiguration(
+ Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_VKZ,
+ "no VKZ defined"));
+
+ } else {
+ log.debug("Calculating bPK from baseId ... ");
+ new BpkBuilder();
+ final Pair<String, String> bpkCalc = BpkBuilder.generateAreaSpecificPersonIdentifier(
+ identityLink.getIdentificationValue(),
+ identityLink.getIdentificationType(),
+ pendingReq.getServiceProviderConfiguration().getAreaSpecificTargetIdentifier());
+ bpk = bpkCalc.getFirst();
+
+ }
+
+ }
+
+ if (identityLink == null) {
+ log.error("ERnB did not return an identity link.");
+ throw new SzrCommunicationException("ernb.00", null);
+
+ }
+ revisionsLogger.logEvent(pendingReq, MsConnectorEventCodes.SZR_IDL_RECEIVED,
+ identityLink.getSamlAssertion().getAttribute(SimpleIdentityLinkAssertionParser.ASSERTIONID));
+
+ if (bpk == null) {
+ log.error("ERnB did not return a bPK for target: " + pendingReq.getServiceProviderConfiguration()
+ .getAreaSpecificTargetIdentifier());
+ throw new SzrCommunicationException("ernb.01", null);
+
+ }
+ revisionsLogger.logEvent(pendingReq, MsConnectorEventCodes.SZR_BPK_RECEIVED);
+
+ log.debug("ERnB communication was successfull");
+
+ authProcessData.setForeigner(true);
+ authProcessData.setIdentityLink(identityLink);
+ authProcessData.setGenericDataToSession(
+ PvpAttributeDefinitions.EID_ISSUING_NATION_NAME,
+ EidasResponseUtils.parseEidasPersonalIdentifier((String) simpleAttrMap.get(
+ Constants.eIDAS_ATTR_PERSONALIDENTIFIER)).getFirst());
+
+ // set bPK and bPKType into auth session
+ authProcessData.setGenericDataToSession(
+ PvpAttributeDefinitions.BPK_NAME,
+ extendBpkByPrefix(
+ bpk,
+ pendingReq.getServiceProviderConfiguration().getAreaSpecificTargetIdentifier()));
+ authProcessData.setGenericDataToSession(
+ PvpAttributeDefinitions.EID_SECTOR_FOR_IDENTIFIER_NAME,
+ pendingReq.getServiceProviderConfiguration().getAreaSpecificTargetIdentifier());
+
+ // store pending-request
+ requestStoreage.storePendingRequest(pendingReq);
+
+ } catch (final EidasAttributeException e) {
+ throw new TaskExecutionException(pendingReq, "Minimum required eIDAS attributeset not found.", e);
+
+ } catch (final EaafException e) {
+ throw new TaskExecutionException(pendingReq, "IdentityLink generation for foreign person FAILED.", e);
+
+ } catch (final Exception e) {
+ log.error("IdentityLink generation for foreign person FAILED.", e);
+ throw new TaskExecutionException(pendingReq, "IdentityLink generation for foreign person FAILED.", e);
+
+ }
+ }
+
+ private String extendBpkByPrefix(String bpk, String type) {
+ String bpkType = null;
+
+ if (type.startsWith(EaafConstants.URN_PREFIX_WBPK)) {
+ bpkType = type.substring(EaafConstants.URN_PREFIX_WBPK.length());
+ } else if (type.startsWith(EaafConstants.URN_PREFIX_CDID)) {
+ bpkType = type.substring(EaafConstants.URN_PREFIX_CDID.length());
+ } else if (type.startsWith(EaafConstants.URN_PREFIX_EIDAS)) {
+ bpkType = type.substring(EaafConstants.URN_PREFIX_EIDAS.length());
+ }
+
+ if (bpkType != null) {
+ log.trace("Authenticate user with bPK/wbPK " + bpk + " and Type=" + bpkType);
+ return bpkType + ":" + bpk;
+
+ } else {
+ log.warn("Service Provider Target with: " + type + " is NOT supported. Set bPK as it is ...");
+ return bpk;
+
+ }
+
+ }
+
+ private Map<String, Object> convertEidasAttrToSimpleMap(
+ ImmutableMap<AttributeDefinition<?>, ImmutableSet<? extends AttributeValue<?>>> attributeMap) {
+ final Map<String, Object> result = new HashMap<>();
+
+ for (final AttributeDefinition<?> el : attributeMap.keySet()) {
+
+ final Class parameterizedType = el.getParameterizedType();
+ if (DateTime.class.equals(parameterizedType)) {
+ final DateTime attribute = EidasResponseUtils.translateDateAttribute(el, attributeMap.get(el)
+ .asList());
+ if (attribute != null) {
+ result.put(el.getFriendlyName(), attribute);
+ log.trace("Find attr '" + el.getFriendlyName() + "' with value: " + attribute.toString());
+
+ } else {
+ log.info("Ignore empty 'DateTime' attribute");
+ }
+
+ } else if (PostalAddress.class.equals(parameterizedType)) {
+ final PostalAddress addressAttribute = EidasResponseUtils.translateAddressAttribute(el, attributeMap
+ .get(el).asList());
+ if (addressAttribute != null) {
+ result.put(el.getFriendlyName(), addressAttribute);
+ log.trace("Find attr '" + el.getFriendlyName() + "' with value: " + addressAttribute.toString());
+
+ } else {
+ log.info("Ignore empty 'PostalAddress' attribute");
+ }
+
+ } else {
+ final List<String> natPersonIdObj = EidasResponseUtils.translateStringListAttribute(el, attributeMap
+ .get(el).asList());
+ final String stringAttr = natPersonIdObj.get(0);
+ if (StringUtils.isNotEmpty(stringAttr)) {
+ result.put(el.getFriendlyName(), stringAttr);
+ log.trace("Find attr '" + el.getFriendlyName() + "' with value: " + stringAttr);
+
+ } else {
+ log.info("Ignore empty 'String' attribute");
+ }
+
+ }
+ }
+
+ log.debug("Receive #" + result.size() + " attributes with names: " + result.keySet().toString());
+
+ return result;
+ }
+
+ private void writeMdsLogInformation(ErnbEidData eidData) {
+ // log MDS and country code into technical log
+ if (basicConfig.getBasicConfigurationBoolean(
+ MsEidasNodeConstants.PROP_CONFIG_TECHNICALLOG_WRITE_MDS_INTO_TECH_LOG, false)) {
+ log.info("eIDAS Auth. for user: "
+ + eidData.getGivenName() + " "
+ + eidData.getFamilyName() + " "
+ + eidData.getFormatedDateOfBirth() + " "
+ + "from " + eidData.getCitizenCountryCode());
+ }
+
+ // log MDS and country code into revision log
+ if (basicConfig.getBasicConfigurationBoolean(
+ MsEidasNodeConstants.PROP_CONFIG_REVISIONLOG_WRITE_MDS_INTO_REVISION_LOG, false)) {
+ revisionsLogger.logEvent(pendingReq, MsConnectorEventCodes.RESPONSE_FROM_EIDAS_MDSDATA,
+ "{" + eidData.getGivenName() + ","
+ + eidData.getFamilyName() + ","
+ + eidData.getFormatedDateOfBirth() + ","
+ + eidData.getCitizenCountryCode() + "}");
+ }
+
+ }
+
+}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/GenerateAuthnRequestTask.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/GenerateAuthnRequestTask.java
new file mode 100644
index 00000000..da849c8f
--- /dev/null
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/GenerateAuthnRequestTask.java
@@ -0,0 +1,288 @@
+/*
+ * Copyright 2018 A-SIT Plus GmbH
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "License");
+ * You may not use this work except in compliance with the License.
+ * You may obtain a copy of the License at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks;
+
+import java.util.UUID;
+
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.apache.commons.lang3.StringUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.ApplicationContext;
+import org.springframework.stereotype.Component;
+import org.springframework.web.util.UriComponentsBuilder;
+
+import at.asitplus.eidas.specific.connector.MsConnectorEventCodes;
+import at.asitplus.eidas.specific.connector.MsEidasNodeConstants;
+import at.asitplus.eidas.specific.connector.gui.StaticGuiBuilderConfiguration;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasSAuthenticationException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.ICcSpecificEidProcessingService;
+import at.gv.egiz.eaaf.core.api.data.EaafConstants;
+import at.gv.egiz.eaaf.core.api.gui.ISpringMvcGuiFormBuilder;
+import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
+import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
+import at.gv.egiz.eaaf.core.api.storage.ITransactionStorage;
+import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException;
+import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
+import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
+import eu.eidas.auth.commons.EidasParameterKeys;
+import eu.eidas.auth.commons.light.ILightRequest;
+import eu.eidas.auth.commons.light.impl.LightRequest;
+import eu.eidas.auth.commons.tx.BinaryLightToken;
+import eu.eidas.specificcommunication.BinaryLightTokenHelper;
+import eu.eidas.specificcommunication.SpecificCommunicationDefinitionBeanNames;
+import eu.eidas.specificcommunication.exception.SpecificCommunicationException;
+import eu.eidas.specificcommunication.protocol.SpecificCommunicationService;
+
+/**
+ * Authentication-process task that generates the Authn. Request to eIDAS Node.
+ *
+ * @author tlenz
+ *
+ */
+@Component("ConnecteIDASNodeTask")
+public class GenerateAuthnRequestTask extends AbstractAuthServletTask {
+ private static final Logger log = LoggerFactory.getLogger(GenerateAuthnRequestTask.class);
+
+ @Autowired
+ IConfiguration basicConfig;
+ @Autowired
+ ApplicationContext context;
+ @Autowired
+ ITransactionStorage transactionStore;
+ @Autowired
+ ISpringMvcGuiFormBuilder guiBuilder;
+ @Autowired
+ ICcSpecificEidProcessingService ccSpecificProcessing;
+
+ @Override
+ public void execute(ExecutionContext executionContext,
+ HttpServletRequest request, HttpServletResponse response)
+ throws TaskExecutionException {
+
+ try {
+ // get service-provider configuration
+ final ISpConfiguration spConfig = pendingReq.getServiceProviderConfiguration();
+
+ // get target, environment and validate citizen countryCode
+ final String citizenCountryCode = (String) executionContext.get(
+ MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY);
+ final String environment = (String) executionContext.get(
+ MsEidasNodeConstants.REQ_PARAM_SELECTED_ENVIRONMENT);
+
+ if (StringUtils.isEmpty(citizenCountryCode)) {
+ // illegal state; task should not have been executed without a selected country
+ throw new EidasSAuthenticationException("eidas.03", new Object[] { "" });
+
+ }
+
+ // TODO: maybe add countryCode validation before request ref. impl. eIDAS node
+ log.info("Request eIDAS auth. for citizen of country: " + citizenCountryCode);
+ revisionsLogger.logEvent(pendingReq, MsConnectorEventCodes.COUNTRY_SELECTED, citizenCountryCode);
+
+ // build eIDAS AuthnRequest
+ final LightRequest.Builder authnRequestBuilder = LightRequest.builder();
+ authnRequestBuilder.id(UUID.randomUUID().toString());
+
+ final String issur = basicConfig.getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_NODE_ENTITYID);
+ if (StringUtils.isEmpty(issur)) {
+ log.error("Found NO 'eIDAS node issuer' in configuration. Authentication NOT possible!");
+ throw new EaafConfigurationException("config.27",
+ new Object[] { "Application config containts NO " + Constants.CONIG_PROPS_EIDAS_NODE_ENTITYID });
+
+ }
+ authnRequestBuilder.issuer(issur);
+
+ // TODO: set matching mode if eIDAS ref. impl. support this method
+
+ // TODO: update if eIDAS ref. impl. supports exact matching for non-notified LoA
+ // schemes
+ String loa = EaafConstants.EIDAS_LOA_HIGH;
+ if (spConfig.getRequiredLoA() != null) {
+ if (spConfig.getRequiredLoA().isEmpty()) {
+ log.info("No eIDAS LoA requested. Use LoA HIGH as default");
+ } else {
+ if (spConfig.getRequiredLoA().size() > 1) {
+ log.info(
+ "Currently only ONE requested LoA is supported for service provider. Use first one ... ");
+ }
+
+ loa = spConfig.getRequiredLoA().get(0);
+
+ }
+ }
+
+ log.debug("Request eIdAS node with LoA: " + loa);
+ authnRequestBuilder.levelOfAssurance(loa);
+
+ // set nameIDFormat
+ authnRequestBuilder.nameIdFormat(Constants.eIDAS_REQ_NAMEID_FORMAT);
+
+ // set citizen country code for foreign uses
+ authnRequestBuilder.citizenCountryCode(citizenCountryCode);
+
+ // set relay state
+ /*
+ * TODO: SecureToken PendingRequestId generates a validation exception in
+ * eIDASNode because eIDASNode implements limit on size for RelayState
+ * (80characaters)
+ */
+ // authnRequestBuilder.relayState(pendingReq.getPendingRequestId());
+
+ // Add country-specific informations into eIDAS request
+ ccSpecificProcessing.preProcess(citizenCountryCode, pendingReq, authnRequestBuilder);
+
+ // build request
+ final LightRequest lightAuthnReq = authnRequestBuilder.build();
+
+ // put request into Hazelcast cache
+ final BinaryLightToken token = putRequestInCommunicationCache(lightAuthnReq);
+ final String tokenBase64 = BinaryLightTokenHelper.encodeBinaryLightTokenBase64(token);
+
+ // Workaround, because eIDAS node ref. impl. does not return relayState
+ if (basicConfig.getBasicConfigurationBoolean(
+ Constants.CONIG_PROPS_EIDAS_NODE_WORKAROUND_USEREQUESTIDASTRANSACTIONIDENTIFIER,
+ false)) {
+ log.trace("Put lightRequestId into transactionstore as session-handling backup");
+ transactionStore.put(lightAuthnReq.getId(), pendingReq.getPendingRequestId(), -1);
+
+ }
+
+ // select forward URL regarding the selected environment
+ String forwardUrl = basicConfig.getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_NODE_FORWARD_URL);
+ if (StringUtils.isNotEmpty(environment)) {
+ forwardUrl = selectedForwardUrlForEnvironment(environment);
+ }
+
+ if (StringUtils.isEmpty(forwardUrl)) {
+ log.warn("NO ForwardURL defined in configuration. Can NOT forward to eIDAS node! Process stops");
+ throw new EaafConfigurationException("config.08", new Object[] {
+ environment == null ? Constants.CONIG_PROPS_EIDAS_NODE_FORWARD_URL
+ : Constants.CONIG_PROPS_EIDAS_NODE_FORWARD_URL + "." + environment
+ });
+
+ }
+ log.debug("ForwardURL: " + forwardUrl + " selected to forward eIDAS request");
+
+ if (basicConfig.getBasicConfiguration(
+ Constants.CONIG_PROPS_EIDAS_NODE_FORWARD_METHOD,
+ Constants.FORWARD_METHOD_GET).equals(Constants.FORWARD_METHOD_GET)) {
+
+ log.debug("Use http-redirect for eIDAS node forwarding ... ");
+ // send redirect
+ final UriComponentsBuilder redirectUrl = UriComponentsBuilder.fromHttpUrl(forwardUrl);
+ redirectUrl.queryParam(EidasParameterKeys.TOKEN.toString(), tokenBase64);
+ response.sendRedirect(redirectUrl.build().encode().toString());
+
+ } else {
+ log.debug("Use http-post for eIDAS node forwarding ... ");
+ final StaticGuiBuilderConfiguration config = new StaticGuiBuilderConfiguration(
+ basicConfig,
+ pendingReq,
+ Constants.TEMPLATE_POST_FORWARD_NAME,
+ null,
+ resourceLoader);
+
+ config.putCustomParameter(null, Constants.TEMPLATE_POST_FORWARD_ENDPOINT, forwardUrl);
+ config.putCustomParameter(null, Constants.TEMPLATE_POST_FORWARD_TOKEN_NAME,
+ EidasParameterKeys.TOKEN.toString());
+ config.putCustomParameter(null, Constants.TEMPLATE_POST_FORWARD_TOKEN_VALUE,
+ tokenBase64);
+
+ guiBuilder.build(request, response, config, "Forward to eIDASNode form");
+
+ }
+
+ revisionsLogger.logEvent(pendingReq, MsConnectorEventCodes.EIDAS_NODE_CONNECTED, lightAuthnReq.getId());
+
+ } catch (final EidasSAuthenticationException e) {
+ throw new TaskExecutionException(pendingReq, "eIDAS AuthnRequest generation FAILED.", e);
+
+ } catch (final Exception e) {
+ log.warn("eIDAS AuthnRequest generation FAILED.", e);
+ throw new TaskExecutionException(pendingReq, e.getMessage(), e);
+
+ }
+
+ }
+
+ /**
+ * Select a forward URL from configuration for a specific environment <br>
+ * <br>
+ * <b>Info: </b> This method is needed, because eIDAS Ref. Impl only supports
+ * one countrycode on each instance. In consequence, more than one eIDAS Ref.
+ * Impl nodes are required to support producation, testing, or QS stages for one
+ * country by using one ms-specific eIDAS connector
+ *
+ * @param environment Environment selector from CountrySlection page
+ * @return
+ */
+ private String selectedForwardUrlForEnvironment(String environment) {
+ log.trace("Starting endpoint selection process for environment: " + environment + " ... ");
+ if (environment.equalsIgnoreCase(MsEidasNodeConstants.REQ_PARAM_SELECTED_ENVIRONMENT_VALUE_PRODUCTION)) {
+ return basicConfig.getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_NODE_FORWARD_URL);
+ } else if (environment.equalsIgnoreCase(MsEidasNodeConstants.REQ_PARAM_SELECTED_ENVIRONMENT_VALUE_QS)) {
+ return basicConfig.getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_NODE_FORWARD_URL
+ + "." + MsEidasNodeConstants.REQ_PARAM_SELECTED_ENVIRONMENT_VALUE_QS);
+ } else if (environment.equalsIgnoreCase(
+ MsEidasNodeConstants.REQ_PARAM_SELECTED_ENVIRONMENT_VALUE_TESTING)) {
+ return basicConfig.getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_NODE_FORWARD_URL
+ + "." + MsEidasNodeConstants.REQ_PARAM_SELECTED_ENVIRONMENT_VALUE_TESTING);
+ } else if (environment.equalsIgnoreCase(
+ MsEidasNodeConstants.REQ_PARAM_SELECTED_ENVIRONMENT_VALUE_DEVELOPMENT)) {
+ return basicConfig.getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_NODE_FORWARD_URL
+ + "." + MsEidasNodeConstants.REQ_PARAM_SELECTED_ENVIRONMENT_VALUE_DEVELOPMENT);
+ }
+
+ log.info("Environment selector: " + environment + " is not supported");
+ return null;
+
+ }
+
+ private BinaryLightToken putRequestInCommunicationCache(ILightRequest lightRequest)
+ throws ServletException {
+ final BinaryLightToken binaryLightToken;
+ try {
+ final SpecificCommunicationService springManagedSpecificConnectorCommunicationService =
+ (SpecificCommunicationService) context.getBean(
+ SpecificCommunicationDefinitionBeanNames.SPECIFIC_CONNECTOR_COMMUNICATION_SERVICE.toString());
+
+ binaryLightToken = springManagedSpecificConnectorCommunicationService.putRequest(lightRequest);
+
+ } catch (final SpecificCommunicationException e) {
+ log.error("Unable to process specific request");
+ throw new ServletException(e);
+
+ }
+
+ return binaryLightToken;
+ }
+
+}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAuthnResponseTask.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAuthnResponseTask.java
new file mode 100644
index 00000000..60049323
--- /dev/null
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAuthnResponseTask.java
@@ -0,0 +1,126 @@
+/*
+ * Copyright 2018 A-SIT Plus GmbH
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "License");
+ * You may not use this work except in compliance with the License.
+ * You may obtain a copy of the License at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Component;
+
+import at.asitplus.eidas.specific.connector.MsConnectorEventCodes;
+import at.asitplus.eidas.specific.connector.MsEidasNodeConstants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasSAuthenticationException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.validator.EidasResponseValidator;
+import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
+import at.gv.egiz.eaaf.core.exceptions.EaafException;
+import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
+import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper;
+import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
+import eu.eidas.auth.commons.light.ILightResponse;
+
+@Component("ReceiveResponseFromeIDASNodeTask")
+public class ReceiveAuthnResponseTask extends AbstractAuthServletTask {
+ private static final Logger log = LoggerFactory.getLogger(ReceiveAuthnResponseTask.class);
+
+ @Autowired
+ private IConfiguration basicConfig;
+ @Autowired
+ private EidasAttributeRegistry attrRegistry;
+
+ @Override
+ public void execute(ExecutionContext executionContext, HttpServletRequest request,
+ HttpServletResponse response) throws TaskExecutionException {
+ try {
+ final ILightResponse eidasResponse = (ILightResponse) request.getAttribute(
+ Constants.DATA_FULL_EIDAS_RESPONSE);
+ if (eidasResponse == null) {
+ log.warn("NO eIDAS response-message found.");
+ throw new EidasSAuthenticationException("eidas.01", null);
+
+ }
+
+ log.debug("Receive eIDAS response with RespId:" + eidasResponse.getId() + " for ReqId:" + eidasResponse
+ .getInResponseToId());
+ log.trace("Full eIDAS-Resp: " + eidasResponse.toString());
+ revisionsLogger.logEvent(pendingReq, MsConnectorEventCodes.RESPONSE_FROM_EIDAS_NODE, eidasResponse
+ .getId());
+
+ // check response StatusCode
+ if (!eidasResponse.getStatus().getStatusCode().equals(Constants.SUCCESS_URI)) {
+ log.info("Receice eIDAS Response with StatusCode:" + eidasResponse.getStatus().getStatusCode()
+ + " Subcode:" + eidasResponse.getStatus().getSubStatusCode() + " Msg:" + eidasResponse.getStatus()
+ .getStatusMessage());
+ throw new EidasSAuthenticationException("eidas.02", new Object[] { eidasResponse.getStatus()
+ .getStatusCode(), eidasResponse.getStatus().getStatusMessage() });
+
+ }
+
+ // extract all Attributes from response
+
+ // **********************************************************
+ // ******* MS-specificresponse validation **********
+ // **********************************************************
+ final String spCountry = basicConfig.getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_NODE_COUNTRYCODE,
+ "AT");
+ final String citizenCountryCode = (String) executionContext.get(
+ MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY);
+ EidasResponseValidator.validateResponse(pendingReq, eidasResponse, spCountry, citizenCountryCode,
+ attrRegistry);
+
+ // **********************************************************
+ // ******* Store resonse infos into session object **********
+ // **********************************************************
+
+ // update MOA-Session data with received information
+ log.debug("Store eIDAS response information into pending-request.");
+ final AuthProcessDataWrapper authProcessData = pendingReq.getSessionData(AuthProcessDataWrapper.class);
+ authProcessData.setQaaLevel(eidasResponse.getLevelOfAssurance());
+ authProcessData.setGenericDataToSession(Constants.DATA_FULL_EIDAS_RESPONSE, eidasResponse);
+
+ // store MOA-session to database
+ requestStoreage.storePendingRequest(pendingReq);
+
+ revisionsLogger.logEvent(pendingReq, MsConnectorEventCodes.RESPONSE_FROM_EIDAS_NODE_VALID);
+
+ } catch (final EaafException e) {
+ revisionsLogger.logEvent(pendingReq, MsConnectorEventCodes.RESPONSE_FROM_EIDAS_NODE_NOT_VALID);
+ throw new TaskExecutionException(pendingReq, "eIDAS Response processing FAILED.", e);
+
+ } catch (final Exception e) {
+ log.warn("eIDAS Response processing FAILED.", e);
+ revisionsLogger.logEvent(pendingReq, MsConnectorEventCodes.RESPONSE_FROM_EIDAS_NODE_NOT_VALID);
+ throw new TaskExecutionException(pendingReq, e.getMessage(),
+ new EidasSAuthenticationException("eidas.05", new Object[] { e.getMessage() }, e));
+
+ }
+
+ }
+
+}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/EidasResponseUtils.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/EidasResponseUtils.java
new file mode 100644
index 00000000..17efc2ff
--- /dev/null
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/EidasResponseUtils.java
@@ -0,0 +1,172 @@
+/*
+ * Copyright 2018 A-SIT Plus GmbH
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "License");
+ * You may not use this work except in compliance with the License.
+ * You may obtain a copy of the License at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.utils;
+
+import java.util.ArrayList;
+import java.util.List;
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
+
+import javax.annotation.Nullable;
+
+import org.apache.commons.lang3.StringUtils;
+import org.joda.time.DateTime;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import com.google.common.collect.ImmutableList;
+
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.gv.egiz.eaaf.core.impl.data.Trible;
+import eu.eidas.auth.commons.attribute.AttributeDefinition;
+import eu.eidas.auth.commons.attribute.AttributeValue;
+import eu.eidas.auth.commons.attribute.AttributeValueMarshaller;
+import eu.eidas.auth.commons.attribute.AttributeValueMarshallingException;
+import eu.eidas.auth.commons.attribute.AttributeValueTransliterator;
+import eu.eidas.auth.commons.protocol.eidas.impl.PostalAddress;
+
+public class EidasResponseUtils {
+ private static final Logger log = LoggerFactory.getLogger(EidasResponseUtils.class);
+
+ public static final String PERSONALIDENIFIER_VALIDATION_PATTERN = "^[A-Z,a-z]{2}/[A-Z,a-z]{2}/.*";
+
+ /**
+ * Validate a eIDAS PersonalIdentifier attribute value This validation is done
+ * according to eIDAS SAML Attribute Profile - Section 2.2.3 Unique Identifier
+ *
+ * @param uniqueID eIDAS attribute value of a unique identifier
+ * @return true if the uniqueID matches to eIDAS to Unique Identifier
+ * specification, otherwise false
+ */
+ public static boolean validateEidasPersonalIdentifier(String uniqueID) {
+ final Pattern pattern = Pattern.compile(PERSONALIDENIFIER_VALIDATION_PATTERN);
+ final Matcher matcher = pattern.matcher(uniqueID);
+ return matcher.matches();
+
+ }
+
+ /**
+ * Parse an eIDAS PersonalIdentifier attribute value into it components. This
+ * processing is done according to eIDAS SAML Attribute Profile - Section 2.2.3
+ * Unique Identifier
+ *
+ * @param uniqueID eIDAS attribute value of a unique identifier
+ * @return {@link Trible} that contains: <br>
+ * First : citizen country <br>
+ * Second: destination country <br>
+ * Third : unique identifier <br>
+ * or null if the attribute value has a wrong format
+ */
+ public static Trible<String, String, String> parseEidasPersonalIdentifier(String uniqueID) {
+ if (!validateEidasPersonalIdentifier(uniqueID)) {
+ log.error("eIDAS attribute value for {} looks wrong formated. Value: {}",
+ Constants.eIDAS_ATTR_PERSONALIDENTIFIER, uniqueID);
+ return null;
+
+ }
+ return Trible.newInstance(uniqueID.substring(0, 2), uniqueID.substring(3, 5), uniqueID.substring(6));
+
+ }
+
+ /**
+ * Get eIDAS attribute-values from eIDAS Node attributes.
+ *
+ * @param attributeDefinition eIDAS attribute definition
+ * @param attributeValues Attributes from eIDAS response
+ * @return Set of attribute values. If more then one value than the first value contains the 'Latin' value.
+ */
+ // TODO: check possible problem with nonLatinCharacters
+ public static List<String> translateStringListAttribute(AttributeDefinition<?> attributeDefinition,
+ ImmutableList<? extends AttributeValue<?>> attributeValues) {
+ final List<String> stringListAttribute = new ArrayList<>();
+ final AttributeValueMarshaller<?> attributeValueMarshaller = attributeDefinition
+ .getAttributeValueMarshaller();
+ for (final AttributeValue<?> attributeValue : attributeValues) {
+ String valueString = null;
+ try {
+ valueString = attributeValueMarshaller.marshal((AttributeValue) attributeValue);
+
+ log.trace("Find attr: {} with value: {} nonLatinFlag: {} needTransliteration: {}",
+ attributeDefinition.getFriendlyName(), attributeValue.toString(),
+ attributeValue.isNonLatinScriptAlternateVersion(),
+ AttributeValueTransliterator.needsTransliteration(valueString));
+
+ // if (attributeValue.isNonLatinScriptAlternateVersion()) {
+ if (!AttributeValueTransliterator.needsTransliteration(valueString)) {
+ stringListAttribute.add(0, valueString);
+
+ } else {
+ log.trace("Find 'needsTransliteration' flag. Setting this value at last list element ... ");
+ stringListAttribute.add(valueString);
+
+ }
+
+ } catch (final AttributeValueMarshallingException e) {
+ throw new IllegalStateException(e);
+
+ }
+ }
+
+ log.trace("Extract values: {} for attr: {}",
+ StringUtils.join(stringListAttribute, ","), attributeDefinition.getFriendlyName());
+
+ return stringListAttribute;
+
+ }
+
+ /**
+ * Convert eIDAS DateTime attribute to Java Object.
+ *
+ * @param attributeDefinition eIDAS attribute definition.
+ * @param attributeValues eIDAS attribute value
+ * @return
+ */
+ @Nullable
+ public static DateTime translateDateAttribute(AttributeDefinition<?> attributeDefinition,
+ ImmutableList<? extends AttributeValue<?>> attributeValues) {
+ if (attributeValues.size() != 0) {
+ final AttributeValue<?> firstAttributeValue = attributeValues.get(0);
+ return (DateTime) firstAttributeValue.getValue();
+
+ }
+
+ return null;
+ }
+
+ /**
+ * Concert eIDAS Address attribute to Java object.
+ *
+ * @param attributeDefinition eIDAS attribute definition
+ * @param attributeValues eIDAS attribute value
+ * @return
+ */
+ @Nullable
+ public static PostalAddress translateAddressAttribute(AttributeDefinition<?> attributeDefinition,
+ ImmutableList<? extends AttributeValue<?>> attributeValues) {
+ final AttributeValue<?> firstAttributeValue = attributeValues.get(0);
+ return (PostalAddress) firstAttributeValue.getValue();
+
+ }
+
+}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/utils/LoggingHandler.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/LoggingHandler.java
index 5ca3a25a..70290cd3 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/utils/LoggingHandler.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/LoggingHandler.java
@@ -1,6 +1,6 @@
-/*******************************************************************************
+/*
* Copyright 2018 A-SIT Plus GmbH
- * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
* A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
*
* Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
@@ -19,8 +19,9 @@
* file for details on the various modules and licenses.
* The "NOTICE" text file is part of the distribution. Any derivative works
* that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-package at.asitplus.eidas.specific.modules.authmodule_eIDASv2.utils;
+*/
+
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.utils;
import java.io.ByteArrayOutputStream;
import java.util.Set;
@@ -36,39 +37,36 @@ import org.slf4j.LoggerFactory;
public class LoggingHandler implements SOAPHandler<SOAPMessageContext> {
- Logger log = LoggerFactory.getLogger(LoggingHandler.class);
+ Logger log = LoggerFactory.getLogger(LoggingHandler.class);
+
+ @Override
+ public boolean handleMessage(SOAPMessageContext context) {
+ final SOAPMessage msg = context.getMessage();
+ final ByteArrayOutputStream bos = new ByteArrayOutputStream();
- public boolean handleMessage(SOAPMessageContext context) {
- SOAPMessage msg = context.getMessage();
- boolean request = ((Boolean) context
- .get(SOAPMessageContext.MESSAGE_OUTBOUND_PROPERTY)).booleanValue();
- ByteArrayOutputStream bos = new ByteArrayOutputStream();
+ try {
+ msg.writeTo(bos);
+ log.trace(bos.toString("UTF-8"));
+ log.trace(new String(bos.toByteArray(), "UTF-8"));
- try {
- if (request) {
- msg.writeTo(bos);
- } else { // This is the response message
- msg.writeTo(bos);
- }
-
- log.trace(bos.toString());
- log.trace(new String(bos.toByteArray()));
-
- } catch (Exception e) {
- log.trace(e.getMessage(), e);
- }
- return true;
- }
+ } catch (final Exception e) {
+ log.trace(e.getMessage(), e);
+ }
+ return true;
+ }
- public boolean handleFault(SOAPMessageContext context) {
- return handleMessage(context);
- }
+ @Override
+ public boolean handleFault(SOAPMessageContext context) {
+ return handleMessage(context);
+ }
- public void close(MessageContext context) {
- }
+ @Override
+ public void close(MessageContext context) {
+ }
- public Set<QName> getHeaders() {
- return null;
- }
+ @Override
+ public Set<QName> getHeaders() {
+ return null;
+ }
}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/validator/EidasResponseValidator.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/validator/EidasResponseValidator.java
new file mode 100644
index 00000000..053694cf
--- /dev/null
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/validator/EidasResponseValidator.java
@@ -0,0 +1,175 @@
+/*
+ * Copyright 2018 A-SIT Plus GmbH
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "License");
+ * You may not use this work except in compliance with the License.
+ * You may obtain a copy of the License at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.validator;
+
+import java.util.List;
+
+import org.apache.commons.lang3.StringUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import com.google.common.collect.ImmutableList;
+
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasValidationException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.EidasResponseUtils;
+import at.gv.egiz.eaaf.core.api.IRequest;
+import at.gv.egiz.eaaf.core.impl.data.Trible;
+import eu.eidas.auth.commons.attribute.AttributeDefinition;
+import eu.eidas.auth.commons.attribute.AttributeValue;
+import eu.eidas.auth.commons.light.ILightResponse;
+import eu.eidas.auth.commons.protocol.eidas.LevelOfAssurance;
+
+/**
+ * eIDAS Response validator implementation.
+ *
+ * @author tlenz
+ *
+ */
+public class EidasResponseValidator {
+ private static final Logger log = LoggerFactory.getLogger(EidasResponseValidator.class);
+
+ /**
+ * Validate an eIDAS Response according to internal state.
+ *
+ * @param pendingReq Current pending request
+ * @param eidasResponse eIDAS response object
+ * @param spCountry Country-Code of the Service Provider
+ * @param citizenCountryCode Country-Code of the Citizen
+ * @param attrRegistry eIDAS Attribute registry implementation
+ * @throws EidasValidationException In case of an validation error
+ */
+ public static void validateResponse(IRequest pendingReq, ILightResponse eidasResponse, String spCountry,
+ String citizenCountryCode, EidasAttributeRegistry attrRegistry) throws EidasValidationException {
+
+ /*-----------------------------------------------------|
+ * validate received LoA against minimum required LoA |
+ *_____________________________________________________|
+ */
+ final LevelOfAssurance respLoA = LevelOfAssurance.fromString(eidasResponse.getLevelOfAssurance());
+ final List<String> allowedLoAs = pendingReq.getServiceProviderConfiguration().getRequiredLoA();
+ boolean loaValid = false;
+ for (final String allowedLoaString : allowedLoAs) {
+ final LevelOfAssurance allowedLoa = LevelOfAssurance.fromString(allowedLoaString);
+ if (respLoA.numericValue() >= allowedLoa.numericValue()) {
+ log.debug("Response contains valid LoA. Resume process ... ");
+ loaValid = true;
+ break;
+
+ } else {
+ log.trace("Allowed LoA: " + allowedLoaString + " DOES NOT match response LoA: " + eidasResponse
+ .getLevelOfAssurance());
+ }
+
+ }
+
+ if (!loaValid) {
+ log.error("eIDAS Response LevelOfAssurance is lower than the required! "
+ + "(Resp-LoA:{} Req-LoA:{} )", respLoA.getValue(), allowedLoAs.toArray());
+ throw new EidasValidationException("eidas.06", new Object[] { respLoA.getValue() });
+
+ }
+
+ /*-----------------------------------------------------|
+ * validate 'PersonalIdentifier' attribute |
+ *_____________________________________________________|
+ */
+ final AttributeDefinition<?> attrDefinition = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+ Constants.eIDAS_ATTR_PERSONALIDENTIFIER).first();
+ final ImmutableList<? extends AttributeValue<?>> attributeValues = eidasResponse.getAttributes()
+ .getAttributeMap().get(attrDefinition).asList();
+ final List<String> personalIdObj = EidasResponseUtils.translateStringListAttribute(attrDefinition,
+ attributeValues);
+
+ // check if attribute exists
+ if (personalIdObj == null || personalIdObj.isEmpty()) {
+ log.warn("eIDAS Response include NO 'PersonalIdentifier' attriubte "
+ + ".... That can be a BIG problem in further processing steps");
+ throw new EidasValidationException("eidas.05", new Object[] { "NO 'PersonalIdentifier' attriubte" });
+
+ } else if (personalIdObj.size() > 1) {
+ log.warn("eIDAS Response include MORE THAN ONE 'PersonalIdentifier' attriubtes "
+ + ".... That can be a BIG problem in further processing steps");
+ throw new EidasValidationException("eidas.05", new Object[] {
+ "MORE THAN ONE 'PersonalIdentifier' attriubtes" });
+
+ } else {
+ final String natPersId = personalIdObj.get(0);
+ // validate attribute value format
+ final Trible<String, String, String> split =
+ EidasResponseUtils.parseEidasPersonalIdentifier(natPersId);
+ if (split == null) {
+ throw new EidasValidationException("eidas.07",
+ new Object[] {
+ Constants.eIDAS_ATTR_PERSONALIDENTIFIER,
+ "Wrong identifier format" });
+
+ } else {
+ // validation according to eIDAS SAML Attribute Profile, Section 2.2.3
+ if (StringUtils.isEmpty(split.getSecond())) {
+ log.warn("eIDAS attribute value for " + Constants.eIDAS_ATTR_PERSONALIDENTIFIER
+ + " includes NO destination country. Value:" + natPersId);
+ throw new EidasValidationException("eidas.07",
+ new Object[] {
+ Constants.eIDAS_ATTR_PERSONALIDENTIFIER,
+ "No or empty destination country" });
+
+ }
+ if (!split.getSecond().equalsIgnoreCase(spCountry)) {
+ log.warn("eIDAS attribute value for " + Constants.eIDAS_ATTR_PERSONALIDENTIFIER
+ + " includes wrong destination country. Value:" + natPersId
+ + " SP-Country:" + spCountry);
+ throw new EidasValidationException("eidas.07",
+ new Object[] {
+ Constants.eIDAS_ATTR_PERSONALIDENTIFIER,
+ "Destination country does not match to SP country" });
+
+ }
+
+ if (StringUtils.isEmpty(split.getFirst())) {
+ log.warn("eIDAS attribute value for " + Constants.eIDAS_ATTR_PERSONALIDENTIFIER
+ + " includes NO citizen country. Value:" + natPersId);
+ throw new EidasValidationException("eidas.07",
+ new Object[] {
+ Constants.eIDAS_ATTR_PERSONALIDENTIFIER,
+ "No or empty citizen country" });
+
+ }
+ if (!split.getFirst().equalsIgnoreCase(citizenCountryCode)) {
+ log.warn("eIDAS attribute value for " + Constants.eIDAS_ATTR_PERSONALIDENTIFIER
+ + " includes a citizen country that does not match to service-provider country. "
+ + " Value:" + natPersId
+ + " citiczen Country:" + spCountry);
+ throw new EidasValidationException("eidas.07",
+ new Object[] {
+ Constants.eIDAS_ATTR_PERSONALIDENTIFIER,
+ "Citizen country does not match to eIDAS-node country that generates the response" });
+
+ }
+ }
+ }
+
+ }
+}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/Constants.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/Constants.java
deleted file mode 100644
index 79515032..00000000
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/Constants.java
+++ /dev/null
@@ -1,157 +0,0 @@
-/*******************************************************************************
- * Copyright 2018 A-SIT Plus GmbH
- * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
- * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "License");
- * You may not use this work except in compliance with the License.
- * You may obtain a copy of the License at:
- * https://joinup.ec.europa.eu/news/understanding-eupl-v12
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-package at.asitplus.eidas.specific.modules.authmodule_eIDASv2;
-
-import java.net.URI;
-import java.util.ArrayList;
-import java.util.Collections;
-import java.util.List;
-
-import at.gv.egiz.eaaf.core.api.data.EaafConstants;
-
-public class Constants {
-
- public static final String DATA_REQUESTERID = "req_requesterId";
- public static final String DATA_PROVIDERNAME = "req_providerName";
- public static final String DATA_REQUESTED_LOA_LIST = "req_requestedLoA";
- public static final String DATA_REQUESTED_LOA_COMPERISON = "req_requestedLoAComperision";
- public static final String DATA_FULL_EIDAS_RESPONSE = "resp_fulleIDASResponse";
-
-
- //templates for post-binding forwarding
- public static final String TEMPLATE_POST_FORWARD_NAME = "eidas_node_forward.html";
- public static final String TEMPLATE_POST_FORWARD_ENDPOINT = "endPoint";
- public static final String TEMPLATE_POST_FORWARD_TOKEN_NAME = "tokenName";
- public static final String TEMPLATE_POST_FORWARD_TOKEN_VALUE = "tokenValue";
-
-
- //configuration properties
- public static final String CONIG_PROPS_EIDAS_PREFIX="auth.eIDAS";
- public static final String CONIG_PROPS_EIDAS_NODE= CONIG_PROPS_EIDAS_PREFIX + ".node_v2";
- public static final String CONIG_PROPS_EIDAS_NODE_COUNTRYCODE = CONIG_PROPS_EIDAS_NODE + ".countrycode";
- public static final String CONIG_PROPS_EIDAS_NODE_PUBLICSECTOR_TARGETS = CONIG_PROPS_EIDAS_NODE + ".publicSectorTargets";
- public static final String CONIG_PROPS_EIDAS_NODE_ENTITYID = CONIG_PROPS_EIDAS_NODE + ".entityId";
- public static final String CONIG_PROPS_EIDAS_NODE_FORWARD_URL = CONIG_PROPS_EIDAS_NODE + ".forward.endpoint";
- public static final String CONIG_PROPS_EIDAS_NODE_FORWARD_METHOD = CONIG_PROPS_EIDAS_NODE + ".forward.method";
- public static final String CONIG_PROPS_EIDAS_NODE_ATTRIBUTES_REQUESTED_DEFAULT_ONLYNATURAL = CONIG_PROPS_EIDAS_NODE + ".attributes.requested.onlynatural.";
- public static final String CONIG_PROPS_EIDAS_NODE_ATTRIBUTES_REQUESTED_CC_SPECIFIC_ONLYNATURAL = CONIG_PROPS_EIDAS_NODE + ".attributes.requested.{0}.onlynatural.";
- public static final String CONIG_PROPS_EIDAS_NODE_ATTRIBUTES_REQUESTED_REPRESENTATION = CONIG_PROPS_EIDAS_NODE + ".attributes.requested.representation.";
- public static final String CONIG_PROPS_EIDAS_NODE_WORKAROUND_ADD_ALWAYS_PROVIDERNAME = CONIG_PROPS_EIDAS_NODE + ".workarounds.addAlwaysProviderName";
- public static final String CONIG_PROPS_EIDAS_NODE_WORKAROUND_USEREQUESTIDASTRANSACTIONIDENTIFIER = CONIG_PROPS_EIDAS_NODE + ".workarounds.useRequestIdAsTransactionIdentifier";
- public static final String CONIG_PROPS_EIDAS_NODE_WORKAROUND_USE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP = CONIG_PROPS_EIDAS_NODE + ".workarounds.useStaticProviderNameForPublicSPs";
- public static final String CONIG_PROPS_EIDAS_NODE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP = CONIG_PROPS_EIDAS_NODE + ".staticProviderNameForPublicSPs";;
- public static final String DEFAULT_PROPS_EIDAS_NODE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP = "ERnB";
-
- public static final String FORWARD_METHOD_POST = "POST";
- public static final String FORWARD_METHOD_GET = "GET";
-
- public static final String CONIG_PROPS_EIDAS_SZRCLIENT= CONIG_PROPS_EIDAS_PREFIX + ".szrclient";
- public static final String CONIG_PROPS_EIDAS_SZRCLIENT_USETESTSERVICE= CONIG_PROPS_EIDAS_SZRCLIENT + ".useTestService";
- public static final String CONIG_PROPS_EIDAS_SZRCLIENT_DEBUG_TRACEMESSAGES= CONIG_PROPS_EIDAS_SZRCLIENT + ".debug.logfullmessages";
- public static final String CONIG_PROPS_EIDAS_SZRCLIENT_DEBUG_USEDUMMY= CONIG_PROPS_EIDAS_SZRCLIENT + ".debug.useDummySolution";
- public static final String CONIG_PROPS_EIDAS_SZRCLIENT_TIMEOUT_CONNECTION= CONIG_PROPS_EIDAS_SZRCLIENT + ".timeout.connection";
- public static final String CONIG_PROPS_EIDAS_SZRCLIENT_TIMEOUT_RESPONSE= CONIG_PROPS_EIDAS_SZRCLIENT + ".timeout.response";
- public static final String CONIG_PROPS_EIDAS_SZRCLIENT_ENDPOINT_PROD= CONIG_PROPS_EIDAS_SZRCLIENT + ".endpoint.prod";
- public static final String CONIG_PROPS_EIDAS_SZRCLIENT_ENDPOINT_TEST= CONIG_PROPS_EIDAS_SZRCLIENT + ".endpoint.test";
- public static final String CONIG_PROPS_EIDAS_SZRCLIENT_SSL_KEYSTORE_PATH = CONIG_PROPS_EIDAS_SZRCLIENT + ".ssl.keyStore.path";
- public static final String CONIG_PROPS_EIDAS_SZRCLIENT_SSL_KEYSTORE_PASSWORD = CONIG_PROPS_EIDAS_SZRCLIENT + ".ssl.keyStore.password";
- public static final String CONIG_PROPS_EIDAS_SZRCLIENT_SSL_TRUSTSTORE_PATH = CONIG_PROPS_EIDAS_SZRCLIENT + ".ssl.trustStore.path";
- public static final String CONIG_PROPS_EIDAS_SZRCLIENT_SSL_TRUSTSTORE_PASSWORD = CONIG_PROPS_EIDAS_SZRCLIENT + ".ssl.trustStore.password";
-
- public static final String CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_EDOCUMENTTYPE = CONIG_PROPS_EIDAS_SZRCLIENT + ".params.documenttype";
- public static final String CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_VKZ = CONIG_PROPS_EIDAS_SZRCLIENT + ".params.vkz";
- public static final String CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_ISSUING_DATE = CONIG_PROPS_EIDAS_SZRCLIENT + ".params.issuingdate";
- public static final String CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_ISSUING_AUTHORITY = CONIG_PROPS_EIDAS_SZRCLIENT + ".params.issuingauthority";
- public static final String CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_KEYS_USEDUMMY= CONIG_PROPS_EIDAS_SZRCLIENT + ".params.usedummykeys";
- public static final String CONIG_PROPS_EIDAS_SZRCLIENT_DEBUG_USESRZFORBPKGENERATION= CONIG_PROPS_EIDAS_SZRCLIENT + ".params.useSZRForbPKCalculation";
- public static final String CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_SETPLACEOFBIRTHIFAVAILABLE= CONIG_PROPS_EIDAS_SZRCLIENT + ".params.setPlaceOfBirthIfAvailable";
- public static final String CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_SETBIRTHNAMEIFAVAILABLE = CONIG_PROPS_EIDAS_SZRCLIENT + ".params.setBirthNameIfAvailable";
-
- public static final String CONIG_PROPS_EIDAS_SZRCLIENT_WORKAROUND_REVISIONLOGDATASTORE_ACTIVE = CONIG_PROPS_EIDAS_SZRCLIENT + ".revisionlog.eidmapping.active";
-
-
- @Deprecated public static final String CONIG_PROPS_EIDAS_SZRCLIENT_WORKAROUND_SQLLITEDATASTORE_URL = CONIG_PROPS_EIDAS_SZRCLIENT + ".workarounds.datastore.sqlite.url";
- @Deprecated public static final String CONIG_PROPS_EIDAS_SZRCLIENT_WORKAROUND_SQLLITEDATASTORE_ACTIVE = CONIG_PROPS_EIDAS_SZRCLIENT + ".workarounds.datastore.sqlite.active";
-
-
- //http endpoint descriptions
- public static final String eIDAS_HTTP_ENDPOINT_SP_POST = "/eidas/light/sp/post";
- public static final String eIDAS_HTTP_ENDPOINT_SP_REDIRECT = "/eidas/light/sp/redirect";
- public static final String eIDAS_HTTP_ENDPOINT_IDP_COLLEAGUEREQUEST = "/eidas/light/ColleagueRequest";
- public static final String eIDAS_HTTP_ENDPOINT_METADATA = "/eidas/light/metadata";
-
- //eIDAS request parameters
- public static final String eIDAS_REQ_NAMEID_FORMAT = "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent";
-
- //eIDAS attribute names
- public static final String eIDAS_ATTR_PERSONALIDENTIFIER = "PersonIdentifier";
- public static final String eIDAS_ATTR_DATEOFBIRTH = "DateOfBirth";
- public static final String eIDAS_ATTR_CURRENTGIVENNAME = "FirstName";
- public static final String eIDAS_ATTR_CURRENTFAMILYNAME = "FamilyName";
- public static final String eIDAS_ATTR_PLACEOFBIRTH = "PlaceOfBirth";
- public static final String eIDAS_ATTR_BIRTHNAME = "BirthName";
- public static final String eIDAS_ATTR_CURRENTADDRESS = "CurrentAddress";
-
- public static final String eIDAS_ATTR_LEGALPERSONIDENTIFIER = "LegalPersonIdentifier";
- public static final String eIDAS_ATTR_LEGALNAME = "LegalName";
-
- public static final List<URI> NATURALPERSONMINIMUMDATASETLIST = Collections.unmodifiableList(new ArrayList<URI>() {
- private static final long serialVersionUID = 1L;
- {
- //TODO: find correct location of attribute definitions
-// add(eu.eidas.auth.engine.core.eidas.spec.NaturalPersonSpec.Definitions.CURRENT_FAMILY_NAME.getNameUri());
-// add(eu.eidas.auth.engine.core.eidas.spec.NaturalPersonSpec.Definitions.CURRENT_GIVEN_NAME.getNameUri());
-// add(eu.eidas.auth.engine.core.eidas.spec.NaturalPersonSpec.Definitions.DATE_OF_BIRTH.getNameUri());
-// add(eu.eidas.auth.engine.core.eidas.spec.NaturalPersonSpec.Definitions.PERSON_IDENTIFIER.getNameUri());
- }
- });
-
- public static final String POLICY_DEFAULT_ALLOWED_TARGETS =
- EaafConstants.URN_PREFIX_CDID.replaceAll("\\.", "\\\\.").replaceAll("\\+", "\\\\+") + ".*";
-
- //SAML2 Constants
- public static final String SUCCESS_URI = "urn:oasis:names:tc:SAML:2.0:status:Success";
-
- public static final String HTTP_CLIENT_DEFAULT_TIMEOUT_CONNECTION = "30"; //seconds
- public static final String HTTP_CLIENT_DEFAULT_TIMEOUT_RESPONSE = "60"; //seconds
-
-
- public static final String SZR_SCHEMA_LOCATIONS =
- ("urn:SZRServices" + " " + "/szr_client/szr.xsd");
-
- //Default values for SZR communication
- public static final String SZR_CONSTANTS_DEFAULT_DOCUMENT_TYPE = "ELEKTR_DOKUMENT";
-
- //TODO remove!!!
- public static final String SZR_CONSTANTS_DEFAULT_ISSUING_DATE = "2014-01-01";
- public static final String SZR_CONSTANTS_DEFAULT_ISSUING_AUTHORITY = "ms-specific eIDAS-Node for AT";
- public static final String SZR_CONSTANTS_DEFAULT_PUBKEY_EXPONENT = "AQAB";
- public static final String SZR_CONSTANTS_DEFAULT_PUBKEY_MODULUS = "AJZyj/+sdCMDRq9RkvbFcgSTVn/OfS8EUE81ddwP8MNuJ1kd1SWBUJPaQX2JLJHrL54mkOhrkhH2M/zcuOTu8nW9TOEgXGjrRB/0HpiYKpV+VDJViyyc/GacNLxN4Anw4pima6gHYaJIw9hQkL/nuO2hyh8PGJd7rxeFXJmbLy+X";
-
-
-
-
-
-}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/DAO/ERnBeIDData.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/DAO/ERnBeIDData.java
deleted file mode 100644
index 53711070..00000000
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/DAO/ERnBeIDData.java
+++ /dev/null
@@ -1,107 +0,0 @@
-/*******************************************************************************
- * Copyright 2018 A-SIT Plus GmbH
- * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
- * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "License");
- * You may not use this work except in compliance with the License.
- * You may obtain a copy of the License at:
- * https://joinup.ec.europa.eu/news/understanding-eupl-v12
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-package at.asitplus.eidas.specific.modules.authmodule_eIDASv2.DAO;
-
-import java.text.SimpleDateFormat;
-
-import org.joda.time.DateTime;
-
-import at.gv.e_government.reference.namespace.persondata._20020228.PostalAddressType;
-
-public class ERnBeIDData {
-
- private String citizenCountryCode = null;
-
- //MDS
- private String pseudonym = null;
- private String givenName = null;
- private String familyName = null;
- private DateTime dateOfBirth = null;
-
- //additional attributes
- private String placeOfBirth = null;
- private String birthName = null;
- private PostalAddressType address = null;
-
-
-
-
-
- public String getCitizenCountryCode() {
- return citizenCountryCode;
- }
- public void setCitizenCountryCode(String citizenCountryCode) {
- this.citizenCountryCode = citizenCountryCode;
- }
- public String getPseudonym() {
- return pseudonym;
- }
- public void setPseudonym(String pseudonym) {
- this.pseudonym = pseudonym;
- }
- public String getGivenName() {
- return givenName;
- }
- public void setGivenName(String givenName) {
- this.givenName = givenName;
- }
- public String getFamilyName() {
- return familyName;
- }
- public void setFamilyName(String familyName) {
- this.familyName = familyName;
- }
- public DateTime getDateOfBirth() {
- return dateOfBirth;
- }
- public void setDateOfBirth(DateTime dateOfBirth) {
- this.dateOfBirth = dateOfBirth;
- }
- public String getPlaceOfBirth() {
- return placeOfBirth;
- }
- public void setPlaceOfBirth(String placeOfBirth) {
- this.placeOfBirth = placeOfBirth;
- }
- public String getBirthName() {
- return birthName;
- }
- public void setBirthName(String birthName) {
- this.birthName = birthName;
- }
- public PostalAddressType getAddress() {
- return address;
- }
- public void setAddress(PostalAddressType address) {
- this.address = address;
- }
-
- public String getFormatedDateOfBirth() {
- return new SimpleDateFormat("yyyy-MM-dd").format(dateOfBirth.toDate());
- }
-
-
-
-
-
-}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/DAO/eIDASPersonalIdStoreDAO.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/DAO/eIDASPersonalIdStoreDAO.java
deleted file mode 100644
index ae96f805..00000000
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/DAO/eIDASPersonalIdStoreDAO.java
+++ /dev/null
@@ -1,146 +0,0 @@
-/*******************************************************************************
- * Copyright 2018 A-SIT Plus GmbH
- * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
- * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "License");
- * You may not use this work except in compliance with the License.
- * You may obtain a copy of the License at:
- * https://joinup.ec.europa.eu/news/understanding-eupl-v12
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-package at.asitplus.eidas.specific.modules.authmodule_eIDASv2.DAO;
-
-import java.util.ArrayList;
-import java.util.Collections;
-import java.util.List;
-
-import at.gv.egiz.eaaf.core.impl.data.Pair;
-
-@Deprecated
-public class eIDASPersonalIdStoreDAO {
- public static final String NAME = "foreigneIDMap";
-
- //Enum with all cols of this table
- public enum COLS {
- timestamp, transactionId, eidasId, eidasSourceCountry, eidasDestinationCountry, ernbId
- }
-
- public enum T {
- ID("INTEGER"),
- BIGINT("VARCHAR(265)"),
- URI("VARCHAR(256)"),
- DATE("Long"),
- TEXT("TEXT"),
- Long("BIGINT"),
- Int("INTEGER"),
- BLOB("BLOB"),
- CC("CHAR(2)"),
- BOOL("INTEGER");
-
- public String s_;
-
- private T(String s) {
- s_ = s;
- }
-
- @Override
- public String toString() {
- return s_;
- }
- }
-
- //define Cols of the table
- public static final List<Pair<String, T>> TABLE_COLS;
- static {
- List<Pair<String, T>> cols = new ArrayList<Pair<String, T>>();
- cols.add(Pair.newInstance(COLS.timestamp.name(), T.DATE));
- cols.add(Pair.newInstance(COLS.transactionId.name(), T.TEXT));
- cols.add(Pair.newInstance(COLS.eidasId.name(), T.TEXT));
- cols.add(Pair.newInstance(COLS.eidasSourceCountry.name(), T.CC));
- cols.add(Pair.newInstance(COLS.eidasDestinationCountry.name(), T.CC));
- cols.add(Pair.newInstance(COLS.ernbId.name(), T.TEXT));
-
- TABLE_COLS = Collections.unmodifiableList(cols);
-
- }
-
- public static final String CREATE = "CREATE TABLE " + NAME
- + " (" + "id" + " " + T.ID.toString()
- + " PRIMARY KEY AUTOINCREMENT, " + buildCreateTableQuery(TABLE_COLS) + ")";
-
- public static final String INSERT = "INSERT INTO " + NAME
- + "(" + buildInsertQueryKeys(TABLE_COLS) + ")"
- + " VALUES (" + buildInsertQueryValues(TABLE_COLS) + ");";
-
- public static final String SELECT_BY_ERNB_ID = "SELECT * FROM " + NAME
- + " WHERE " + COLS.ernbId.name() + "=?;";
-
- public static final String SELECT_BY_EIDAS_RAW_ID = "SELECT * FROM " + NAME
- + " WHERE " + COLS.eidasId.name() + "=?"
- + " and " + COLS.eidasSourceCountry.name() + "=?" + ";";
-
-
- /**
- * Build a part of a SQL query, which contains the cols of a table that should be created
- *
- * @param cols List of DB col definitions {@link Pair}
- * @return Part of a SQL query, which contains cols that should be created
- */
- private static String buildCreateTableQuery(List<Pair<String, T>> cols) {
- String sql = "";
-
- for (Pair<String, T> el : cols) {
- sql += el.getFirst() + " " + el.getSecond().toString() + ",";
-
- }
-
- return sql.substring(0, sql.length()-1);
- }
-
- /**
- * Build a part of a SQL query, which contains the cols keys of a table for insert operation
- *
- * @param cols List of DB col definitions {@link Pair}
- * @return Part of a SQL query, which contains cols that should be created
- */
- protected static String buildInsertQueryKeys(List<Pair<String, T>> cols) {
- String sql = "";
-
- for (Pair<String, T> el : cols) {
- sql += el.getFirst() + ",";
-
- }
-
- return sql.substring(0, sql.length()-1);
- }
-
- /**
- * Build a part of a SQL query, which contains the cols values of a table for insert operation
- *
- * @param cols List of DB col definitions {@link Pair}
- * @return Part of a SQL query, which contains cols that should be created
- */
- protected static String buildInsertQueryValues(List<Pair<String, T>> cols) {
- String sql = "";
-
- for (Pair<String, T> el : cols) {
- sql += "?,";
-
- }
-
- return sql.substring(0, sql.length()-1);
- }
-
-}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/eIDASAuthenticationModulImpl.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/eIDASAuthenticationModulImpl.java
deleted file mode 100644
index 43222931..00000000
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/eIDASAuthenticationModulImpl.java
+++ /dev/null
@@ -1,76 +0,0 @@
-/*******************************************************************************
- * Copyright 2018 A-SIT Plus GmbH
- * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
- * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "License");
- * You may not use this work except in compliance with the License.
- * You may obtain a copy of the License at:
- * https://joinup.ec.europa.eu/news/understanding-eupl-v12
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-package at.asitplus.eidas.specific.modules.authmodule_eIDASv2;
-
-import org.apache.commons.lang3.StringUtils;
-
-import at.asitplus.eidas.specific.connector.MSeIDASNodeConstants;
-import at.gv.egiz.eaaf.core.api.IRequest;
-import at.gv.egiz.eaaf.core.api.idp.auth.modules.AuthModule;
-import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
-
-/**
- * @author tlenz
- *
- */
-public class eIDASAuthenticationModulImpl implements AuthModule {
-
- private int priority = 1;
-
- @Override
- public int getPriority() {
- return priority;
- }
-
- /**
- * Sets the priority of this module. Default value is {@code 0}.
- * @param priority The priority.
- */
- public void setPriority(int priority) {
- this.priority = priority;
- }
-
- /* (non-Javadoc)
- * @see at.gv.egovernment.moa.id.auth.modules.AuthModule#selectProcess(at.gv.egovernment.moa.id.process.api.ExecutionContext)
- */
- @Override
- public String selectProcess(ExecutionContext context, IRequest pendingReq) {
- if (StringUtils.isNotBlank((String) context.get(MSeIDASNodeConstants.REQ_PARAM_SELECTED_COUNTRY)) ||
- StringUtils.isNotBlank((String) context.get(MSeIDASNodeConstants.REQ_PARAM_SELECTED_COUNTRY)))
- return "eIDASAuthentication_v2";
- else
- return null;
-
- }
-
- /* (non-Javadoc)
- * @see at.gv.egovernment.moa.id.auth.modules.AuthModule#getProcessDefinitions()
- */
- @Override
- public String[] getProcessDefinitions() {
- return new String[] { "classpath:eIDAS.Authentication.process.xml" };
- }
-
-}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/eIDASSignalServlet.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/eIDASSignalServlet.java
deleted file mode 100644
index 0f4a3710..00000000
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/eIDASSignalServlet.java
+++ /dev/null
@@ -1,154 +0,0 @@
-/*******************************************************************************
- * Copyright 2018 A-SIT Plus GmbH
- * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
- * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "License");
- * You may not use this work except in compliance with the License.
- * You may obtain a copy of the License at:
- * https://joinup.ec.europa.eu/news/understanding-eupl-v12
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-package at.asitplus.eidas.specific.modules.authmodule_eIDASv2;
-
-import java.io.IOException;
-
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import org.apache.commons.lang3.StringUtils;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.context.ApplicationContext;
-import org.springframework.stereotype.Controller;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RequestMethod;
-
-import com.google.common.collect.ImmutableSortedSet;
-
-import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.eIDASAuthenticationException;
-import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.service.eIDASAttributeRegistry;
-import at.gv.egiz.eaaf.core.exceptions.EaafException;
-import at.gv.egiz.eaaf.core.impl.idp.controller.AbstractProcessEngineSignalController;
-import eu.eidas.auth.commons.EidasParameterKeys;
-import eu.eidas.auth.commons.light.ILightResponse;
-import eu.eidas.specificcommunication.SpecificCommunicationDefinitionBeanNames;
-import eu.eidas.specificcommunication.exception.SpecificCommunicationException;
-import eu.eidas.specificcommunication.protocol.impl.SpecificConnectorCommunicationServiceImpl;
-
-
-/**
- * @author tlenz
- *
- */
-@Controller
-public class eIDASSignalServlet extends AbstractProcessEngineSignalController {
-
- private static final Logger log = LoggerFactory.getLogger(eIDASSignalServlet.class);
- @Autowired private ApplicationContext context;
- @Autowired private eIDASAttributeRegistry attrRegistry;
-
- public eIDASSignalServlet() {
- super();
- log.debug("Registering servlet " + getClass().getName() +
- " with mappings '"+ Constants.eIDAS_HTTP_ENDPOINT_SP_POST +
- "' and '"+ Constants.eIDAS_HTTP_ENDPOINT_SP_REDIRECT + "'.");
-
- }
-
- @RequestMapping(value = { Constants.eIDAS_HTTP_ENDPOINT_SP_POST,
- Constants.eIDAS_HTTP_ENDPOINT_SP_REDIRECT
- },
- method = {RequestMethod.POST, RequestMethod.GET})
- public void restoreEidasAuthProcess(HttpServletRequest req, HttpServletResponse resp) throws IOException, EaafException {
- signalProcessManagement(req, resp);
- }
-
-
- /**
- * Protocol specific implementation to get the pending-requestID
- * from http request object
- *
- * @param request The http Servlet-Request object
- * @return The Pending-request id
- *
- */
- @Override
- public String getPendingRequestId(HttpServletRequest request) {
- //String sessionId = super.getPendingRequestId(request);
-
- try {
- //get token from Request
- final String tokenBase64 = request.getParameter(EidasParameterKeys.TOKEN.toString());
- if (StringUtils.isEmpty(tokenBase64)) {
- log.warn("NO eIDAS message token found.");
- throw new eIDASAuthenticationException("eidas.04", null);
-
- }
- log.trace("Receive eIDAS-node token: " + tokenBase64 + " Starting transaction-restore process ... ");
-
-
-
- final SpecificConnectorCommunicationServiceImpl specificConnectorCommunicationService =
- (SpecificConnectorCommunicationServiceImpl) context.getBean(SpecificCommunicationDefinitionBeanNames.SPECIFIC_CONNECTOR_COMMUNICATION_SERVICE.toString());
- ILightResponse eIDASResponse = specificConnectorCommunicationService.getAndRemoveResponse(tokenBase64,
- ImmutableSortedSet.copyOf(attrRegistry.getCoreAttributeRegistry().getAttributes()));
-
- String pendingReqId = null;
- if (StringUtils.isEmpty(eIDASResponse.getRelayState())) {
- log.debug("eIDAS Node returns no RelayState. ");
-
- if (authConfig.getBasicConfigurationBoolean(
- Constants.CONIG_PROPS_EIDAS_NODE_WORKAROUND_USEREQUESTIDASTRANSACTIONIDENTIFIER,
- false)) {
- log.trace("Use lightRequestId to recover session ... ");
- pendingReqId = transactionStorage.get(eIDASResponse.getInResponseToId(), String.class);
- if (StringUtils.isNotEmpty(pendingReqId)) {
- log.debug("Restoring session with lightRequestId ... ");
- transactionStorage.remove(eIDASResponse.getInResponseToId());
-
- }
- }
-
- } else {
- log.debug("Find transaction identifier in SAML2 'RelayState': " + eIDASResponse.getRelayState());
- pendingReqId = eIDASResponse.getRelayState();
-
- }
-
- if (StringUtils.isNotEmpty(pendingReqId)) {
- request.setAttribute(Constants.DATA_FULL_EIDAS_RESPONSE, eIDASResponse);
- return pendingReqId;
-
- }
-
- log.info("NO transaction identifier found! Stopping process ....");
- log.trace("FullResponse: " + eIDASResponse.toString());
-
- } catch (SpecificCommunicationException e) {
- log.warn("Can NOT load eIDAS Response from cache.", e);
- log.debug("eIDAS response token was: " + request.getParameter(EidasParameterKeys.TOKEN.toString()));
-
- } catch (Exception e) {
- log.warn("Unable to retrieve moa session id.", e);
-
- }
-
- return null;
- }
-
-}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/AbstracteIDProcessor.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/AbstracteIDProcessor.java
deleted file mode 100644
index 01f7c1fa..00000000
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/AbstracteIDProcessor.java
+++ /dev/null
@@ -1,337 +0,0 @@
-/*******************************************************************************
- * Copyright 2018 A-SIT Plus GmbH
- * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
- * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "License");
- * You may not use this work except in compliance with the License.
- * You may obtain a copy of the License at:
- * https://joinup.ec.europa.eu/news/understanding-eupl-v12
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-package at.asitplus.eidas.specific.modules.authmodule_eIDASv2.handler;
-
-import java.util.Map;
-import java.util.regex.Matcher;
-import java.util.regex.Pattern;
-
-import org.apache.commons.lang3.StringUtils;
-import org.joda.time.DateTime;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Autowired;
-
-import com.google.common.collect.ImmutableSortedSet;
-
-import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.Constants;
-import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.DAO.ERnBeIDData;
-import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.eIDASAttributeException;
-import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.eIDPostProcessingException;
-import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.service.eIDASAttributeRegistry;
-import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.utils.eIDASResponseUtils;
-import at.gv.e_government.reference.namespace.persondata._20020228.PostalAddressType;
-import at.gv.egiz.eaaf.core.api.IRequest;
-import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP;
-import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration;
-import at.gv.egiz.eaaf.core.impl.data.Trible;
-import edu.umd.cs.findbugs.annotations.NonNull;
-import eu.eidas.auth.commons.attribute.AttributeDefinition;
-import eu.eidas.auth.commons.attribute.ImmutableAttributeMap;
-import eu.eidas.auth.commons.light.impl.LightRequest.Builder;
-import eu.eidas.auth.commons.protocol.eidas.SpType;
-import eu.eidas.auth.commons.protocol.eidas.impl.PostalAddress;
-
-public abstract class AbstracteIDProcessor implements INationaleIDProcessor {
- private static final Logger log = LoggerFactory.getLogger(AbstracteIDProcessor.class);
-
- @Autowired protected eIDASAttributeRegistry attrRegistry;
- @Autowired protected IConfigurationWithSP basicConfig;
-
- @Override
- public final void preProcess(IRequest pendingReq, Builder authnRequestBuilder) {
-
- buildProviderNameAttribute(pendingReq, authnRequestBuilder);
- buildRequestedAttributes(pendingReq, authnRequestBuilder);
-
-
- }
-
- @Override
- public final ERnBeIDData postProcess(Map<String, Object> eIDASAttrMap) throws eIDPostProcessingException, eIDASAttributeException{
- ERnBeIDData result = new ERnBeIDData();
-
- Object eIdentifierObj = eIDASAttrMap.get(Constants.eIDAS_ATTR_PERSONALIDENTIFIER);
- Trible<String, String, String> eIdentifier =
- eIDASResponseUtils.parseEidasPersonalIdentifier((String)eIdentifierObj);
- result.setCitizenCountryCode(eIdentifier.getFirst());
-
- //MDS attributes
- result.setPseudonym(processPseudonym(eIDASAttrMap.get(Constants.eIDAS_ATTR_PERSONALIDENTIFIER)));
- result.setFamilyName(processFamilyName(eIDASAttrMap.get(Constants.eIDAS_ATTR_CURRENTFAMILYNAME)));
- result.setGivenName(processGivenName(eIDASAttrMap.get(Constants.eIDAS_ATTR_CURRENTGIVENNAME)));
- result.setDateOfBirth(processDateOfBirth(eIDASAttrMap.get(Constants.eIDAS_ATTR_DATEOFBIRTH)));
-
- //additional attributes
- result.setPlaceOfBirth(processPlaceOfBirth(eIDASAttrMap.get(Constants.eIDAS_ATTR_PLACEOFBIRTH)));
- result.setBirthName(processBirthName(eIDASAttrMap.get(Constants.eIDAS_ATTR_BIRTHNAME)));
- result.setAddress(processAddress(eIDASAttrMap.get(Constants.eIDAS_ATTR_CURRENTADDRESS)));
-
- return result;
-
- }
-
- @NonNull
- /**
- * Get a Map of country-specific requested attributes
- *
- * @return
- */
- protected abstract Map<String, Boolean> getCountrySpecificRequestedAttributes();
-
- /**
- * Post-Process the eIDAS CurrentAddress attribute
- *
- * @param currentAddressObj
- * @return current address or null if no attribute is available
- * @throws eIDPostProcessingException if post-processing fails
- * @throws eIDASAttributeException if eIDAS attribute is of a wrong type
- */
- protected PostalAddressType processAddress(Object currentAddressObj) throws eIDPostProcessingException, eIDASAttributeException {
-
- if (currentAddressObj != null) {
- if ((currentAddressObj instanceof PostalAddress)) {
- PostalAddressType result = new PostalAddressType();
- result.setPostalCode(((PostalAddress)currentAddressObj).getPostCode());
- result.setMunicipality(((PostalAddress)currentAddressObj).getPostName());
-
- //TODO: add more mappings
-
- } else {
- log.warn("eIDAS attr: " + Constants.eIDAS_ATTR_CURRENTADDRESS + " is of WRONG type");
- throw new eIDASAttributeException(Constants.eIDAS_ATTR_CURRENTADDRESS);
-
- }
-
- } else
- log.debug("NO '" + Constants.eIDAS_ATTR_CURRENTADDRESS + "' attribute. Post-Processing skipped ... ");
-
- return null;
-
- }
-
- /**
- * Post-Process the eIDAS BirthName attribute
- *
- * @param birthNameObj
- * @return birthName or null if no attribute is available
- * @throws eIDPostProcessingException if post-processing fails
- * @throws eIDASAttributeException if eIDAS attribute is of a wrong type
- */
- protected String processBirthName(Object birthNameObj) throws eIDPostProcessingException, eIDASAttributeException {
- if (birthNameObj != null) {
- if ((birthNameObj instanceof String)) {
- return (String)birthNameObj;
-
- } else {
- log.warn("eIDAS attr: " + Constants.eIDAS_ATTR_BIRTHNAME + " is of WRONG type");
- throw new eIDASAttributeException(Constants.eIDAS_ATTR_BIRTHNAME);
-
- }
-
- } else
- log.debug("NO '" + Constants.eIDAS_ATTR_BIRTHNAME + "' attribute. Post-Processing skipped ... ");
-
-
- return null;
-
- }
-
- /**
- * Post-Process the eIDAS PlaceOfBirth attribute
- *
- * @param placeOfBirthObj
- * @return place of Birth or null if no attribute is available
- * @throws eIDPostProcessingException if post-processing fails
- * @throws eIDASAttributeException if eIDAS attribute is of a wrong type
- */
- protected String processPlaceOfBirth(Object placeOfBirthObj) throws eIDPostProcessingException, eIDASAttributeException {
- if (placeOfBirthObj != null) {
- if ((placeOfBirthObj instanceof String)) {
- return (String)placeOfBirthObj;
-
- } else {
- log.warn("eIDAS attr: " + Constants.eIDAS_ATTR_PLACEOFBIRTH + " is of WRONG type");
- throw new eIDASAttributeException(Constants.eIDAS_ATTR_PLACEOFBIRTH);
-
- }
-
- } else
- log.debug("NO '" + Constants.eIDAS_ATTR_PLACEOFBIRTH + "' attribute. Post-Processing skipped ... ");
-
-
- return null;
-
- }
-
- /**
- * Post-Process the eIDAS DateOfBirth attribute
- *
- * @param dateOfBirthObj
- * @return
- * @throws eIDASAttributeException if NO attribute is available
- * @throws eIDPostProcessingException if post-processing fails
- */
- protected DateTime processDateOfBirth(Object dateOfBirthObj) throws eIDPostProcessingException, eIDASAttributeException {
- if (dateOfBirthObj == null || !(dateOfBirthObj instanceof DateTime))
- throw new eIDASAttributeException(Constants.eIDAS_ATTR_DATEOFBIRTH);
-
- return (DateTime)dateOfBirthObj;
-
- }
-
- /**
- * Post-Process the eIDAS GivenName attribute
- *
- * @param givenNameObj
- * @return
- * @throws eIDASAttributeException if NO attribute is available
- * @throws eIDPostProcessingException if post-processing fails
- */
- protected String processGivenName(Object givenNameObj) throws eIDPostProcessingException, eIDASAttributeException {
- if (givenNameObj == null || !(givenNameObj instanceof String))
- throw new eIDASAttributeException(Constants.eIDAS_ATTR_CURRENTGIVENNAME);
-
- return (String)givenNameObj;
-
- }
-
- /**
- * Post-Process the eIDAS FamilyName attribute
- *
- * @param familyNameObj
- * @return
- * @throws eIDASAttributeException if NO attribute is available
- * @throws eIDPostProcessingException if post-processing fails
- */
- protected String processFamilyName(Object familyNameObj) throws eIDPostProcessingException, eIDASAttributeException {
- if (familyNameObj == null || !(familyNameObj instanceof String))
- throw new eIDASAttributeException(Constants.eIDAS_ATTR_CURRENTFAMILYNAME);
-
- return (String) familyNameObj;
-
- }
-
- /**
- * Post-Process the eIDAS pseudonym to ERnB unique identifier
- *
- * @param eIdentifierObj eIDAS PersonalIdentifierAttribute
- * @return
- * @throws eIDPostProcessingException
- * @throws eIDASAttributeException if NO attribute is available
- * @throws eIDPostProcessingException if post-processing fails
- */
- protected String processPseudonym(Object eIdentifierObj) throws eIDPostProcessingException, eIDASAttributeException {
- if (eIdentifierObj == null || !(eIdentifierObj instanceof String))
- throw new eIDASAttributeException(Constants.eIDAS_ATTR_PERSONALIDENTIFIER);
-
- Trible<String, String, String> eIdentifier =
- eIDASResponseUtils.parseEidasPersonalIdentifier((String)eIdentifierObj);
-
- return eIdentifier.getThird();
-
- }
-
- private void buildRequestedAttributes(IRequest pendingReq, Builder authnRequestBuilder) {
- //build and add requested attribute set
- Map<String, Boolean> ccSpecificReqAttr = getCountrySpecificRequestedAttributes();
- log.debug("Get #{} country-specific requested attributes", ccSpecificReqAttr.size());
-
- Map<String, Boolean> mdsReqAttr = attrRegistry.getDefaultAttributeSetFromConfiguration();
- log.trace("Get #{} default requested attributes", mdsReqAttr.size());
-
- //put it together
- ccSpecificReqAttr.putAll(mdsReqAttr);
-
- //convert it to eIDAS attributes
- ImmutableAttributeMap reqAttrMap = translateToEidasAttributes(ccSpecificReqAttr);
- authnRequestBuilder.requestedAttributes(reqAttrMap);
-
- }
-
- private ImmutableAttributeMap translateToEidasAttributes(final Map<String, Boolean> requiredAttributes) {
- ImmutableAttributeMap.Builder builder = ImmutableAttributeMap.builder();
- for (Map.Entry<String,Boolean> attribute : requiredAttributes.entrySet()) {
- final String name = attribute.getKey();
- final ImmutableSortedSet<AttributeDefinition<?>> byFriendlyName = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(name);
- if (!byFriendlyName.isEmpty()) {
- final AttributeDefinition<?> attributeDefinition = byFriendlyName.first();
- builder.put(AttributeDefinition.builder(attributeDefinition).required(attribute.getValue()).build());
-
- } else
- log.warn("Can NOT request UNKNOWN attribute: " + attribute.getKey() + " Ignore it!");
-
- }
-
- return builder.build();
-
- }
-
- private void buildProviderNameAttribute(IRequest pendingReq, Builder authnRequestBuilder) {
- ISpConfiguration spConfig = pendingReq.getServiceProviderConfiguration();
-
- //set correct SPType for requested target sector
- String publicSectorTargetSelector = basicConfig.getBasicConfiguration(
- Constants.CONIG_PROPS_EIDAS_NODE_PUBLICSECTOR_TARGETS,
- Constants.POLICY_DEFAULT_ALLOWED_TARGETS);
- Pattern p = Pattern.compile(publicSectorTargetSelector);
- Matcher m = p.matcher(spConfig.getAreaSpecificTargetIdentifier());
- if (m.matches()) {
- log.debug("Map " + spConfig.getAreaSpecificTargetIdentifier() + " to 'PublicSector'");
- authnRequestBuilder.spType(SpType.PUBLIC.getValue());
-
- if ( basicConfig.getBasicConfigurationBoolean(
- Constants.CONIG_PROPS_EIDAS_NODE_WORKAROUND_USE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP,
- false) ) {
- authnRequestBuilder.providerName(basicConfig.getBasicConfiguration(
- Constants.CONIG_PROPS_EIDAS_NODE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP,
- Constants.DEFAULT_PROPS_EIDAS_NODE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP));
-
- } else {
- //TODO: only for eIDAS ref. node 2.0 and 2.1 because it need 'Providername' for any SPType
- String providerName = pendingReq.getRawData(Constants.DATA_PROVIDERNAME, String.class);
- if ( StringUtils.isNotEmpty(providerName)
- && basicConfig.getBasicConfigurationBoolean(
- Constants.CONIG_PROPS_EIDAS_NODE_WORKAROUND_ADD_ALWAYS_PROVIDERNAME,
- false)
- ) {
- authnRequestBuilder.providerName(providerName);
-
- }
- }
-
- } else {
- log.debug("Map " + spConfig.getAreaSpecificTargetIdentifier() + " to 'PrivateSector'");
- authnRequestBuilder.spType(SpType.PRIVATE.getValue());
-
- //TODO: switch to RequesterId in further version
- //set provider name for private sector applications
- String providerName = pendingReq.getRawData(Constants.DATA_PROVIDERNAME, String.class);
- if (StringUtils.isNotEmpty(providerName))
- authnRequestBuilder.providerName(providerName);
-
- }
-
- }
-
-}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/DEeIDProcessor.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/DEeIDProcessor.java
deleted file mode 100644
index a3880b3f..00000000
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/DEeIDProcessor.java
+++ /dev/null
@@ -1,108 +0,0 @@
-/*******************************************************************************
- * Copyright 2018 A-SIT Plus GmbH
- * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
- * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "License");
- * You may not use this work except in compliance with the License.
- * You may obtain a copy of the License at:
- * https://joinup.ec.europa.eu/news/understanding-eupl-v12
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-package at.asitplus.eidas.specific.modules.authmodule_eIDASv2.handler;
-
-import java.util.Base64;
-import java.util.Map;
-
-import org.apache.commons.codec.DecoderException;
-import org.apache.commons.codec.binary.Hex;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.Constants;
-import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.eIDASAttributeException;
-import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.eIDPostProcessingException;
-import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.utils.eIDASResponseUtils;
-import at.gv.egiz.eaaf.core.impl.data.Trible;
-
-public class DEeIDProcessor extends AbstracteIDProcessor {
- private static final Logger log = LoggerFactory.getLogger(DEeIDProcessor.class);
- private static final String canHandleCC = "DE";
-
- private int priority = 1;
-
- @Override
- public int getPriority() {
- return priority;
- }
-
- @Override
- public boolean canHandle(String countryCode) {
- return countryCode != null && countryCode.equalsIgnoreCase(canHandleCC);
-
- }
-
-
- public void setPriority(int priority) {
- this.priority = priority;
- }
-
- @Override
- public String getName() {
- return "DE-PostProcessor";
-
- }
-
- @Override
- protected String processPseudonym(Object eIdentifierObj) throws eIDPostProcessingException, eIDASAttributeException {
- if (eIdentifierObj == null || !(eIdentifierObj instanceof String))
- throw new eIDASAttributeException(Constants.eIDAS_ATTR_PERSONALIDENTIFIER);
-
- Trible<String, String, String> eIdentifier =
- eIDASResponseUtils.parseEidasPersonalIdentifier((String)eIdentifierObj);
-
- log.trace(getName() + " starts processing of attribute: " + Constants.eIDAS_ATTR_PERSONALIDENTIFIER);
- String result = convertDEIdentifier(eIdentifier.getThird());
- log.debug(getName() + " finished processing of attribute: " + Constants.eIDAS_ATTR_PERSONALIDENTIFIER);
-
- return result;
-
-
- }
-
- private String convertDEIdentifier(String hexEncodedDEIdentifier) throws eIDPostProcessingException
- {
- if(hexEncodedDEIdentifier.length() != 64)
- throw new eIDPostProcessingException("ernb.03", new Object[] {"Input has wrong length, expected 64 chars"});
-
- byte[] data;
- try {
- data = Hex.decodeHex(hexEncodedDEIdentifier);
-
- } catch (DecoderException e) {
- throw new eIDPostProcessingException("ernb.03", null, e);
-
- }
-
- byte[] encoded = Base64.getEncoder().encode(data);
- return new String(encoded);
- }
-
- @Override
- protected Map<String, Boolean> getCountrySpecificRequestedAttributes() {
- return attrRegistry.getAttributeSetFromConfiguration(canHandleCC);
-
- }
-
-}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/GenericeIDProcessor.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/GenericeIDProcessor.java
deleted file mode 100644
index 110635d9..00000000
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/GenericeIDProcessor.java
+++ /dev/null
@@ -1,60 +0,0 @@
-/*******************************************************************************
- * Copyright 2018 A-SIT Plus GmbH
- * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
- * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "License");
- * You may not use this work except in compliance with the License.
- * You may obtain a copy of the License at:
- * https://joinup.ec.europa.eu/news/understanding-eupl-v12
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-package at.asitplus.eidas.specific.modules.authmodule_eIDASv2.handler;
-
-import java.util.HashMap;
-import java.util.Map;
-
-public class GenericeIDProcessor extends AbstracteIDProcessor {
-
- private int priority = 0;
-
- @Override
- public int getPriority() {
- return priority;
-
- }
-
- @Override
- public boolean canHandle(String countryCode) {
- return true;
-
- }
-
- public void setPriority(int priority) {
- this.priority = priority;
- }
-
- @Override
- public String getName() {
- return "Default-PostProcessor";
-
- }
-
- @Override
- protected Map<String, Boolean> getCountrySpecificRequestedAttributes() {
- return new HashMap<>();
-
- }
-
-}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/INationaleIDProcessor.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/INationaleIDProcessor.java
deleted file mode 100644
index 46cfcb2b..00000000
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/INationaleIDProcessor.java
+++ /dev/null
@@ -1,81 +0,0 @@
-/*******************************************************************************
- * Copyright 2018 A-SIT Plus GmbH
- * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
- * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "License");
- * You may not use this work except in compliance with the License.
- * You may obtain a copy of the License at:
- * https://joinup.ec.europa.eu/news/understanding-eupl-v12
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-package at.asitplus.eidas.specific.modules.authmodule_eIDASv2.handler;
-
-import java.util.Map;
-
-import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.DAO.ERnBeIDData;
-import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.eIDASAttributeException;
-import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.eIDPostProcessingException;
-import at.gv.egiz.eaaf.core.api.IRequest;
-import eu.eidas.auth.commons.light.ILightRequest;
-import eu.eidas.auth.commons.light.impl.LightRequest.Builder;
-
-public interface INationaleIDProcessor {
-
- /**
- * Get a friendlyName of this post-processor implementation
- *
- * @return
- */
- public String getName();
-
- /**
- * Get the priority of this eID Post-Processor
- * <br>
- * If more than one Post-Processor implementations can handle the eID data, the post-processor with the highest priority are selected.
- * The Default-Processor has priority '0'
- *
- * @return Priority of this handler
- */
- public int getPriority();
-
- /**
- * Check if this postProcessor is sensitive for a specific country
- *
- * @param countryCode of the eID data that should be processed
- * @return true if this implementation can handle the country, otherwise false
- *
- */
- public boolean canHandle(String countryCode);
-
-
-
-
- /**
- * Post-Process eIDAS eID data into national format
- * @param eIDASAttrMap Map of eIDAS attributes in format friendlyName and attribute
- * @throws eIDPostProcessingException
- * @throws eIDASAttributeException
- *
- */
- public ERnBeIDData postProcess(Map<String, Object> eIDASAttrMap) throws eIDPostProcessingException, eIDASAttributeException;
-
- /**
- * Pre-Process eIDAS Request to national requirements
- *
- * @param pendingReq current pending request
- * @param authnRequestBuilder eIDAS {@link ILightRequest} builder
- */
- public void preProcess(IRequest pendingReq, Builder authnRequestBuilder);
-}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/CCSpecificEIDProcessingService.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/CCSpecificEIDProcessingService.java
deleted file mode 100644
index 602982d6..00000000
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/CCSpecificEIDProcessingService.java
+++ /dev/null
@@ -1,131 +0,0 @@
-/*******************************************************************************
- * Copyright 2018 A-SIT Plus GmbH
- * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
- * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "License");
- * You may not use this work except in compliance with the License.
- * You may obtain a copy of the License at:
- * https://joinup.ec.europa.eu/news/understanding-eupl-v12
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-package at.asitplus.eidas.specific.modules.authmodule_eIDASv2.service;
-
-import java.util.ArrayList;
-import java.util.Collections;
-import java.util.Comparator;
-import java.util.Iterator;
-import java.util.List;
-import java.util.Map;
-import java.util.Map.Entry;
-
-import javax.annotation.PostConstruct;
-
-import org.apache.commons.lang3.StringUtils;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.context.ApplicationContext;
-import org.springframework.stereotype.Service;
-
-import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.Constants;
-import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.DAO.ERnBeIDData;
-import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.eIDASAttributeException;
-import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.eIDPostProcessingException;
-import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.handler.INationaleIDProcessor;
-import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.utils.eIDASResponseUtils;
-import at.gv.egiz.eaaf.core.api.IRequest;
-import at.gv.egiz.eaaf.core.impl.data.Trible;
-import eu.eidas.auth.commons.light.impl.LightRequest.Builder;
-
-@Service
-public class CCSpecificEIDProcessingService implements ICCSpecificEIDProcessingService{
- private static final Logger log = LoggerFactory.getLogger(CCSpecificEIDProcessingService.class);
-
- @Autowired private ApplicationContext context;
-
- private List<INationaleIDProcessor> handlers = new ArrayList<INationaleIDProcessor>();
-
- @PostConstruct
- private void initialize() {
- log.debug("Initialize eID PostProcessing-Service ... ");
- Map<String, INationaleIDProcessor> postProcessors = context.getBeansOfType(INationaleIDProcessor.class);
- Iterator<Entry<String, INationaleIDProcessor>> iterator = postProcessors.entrySet().iterator();
- while (iterator.hasNext()) {
- Entry<String, INationaleIDProcessor> el = iterator.next();
- log.debug("Find eID-PostProcessor with name: " + el.getKey());
- handlers.add(el.getValue());
-
- }
-
- log.trace("Sorting eID-PostProcessors on priority ... ");
- Collections.sort(handlers, new Comparator<INationaleIDProcessor>() {
- @Override
- public int compare(INationaleIDProcessor thisAuthModule, INationaleIDProcessor otherAuthModule) {
- int thisOrder = thisAuthModule.getPriority();
- int otherOrder = otherAuthModule.getPriority();
- return (thisOrder < otherOrder ? 1 : (thisOrder == otherOrder ? 0 : -1));
- }
- });
-
- log.info("# " + handlers.size() + " eID PostProcessing services are registrated");
-
- }
-
- @Override
- public void preProcess(String selectedCitizenCountry, IRequest pendingReq, Builder authnRequestBuilder) throws eIDPostProcessingException {
- if (StringUtils.isEmpty(selectedCitizenCountry))
- log.info("No CountryCode for eID Pre-Processor. Default Pre-Processor will be used");
-
- for (INationaleIDProcessor el : handlers) {
- if (el.canHandle(selectedCitizenCountry)) {
- log.debug("Pre-Process eIDAS request for " + selectedCitizenCountry + " by using: " + el.getName());
- el.preProcess(pendingReq, authnRequestBuilder);
- return;
-
- }
- }
-
- log.error("NO eID PostProcessor FOUND. Looks like a depentency problem!");
- throw new eIDPostProcessingException("internal.00", null);
-
- }
-
- @Override
- public ERnBeIDData postProcess(Map<String, Object> eIDASAttrMap) throws eIDPostProcessingException, eIDASAttributeException {
- //extract citizen country from eIDAS unique identifier
- Object eIdentifierObj = eIDASAttrMap.get(Constants.eIDAS_ATTR_PERSONALIDENTIFIER);
- if (eIdentifierObj == null || !(eIdentifierObj instanceof String))
- throw new eIDASAttributeException(Constants.eIDAS_ATTR_PERSONALIDENTIFIER);
-
- Trible<String, String, String> eIdentifier =
- eIDASResponseUtils.parseEidasPersonalIdentifier((String)eIdentifierObj);
- String citizenCountry = eIdentifier.getFirst();
-
- if (StringUtils.isEmpty(citizenCountry))
- log.info("No CountryCode for eID PostProcessor. Default-PostProcessor will be used");
-
- for (INationaleIDProcessor el : handlers) {
- if (el.canHandle(citizenCountry)) {
- log.debug("Post-Process eIDAS eID from " + citizenCountry + " by using: " + el.getName());
- return el.postProcess(eIDASAttrMap);
-
- }
- }
-
- log.error("NO eID PostProcessor FOUND. Looks like a depentency problem!");
- throw new eIDPostProcessingException("internal.00", null);
- }
-
-}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/ICCSpecificEIDProcessingService.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/ICCSpecificEIDProcessingService.java
deleted file mode 100644
index 02802126..00000000
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/ICCSpecificEIDProcessingService.java
+++ /dev/null
@@ -1,57 +0,0 @@
-/*******************************************************************************
- * Copyright 2018 A-SIT Plus GmbH
- * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
- * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "License");
- * You may not use this work except in compliance with the License.
- * You may obtain a copy of the License at:
- * https://joinup.ec.europa.eu/news/understanding-eupl-v12
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-package at.asitplus.eidas.specific.modules.authmodule_eIDASv2.service;
-
-import java.util.Map;
-
-import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.DAO.ERnBeIDData;
-import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.eIDASAttributeException;
-import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.eIDPostProcessingException;
-import at.gv.egiz.eaaf.core.api.IRequest;
-import eu.eidas.auth.commons.light.ILightRequest;
-import eu.eidas.auth.commons.light.impl.LightRequest.Builder;
-
-public interface ICCSpecificEIDProcessingService {
-
- /**
- * Post-process eIDAS eID attributes into national format
- *
- * @param eIDASAttrMap Map of eIDAS attributes in format friendlyName and attribute
- *
- * @return eID attributes for SZR request
- * @throws eIDPostProcessingException
- * @throws eIDASAttributeException
- */
- public ERnBeIDData postProcess(Map<String, Object> eIDASAttrMap) throws eIDPostProcessingException, eIDASAttributeException;
-
- /**
- * Pre Process eIDAS request into national requirements
- *
- * @param selectedCC Citizen Country from selection
- * @param pendingReq current pending request
- * @param authnRequestBuilder eIDAS {@link ILightRequest} builder
- * @throws eIDPostProcessingException
- */
- public void preProcess(String selectedCC, IRequest pendingReq, Builder authnRequestBuilder) throws eIDPostProcessingException;
-
-}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/eIDASAttributeRegistry.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/eIDASAttributeRegistry.java
deleted file mode 100644
index a093800e..00000000
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/eIDASAttributeRegistry.java
+++ /dev/null
@@ -1,164 +0,0 @@
-/*******************************************************************************
- * Copyright 2018 A-SIT Plus GmbH
- * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
- * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "License");
- * You may not use this work except in compliance with the License.
- * You may obtain a copy of the License at:
- * https://joinup.ec.europa.eu/news/understanding-eupl-v12
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-package at.asitplus.eidas.specific.modules.authmodule_eIDASv2.service;
-
-import java.io.File;
-import java.text.MessageFormat;
-import java.util.HashMap;
-import java.util.List;
-import java.util.Map;
-
-import javax.annotation.PostConstruct;
-
-import org.apache.commons.lang3.StringUtils;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.stereotype.Service;
-
-import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.Constants;
-import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP;
-import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException;
-import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils;
-import edu.umd.cs.findbugs.annotations.NonNull;
-import eu.eidas.auth.commons.attribute.AttributeRegistries;
-import eu.eidas.auth.commons.attribute.AttributeRegistry;
-
-@Service("attributeRegistry")
-public class eIDASAttributeRegistry {
- private static final Logger log = LoggerFactory.getLogger(eIDASAttributeRegistry.class);
- @Autowired private IConfigurationWithSP basicConfig;
-
- private AttributeRegistry coreAttributeRegistry;
-
- private String eidasAttributesFile;
- private String additionalAttributesFile;
-
- @PostConstruct
- private void initialize() throws RuntimeException {
- try {
- if (eidasAttributesFile.isEmpty()) {
- log.error("Basic eIDAS addribute definition NOT defined");
- throw new EaafConfigurationException("config.30",
- new Object[] {"eidas-attributes.xml"});
-
- }
-
- boolean additionalAttrAvailabe = false;
- if (!additionalAttributesFile.isEmpty()) {
- File file = new File(additionalAttributesFile);
- if (file.exists())
- additionalAttrAvailabe = true;
-
- }
-
- if (!additionalAttrAvailabe) {
- log.info("Start eIDAS ref. impl. Core without additional eIDAS attribute definitions ... ");
- coreAttributeRegistry = AttributeRegistries.fromFiles(eidasAttributesFile, null);
-
- } else {
- //load attribute definitions
- log.info("Start eIDAS ref. impl. Core with additional eIDAS attribute definitions ... ");
- coreAttributeRegistry = AttributeRegistries.fromFiles(eidasAttributesFile, null, additionalAttributesFile);
-
- }
-
- } catch (Throwable e) {
- log.error("Can NOT initialize eIDAS attribute definition." , e);
- new RuntimeException("Can NOT initialize eIDAS attribute definition.", e);
-
- }
- }
-
-
- public AttributeRegistry getCoreAttributeRegistry() {
- return coreAttributeRegistry;
- }
-
- @NonNull
- public Map<String, Boolean> getDefaultAttributeSetFromConfiguration() {
- /*TODO: select set for representation if mandates should be used.
- * It's an open task in respect to requested eIDAS attributes and isRequired flag,
- * because there can be a decision problem in case of natural or legal person representation!
- * From an Austrian use-case point of view, an Austrian service provider can support mandates for
- * natural and legal persons at the same time. However, we CAN NOT request attributes for natural AND
- * legal persons on the same time, because it's not possible to represent both simultaneously.
- */
- Map<String, String> configAttributes =
- basicConfig.getBasicConfigurationWithPrefix(
- Constants.CONIG_PROPS_EIDAS_NODE_ATTRIBUTES_REQUESTED_DEFAULT_ONLYNATURAL);
- return processAttributeInfosFromConfig(configAttributes);
-
- }
-
- @NonNull
- public Map<String, Boolean> getAttributeSetFromConfiguration(String countryCode) {
-
-
- /*TODO: select set for representation if mandates should be used.
- * It's an open task in respect to requested eIDAS attributes and isRequired flag,
- * because there can be a decision problem in case of natural or legal person representation!
- * From an Austrian use-case point of view, an Austrian service provider can support mandates for
- * natural and legal persons at the same time. However, we CAN NOT request attributes for natural AND
- * legal persons on the same time, because it's not possible to represent both simultaneously.
- */
- Map<String, String> configAttributes =
- basicConfig.getBasicConfigurationWithPrefix(
- MessageFormat.format(
- Constants.CONIG_PROPS_EIDAS_NODE_ATTRIBUTES_REQUESTED_CC_SPECIFIC_ONLYNATURAL,
- countryCode.toLowerCase()));
- return processAttributeInfosFromConfig(configAttributes);
-
- }
-
- private Map<String, Boolean> processAttributeInfosFromConfig(Map<String, String> configAttributes) {
-
- Map<String, Boolean> result = new HashMap<String, Boolean>();
- for (String el: configAttributes.values()) {
- if (StringUtils.isNotEmpty(el.trim())) {
- List<String> attrDef = KeyValueUtils.getListOfCsvValues(el.trim());
- boolean isRequired = false;
- if (attrDef.size() == 2)
- isRequired = Boolean.parseBoolean(attrDef.get(1));
-
- result.put(attrDef.get(0), isRequired);
-
- }
- }
-
- log.trace("Load #" + result.size() + " requested attributes from configuration");
- return result;
-
- }
-
- public void setEidasAttributesFile(String eidasAttributesFile) {
- this.eidasAttributesFile = eidasAttributesFile;
- }
-
- public void setAdditionalAttributesFile(String additionalAttributesFile) {
- this.additionalAttributesFile = additionalAttributesFile;
- }
-
-
-}
-
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/eIDASDataStore.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/eIDASDataStore.java
deleted file mode 100644
index 5c5c5270..00000000
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/eIDASDataStore.java
+++ /dev/null
@@ -1,351 +0,0 @@
-/*******************************************************************************
- * Copyright 2018 A-SIT Plus GmbH
- * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
- * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "License");
- * You may not use this work except in compliance with the License.
- * You may obtain a copy of the License at:
- * https://joinup.ec.europa.eu/news/understanding-eupl-v12
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-//package at.asitplus.eidas.specific.modules.authmodule_eIDASv2.service;
-//
-//import java.io.File;
-//import java.io.IOException;
-//import java.sql.Connection;
-//import java.sql.DriverManager;
-//import java.sql.PreparedStatement;
-//import java.sql.ResultSet;
-//import java.sql.SQLException;
-//import java.sql.Statement;
-//import java.time.Instant;
-//import java.util.Properties;
-//
-//import javax.annotation.PostConstruct;
-//
-//import org.slf4j.Logger;
-//import org.slf4j.LoggerFactory;
-//import org.springframework.beans.factory.annotation.Autowired;
-//import org.springframework.stereotype.Component;
-//import org.sqlite.SQLiteConfig;
-//import org.sqlite.SQLiteConfig.LockingMode;
-//import org.sqlite.SQLiteConfig.SynchronousMode;
-//import org.sqlite.SQLiteErrorCode;
-//
-//import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.Constants;
-//import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.DAO.eIDASPersonalIdStoreDAO;
-//import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.SQLiteServiceException;
-//import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
-//import at.gv.egiz.eaaf.core.impl.data.Pair;
-//import at.gv.egiz.eaaf.core.impl.data.Trible;
-//
-//@Component
-//@Deprecated
-//public class eIDASDataStore {
-//
-// private static final String SQLITE_JDBC_DRIVER_CLASS = "org.sqlite.JDBC";
-// private static final String SQLITE_CONNECTION_PARAM = "jdbc:sqlite:%s";
-// private static final boolean sleep = true;
-// private static final int howLongToSleepOnBusyLock_ = 100;
-//
-// private static final Logger log = LoggerFactory.getLogger(eIDASDataStore.class);
-//
-// @Autowired private IConfiguration basicConfig;
-//
-// private String connectionURL;
-// private Connection conn = null;
-//
-// @PostConstruct
-// private void initialize() throws SQLiteServiceException {
-// try {
-// String sqlLiteDBUrl = basicConfig.getBasicConfiguration(
-// Constants.CONIG_PROPS_EIDAS_SZRCLIENT_WORKAROUND_SQLLITEDATASTORE_URL,
-// basicConfig.getConfigurationRootDirectory().toString() + "/sqlite/database.db"
-//
-// );
-//
-// log.info("Use SQLite database with URL: " + sqlLiteDBUrl);
-//
-// //check if SQLite lib is in Classpath
-// Class.forName(SQLITE_JDBC_DRIVER_CLASS);
-//
-// //open DB connection
-// boolean isNewFileCreated = false;
-//
-// //open file or create file if not already exists
-// File dbFile = new File(sqlLiteDBUrl);
-// if (!dbFile.exists()) {
-// log.info("SQLite database does not exist. Creating new database file ... ");
-// dbFile.createNewFile();
-// isNewFileCreated = true;
-//
-// }
-//
-// //open database connection
-// connectionURL = String.format(SQLITE_CONNECTION_PARAM, dbFile.getPath());
-//
-// //create DB scheme if new DB file was created
-// if (isNewFileCreated) {
-// executeUpdate(startConnection().createStatement(), eIDASPersonalIdStoreDAO.CREATE);
-// log.debug("SQLite db scheme created");
-//
-// }
-//
-// } catch (ClassNotFoundException e) {
-// log.warn("Can NOT initialize SQLite database for temporarly identity mapping. ", e);
-// throw new SQLiteServiceException("internal.05", new Object[] {e.getMessage()}, e);
-//
-// } catch (SQLException | IOException e) {
-// log.warn("Can NOT initialize SQLite database for temporarly identity mapping. ", e);
-// throw new SQLiteServiceException("internal.05", new Object[] {e.getMessage()}, e);
-//
-// }
-//
-// }
-//
-//
-//
-//
-// /**
-// * Store a mapping entry with eIDAS personal identifier (source country / destination country / personal identifier)
-// * and the identifier that is used for ERnB communication
-// *
-// * @param transactionId Id of this authentication transaction
-// * @param eIDASId eIDAS personal identifier without country prefixes
-// * @param ernbId personal identifier that is used to request the ERnB
-// * @throws SQLiteServiceException
-// */
-// public void storeNationalId(String transactionId, Trible<String, String, String> eIDASId, String ernbId) throws SQLiteServiceException {
-// try {
-// PreparedStatement preStatment = startConnection().prepareStatement(
-// eIDASPersonalIdStoreDAO.INSERT,
-// Statement.RETURN_GENERATED_KEYS);
-//
-// for (int i=1; i<=eIDASPersonalIdStoreDAO.TABLE_COLS.size(); i++) {
-// Pair<String, eIDASPersonalIdStoreDAO.T> col = eIDASPersonalIdStoreDAO.TABLE_COLS.get(i-1);
-// if (col.getFirst().equals(eIDASPersonalIdStoreDAO.COLS.timestamp.name()))
-// preStatment.setDate(i, new java.sql.Date(Instant.now().toEpochMilli()));
-//
-// else if (col.getFirst().equals(eIDASPersonalIdStoreDAO.COLS.transactionId.name()))
-// preStatment.setString(i, transactionId);
-//
-// else if (col.getFirst().equals(eIDASPersonalIdStoreDAO.COLS.eidasId.name()))
-// preStatment.setString(i, eIDASId.getThird());
-//
-// else if (col.getFirst().equals(eIDASPersonalIdStoreDAO.COLS.eidasSourceCountry.name()))
-// preStatment.setString(i, eIDASId.getFirst());
-//
-// else if (col.getFirst().equals(eIDASPersonalIdStoreDAO.COLS.eidasDestinationCountry.name()))
-// preStatment.setString(i, eIDASId.getSecond());
-//
-// else if (col.getFirst().equals(eIDASPersonalIdStoreDAO.COLS.ernbId.name()))
-// preStatment.setString(i, ernbId);
-//
-// else
-// log.warn("SQLite table:" + eIDASPersonalIdStoreDAO.NAME + " contains no col with name:" + col.getFirst());
-//
-// }
-//
-// //execute SQL query
-// int sqlResult = preStatment.executeUpdate();
-//
-// if (sqlResult != 1) {
-// log.warn("SQLite query execution FAILED!");
-// throw new SQLiteServiceException("internal.06", new Object[] {"Queryresult is '-1'"});
-//
-// }
-//
-// } catch (SQLiteServiceException | SQLException e) {
-// log.warn("SQLite query execution FAILED!", e);
-// throw new SQLiteServiceException("internal.05", new Object[] {e.getMessage()}, e);
-//
-// }
-//
-// }
-//
-// public String getErnbNationalId(Trible<String, String, String> eIDASId) throws SQLiteServiceException {
-// try {
-// PreparedStatement preStatment = startConnection().prepareStatement(
-// eIDASPersonalIdStoreDAO.SELECT_BY_EIDAS_RAW_ID,
-// Statement.RETURN_GENERATED_KEYS);
-//
-// preStatment.setString(1, eIDASId.getThird());
-// preStatment.setString(2, eIDASId.getFirst());
-//
-// ResultSet rs = preStatment.executeQuery();
-//
-// if(!rs.next())
-// return null;
-//
-// else
-// return rs.getString(eIDASPersonalIdStoreDAO.COLS.ernbId.name());
-//
-// } catch (SQLiteServiceException | SQLException e) {
-// log.warn("SQLite query execution FAILED!", e);
-// throw new SQLiteServiceException("internal.05", new Object[] {e.getMessage()}, e);
-//
-// }
-//
-//
-// }
-//
-// public String getEidasRawNationalId(String ernbId) throws SQLiteServiceException {
-// try {
-// PreparedStatement preStatment = startConnection().prepareStatement(
-// eIDASPersonalIdStoreDAO.SELECT_BY_ERNB_ID,
-// Statement.RETURN_GENERATED_KEYS);
-//
-// preStatment.setString(1, ernbId);
-//
-// ResultSet rs = preStatment.executeQuery();
-//
-// if(!rs.next())
-// return null;
-//
-// else
-// return rs.getString(eIDASPersonalIdStoreDAO.COLS.eidasId.name());
-//
-// } catch (SQLiteServiceException | SQLException e) {
-// log.warn("SQLite query execution FAILED!", e);
-// throw new SQLiteServiceException("internal.05", new Object[] {e.getMessage()}, e);
-//
-// }
-//
-// }
-//
-// private Connection startConnection() throws SQLiteServiceException {
-// int i = howLongToSleepOnBusyLock_;
-//
-// while (true) {
-// try {
-// if (conn == null) {
-// log.info("Initializing SQLite database with URL: " + connectionURL + " ... ");
-// conn = DriverManager.getConnection(connectionURL, getConnectionProperties());
-//
-// } else {
-// if (!conn.isValid(10)) {
-// log.info("SQLite connection is not valid any more --> restarting connection ...");
-// conn.close();
-// conn = DriverManager.getConnection(connectionURL, getConnectionProperties());
-// }
-// }
-//
-// log.info("SQLite database connected");
-// return conn;
-//
-// } catch (SQLException e) {
-// String msg = e.getLocalizedMessage();
-// if (isBusyLocked( e)) {
-// log.warn(msg, e);
-// try {
-// if (sleep)
-// Thread.sleep(i++);
-//
-// } catch (InterruptedException e1) {
-// throw new SQLiteServiceException("internal.05", new Object[] {e1.getMessage()}, e1);
-//
-// }
-// continue;
-//
-// }
-// throw new SQLiteServiceException("internal.05", new Object[] {e.getMessage()}, e);
-//
-// }
-// }
-// }
-//
-//
-// /*
-// * SQLite query code
-// */
-//
-// protected Properties getConnectionProperties() {
-// SQLiteConfig config = new SQLiteConfig();
-// config.enforceForeignKeys(true);
-// config.setCacheSize(8000);
-// config.setLockingMode(LockingMode.NORMAL);
-// config.setSharedCache(false);
-// config.setReadUncommited(true);
-// config.setSynchronous(SynchronousMode.NORMAL);
-// return config.toProperties();
-//
-// }
-//
-// private int executeUpdate(Statement statement, String sql) throws SQLiteServiceException {
-// int i = 10;
-//
-// int rc = -1;
-// while (true) {
-// try {
-// rc = statement.executeUpdate(sql);
-// break;
-//
-// } catch (SQLException e) {
-// try {
-// if (executeUpdateError(e, i))
-// continue;
-// else
-// throw new SQLiteServiceException("internal.06",
-// new Object[] {e.getMessage()}, e);
-//
-// } catch (SQLiteServiceException e1) {
-// log.warn("\n" + sql + "\n" + e1.getMessage());
-// throw e1;
-//
-// }
-// }
-// }
-//
-// return rc;
-//
-// }
-//
-// private boolean isBusyLocked(SQLException e) {
-// int eC = e.getErrorCode();
-//
-// if (eC == SQLiteErrorCode.SQLITE_LOCKED.code
-// || eC == SQLiteErrorCode.SQLITE_BUSY.code) {
-// log.trace("SQLite db is busy looked");
-// return true;
-//
-// }
-//
-// String msg = e.getMessage();
-// if ( msg.contains("[SQLITE_LOCKED]") || msg.contains("[SQLITE_BUSY]")) {
-// log.trace("SQLite db is busy looked");
-// return true;
-// }
-//
-// return false;
-// }
-//
-// private boolean executeUpdateError(SQLException e, int theadSleepCounter) throws SQLiteServiceException {
-// if (isBusyLocked(e)) {
-// try {
-// if (sleep) Thread.sleep(theadSleepCounter++);
-//
-// } catch (InterruptedException e1) {
-// throw new SQLiteServiceException("internal.05", new Object[] {e1.getMessage()}, e1);
-//
-// }
-//
-// return true;
-// }
-//
-// return false;
-//
-// }
-//}
-//
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/szr/SZRClient.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/szr/SZRClient.java
deleted file mode 100644
index 6bffef3b..00000000
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/szr/SZRClient.java
+++ /dev/null
@@ -1,398 +0,0 @@
-/*******************************************************************************
- * Copyright 2018 A-SIT Plus GmbH
- * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
- * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "License");
- * You may not use this work except in compliance with the License.
- * You may obtain a copy of the License at:
- * https://joinup.ec.europa.eu/news/understanding-eupl-v12
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-package at.asitplus.eidas.specific.modules.authmodule_eIDASv2.szr;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.net.URL;
-import java.security.KeyManagementException;
-import java.security.KeyStore;
-import java.security.KeyStoreException;
-import java.security.NoSuchAlgorithmException;
-import java.security.SecureRandom;
-import java.security.UnrecoverableKeyException;
-import java.util.ArrayList;
-import java.util.List;
-import java.util.Map;
-
-import javax.annotation.PostConstruct;
-import javax.annotation.Resource;
-import javax.net.ssl.KeyManager;
-import javax.net.ssl.KeyManagerFactory;
-import javax.net.ssl.SSLContext;
-import javax.net.ssl.TrustManager;
-import javax.net.ssl.TrustManagerFactory;
-import javax.xml.bind.JAXBContext;
-import javax.xml.bind.Marshaller;
-import javax.xml.namespace.QName;
-import javax.xml.transform.Source;
-import javax.xml.transform.Transformer;
-import javax.xml.transform.TransformerException;
-import javax.xml.transform.TransformerFactory;
-import javax.xml.transform.stream.StreamResult;
-import javax.xml.transform.stream.StreamSource;
-import javax.xml.ws.BindingProvider;
-import javax.xml.ws.Dispatch;
-import javax.xml.ws.WebServiceContext;
-import javax.xml.ws.handler.Handler;
-
-import org.apache.commons.lang3.StringUtils;
-import org.apache.cxf.configuration.jsse.TLSClientParameters;
-import org.apache.cxf.endpoint.Client;
-import org.apache.cxf.frontend.ClientProxy;
-import org.apache.cxf.jaxws.DispatchImpl;
-import org.apache.cxf.transport.http.HTTPConduit;
-import org.apache.cxf.transports.http.configuration.HTTPClientPolicy;
-import org.apache.xpath.XPathAPI;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.stereotype.Service;
-import org.w3c.dom.Document;
-import org.w3c.dom.Element;
-
-import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.Constants;
-import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.SZRCommunicationException;
-import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.utils.LoggingHandler;
-import at.gv.egiz.eaaf.core.api.data.XmlNamespaceConstants;
-import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
-import at.gv.egiz.eaaf.core.impl.utils.DomUtils;
-import at.gv.egiz.eaaf.core.impl.utils.FileUtils;
-import at.gv.egiz.eaaf.core.impl.utils.KeyStoreUtils;
-import szrservices.GetBPK;
-import szrservices.GetBPKResponse;
-import szrservices.GetIdentityLinkEidas;
-import szrservices.GetIdentityLinkEidasResponse;
-import szrservices.IdentityLinkType;
-import szrservices.ObjectFactory;
-import szrservices.PersonInfoType;
-import szrservices.SZR;
-import szrservices.SZRException_Exception;
-
-@Service("SZRClientForeIDAS")
-public class SZRClient {
- private static final Logger log = LoggerFactory.getLogger(SZRClient.class);
-
- private static final String CLIENT_DEFAULT = "DefaultClient";
- private static final String CLIENT_RAW = "RawClient";
-
- @Autowired private IConfiguration basicConfig;
- @Resource private WebServiceContext wsContext;
-
- //client for anything, without identitylink
- private SZR szr = null;
-
- //RAW client is needed for identitylink
- private Dispatch<Source> dispatch = null;
-
-
- private SZRService szrService = null;
- private String szrURL = null;
- private QName qname = null;
-
- public IdentityLinkType getIdentityLinkInRawMode(PersonInfoType personInfo) throws SZRCommunicationException {
- try {
- GetIdentityLinkEidas getIDL = new GetIdentityLinkEidas();
- getIDL.setPersonInfo(personInfo);
-
- JAXBContext jaxbContext = JAXBContext.newInstance(ObjectFactory.class);
- Marshaller jaxbMarshaller = jaxbContext.createMarshaller();
-
- final ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
- jaxbMarshaller.marshal(getIDL, outputStream);
- outputStream.flush();
-
- Source source = new StreamSource(new ByteArrayInputStream(outputStream.toByteArray()));
- outputStream.close();
-
- log.trace("Requesting SZR ... ");
- Source response = dispatch.invoke(source);
- log.trace("Receive RAW response from SZR");
-
- byte[] szrResponse = sourceToByteArray(response);
- //JAXBContext ctx = JAXBContext.newInstance(IdentityLinkType.class
-// .getPackage().getName());
- GetIdentityLinkEidasResponse jaxbElement = (GetIdentityLinkEidasResponse) jaxbContext
- .createUnmarshaller().unmarshal(new ByteArrayInputStream(szrResponse));
-
-
- //build response
- log.trace(new String(szrResponse));
-
- // ok, we have success
- Document doc = DomUtils.parseDocument(
- new ByteArrayInputStream(szrResponse),
- true,
- XmlNamespaceConstants.ALL_SCHEMA_LOCATIONS + " " + Constants.SZR_SCHEMA_LOCATIONS,
- null, null
- );
- String xpathExpression = "//saml:Assertion";
- Element nsNode = doc.createElementNS("urn:oasis:names:tc:SAML:1.0:assertion", "saml:NSNode");
-
- log.trace("Selecting signed doc " + xpathExpression);
- Element documentNode = (Element) XPathAPI.selectSingleNode(doc,
- xpathExpression, nsNode);
- log.trace("Signed document: " + DomUtils.serializeNode(documentNode));
-
-
- IdentityLinkType idl = new IdentityLinkType();
- idl.setAssertion(documentNode);
- idl.setPersonInfo(jaxbElement.getGetIdentityLinkReturn().getPersonInfo());
-
- return idl;
-
- } catch ( Exception e) {
- log.warn("SZR communication FAILED. Reason: " + e.getMessage(), e);
- throw new SZRCommunicationException("ernb.02", new Object[] {e.getMessage()}, e);
-
- }
-
- }
-
- public String getBPK(PersonInfoType personInfo, String target, String vkz) throws SZRCommunicationException {
- try {
- GetBPK parameters = new GetBPK();
- parameters.setPersonInfo(personInfo);
- parameters.setBereichsKennung(target);
- parameters.setVKZ(vkz);
- GetBPKResponse result = this.szr.getBPK(parameters);
-
- return result.getGetBPKReturn();
-
- } catch (SZRException_Exception e) {
- log.warn("SZR communication FAILED. Reason: " + e.getMessage(), e);
- throw new SZRCommunicationException("ernb.02", new Object[] {e.getMessage()}, e);
-
- }
-
- }
-
-
- @PostConstruct
- private void initialize() {
- log.info("Starting SZR-Client initialization .... ");
- URL url = SZRClient.class.getResource("/szr_client/SZR-1.1.WSDL");
-
- boolean useTestSZR = basicConfig.getBasicConfigurationBoolean(
- Constants.CONIG_PROPS_EIDAS_SZRCLIENT_USETESTSERVICE,
- true);
-
- if (useTestSZR) {
- log.debug("Initializing SZR test environment configuration.");
- qname = SZRService.SZRTestumgebung;
- szrService = new SZRService(url, new QName("urn:SZRServices", "SZRService"));
- szr = szrService.getSZRTestumgebung();
- szrURL = basicConfig.getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_SZRCLIENT_ENDPOINT_TEST);
-
-
- } else {
- log.debug("Initializing SZR productive configuration.");
- qname = SZRService.SZRProduktionsumgebung;
- szrService = new SZRService(url, new QName("urn:SZRServices", "SZRService"));
- szr = szrService.getSZRProduktionsumgebung();
- szrURL = basicConfig.getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_SZRCLIENT_ENDPOINT_PROD);
-
- }
-
- //create raw client;
- dispatch = szrService.createDispatch(qname, Source.class, javax.xml.ws.Service.Mode.PAYLOAD);
-
- if (StringUtils.isEmpty(szrURL)) {
- log.error("No SZR service-URL found. SZR-Client initalisiation failed.");
- throw new RuntimeException("No SZR service URL found. SZR-Client initalisiation failed.");
-
- }
-
- //check if Clients can be initialized
- if (szr == null ) {
- log.error("SZR " + CLIENT_DEFAULT + " is 'NULL'. Something goes wrong");
- throw new RuntimeException("SZR " + CLIENT_DEFAULT + " is 'NULL'. Something goes wrong");
-
- }
- if (dispatch == null ) {
- log.error("SZR " + CLIENT_RAW + " is 'NULL'. Something goes wrong");
- throw new RuntimeException("SZR " + CLIENT_RAW + " is 'NULL'. Something goes wrong");
-
- }
-
- //inject handler
- log.info("Use SZR service-URL: " + szrURL);
- injectBindingProvider((BindingProvider) szr, CLIENT_DEFAULT);
- injectBindingProvider((BindingProvider) dispatch, CLIENT_RAW);
-
- //inject http parameters and SSL context
- log.debug("Inject HTTP client settings ... ");
- injectHTTPClient(szr, CLIENT_DEFAULT);
- injectHTTPClient(dispatch, CLIENT_RAW);
-
-
-
- log.info("SZR-Client initialization successfull");
- }
-
- private void injectHTTPClient(Object raw, String clientType) {
- //extract client from implementation
- Client client = null;
- if (raw instanceof DispatchImpl<?>)
- client = ((DispatchImpl<?>)raw).getClient();
- else if (raw instanceof Client)
- client = ClientProxy.getClient(raw);
- else
- throw new RuntimeException("SOAP Client for SZR connection is of UNSUPPORTED type: " + raw.getClass().getName());
-
- //set basic connection policies
- HTTPConduit http = (HTTPConduit) client.getConduit();
-
- //set timeout policy
- HTTPClientPolicy httpClientPolicy = new HTTPClientPolicy();
- httpClientPolicy.setConnectionTimeout(
- Integer.parseInt(basicConfig.getBasicConfiguration(
- Constants.CONIG_PROPS_EIDAS_SZRCLIENT_TIMEOUT_CONNECTION,
- Constants.HTTP_CLIENT_DEFAULT_TIMEOUT_CONNECTION)) * 1000);
- httpClientPolicy.setReceiveTimeout(
- Integer.parseInt(basicConfig.getBasicConfiguration(
- Constants.CONIG_PROPS_EIDAS_SZRCLIENT_TIMEOUT_RESPONSE,
- Constants.HTTP_CLIENT_DEFAULT_TIMEOUT_RESPONSE)) * 1000);
- http.setClient(httpClientPolicy);
-
- //inject SSL context in case of https
- if (szrURL.toLowerCase().startsWith("https")) {
- log.debug("Adding SSLContext to client: " + clientType +" ... ");
- TLSClientParameters tlsParams = new TLSClientParameters();
- tlsParams.setSSLSocketFactory(createSSLContext(clientType).getSocketFactory());
- http.setTlsClientParameters(tlsParams );
- log.info("SSLContext initialized for client: " + clientType);
-
- }
-
- }
-
- private void injectBindingProvider(BindingProvider bindingProvider, String clientType) {
- Map<String, Object> requestContext = bindingProvider.getRequestContext();
- requestContext.put(BindingProvider.ENDPOINT_ADDRESS_PROPERTY, szrURL);
-
- log.trace("Adding JAX-WS request/response trace handler to client: " + clientType);
- List<Handler> handlerList = bindingProvider.getBinding().getHandlerChain();
- if (handlerList == null) {
- handlerList = new ArrayList<Handler>();
- bindingProvider.getBinding().setHandlerChain(handlerList);
-
- }
-
- //add logging handler to trace messages if required
- if (basicConfig.getBasicConfigurationBoolean(
- Constants.CONIG_PROPS_EIDAS_SZRCLIENT_DEBUG_TRACEMESSAGES,
- false)) {
- LoggingHandler loggingHandler = new LoggingHandler();
- handlerList.add(loggingHandler);
-
- }
- bindingProvider.getBinding().setHandlerChain(handlerList);
- }
-
- private SSLContext createSSLContext(String clientType) {
- try {
- SSLContext context = SSLContext.getInstance("TLS");
-
- //initialize key-mangager for SSL client-authentication
- KeyManager[] keyManager = null;
- String keyStorePath = basicConfig.getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_SZRCLIENT_SSL_KEYSTORE_PATH);
- String keyStorePassword = basicConfig.getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_SZRCLIENT_SSL_KEYSTORE_PASSWORD);
- if (StringUtils.isNotEmpty(keyStorePath)) {
- log.trace("Find keyStore path: " + keyStorePath + " Injecting SSL client certificate ... ");
- try {
- KeyStore keyStore = KeyStoreUtils.loadKeyStore(
- FileUtils.makeAbsoluteUrl(keyStorePath, basicConfig.getConfigurationRootDirectory()),
- keyStorePassword);
-
- KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
- kmf.init(keyStore, keyStorePassword.toCharArray());
- keyManager = kmf.getKeyManagers();
- log.debug("SSL client certificate injected to client: " + clientType);
-
- } catch (KeyStoreException | IOException | UnrecoverableKeyException e) {
- log.error("Can NOT load SSL client certificate from path: " + keyStorePath);
- throw new RuntimeException("Can NOT load SSL client certificate from path: " + keyStorePath, e);
-
- }
- } else {
- log.debug("No KeyStore for SSL Client Auth. found. Initializing SSLContext without authentication ... ");
-
- }
-
-
- //initialize SSL TrustStore
- TrustManager[] trustManager = null;
- String trustStorePath = basicConfig.getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_SZRCLIENT_SSL_TRUSTSTORE_PATH);
- String trustStorePassword = basicConfig.getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_SZRCLIENT_SSL_TRUSTSTORE_PASSWORD);
- if (StringUtils.isNotEmpty(trustStorePath)) {
- log.trace("Find trustStore path: " + trustStorePath + " Injecting SSL TrustStore ... ");
- try {
- KeyStore trustStore = KeyStoreUtils.loadKeyStore(
- FileUtils.makeAbsoluteUrl(trustStorePath, basicConfig.getConfigurationRootDirectory()),
- trustStorePassword);
-
- TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509");
- tmf.init(trustStore);
- trustManager = tmf.getTrustManagers();
- log.debug("SSL TrustStore injected to client: " + clientType);
-
- } catch (KeyStoreException | IOException e) {
- log.error("Can NOT open SSL TrustStore from path: " + trustStorePath);
- throw new RuntimeException("Can NOT open SSL TrustStore from path: " + trustStorePath, e);
-
- }
-
- } else {
- log.debug("No custom SSL TrustStore found. Initializing SSLContext with JVM default truststore ... ");
-
- }
-
-
- context.init(keyManager, trustManager, new SecureRandom());
- return context;
-
- } catch (NoSuchAlgorithmException | KeyManagementException e) {
- log.error("SSLContext initialization FAILED.", e);
- throw new RuntimeException("SSLContext initialization FAILED.", e);
-
- }
-
- }
-
- private byte[] sourceToByteArray(Source result) throws TransformerException {
- TransformerFactory factory = TransformerFactory.newInstance();
- Transformer transformer = factory.newTransformer();
- transformer.setOutputProperty("omit-xml-declaration", "yes");
- transformer.setOutputProperty("method", "xml");
- ByteArrayOutputStream out = new ByteArrayOutputStream();
- StreamResult streamResult = new StreamResult();
- streamResult.setOutputStream(out);
- transformer.transform(result, streamResult);
- return out.toByteArray();
- }
-
-
-
-}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/szr/SZRService.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/szr/SZRService.java
deleted file mode 100644
index a5a2d31e..00000000
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/szr/SZRService.java
+++ /dev/null
@@ -1,161 +0,0 @@
-/*******************************************************************************
- * Copyright 2018 A-SIT Plus GmbH
- * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
- * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "License");
- * You may not use this work except in compliance with the License.
- * You may obtain a copy of the License at:
- * https://joinup.ec.europa.eu/news/understanding-eupl-v12
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-package at.asitplus.eidas.specific.modules.authmodule_eIDASv2.szr;
-
-import java.net.URL;
-
-import javax.xml.namespace.QName;
-import javax.xml.ws.Service;
-import javax.xml.ws.WebEndpoint;
-import javax.xml.ws.WebServiceClient;
-import javax.xml.ws.WebServiceFeature;
-
-import szrservices.SZR;
-
-/**
- * This class was generated by Apache CXF 3.1.16
- * 2018-07-10T09:36:01.466+02:00
- * Generated source version: 3.1.16
- *
- */
-@WebServiceClient(name = "SZRService",
- wsdlLocation = "./src/main/resources/szr_client/SZR-1.WSDL",
- targetNamespace = "urn:SZRServices")
-public class SZRService extends Service {
-
- public final static URL WSDL_LOCATION;
-
- public final static QName SERVICE = new QName("urn:SZRServices", "SZRService");
- public final static QName SZRProduktionsumgebung = new QName("urn:SZRServices", "SZRProduktionsumgebung");
- public final static QName SZRTestumgebung = new QName("urn:SZRServices", "SZRTestumgebung");
- public final static QName SZRBusinesspartnerTestumgebung = new QName("urn:SZRServices", "SZRBusinesspartnerTestumgebung");
- static {
- URL url = SZRService.class.getResource("./src/main/resources/szr_client/SZR-1.WSDL");
- if (url == null) {
- url = SZRService.class.getClassLoader().getResource("/szr_client/SZR-1.WSDL");
- }
- if (url == null) {
- java.util.logging.Logger.getLogger(SZRService.class.getName())
- .log(java.util.logging.Level.INFO,
- "Can not initialize the default wsdl from {0}", "/szr_client/SZR-1.WSDL");
- }
- WSDL_LOCATION = url;
-
- }
-
- public SZRService(URL wsdlLocation) {
- super(wsdlLocation, SERVICE);
- }
-
- public SZRService(URL wsdlLocation, QName serviceName) {
- super(wsdlLocation, serviceName);
- }
-
- public SZRService() {
- super(WSDL_LOCATION, SERVICE);
- }
-
- public SZRService(WebServiceFeature ... features) {
- super(WSDL_LOCATION, SERVICE, features);
- }
-
- public SZRService(URL wsdlLocation, WebServiceFeature ... features) {
- super(wsdlLocation, SERVICE, features);
- }
-
- public SZRService(URL wsdlLocation, QName serviceName, WebServiceFeature ... features) {
- super(wsdlLocation, serviceName, features);
- }
-
-
-
-
- /**
- *
- * @return
- * returns SZR
- */
- @WebEndpoint(name = "SZRProduktionsumgebung")
- public SZR getSZRProduktionsumgebung() {
- return super.getPort(SZRProduktionsumgebung, SZR.class);
- }
-
- /**
- *
- * @param features
- * A list of {@link javax.xml.ws.WebServiceFeature} to configure on the proxy. Supported features not in the <code>features</code> parameter will have their default values.
- * @return
- * returns SZR
- */
- @WebEndpoint(name = "SZRProduktionsumgebung")
- public SZR getSZRProduktionsumgebung(WebServiceFeature... features) {
- return super.getPort(SZRProduktionsumgebung, SZR.class, features);
- }
-
-
- /**
- *
- * @return
- * returns SZR
- */
- @WebEndpoint(name = "SZRTestumgebung")
- public SZR getSZRTestumgebung() {
- return super.getPort(SZRTestumgebung, SZR.class);
- }
-
- /**
- *
- * @param features
- * A list of {@link javax.xml.ws.WebServiceFeature} to configure on the proxy. Supported features not in the <code>features</code> parameter will have their default values.
- * @return
- * returns SZR
- */
- @WebEndpoint(name = "SZRTestumgebung")
- public SZR getSZRTestumgebung(WebServiceFeature... features) {
- return super.getPort(SZRTestumgebung, SZR.class, features);
- }
-
-
- /**
- *
- * @return
- * returns SZR
- */
- @WebEndpoint(name = "SZRBusinesspartnerTestumgebung")
- public SZR getSZRBusinesspartnerTestumgebung() {
- return super.getPort(SZRBusinesspartnerTestumgebung, SZR.class);
- }
-
- /**
- *
- * @param features
- * A list of {@link javax.xml.ws.WebServiceFeature} to configure on the proxy. Supported features not in the <code>features</code> parameter will have their default values.
- * @return
- * returns SZR
- */
- @WebEndpoint(name = "SZRBusinesspartnerTestumgebung")
- public SZR getSZRBusinesspartnerTestumgebung(WebServiceFeature... features) {
- return super.getPort(SZRBusinesspartnerTestumgebung, SZR.class, features);
- }
-
-}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/tasks/CreateIdentityLinkTask.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/tasks/CreateIdentityLinkTask.java
deleted file mode 100644
index 26dab045..00000000
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/tasks/CreateIdentityLinkTask.java
+++ /dev/null
@@ -1,392 +0,0 @@
-/*******************************************************************************
- * Copyright 2018 A-SIT Plus GmbH
- * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
- * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "License");
- * You may not use this work except in compliance with the License.
- * You may obtain a copy of the License at:
- * https://joinup.ec.europa.eu/news/understanding-eupl-v12
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-package at.asitplus.eidas.specific.modules.authmodule_eIDASv2.tasks;
-
-import java.io.InputStream;
-import java.util.HashMap;
-import java.util.List;
-import java.util.Map;
-
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import org.apache.commons.lang3.StringUtils;
-import org.joda.time.DateTime;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.stereotype.Component;
-import org.w3c.dom.Element;
-import org.w3c.dom.Node;
-
-import com.google.common.collect.ImmutableMap;
-import com.google.common.collect.ImmutableSet;
-
-import at.asitplus.eidas.specific.connector.MSConnectorEventCodes;
-import at.asitplus.eidas.specific.connector.MSeIDASNodeConstants;
-import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.Constants;
-import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.DAO.ERnBeIDData;
-import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.SZRCommunicationException;
-import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.eIDASAttributeException;
-import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.service.ICCSpecificEIDProcessingService;
-import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.szr.SZRClient;
-import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.utils.eIDASResponseUtils;
-import at.gv.e_government.reference.namespace.persondata._20020228.AlternativeNameType;
-import at.gv.e_government.reference.namespace.persondata._20020228.PersonNameType;
-import at.gv.e_government.reference.namespace.persondata._20020228.PhysicalPersonType;
-import at.gv.egiz.eaaf.core.api.data.EaafConstants;
-import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions;
-import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
-import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink;
-import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
-import at.gv.egiz.eaaf.core.exceptions.EaafException;
-import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
-import at.gv.egiz.eaaf.core.impl.data.Pair;
-import at.gv.egiz.eaaf.core.impl.idp.auth.builder.BpkBuilder;
-import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper;
-import at.gv.egiz.eaaf.core.impl.idp.auth.data.SimpleIdentityLinkAssertionParser;
-import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
-import at.gv.egiz.eaaf.core.impl.utils.DomUtils;
-import at.gv.egiz.eaaf.core.impl.utils.XPathUtils;
-import eu.eidas.auth.commons.attribute.AttributeDefinition;
-import eu.eidas.auth.commons.attribute.AttributeValue;
-import eu.eidas.auth.commons.light.ILightResponse;
-import eu.eidas.auth.commons.protocol.eidas.impl.PostalAddress;
-import szrservices.IdentityLinkType;
-import szrservices.PersonInfoType;
-import szrservices.TravelDocumentType;
-
-/**
- * @author tlenz
- *
- */
-@Component("CreateIdentityLinkTask")
-public class CreateIdentityLinkTask extends AbstractAuthServletTask {
- private static final Logger log = LoggerFactory.getLogger(CreateIdentityLinkTask.class);
-
- @Autowired private IConfiguration basicConfig;
- @Autowired private SZRClient szrClient;
- @Autowired private ICCSpecificEIDProcessingService eIDPostProcessor;
-
- /* (non-Javadoc)
- * @see at.gv.egovernment.moa.id.process.springweb.MoaIdTask#execute(at.gv.egovernment.moa.id.process.api.ExecutionContext, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
- */
- @Override
- public void execute(ExecutionContext executionContext,
- HttpServletRequest request, HttpServletResponse response)
- throws TaskExecutionException {
- try{
- AuthProcessDataWrapper authProcessData = pendingReq.getSessionData(AuthProcessDataWrapper.class);
- ILightResponse eIDASResponse = authProcessData.getGenericDataFromSession(
- Constants.DATA_FULL_EIDAS_RESPONSE, ILightResponse.class);
-
- Map<String, Object> simpleAttrMap = converteIDASAttrToSimpleMap(eIDASResponse.getAttributes().getAttributeMap());
-
- IIdentityLink identityLink = null;
- String bPK = null;
-
- //post-process eIDAS attributes
- ERnBeIDData eIDData = eIDPostProcessor.postProcess(simpleAttrMap);
-
- //write MDS into technical log and revision log
- writeMDSLogInformation(eIDData);
-
- //connect SZR-Gateway
- if(basicConfig.getBasicConfigurationBoolean(
- Constants.CONIG_PROPS_EIDAS_SZRCLIENT_DEBUG_USEDUMMY, false)) {
- log.warn("SZR-Dummy IS ACTIVE! IdentityLink is NOT VALID!!!!");
- // create fake IdL
- // - fetch IdL template from resources
- InputStream s = CreateIdentityLinkTask.class.getResourceAsStream("/resources/xmldata/fakeIdL_IdL_template.xml");
- Element idlTemplate = DomUtils.parseXmlValidating(s);
-
- identityLink = new SimpleIdentityLinkAssertionParser(idlTemplate).parseIdentityLink();
-
- // replace data
- Element idlassertion = identityLink.getSamlAssertion();
-
- // - set fake baseID;
- Node prIdentification = XPathUtils.selectSingleNode(idlassertion, SimpleIdentityLinkAssertionParser.PERSON_IDENT_VALUE_XPATH);
- prIdentification.getFirstChild().setNodeValue(eIDData.getPseudonym());
-
- //build personal identifier which looks like a baseID
-// String fakeBaseID = new BPKBuilder().buildBPK(eIdentifier, "baseID");
-// Logger.info("Map eIDAS eIdentifier:" + eIdentifier + " to fake baseID:" + fakeBaseID);
-// prIdentification.getFirstChild().setNodeValue(fakeBaseID);
-
- // - set last name
- Node prFamilyName = XPathUtils.selectSingleNode(idlassertion, SimpleIdentityLinkAssertionParser.PERSON_FAMILY_NAME_XPATH);
- prFamilyName.getFirstChild().setNodeValue(eIDData.getFamilyName());
-
- // - set first name
- Node prGivenName = XPathUtils.selectSingleNode(idlassertion, SimpleIdentityLinkAssertionParser.PERSON_GIVEN_NAME_XPATH);
- prGivenName.getFirstChild().setNodeValue(eIDData.getGivenName());
-
- // - set date of birth
- Node prDateOfBirth = XPathUtils.selectSingleNode(idlassertion, SimpleIdentityLinkAssertionParser.PERSON_DATE_OF_BIRTH_XPATH);
-
- prDateOfBirth.getFirstChild().setNodeValue(eIDData.getFormatedDateOfBirth());
-
- identityLink = new SimpleIdentityLinkAssertionParser(idlassertion).parseIdentityLink();
-
- Pair<String, String> bPKCalc = new BpkBuilder().generateAreaSpecificPersonIdentifier(
- identityLink.getIdentificationValue(),
- identityLink.getIdentificationType(),
- pendingReq.getServiceProviderConfiguration().getAreaSpecificTargetIdentifier());
- bPK = bPKCalc.getFirst();
-
-
- } else {
- //contact SZR Gateway
- log.debug("Starting connecting SZR Gateway");
- PersonInfoType personInfo = new PersonInfoType();
- PersonNameType personName = new PersonNameType();
- PhysicalPersonType naturalPerson = new PhysicalPersonType();
- TravelDocumentType eDocument = new TravelDocumentType();
-
- naturalPerson.setName(personName );
- personInfo.setPerson(naturalPerson );
- personInfo.setTravelDocument(eDocument );
-
- //person information
- personName.setFamilyName(eIDData.getFamilyName());
- personName.setGivenName(eIDData.getGivenName());
- naturalPerson.setDateOfBirth(eIDData.getFormatedDateOfBirth());
- eDocument.setIssuingCountry(eIDData.getCitizenCountryCode());
- eDocument.setDocumentNumber(eIDData.getPseudonym());
-
- //eID document information
- eDocument.setDocumentType(basicConfig.getBasicConfiguration(
- Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_EDOCUMENTTYPE,
- Constants.SZR_CONSTANTS_DEFAULT_DOCUMENT_TYPE));
-
- //set PlaceOfBirth if available
- if (eIDData.getPlaceOfBirth() != null) {
- log.trace("Find 'PlaceOfBirth' attribute: " + eIDData.getPlaceOfBirth());
- if (basicConfig.getBasicConfigurationBoolean(
- Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_SETPLACEOFBIRTHIFAVAILABLE,
- true)) {
- naturalPerson.setPlaceOfBirth(eIDData.getPlaceOfBirth());
- log.trace("Adding 'PlaceOfBirth' to ERnB request ... ");
-
- }
- }
-
- //set BirthName if available
- if (eIDData.getBirthName() != null) {
- log.trace("Find 'BirthName' attribute: " + eIDData.getBirthName());
- if (basicConfig.getBasicConfigurationBoolean(
- Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_SETBIRTHNAMEIFAVAILABLE,
- true)) {
- AlternativeNameType alternativeName = new AlternativeNameType();
- naturalPerson.setAlternativeName(alternativeName );
- alternativeName.setFamilyName(eIDData.getBirthName());
- log.trace("Adding 'BirthName' to ERnB request ... ");
-
- }
- }
-
-
- IdentityLinkType result = szrClient.getIdentityLinkInRawMode(personInfo);
-
- Element idlFromSZR = (Element)result.getAssertion();
- identityLink = new SimpleIdentityLinkAssertionParser(idlFromSZR).parseIdentityLink();
-
- //write ERnB inputdata into revisionlog
- if (basicConfig.getBasicConfigurationBoolean(
- Constants.CONIG_PROPS_EIDAS_SZRCLIENT_WORKAROUND_REVISIONLOGDATASTORE_ACTIVE, false)) {
- revisionsLogger.logEvent(pendingReq,
- MSConnectorEventCodes.SZR_ERNB_EIDAS_RAW_ID,
- (String)simpleAttrMap.get(Constants.eIDAS_ATTR_PERSONALIDENTIFIER));
- revisionsLogger.logEvent(pendingReq,
- MSConnectorEventCodes.SZR_ERNB_EIDAS_ERNB_ID, eIDData.getPseudonym());
-
- }
-
- //get bPK from SZR
- if (basicConfig.getBasicConfigurationBoolean(
- Constants.CONIG_PROPS_EIDAS_SZRCLIENT_DEBUG_USESRZFORBPKGENERATION, true)) {
- bPK = szrClient.getBPK(
- personInfo,
- pendingReq.getServiceProviderConfiguration().getAreaSpecificTargetIdentifier(),
- basicConfig.getBasicConfiguration(
- Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_VKZ,
- "no VKZ defined"));
-
- } else {
- log.debug("Calculating bPK from baseId ... ");
- Pair<String, String> bPKCalc = new BpkBuilder().generateAreaSpecificPersonIdentifier(
- identityLink.getIdentificationValue(),
- identityLink.getIdentificationType(),
- pendingReq.getServiceProviderConfiguration().getAreaSpecificTargetIdentifier());
- bPK = bPKCalc.getFirst();
-
- }
-
- }
-
- if (identityLink == null) {
- log.error("ERnB did not return an identity link.");
- throw new SZRCommunicationException("ernb.00", null);
-
- }
- revisionsLogger.logEvent(pendingReq, MSConnectorEventCodes.SZR_IDL_RECEIVED,
- identityLink.getSamlAssertion().getAttribute(SimpleIdentityLinkAssertionParser.ASSERTIONID));
-
-
- if (bPK == null) {
- log.error("ERnB did not return a bPK for target: " + pendingReq.getServiceProviderConfiguration().getAreaSpecificTargetIdentifier());
- throw new SZRCommunicationException("ernb.01", null);
-
- }
- revisionsLogger.logEvent(pendingReq, MSConnectorEventCodes.SZR_BPK_RECEIVED);
-
- log.debug("ERnB communication was successfull");
-
- authProcessData.setForeigner(true);
- authProcessData.setIdentityLink(identityLink);
- authProcessData.setGenericDataToSession(
- PvpAttributeDefinitions.EID_ISSUING_NATION_NAME,
- eIDASResponseUtils.parseEidasPersonalIdentifier((String) simpleAttrMap.get(Constants.eIDAS_ATTR_PERSONALIDENTIFIER)).getFirst());
-
- //set bPK and bPKType into auth session
- authProcessData.setGenericDataToSession(
- PvpAttributeDefinitions.BPK_NAME,
- extendBPKbyPrefix(
- bPK,
- pendingReq.getServiceProviderConfiguration().getAreaSpecificTargetIdentifier())
- );
- authProcessData.setGenericDataToSession(
- PvpAttributeDefinitions.EID_SECTOR_FOR_IDENTIFIER_NAME,
- pendingReq.getServiceProviderConfiguration().getAreaSpecificTargetIdentifier());
-
-
-
- //store pending-request
- requestStoreage.storePendingRequest(pendingReq);
-
- } catch (eIDASAttributeException e) {
- throw new TaskExecutionException(pendingReq, "Minimum required eIDAS attributeset not found.", e);
-
- } catch (EaafException e) {
- throw new TaskExecutionException(pendingReq, "IdentityLink generation for foreign person FAILED.", e);
-
- } catch (Exception e) {
- log.error("IdentityLink generation for foreign person FAILED.", e);
- throw new TaskExecutionException(pendingReq, "IdentityLink generation for foreign person FAILED.", e);
-
- }
- }
-
- private String extendBPKbyPrefix(String bpk, String type) {
- String bPKType = null;
-
- if (type.startsWith(EaafConstants.URN_PREFIX_WBPK))
- bPKType = type.substring((EaafConstants.URN_PREFIX_WBPK).length());
-
- else if (type.startsWith(EaafConstants.URN_PREFIX_CDID))
- bPKType = type.substring((EaafConstants.URN_PREFIX_CDID).length());
-
- else if (type.startsWith(EaafConstants.URN_PREFIX_EIDAS))
- bPKType = type.substring((EaafConstants.URN_PREFIX_EIDAS).length());
-
-
- if (bPKType != null ) {
- log.trace("Authenticate user with bPK/wbPK " + bpk + " and Type=" + bPKType);
- return bPKType + ":" + bpk;
-
- } else {
- log.warn("Service Provider Target with: " + type + " is NOT supported. Set bPK as it is ...");
- return bpk;
-
- }
-
- }
-
- private Map<String, Object> converteIDASAttrToSimpleMap(
- ImmutableMap<AttributeDefinition<?>, ImmutableSet<? extends AttributeValue<?>>> attributeMap) {
- Map<String, Object> result = new HashMap<String, Object>();
-
- for (AttributeDefinition<?> el : attributeMap.keySet()) {
-
- final Class parameterizedType = el.getParameterizedType();
- if ((DateTime.class).equals(parameterizedType)) {
- DateTime attribute = eIDASResponseUtils.translateDateAttribute(el, attributeMap.get(el).asList());
- if (attribute != null) {
- result.put(el.getFriendlyName(), attribute);
- log.trace("Find attr '" + el.getFriendlyName() + "' with value: " + attribute.toString() );
-
- } else
- log.info("Ignore empty 'DateTime' attribute");
-
- } else if ((PostalAddress.class).equals(parameterizedType)) {
- PostalAddress addressAttribute = eIDASResponseUtils.translateAddressAttribute(el, attributeMap.get(el).asList());
- if (addressAttribute != null) {
- result.put(el.getFriendlyName(), addressAttribute);
- log.trace("Find attr '" + el.getFriendlyName() + "' with value: " + addressAttribute.toString() );
-
- } else
- log.info("Ignore empty 'PostalAddress' attribute");
-
- } else {
- List<String> natPersonIdObj = eIDASResponseUtils.translateStringListAttribute(el, attributeMap.get(el).asList());
- String stringAttr = natPersonIdObj.get(0);
- if (StringUtils.isNotEmpty(stringAttr)) {
- result.put(el.getFriendlyName(), stringAttr);
- log.trace("Find attr '" + el.getFriendlyName() + "' with value: " + stringAttr );
-
- } else
- log.info("Ignore empty 'String' attribute");
-
- }
- }
-
- log.debug("Receive #" + result.size() + " attributes with names: " + result.keySet().toString());
-
- return result;
- }
-
- private void writeMDSLogInformation(ERnBeIDData eIDData) {
- //log MDS and country code into technical log
- if (basicConfig.getBasicConfigurationBoolean(
- MSeIDASNodeConstants.PROP_CONFIG_TECHNICALLOG_WRITE_MDS_INTO_TECH_LOG, false))
- log.info("eIDAS Auth. for user: "
- + eIDData.getGivenName() + " "
- + eIDData.getFamilyName() + " "
- + eIDData.getFormatedDateOfBirth() + " "
- + "from " + eIDData.getCitizenCountryCode());
-
- //log MDS and country code into revision log
- if (basicConfig.getBasicConfigurationBoolean(
- MSeIDASNodeConstants.PROP_CONFIG_REVISIONLOG_WRITE_MDS_INTO_REVISION_LOG, false))
- revisionsLogger.logEvent(pendingReq, MSConnectorEventCodes.RESPONSE_FROM_EIDAS_MDSDATA,
- "{" + eIDData.getGivenName() + ","
- + eIDData.getFamilyName() + ","
- + eIDData.getFormatedDateOfBirth() + ","
- + eIDData.getCitizenCountryCode() + "}");
-
- }
-
-}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/tasks/GenerateAuthnRequestTask.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/tasks/GenerateAuthnRequestTask.java
deleted file mode 100644
index 7b61ef7e..00000000
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/tasks/GenerateAuthnRequestTask.java
+++ /dev/null
@@ -1,275 +0,0 @@
-/*******************************************************************************
- * Copyright 2018 A-SIT Plus GmbH
- * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
- * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "License");
- * You may not use this work except in compliance with the License.
- * You may obtain a copy of the License at:
- * https://joinup.ec.europa.eu/news/understanding-eupl-v12
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-package at.asitplus.eidas.specific.modules.authmodule_eIDASv2.tasks;
-
-import java.util.UUID;
-
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import org.apache.commons.lang3.StringUtils;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.context.ApplicationContext;
-import org.springframework.stereotype.Component;
-import org.springframework.web.util.UriComponentsBuilder;
-
-import at.asitplus.eidas.specific.connector.MSConnectorEventCodes;
-import at.asitplus.eidas.specific.connector.MSeIDASNodeConstants;
-import at.asitplus.eidas.specific.connector.gui.StaticGuiBuilderConfiguration;
-import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.Constants;
-import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.eIDASAuthenticationException;
-import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.service.ICCSpecificEIDProcessingService;
-import at.gv.egiz.eaaf.core.api.data.EaafConstants;
-import at.gv.egiz.eaaf.core.api.gui.ISpringMvcGuiFormBuilder;
-import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
-import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration;
-import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
-import at.gv.egiz.eaaf.core.api.storage.ITransactionStorage;
-import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException;
-import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
-import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
-import eu.eidas.auth.commons.EidasParameterKeys;
-import eu.eidas.auth.commons.light.ILightRequest;
-import eu.eidas.auth.commons.light.impl.LightRequest;
-import eu.eidas.auth.commons.tx.BinaryLightToken;
-import eu.eidas.specificcommunication.BinaryLightTokenHelper;
-import eu.eidas.specificcommunication.SpecificCommunicationDefinitionBeanNames;
-import eu.eidas.specificcommunication.exception.SpecificCommunicationException;
-import eu.eidas.specificcommunication.protocol.SpecificCommunicationService;
-
-/**
- * @author tlenz
- *
- */
-@Component("ConnecteIDASNodeTask")
-public class GenerateAuthnRequestTask extends AbstractAuthServletTask {
- private static final Logger log = LoggerFactory.getLogger(GenerateAuthnRequestTask.class);
-
- @Autowired IConfiguration basicConfig;
- @Autowired ApplicationContext context;
- @Autowired ITransactionStorage transactionStore;
- @Autowired ISpringMvcGuiFormBuilder guiBuilder;
- @Autowired ICCSpecificEIDProcessingService ccSpecificProcessing;
-
- @Override
- public void execute(ExecutionContext executionContext,
- HttpServletRequest request, HttpServletResponse response)
- throws TaskExecutionException {
-
- try{
- //get service-provider configuration
- ISpConfiguration spConfig = pendingReq.getServiceProviderConfiguration();
-
- // get target, environment and validate citizen countryCode
- String citizenCountryCode = (String) executionContext.get(MSeIDASNodeConstants.REQ_PARAM_SELECTED_COUNTRY);
- String environment = (String) executionContext.get(MSeIDASNodeConstants.REQ_PARAM_SELECTED_ENVIRONMENT);
-
- if (StringUtils.isEmpty(citizenCountryCode)) {
- // illegal state; task should not have been executed without a selected country
- throw new eIDASAuthenticationException("eidas.03", new Object[] { "" });
-
- }
-
- //TODO: maybe add countryCode validation before request ref. impl. eIDAS node
- log.info("Request eIDAS auth. for citizen of country: " + citizenCountryCode);
- revisionsLogger.logEvent(pendingReq, MSConnectorEventCodes.COUNTRY_SELECTED, citizenCountryCode);
-
- //build eIDAS AuthnRequest
- LightRequest.Builder authnRequestBuilder = LightRequest.builder();
- authnRequestBuilder.id(UUID.randomUUID().toString());
-
-
- String issur = basicConfig.getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_NODE_ENTITYID);
- if (StringUtils.isEmpty(issur)) {
- log.error("Found NO 'eIDAS node issuer' in configuration. Authentication NOT possible!");
- throw new EaafConfigurationException("config.27",
- new Object[] {"Application config containts NO " + Constants.CONIG_PROPS_EIDAS_NODE_ENTITYID });
-
- }
- authnRequestBuilder.issuer(issur);
-
-
- //TODO: set matching mode if eIDAS ref. impl. support this method
-
-
- //TODO: update if eIDAS ref. impl. supports exact matching for non-notified LoA schemes
- String loa = EaafConstants.EIDAS_LOA_HIGH;
- if (spConfig.getRequiredLoA() != null) {
- if (spConfig.getRequiredLoA().isEmpty())
- log.info("No eIDAS LoA requested. Use LoA HIGH as default");
-
- else {
- if (spConfig.getRequiredLoA().size() > 1 )
- log.info("Currently only ONE requested LoA is supported for service provider. Use first one ... ");
-
- loa = spConfig.getRequiredLoA().get(0);
-
- }
- }
-
- log.debug("Request eIdAS node with LoA: " + loa);
- authnRequestBuilder.levelOfAssurance(loa);
-
- //set nameIDFormat
- authnRequestBuilder.nameIdFormat(Constants.eIDAS_REQ_NAMEID_FORMAT);
-
- //set citizen country code for foreign uses
- authnRequestBuilder.citizenCountryCode(citizenCountryCode);
-
- //set relay state
- /*TODO: SecureToken PendingRequestId generates a validation exception in eIDASNode because
- * eIDASNode implements limit on size for RelayState (80characaters)
- */
- //authnRequestBuilder.relayState(pendingReq.getPendingRequestId());
-
- //Add country-specific informations into eIDAS request
- ccSpecificProcessing.preProcess(citizenCountryCode, pendingReq, authnRequestBuilder);
-
- //build request
- LightRequest lightAuthnReq = authnRequestBuilder.build();
-
- //put request into Hazelcast cache
- BinaryLightToken token = putRequestInCommunicationCache(lightAuthnReq);
- final String tokenBase64 = BinaryLightTokenHelper.encodeBinaryLightTokenBase64(token);
-
- //Workaround, because eIDAS node ref. impl. does not return relayState
- if (basicConfig.getBasicConfigurationBoolean(
- Constants.CONIG_PROPS_EIDAS_NODE_WORKAROUND_USEREQUESTIDASTRANSACTIONIDENTIFIER,
- false)) {
- log.trace("Put lightRequestId into transactionstore as session-handling backup");
- transactionStore.put(lightAuthnReq.getId(), pendingReq.getPendingRequestId(), -1);
-
- }
-
- //select forward URL regarding the selected environment
- String forwardURL = basicConfig.getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_NODE_FORWARD_URL);
- if (StringUtils.isNotEmpty(environment))
- forwardURL = selectedForwardURLForEnvironment(environment);
-
- if (StringUtils.isEmpty(forwardURL)) {
- log.warn("NO ForwardURL defined in configuration. Can NOT forward to eIDAS node! Process stops");
- throw new EaafConfigurationException("config.08", new Object[] {
- (environment==null)?Constants.CONIG_PROPS_EIDAS_NODE_FORWARD_URL:Constants.CONIG_PROPS_EIDAS_NODE_FORWARD_URL+"."+environment
- });
-
- }
- log.debug("ForwardURL: " + forwardURL + " selected to forward eIDAS request");
-
- if (basicConfig.getBasicConfiguration(
- Constants.CONIG_PROPS_EIDAS_NODE_FORWARD_METHOD,
- Constants.FORWARD_METHOD_GET
- ).equals(Constants.FORWARD_METHOD_GET)) {
-
- log.debug("Use http-redirect for eIDAS node forwarding ... ");
- //send redirect
- UriComponentsBuilder redirectUrl = UriComponentsBuilder.fromHttpUrl(forwardURL);
- redirectUrl.queryParam(EidasParameterKeys.TOKEN.toString(), tokenBase64);
- response.sendRedirect(redirectUrl.build().encode().toString());
-
- } else {
- log.debug("Use http-post for eIDAS node forwarding ... ");
- StaticGuiBuilderConfiguration config = new StaticGuiBuilderConfiguration(
- basicConfig,
- pendingReq,
- Constants.TEMPLATE_POST_FORWARD_NAME,
- null);
-
- config.putCustomParameter(null, Constants.TEMPLATE_POST_FORWARD_ENDPOINT, forwardURL);
- config.putCustomParameter(null, Constants.TEMPLATE_POST_FORWARD_TOKEN_NAME,
- EidasParameterKeys.TOKEN.toString());
- config.putCustomParameter(null, Constants.TEMPLATE_POST_FORWARD_TOKEN_VALUE,
- tokenBase64);
-
- guiBuilder.build(request, response, config, "Forward to eIDASNode form");
-
- }
-
- revisionsLogger.logEvent(pendingReq, MSConnectorEventCodes.EIDAS_NODE_CONNECTED, lightAuthnReq.getId());
-
-
- } catch (eIDASAuthenticationException e) {
- throw new TaskExecutionException(pendingReq, "eIDAS AuthnRequest generation FAILED.", e);
-
- } catch (Exception e) {
- log.warn("eIDAS AuthnRequest generation FAILED.", e);
- throw new TaskExecutionException(pendingReq, e.getMessage(), e);
-
- }
-
- }
-
- /**
- * Select a forward URL from configuration for a specific environment
- * <br><br>
- * <b>Info: </b> This method is needed, because eIDAS Ref. Impl only supports one countrycode on each instance.
- * In consequence, more than one eIDAS Ref. Impl nodes are required to support producation, testing, or QS stages
- * for one country by using one ms-specific eIDAS connector
- *
- * @param environment Environment selector from CountrySlection page
- * @return
- */
- private String selectedForwardURLForEnvironment(String environment) {
- log.trace("Starting endpoint selection process for environment: " + environment + " ... ");
- if (environment.equalsIgnoreCase(MSeIDASNodeConstants.REQ_PARAM_SELECTED_ENVIRONMENT_VALUE_PRODUCTION))
- return basicConfig.getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_NODE_FORWARD_URL);
-
- else if (environment.equalsIgnoreCase(MSeIDASNodeConstants.REQ_PARAM_SELECTED_ENVIRONMENT_VALUE_QS))
- return basicConfig.getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_NODE_FORWARD_URL
- + "." + MSeIDASNodeConstants.REQ_PARAM_SELECTED_ENVIRONMENT_VALUE_QS);
-
- else if (environment.equalsIgnoreCase(MSeIDASNodeConstants.REQ_PARAM_SELECTED_ENVIRONMENT_VALUE_TESTING))
- return basicConfig.getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_NODE_FORWARD_URL
- + "." + MSeIDASNodeConstants.REQ_PARAM_SELECTED_ENVIRONMENT_VALUE_TESTING);
-
- else if (environment.equalsIgnoreCase(MSeIDASNodeConstants.REQ_PARAM_SELECTED_ENVIRONMENT_VALUE_DEVELOPMENT))
- return basicConfig.getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_NODE_FORWARD_URL
- + "." + MSeIDASNodeConstants.REQ_PARAM_SELECTED_ENVIRONMENT_VALUE_DEVELOPMENT);
-
- log.info("Environment selector: " + environment + " is not supported");
- return null;
-
- }
-
- private BinaryLightToken putRequestInCommunicationCache(ILightRequest iLightRequest) throws ServletException {
- final BinaryLightToken binaryLightToken;
- try {
- final SpecificCommunicationService springManagedSpecificConnectorCommunicationService =
- (SpecificCommunicationService) context.getBean(SpecificCommunicationDefinitionBeanNames.SPECIFIC_CONNECTOR_COMMUNICATION_SERVICE.toString());
-
- binaryLightToken = springManagedSpecificConnectorCommunicationService.putRequest(iLightRequest);
-
- } catch (SpecificCommunicationException e) {
- log.error("Unable to process specific request");
- throw new ServletException(e);
-
- }
-
- return binaryLightToken;
- }
-
-}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/tasks/ReceiveAuthnResponseTask.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/tasks/ReceiveAuthnResponseTask.java
deleted file mode 100644
index 4dd50f9a..00000000
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/tasks/ReceiveAuthnResponseTask.java
+++ /dev/null
@@ -1,120 +0,0 @@
-/*******************************************************************************
- * Copyright 2018 A-SIT Plus GmbH
- * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
- * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "License");
- * You may not use this work except in compliance with the License.
- * You may obtain a copy of the License at:
- * https://joinup.ec.europa.eu/news/understanding-eupl-v12
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-package at.asitplus.eidas.specific.modules.authmodule_eIDASv2.tasks;
-
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.stereotype.Component;
-
-import at.asitplus.eidas.specific.connector.MSConnectorEventCodes;
-import at.asitplus.eidas.specific.connector.MSeIDASNodeConstants;
-import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.Constants;
-import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.eIDASAuthenticationException;
-import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.service.eIDASAttributeRegistry;
-import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.validator.eIDASResponseValidator;
-import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
-import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
-import at.gv.egiz.eaaf.core.exceptions.EaafException;
-import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
-import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper;
-import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
-import eu.eidas.auth.commons.light.ILightResponse;
-
-@Component("ReceiveResponseFromeIDASNodeTask")
-public class ReceiveAuthnResponseTask extends AbstractAuthServletTask {
- private static final Logger log = LoggerFactory.getLogger(ReceiveAuthnResponseTask.class);
-
- @Autowired private IConfiguration basicConfig;
- @Autowired private eIDASAttributeRegistry attrRegistry;
-
- @Override
- public void execute(ExecutionContext executionContext, HttpServletRequest request, HttpServletResponse response) throws TaskExecutionException {
- try{
- ILightResponse eIDASResponse = (ILightResponse) request.getAttribute(Constants.DATA_FULL_EIDAS_RESPONSE);
- if (eIDASResponse == null) {
- log.warn("NO eIDAS response-message found.");
- throw new eIDASAuthenticationException("eidas.01", null);
-
- }
-
- log.debug("Receive eIDAS response with RespId:" + eIDASResponse.getId() + " for ReqId:" + eIDASResponse.getInResponseToId());
- log.trace("Full eIDAS-Resp: " + eIDASResponse.toString());
- revisionsLogger.logEvent(pendingReq, MSConnectorEventCodes.RESPONSE_FROM_EIDAS_NODE, eIDASResponse.getId());
-
-
- //check response StatusCode
- if (!eIDASResponse.getStatus().getStatusCode().equals(Constants.SUCCESS_URI)) {
- log.info("Receice eIDAS Response with StatusCode:" + eIDASResponse.getStatus().getStatusCode()
- + " Subcode:" + eIDASResponse.getStatus().getSubStatusCode() + " Msg:" + eIDASResponse.getStatus().getStatusMessage());
- throw new eIDASAuthenticationException("eidas.02", new Object[]{eIDASResponse.getStatus().getStatusCode(), eIDASResponse.getStatus().getStatusMessage()});
-
- }
-
- // extract all Attributes from response
-
-
-
- // **********************************************************
- // ******* MS-specificresponse validation **********
- // **********************************************************
- String spCountry = basicConfig.getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_NODE_COUNTRYCODE, "AT");
- String citizenCountryCode = (String) executionContext.get(MSeIDASNodeConstants.REQ_PARAM_SELECTED_COUNTRY);
- eIDASResponseValidator.validateResponse(pendingReq, eIDASResponse, spCountry, citizenCountryCode, attrRegistry);
-
-
- // **********************************************************
- // ******* Store resonse infos into session object **********
- // **********************************************************
-
- //update MOA-Session data with received information
- log.debug("Store eIDAS response information into pending-request.");
- AuthProcessDataWrapper authProcessData = pendingReq.getSessionData(AuthProcessDataWrapper.class);
- authProcessData.setQaaLevel(eIDASResponse.getLevelOfAssurance());
- authProcessData.setGenericDataToSession(Constants.DATA_FULL_EIDAS_RESPONSE, eIDASResponse);
-
- //store MOA-session to database
- requestStoreage.storePendingRequest(pendingReq);
-
- revisionsLogger.logEvent(pendingReq, MSConnectorEventCodes.RESPONSE_FROM_EIDAS_NODE_VALID);
-
- } catch (EaafException e) {
- revisionsLogger.logEvent(pendingReq, MSConnectorEventCodes.RESPONSE_FROM_EIDAS_NODE_NOT_VALID);
- throw new TaskExecutionException(pendingReq, "eIDAS Response processing FAILED.", e);
-
- } catch (Exception e) {
- log.warn("eIDAS Response processing FAILED.", e);
- revisionsLogger.logEvent(pendingReq, MSConnectorEventCodes.RESPONSE_FROM_EIDAS_NODE_NOT_VALID);
- throw new TaskExecutionException(pendingReq, e.getMessage(),
- new eIDASAuthenticationException("eidas.05", new Object[]{e.getMessage()}, e));
-
- }
-
- }
-
-}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/utils/eIDASResponseUtils.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/utils/eIDASResponseUtils.java
deleted file mode 100644
index 8422f204..00000000
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/utils/eIDASResponseUtils.java
+++ /dev/null
@@ -1,141 +0,0 @@
-/*******************************************************************************
- * Copyright 2018 A-SIT Plus GmbH
- * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
- * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "License");
- * You may not use this work except in compliance with the License.
- * You may obtain a copy of the License at:
- * https://joinup.ec.europa.eu/news/understanding-eupl-v12
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-package at.asitplus.eidas.specific.modules.authmodule_eIDASv2.utils;
-
-import java.util.ArrayList;
-import java.util.List;
-import java.util.regex.Matcher;
-import java.util.regex.Pattern;
-
-import org.apache.commons.lang3.StringUtils;
-import org.joda.time.DateTime;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import com.google.common.collect.ImmutableList;
-
-import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.Constants;
-import at.gv.egiz.eaaf.core.impl.data.Trible;
-import eu.eidas.auth.commons.attribute.AttributeDefinition;
-import eu.eidas.auth.commons.attribute.AttributeValue;
-import eu.eidas.auth.commons.attribute.AttributeValueMarshaller;
-import eu.eidas.auth.commons.attribute.AttributeValueMarshallingException;
-import eu.eidas.auth.commons.attribute.AttributeValueTransliterator;
-import eu.eidas.auth.commons.protocol.eidas.impl.PostalAddress;
-
-public class eIDASResponseUtils {
- private static final Logger log = LoggerFactory.getLogger(eIDASResponseUtils.class);
-
- public static final String PERSONALIDENIFIER_VALIDATION_PATTERN = "^[A-Z,a-z]{2}/[A-Z,a-z]{2}/.*";
-
- /**
- * Validate a eIDAS PersonalIdentifier attribute value
- * This validation is done according to eIDAS SAML Attribute Profile - Section 2.2.3 Unique Identifier
- *
- * @param uniqueID eIDAS attribute value of a unique identifier
- * @return true if the uniqueID matches to eIDAS to Unique Identifier specification, otherwise false
- */
- public static boolean validateEidasPersonalIdentifier(String uniqueID) {
- Pattern pattern = Pattern.compile(PERSONALIDENIFIER_VALIDATION_PATTERN );
- Matcher matcher = pattern.matcher(uniqueID);
- return matcher.matches();
-
- }
-
-
- /**
- * Parse an eIDAS PersonalIdentifier attribute value into it components.
- * This processing is done according to eIDAS SAML Attribute Profile - Section 2.2.3 Unique Identifier
- *
- * @param uniqueID eIDAS attribute value of a unique identifier
- * @return {@link Trible} that contains:
- * <br> First : citizen country
- * <br> Second: destination country
- * <br> Third : unique identifier
- * <br> or null if the attribute value has a wrong format
- */
- public static Trible<String, String, String> parseEidasPersonalIdentifier(String uniqueID) {
- if (!validateEidasPersonalIdentifier(uniqueID)) {
- log.error("eIDAS attribute value for " + Constants.eIDAS_ATTR_PERSONALIDENTIFIER
- + " looks wrong formated. Value:" + ((String)uniqueID));
- return null;
-
- }
- return Trible.newInstance(uniqueID.substring(0, 2), uniqueID.substring(3, 5), uniqueID.substring(6));
-
- }
-
- //TODO: check possible problem with nonLatinCharacters
- public static List<String> translateStringListAttribute(AttributeDefinition<?> attributeDefinition, ImmutableList<? extends AttributeValue<?>> attributeValues) {
- final List<String> stringListAttribute = new ArrayList<String>();
- AttributeValueMarshaller<?> attributeValueMarshaller = attributeDefinition.getAttributeValueMarshaller();
- for (AttributeValue<?> attributeValue : attributeValues) {
- String valueString = null;
- try {
- valueString = attributeValueMarshaller.marshal((AttributeValue) attributeValue);
-
- log.trace("Find attr: " + attributeDefinition.getFriendlyName()
- + " with value: " + attributeValue.toString()
- + " nonLatinFlag: " + attributeValue.isNonLatinScriptAlternateVersion()
- + " needTransliteration: " + AttributeValueTransliterator.needsTransliteration(valueString));
-
- //if (attributeValue.isNonLatinScriptAlternateVersion()) {
- if (!AttributeValueTransliterator.needsTransliteration(valueString)) {
- stringListAttribute.add(0, valueString);
-
- } else {
- log.trace("Find 'needsTransliteration' flag. Setting this value at last list element ... ");
- stringListAttribute.add(valueString);
-
- }
-
- } catch (AttributeValueMarshallingException e) {
- throw new IllegalStateException(e);
-
- }
- }
-
- log.trace("Extract values: " + StringUtils.join(stringListAttribute, ",")
- + " for attr: " + attributeDefinition.getFriendlyName());
-
- return stringListAttribute;
-
- }
-
- public static DateTime translateDateAttribute(AttributeDefinition<?> attributeDefinition, ImmutableList<? extends AttributeValue<?>> attributeValues) {
- if (attributeValues.size() != 0) {
- final AttributeValue<?> firstAttributeValue = attributeValues.get(0);
- return (DateTime) firstAttributeValue.getValue();
-
- }
-
- return null;
- }
-
- public static PostalAddress translateAddressAttribute(AttributeDefinition<?> attributeDefinition, ImmutableList<? extends AttributeValue<?>> attributeValues) {
- final AttributeValue<?> firstAttributeValue = attributeValues.get(0);
- return (PostalAddress) firstAttributeValue.getValue();
-
- }
-
-}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/validator/eIDASResponseValidator.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/validator/eIDASResponseValidator.java
deleted file mode 100644
index f974232b..00000000
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/validator/eIDASResponseValidator.java
+++ /dev/null
@@ -1,157 +0,0 @@
-/*******************************************************************************
- * Copyright 2018 A-SIT Plus GmbH
- * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
- * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "License");
- * You may not use this work except in compliance with the License.
- * You may obtain a copy of the License at:
- * https://joinup.ec.europa.eu/news/understanding-eupl-v12
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-package at.asitplus.eidas.specific.modules.authmodule_eIDASv2.validator;
-
-import java.util.List;
-
-import org.apache.commons.lang3.StringUtils;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import com.google.common.collect.ImmutableList;
-
-import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.Constants;
-import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.eIDASValidationException;
-import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.service.eIDASAttributeRegistry;
-import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.utils.eIDASResponseUtils;
-import at.gv.egiz.eaaf.core.api.IRequest;
-import at.gv.egiz.eaaf.core.impl.data.Trible;
-import eu.eidas.auth.commons.attribute.AttributeDefinition;
-import eu.eidas.auth.commons.attribute.AttributeValue;
-import eu.eidas.auth.commons.light.ILightResponse;
-import eu.eidas.auth.commons.protocol.eidas.LevelOfAssurance;
-
-/**
- * @author tlenz
- *
- */
-public class eIDASResponseValidator {
- private static final Logger log = LoggerFactory.getLogger(eIDASResponseValidator.class);
-
- public static void validateResponse(IRequest pendingReq, ILightResponse eIDASResponse, String spCountry, String citizenCountryCode, eIDASAttributeRegistry attrRegistry) throws eIDASValidationException {
-
- /*-----------------------------------------------------|
- * validate received LoA against minimum required LoA |
- *_____________________________________________________|
- */
- LevelOfAssurance respLoA = LevelOfAssurance.fromString(eIDASResponse.getLevelOfAssurance());
- List<String> allowedLoAs = pendingReq.getServiceProviderConfiguration().getRequiredLoA();
- boolean loaValid = false;
- for (String allowedLoaString : allowedLoAs) {
- LevelOfAssurance allowedLoa = LevelOfAssurance.fromString(allowedLoaString);
- if (respLoA.numericValue() >= allowedLoa.numericValue()) {
- log.debug("Response contains valid LoA. Resume process ... ");
- loaValid = true;
- break;
-
- } else
- log.trace("Allowed LoA: " + allowedLoaString + " DOES NOT match response LoA: " + eIDASResponse.getLevelOfAssurance());
-
- }
-
- if (!loaValid) {
- log.error("eIDAS Response LevelOfAssurance is lower than the required! "
- + "(Resp-LoA:" + respLoA.getValue() + " Req-LoA:" + allowedLoAs.toArray() + ")");
- throw new eIDASValidationException("eidas.06", new Object[]{respLoA.getValue()});
-
- }
-
-
-
- /*-----------------------------------------------------|
- * validate 'PersonalIdentifier' attribute |
- *_____________________________________________________|
- */
- AttributeDefinition<?> attrDefinition = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(Constants.eIDAS_ATTR_PERSONALIDENTIFIER).first();
- final ImmutableList<? extends AttributeValue<?>> attributeValues = eIDASResponse.getAttributes().getAttributeMap().get(attrDefinition).asList();
- List<String> personalIdObj = eIDASResponseUtils.translateStringListAttribute(attrDefinition, attributeValues);
-
- //check if attribute exists
- if (personalIdObj == null || personalIdObj.isEmpty()) {
- log.warn("eIDAS Response include NO 'PersonalIdentifier' attriubte "
- + ".... That can be a BIG problem in further processing steps");
- throw new eIDASValidationException("eidas.05", new Object[] {"NO 'PersonalIdentifier' attriubte"});
-
- } else if (personalIdObj.size() > 1) {
- log.warn("eIDAS Response include MORE THAN ONE 'PersonalIdentifier' attriubtes "
- + ".... That can be a BIG problem in further processing steps");
- throw new eIDASValidationException("eidas.05", new Object[] {"MORE THAN ONE 'PersonalIdentifier' attriubtes"});
-
- } else {
- String natPersId = personalIdObj.get(0);
- //validate attribute value format
- Trible<String, String, String> split =
- eIDASResponseUtils.parseEidasPersonalIdentifier(natPersId);
- if (split == null) {
- throw new eIDASValidationException("eidas.07",
- new Object[]{
- Constants.eIDAS_ATTR_PERSONALIDENTIFIER,
- "Wrong identifier format"});
-
- } else {
- //validation according to eIDAS SAML Attribute Profile, Section 2.2.3
- if (StringUtils.isEmpty(split.getSecond())) {
- log.warn("eIDAS attribute value for " + Constants.eIDAS_ATTR_PERSONALIDENTIFIER
- + " includes NO destination country. Value:" + natPersId);
- throw new eIDASValidationException("eidas.07",
- new Object[]{
- Constants.eIDAS_ATTR_PERSONALIDENTIFIER,
- "No or empty destination country"});
-
- }
- if (!split.getSecond().equalsIgnoreCase(spCountry)) {
- log.warn("eIDAS attribute value for " + Constants.eIDAS_ATTR_PERSONALIDENTIFIER
- + " includes wrong destination country. Value:" + natPersId
- + " SP-Country:" + spCountry);
- throw new eIDASValidationException("eidas.07",
- new Object[]{
- Constants.eIDAS_ATTR_PERSONALIDENTIFIER,
- "Destination country does not match to SP country"});
-
- }
-
- if (StringUtils.isEmpty(split.getFirst())) {
- log.warn("eIDAS attribute value for " + Constants.eIDAS_ATTR_PERSONALIDENTIFIER
- + " includes NO citizen country. Value:" + natPersId);
- throw new eIDASValidationException("eidas.07",
- new Object[]{
- Constants.eIDAS_ATTR_PERSONALIDENTIFIER,
- "No or empty citizen country"});
-
- }
- if (!split.getFirst().equalsIgnoreCase(citizenCountryCode)) {
- log.warn("eIDAS attribute value for " + Constants.eIDAS_ATTR_PERSONALIDENTIFIER
- + " includes a citizen country that does not match to service-provider country. "
- + " Value:" + natPersId
- + " citiczen Country:" + spCountry);
- throw new eIDASValidationException("eidas.07",
- new Object[]{
- Constants.eIDAS_ATTR_PERSONALIDENTIFIER,
- "Citizen country does not match to eIDAS-node country that generates the response"});
-
- }
- }
- }
-
- }
-}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider b/eidas_modules/authmodule-eIDAS-v2/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider
index 19134513..a8d2991d 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider
@@ -1 +1 @@
-at.asitplus.eidas.specific.modules.authmodule_eIDASv2.eIDASAuthenticationSpringResourceProvider \ No newline at end of file
+at.asitplus.eidas.specific.modules.auth.eidas.v2.EidasAuthenticationSpringResourceProvider \ No newline at end of file
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/resources/eIDAS.Authentication.process.xml b/eidas_modules/authmodule-eIDAS-v2/src/main/resources/eIDAS.Authentication.process.xml
index 14ef4b42..55bb1ace 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/resources/eIDAS.Authentication.process.xml
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/resources/eIDAS.Authentication.process.xml
@@ -1,19 +1,29 @@
<?xml version="1.0" encoding="UTF-8"?>
<pd:ProcessDefinition id="eIDASAuthentication_v2"
- xmlns:pd="http://reference.e-government.gv.at/namespace/moa/process/definition/v1">
+ xmlns:pd="http://reference.e-government.gv.at/namespace/moa/process/definition/v1">
- <pd:Task id="createAuthnRequest" class="ConnecteIDASNodeTask" />
- <pd:Task id="receiveAuthnResponse" class="ReceiveResponseFromeIDASNodeTask" async="true" />
- <pd:Task id="finalizeAuthentication" class="FinalizeAuthenticationTask" />
- <pd:Task id="generateIdentityLink" class="CreateIdentityLinkTask" />
+ <pd:Task id="createAuthnRequest" class="ConnecteIDASNodeTask" />
+ <pd:Task id="receiveAuthnResponse"
+ class="ReceiveResponseFromeIDASNodeTask" async="true" />
+ <pd:Task id="finalizeAuthentication"
+ class="FinalizeAuthenticationTask" />
+ <pd:Task id="generateIdentityLink"
+ class="CreateIdentityLinkTask" />
- <pd:StartEvent id="start" />
- <pd:Transition from="start" to="createAuthnRequest" />
- <pd:Transition from="createAuthnRequest" to="receiveAuthnResponse" />
- <pd:Transition from="receiveAuthnResponse" to="generateIdentityLink" />
- <pd:Transition from="generateIdentityLink" to="finalizeAuthentication" />
- <pd:Transition from="finalizeAuthentication" to="end" />
- <pd:EndEvent id="end" />
+ <pd:StartEvent id="start" />
+
+ <pd:Transition from="start"
+ to="createAuthnRequest" />
+ <pd:Transition from="createAuthnRequest"
+ to="receiveAuthnResponse" />
+ <pd:Transition from="receiveAuthnResponse"
+ to="generateIdentityLink" />
+ <pd:Transition from="generateIdentityLink"
+ to="finalizeAuthentication" />
+ <pd:Transition from="finalizeAuthentication"
+ to="end" />
+
+ <pd:EndEvent id="end" />
</pd:ProcessDefinition>
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/resources/eidas_v2_auth.beans.xml b/eidas_modules/authmodule-eIDAS-v2/src/main/resources/eidas_v2_auth.beans.xml
index 0a000112..708fd4e2 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/resources/eidas_v2_auth.beans.xml
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/resources/eidas_v2_auth.beans.xml
@@ -1,76 +1,87 @@
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:context="http://www.springframework.org/schema/context"
- xmlns:tx="http://www.springframework.org/schema/tx" xmlns:aop="http://www.springframework.org/schema/aop"
- xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd
- http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
- http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd
- http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd">
-
- <context:annotation-config />
-
- <import resource="classpath:specificCommunicationDefinitionApplicationContext.xml"/>
-
- <bean id="SZRClientForeIDAS"
- class="at.asitplus.eidas.specific.modules.authmodule_eIDASv2.szr.SZRClient" />
-
- <bean id="specificConnectorAttributesFile" class="java.lang.String">
- <constructor-arg value="eidas-attributes.xml"/>
- </bean>
-
- <bean id="specificAdditionalAttributesFile" class="java.lang.String">
- <constructor-arg value="additional-attributes.xml"/>
- </bean>
-
- <bean id="specificConnectorAttributesFileWithPath" class="java.lang.String">
- <constructor-arg value="#{specificConnectorConfigRepository}#{specificConnectorAttributesFile}"/>
- </bean>
-
- <bean id="specificConnectorAdditionalAttributesFileWithPath" class="java.lang.String">
- <constructor-arg value="#{specificConnectorConfigRepository}#{specificAdditionalAttributesFile}"/>
- </bean>
-
- <bean id="eIDASAuthModule"
- class="at.asitplus.eidas.specific.modules.authmodule_eIDASv2.eIDASAuthenticationModulImpl">
- <property name="priority" value="2" />
- </bean>
-
- <bean id="eIDASSignalServlet"
- class="at.asitplus.eidas.specific.modules.authmodule_eIDASv2.eIDASSignalServlet" />
-
- <bean id="attributeRegistry"
- class="at.asitplus.eidas.specific.modules.authmodule_eIDASv2.service.eIDASAttributeRegistry">
- <property name="eidasAttributesFile" ref="specificConnectorAttributesFileWithPath"/>
- <property name="additionalAttributesFile" ref="specificConnectorAdditionalAttributesFileWithPath"/>
- </bean>
-
- <!-- <bean id="eIDASDataStore"
- class="at.asitplus.eidas.specific.modules.authmodule_eIDASv2.service.eIDASDataStore" /> -->
-
- <bean id="EIDPostProcessingService"
- class="at.asitplus.eidas.specific.modules.authmodule_eIDASv2.service.CCSpecificEIDProcessingService" />
-
- <bean id="DE-Processor"
- class="at.asitplus.eidas.specific.modules.authmodule_eIDASv2.handler.DEeIDProcessor">
- <property name="priority" value="1" />
- </bean>
-
- <bean id="Default-Processor"
- class="at.asitplus.eidas.specific.modules.authmodule_eIDASv2.handler.GenericeIDProcessor">
- <property name="priority" value="0" />
- </bean>
-
- <!-- Authentication Process Tasks -->
- <bean id="ConnecteIDASNodeTask"
- class="at.asitplus.eidas.specific.modules.authmodule_eIDASv2.tasks.GenerateAuthnRequestTask"
- scope="prototype" />
-
- <bean id="ReceiveResponseFromeIDASNodeTask"
- class="at.asitplus.eidas.specific.modules.authmodule_eIDASv2.tasks.ReceiveAuthnResponseTask"
- scope="prototype" />
-
- <bean id="CreateIdentityLinkTask"
- class="at.asitplus.eidas.specific.modules.authmodule_eIDASv2.tasks.CreateIdentityLinkTask"
- scope="prototype" />
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns:context="http://www.springframework.org/schema/context"
+ xmlns:tx="http://www.springframework.org/schema/tx"
+ xmlns:aop="http://www.springframework.org/schema/aop"
+ xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd
+ http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
+ http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd
+ http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd">
+
+ <context:annotation-config />
+
+ <import
+ resource="classpath:specificCommunicationDefinitionApplicationContext.xml" />
+
+ <bean id="SZRClientForeIDAS"
+ class="at.asitplus.eidas.specific.modules.auth.eidas.v2.szr.SzrClient" />
+
+ <bean id="specificConnectorAttributesFile"
+ class="java.lang.String">
+ <constructor-arg value="eidas-attributes.xml" />
+ </bean>
+
+ <bean id="specificAdditionalAttributesFile"
+ class="java.lang.String">
+ <constructor-arg value="additional-attributes.xml" />
+ </bean>
+
+ <bean id="specificConnectorAttributesFileWithPath"
+ class="java.lang.String">
+ <constructor-arg
+ value="#{specificConnectorConfigRepository}#{specificConnectorAttributesFile}" />
+ </bean>
+
+ <bean id="specificConnectorAdditionalAttributesFileWithPath"
+ class="java.lang.String">
+ <constructor-arg
+ value="#{specificConnectorConfigRepository}#{specificAdditionalAttributesFile}" />
+ </bean>
+
+ <bean id="eIDASAuthModule"
+ class="at.asitplus.eidas.specific.modules.auth.eidas.v2.eIDASAuthenticationModulImpl">
+ <property name="priority" value="2" />
+ </bean>
+
+ <bean id="eIDASSignalServlet"
+ class="at.asitplus.eidas.specific.modules.auth.eidas.v2.EidasSignalServlet" />
+
+ <bean id="attributeRegistry"
+ class="at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry">
+ <property name="eidasAttributesFile"
+ ref="specificConnectorAttributesFileWithPath" />
+ <property name="additionalAttributesFile"
+ ref="specificConnectorAdditionalAttributesFileWithPath" />
+ </bean>
+
+ <!-- <bean id="eIDASDataStore" class="at.asitplus.eidas.specific.modules.auth.eidas.v2.service.eIDASDataStore"
+ /> -->
+
+ <bean id="EIDPostProcessingService"
+ class="at.asitplus.eidas.specific.modules.auth.eidas.v2.service.CcSpecificEidProcessingService" />
+
+ <bean id="DE-Processor"
+ class="at.asitplus.eidas.specific.modules.auth.eidas.v2.handler.DeEidProcessor">
+ <property name="priority" value="1" />
+ </bean>
+
+ <bean id="Default-Processor"
+ class="at.asitplus.eidas.specific.modules.auth.eidas.v2.handler.GenericEidProcessor">
+ <property name="priority" value="0" />
+ </bean>
+
+ <!-- Authentication Process Tasks -->
+ <bean id="ConnecteIDASNodeTask"
+ class="at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.GenerateAuthnRequestTask"
+ scope="prototype" />
+
+ <bean id="ReceiveResponseFromeIDASNodeTask"
+ class="at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.ReceiveAuthnResponseTask"
+ scope="prototype" />
+
+ <bean id="CreateIdentityLinkTask"
+ class="at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.CreateIdentityLinkTask"
+ scope="prototype" />
</beans> \ No newline at end of file
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/resources/resources/xmldata/fakeIdL_IdL_template.xml b/eidas_modules/authmodule-eIDAS-v2/src/main/resources/resources/xmldata/fakeIdL_IdL_template.xml
index 09084a34..91b8e5e4 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/resources/resources/xmldata/fakeIdL_IdL_template.xml
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/resources/resources/xmldata/fakeIdL_IdL_template.xml
@@ -1,51 +1,122 @@
-<?xml version="1.0" encoding="UTF-8"?><saml:Assertion xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:ecdsa="http://www.w3.org/2001/04/xmldsig-more#" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:si="http://www.w3.org/2001/XMLSchema-instance" AssertionID="szr.bmi.gv.at-AssertionID13456264458587874" IssueInstant="2012-08-22T11:07:25+01:00" Issuer="http://portal.bmi.gv.at/ref/szr/issuer" MajorVersion="1" MinorVersion="0" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
- <saml:AttributeStatement>
- <saml:Subject>
- <saml:SubjectConfirmation>
- <saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:sender-vouches</saml:ConfirmationMethod>
- <saml:SubjectConfirmationData>
- <pr:Person si:type="pr:PhysicalPersonType"><pr:Identification><pr:Value>wJO/bvDJjUysG0yARn7I6w==</pr:Value><pr:Type>urn:publicid:gv.at:baseid</pr:Type></pr:Identification><pr:Name><pr:GivenName>XXXRúùd</pr:GivenName><pr:FamilyName primary="undefined">XXXVàn Nisteĺrooy</pr:FamilyName></pr:Name><pr:DateOfBirth>1969-02-13</pr:DateOfBirth></pr:Person>
- </saml:SubjectConfirmationData>
- </saml:SubjectConfirmation>
- </saml:Subject>
- <saml:Attribute AttributeName="CitizenPublicKey" AttributeNamespace="urn:publicid:gv.at:namespaces:identitylink:1.2"><saml:AttributeValue><ecdsa:ECDSAKeyValue><ecdsa:DomainParameters><ecdsa:NamedCurve URN="urn:oid:1.2.840.10045.3.1.7"/></ecdsa:DomainParameters><ecdsa:PublicKey><ecdsa:X Value="22280299907126338788314199678167217078072953115254374209747379168424021905237" si:type="ecdsa:PrimeFieldElemType"/><ecdsa:Y Value="40387096985250872237992703378062984723606079359080588656963239072881568409170" si:type="ecdsa:PrimeFieldElemType"/></ecdsa:PublicKey></ecdsa:ECDSAKeyValue></saml:AttributeValue></saml:Attribute><saml:Attribute AttributeName="CitizenPublicKey" AttributeNamespace="urn:publicid:gv.at:namespaces:identitylink:1.2"><saml:AttributeValue><dsig:RSAKeyValue><dsig:Modulus>4Y4FL09VhczsfYQgFPuycP8quJNZBAAu1R1rFXNodI2711B6BTMjAGQn6xuFWfd3/nyFav/MLTr/
-t2VazvANS4TRFxJAcWyIx7xbxCdzZr6gJ+FCmq4g5JPrQvt50v3JX+wKSYft1gHBOWlDn90Ia4Gm
-P8MVuze21T+VVKM6ZklmS6d5PT1er/uYQFydGErmJ17xlSQG6Fi5xuftopBDyJxG1tL1KIebpLFg
-gaM2EyuB1HxH8/+Mfqa4UgeqIH65</dsig:Modulus><dsig:Exponent>AQAB</dsig:Exponent></dsig:RSAKeyValue></saml:AttributeValue></saml:Attribute></saml:AttributeStatement>
- <dsig:Signature>
- <dsig:SignedInfo>
- <dsig:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
- <dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
- <dsig:Reference URI="">
- <dsig:Transforms>
- <dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116">
- <dsig:XPath>not(ancestor-or-self::pr:Identification)</dsig:XPath>
- </dsig:Transform>
- <dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
- </dsig:Transforms>
- <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
- <dsig:DigestValue>KEQEPY2O3Z3IRaISSSoRZVPzsHE=</dsig:DigestValue>
- </dsig:Reference>
- <dsig:Reference Type="http://www.w3.org/2000/09/xmldsig#Manifest" URI="#manifest">
- <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
- <dsig:DigestValue>gzGhjH1kdmPcPbgen0xojNIoJLk=</dsig:DigestValue>
- </dsig:Reference>
- </dsig:SignedInfo>
- <dsig:SignatureValue>
- 06wqWHgplwpu3N5HMhzb6QC5NkXMO1z4N4oc1L6eDqwZlvFJ9X1XGW//QqviKO9oog3il7IzdfJwnjygR4trgGCIqx+JYCDHJCrG9l8zlxlSW0ZqfsygGXthutcQ1aeUpfO6jYuhnWOUywa8BgzukRtWT+AOJBQZPRYTb8IBmey+uAwlhFLni94eMOd81l+efCvkWi3jRajwsG8ZOaNxSZT3aEV5vj+32Aqtx2MPEVzQWtIA7GqZi+EzcdSdHQvHhg7UB+8kqbU70ENAJbEMTANFZYvLOJ0Om9KfDtPf/+R2TvTc360fNo9RnPl04pHPhCIjcGZhFZorBpUhXFwd2Q==
- </dsig:SignatureValue><dsig:KeyInfo><dsig:X509Data><dsig:X509Certificate>MIIF3TCCBMWgAwIBAgIDByniMA0GCSqGSIb3DQEBBQUAMIGfMQswCQYDVQQGEwJBVDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBpbSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMSIwIAYDVQQLDBlhLXNpZ24tY29ycG9yYXRlLWxpZ2h0LTAyMSIwIAYDVQQDDBlhLXNpZ24tY29ycG9yYXRlLWxpZ2h0LTAyMB4XDTEwMDcyODExMzY0M1oXDTE1MDcyODExMzY0M1owgbYxCzAJBgNVBAYTAkFUMR4wHAYDVQQKDBVEYXRlbnNjaHV0emtvbW1pc3Npb24xIjAgBgNVBAsMGVN0YW1temFobHJlZ2lzdGVyYmVob2VyZGUxLjAsBgNVBAMMJVNpZ25hdHVyc2VydmljZSBEYXRlbnNjaHV0emtvbW1pc3Npb24xFTATBgNVBAUTDDMyNTkyODMyMzk5ODEcMBoGCSqGSIb3DQEJARYNZHNrQGRzay5ndi5hdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAN+dBSEBGj2jUXIK1Mp3lVxc/Za+pJMiyKrX3G1ZxgX/ikx7D9scsPYMt473LlAWl9cmCbHbJK+PV2XNNdURLMUCIX+4vUNs2MHeDTQtX8BXjJFpwJYSoaRJQ39FVS/1r5sWcra9Hhdm7w5Gtx/2ukyDX0kdkxawkhP4EQEzi/SI+Fugn+WqgQ1nAdlbxb/dcBw5w1h9b3lmuwUf4z3ooQWUD2DgA/kKd1KejNR43mLUsmvSzevPxT9zs78pOR1OacB7IszTVJPXeOEaaNZHnnB/UeO3g8LEV/3OkXcUgcMkbIIiaBHlll71Pq0COj9kqjXoe7OrRjLY5i3KwOpa6TMCAwEAAaOCAgcwggIDMBMGA1UdIwQMMAqACEkcWDpP6A0DMH8GCCsGAQUFBwEBBHMwcTAnBggrBgEFBQcwAYYbaHR0cDovL29jc3AuYS10cnVzdC5hdC9vY3NwMEYGCCsGAQUFBzAChjpodHRwOi8vd3d3LmEtdHJ1c3QuYXQvY2VydHMvYS1zaWduLWNvcnBvcmF0ZS1saWdodC0wMmEuY3J0MFQGA1UdIARNMEswSQYGKigAEQESMD8wPQYIKwYBBQUHAgEWMWh0dHA6Ly93d3cuYS10cnVzdC5hdC9kb2NzL2NwL2Etc2lnbi1BbXRzc2lnbmF0dXIwgZ4GA1UdHwSBljCBkzCBkKCBjaCBioaBh2xkYXA6Ly9sZGFwLmEtdHJ1c3QuYXQvb3U9YS1zaWduLWNvcnBvcmF0ZS1saWdodC0wMixvPUEtVHJ1c3QsYz1BVD9jZXJ0aWZpY2F0ZXJldm9jYXRpb25saXN0P2Jhc2U/b2JqZWN0Y2xhc3M9ZWlkQ2VydGlmaWNhdGlvbkF1dGhvcml0eTARBgNVHQ4ECgQITAgOnhr0tbowDgYDVR0PAQH/BAQDAgSwMCAGA1UdEQQZMBeBFW1hcmN1cy5oaWxkQGRzay5ndi5hdDAJBgNVHRMEAjAAMA4GByooAAoBBwEEAwEB/zAUBgcqKAAKAQEBBAkMB0JTQi1EU0swDQYJKoZIhvcNAQEFBQADggEBAHTklnvPCH/bJSOlIPbLUEkSGuFHsektSZ8Vr22x/Yv7EzsxoQrJIiz2mQ2gQqFuExdWYxvsowjiSbiis9iUf1c0zscvDS3mIZxGs4M89XHsjHnIyb+Fuwnamw65QrFvM1tNB1ZMjxJ3x+YmHLHdtT3BEBcr3/NCRHd2S0HoBspNz9HVgJaZY1llR7poKBvnAc4g1i+QTvyVb00PtKxR9Lw/9ABInX/1pzpxqrPy7Ib2OP8z6dd3WHmIsCiSHUaj0Dxwwln6fYJjhxZ141SnbovlCLYtrsZLXoi9ljIqX4xO0PwMI2RfNc9cXxTRrRS6rEOvX7PpvgXiDXhp592Yyp4=</dsig:X509Certificate></dsig:X509Data></dsig:KeyInfo>
- <dsig:Object>
- <dsig:Manifest Id="manifest">
- <dsig:Reference URI="">
- <dsig:Transforms>
- <dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116">
- <dsig:XPath>not(ancestor-or-self::dsig:Signature)</dsig:XPath>
- </dsig:Transform>
- </dsig:Transforms>
- <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
- <dsig:DigestValue>8e7RjLnA4Mgltq5ruIJzheKGxu0=</dsig:DigestValue>
- </dsig:Reference>
- </dsig:Manifest>
- </dsig:Object>
- </dsig:Signature>
+<?xml version="1.0" encoding="UTF-8"?>
+<saml:Assertion
+ xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion"
+ xmlns:ecdsa="http://www.w3.org/2001/04/xmldsig-more#"
+ xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#"
+ xmlns:si="http://www.w3.org/2001/XMLSchema-instance"
+ AssertionID="szr.bmi.gv.at-AssertionID13456264458587874"
+ IssueInstant="2012-08-22T11:07:25+01:00"
+ Issuer="http://portal.bmi.gv.at/ref/szr/issuer" MajorVersion="1"
+ MinorVersion="0" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
+ <saml:AttributeStatement>
+ <saml:Subject>
+ <saml:SubjectConfirmation>
+ <saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:sender-vouches
+ </saml:ConfirmationMethod>
+ <saml:SubjectConfirmationData>
+ <pr:Person si:type="pr:PhysicalPersonType">
+ <pr:Identification>
+ <pr:Value>wJO/bvDJjUysG0yARn7I6w==</pr:Value>
+ <pr:Type>urn:publicid:gv.at:baseid</pr:Type>
+ </pr:Identification>
+ <pr:Name>
+ <pr:GivenName>XXXRúùd</pr:GivenName>
+ <pr:FamilyName primary="undefined">XXXVàn Nisteĺrooy
+ </pr:FamilyName>
+ </pr:Name>
+ <pr:DateOfBirth>1969-02-13</pr:DateOfBirth>
+ </pr:Person>
+ </saml:SubjectConfirmationData>
+ </saml:SubjectConfirmation>
+ </saml:Subject>
+ <saml:Attribute AttributeName="CitizenPublicKey"
+ AttributeNamespace="urn:publicid:gv.at:namespaces:identitylink:1.2">
+ <saml:AttributeValue>
+ <ecdsa:ECDSAKeyValue>
+ <ecdsa:DomainParameters>
+ <ecdsa:NamedCurve
+ URN="urn:oid:1.2.840.10045.3.1.7" />
+ </ecdsa:DomainParameters>
+ <ecdsa:PublicKey>
+ <ecdsa:X
+ Value="22280299907126338788314199678167217078072953115254374209747379168424021905237"
+ si:type="ecdsa:PrimeFieldElemType" />
+ <ecdsa:Y
+ Value="40387096985250872237992703378062984723606079359080588656963239072881568409170"
+ si:type="ecdsa:PrimeFieldElemType" />
+ </ecdsa:PublicKey>
+ </ecdsa:ECDSAKeyValue>
+ </saml:AttributeValue>
+ </saml:Attribute>
+ <saml:Attribute AttributeName="CitizenPublicKey"
+ AttributeNamespace="urn:publicid:gv.at:namespaces:identitylink:1.2">
+ <saml:AttributeValue>
+ <dsig:RSAKeyValue>
+ <dsig:Modulus>4Y4FL09VhczsfYQgFPuycP8quJNZBAAu1R1rFXNodI2711B6BTMjAGQn6xuFWfd3/nyFav/MLTr/
+ t2VazvANS4TRFxJAcWyIx7xbxCdzZr6gJ+FCmq4g5JPrQvt50v3JX+wKSYft1gHBOWlDn90Ia4Gm
+ P8MVuze21T+VVKM6ZklmS6d5PT1er/uYQFydGErmJ17xlSQG6Fi5xuftopBDyJxG1tL1KIebpLFg
+ gaM2EyuB1HxH8/+Mfqa4UgeqIH65
+ </dsig:Modulus>
+ <dsig:Exponent>AQAB</dsig:Exponent>
+ </dsig:RSAKeyValue>
+ </saml:AttributeValue>
+ </saml:Attribute>
+ </saml:AttributeStatement>
+ <dsig:Signature>
+ <dsig:SignedInfo>
+ <dsig:CanonicalizationMethod
+ Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
+ <dsig:SignatureMethod
+ Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
+ <dsig:Reference URI="">
+ <dsig:Transforms>
+ <dsig:Transform
+ Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116">
+ <dsig:XPath>not(ancestor-or-self::pr:Identification)
+ </dsig:XPath>
+ </dsig:Transform>
+ <dsig:Transform
+ Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
+ </dsig:Transforms>
+ <dsig:DigestMethod
+ Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <dsig:DigestValue>KEQEPY2O3Z3IRaISSSoRZVPzsHE=
+ </dsig:DigestValue>
+ </dsig:Reference>
+ <dsig:Reference
+ Type="http://www.w3.org/2000/09/xmldsig#Manifest"
+ URI="#manifest">
+ <dsig:DigestMethod
+ Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <dsig:DigestValue>gzGhjH1kdmPcPbgen0xojNIoJLk=
+ </dsig:DigestValue>
+ </dsig:Reference>
+ </dsig:SignedInfo>
+ <dsig:SignatureValue>
+ 06wqWHgplwpu3N5HMhzb6QC5NkXMO1z4N4oc1L6eDqwZlvFJ9X1XGW//QqviKO9oog3il7IzdfJwnjygR4trgGCIqx+JYCDHJCrG9l8zlxlSW0ZqfsygGXthutcQ1aeUpfO6jYuhnWOUywa8BgzukRtWT+AOJBQZPRYTb8IBmey+uAwlhFLni94eMOd81l+efCvkWi3jRajwsG8ZOaNxSZT3aEV5vj+32Aqtx2MPEVzQWtIA7GqZi+EzcdSdHQvHhg7UB+8kqbU70ENAJbEMTANFZYvLOJ0Om9KfDtPf/+R2TvTc360fNo9RnPl04pHPhCIjcGZhFZorBpUhXFwd2Q==
+ </dsig:SignatureValue>
+ <dsig:KeyInfo>
+ <dsig:X509Data>
+ <dsig:X509Certificate>MIIF3TCCBMWgAwIBAgIDByniMA0GCSqGSIb3DQEBBQUAMIGfMQswCQYDVQQGEwJBVDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBpbSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMSIwIAYDVQQLDBlhLXNpZ24tY29ycG9yYXRlLWxpZ2h0LTAyMSIwIAYDVQQDDBlhLXNpZ24tY29ycG9yYXRlLWxpZ2h0LTAyMB4XDTEwMDcyODExMzY0M1oXDTE1MDcyODExMzY0M1owgbYxCzAJBgNVBAYTAkFUMR4wHAYDVQQKDBVEYXRlbnNjaHV0emtvbW1pc3Npb24xIjAgBgNVBAsMGVN0YW1temFobHJlZ2lzdGVyYmVob2VyZGUxLjAsBgNVBAMMJVNpZ25hdHVyc2VydmljZSBEYXRlbnNjaHV0emtvbW1pc3Npb24xFTATBgNVBAUTDDMyNTkyODMyMzk5ODEcMBoGCSqGSIb3DQEJARYNZHNrQGRzay5ndi5hdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAN+dBSEBGj2jUXIK1Mp3lVxc/Za+pJMiyKrX3G1ZxgX/ikx7D9scsPYMt473LlAWl9cmCbHbJK+PV2XNNdURLMUCIX+4vUNs2MHeDTQtX8BXjJFpwJYSoaRJQ39FVS/1r5sWcra9Hhdm7w5Gtx/2ukyDX0kdkxawkhP4EQEzi/SI+Fugn+WqgQ1nAdlbxb/dcBw5w1h9b3lmuwUf4z3ooQWUD2DgA/kKd1KejNR43mLUsmvSzevPxT9zs78pOR1OacB7IszTVJPXeOEaaNZHnnB/UeO3g8LEV/3OkXcUgcMkbIIiaBHlll71Pq0COj9kqjXoe7OrRjLY5i3KwOpa6TMCAwEAAaOCAgcwggIDMBMGA1UdIwQMMAqACEkcWDpP6A0DMH8GCCsGAQUFBwEBBHMwcTAnBggrBgEFBQcwAYYbaHR0cDovL29jc3AuYS10cnVzdC5hdC9vY3NwMEYGCCsGAQUFBzAChjpodHRwOi8vd3d3LmEtdHJ1c3QuYXQvY2VydHMvYS1zaWduLWNvcnBvcmF0ZS1saWdodC0wMmEuY3J0MFQGA1UdIARNMEswSQYGKigAEQESMD8wPQYIKwYBBQUHAgEWMWh0dHA6Ly93d3cuYS10cnVzdC5hdC9kb2NzL2NwL2Etc2lnbi1BbXRzc2lnbmF0dXIwgZ4GA1UdHwSBljCBkzCBkKCBjaCBioaBh2xkYXA6Ly9sZGFwLmEtdHJ1c3QuYXQvb3U9YS1zaWduLWNvcnBvcmF0ZS1saWdodC0wMixvPUEtVHJ1c3QsYz1BVD9jZXJ0aWZpY2F0ZXJldm9jYXRpb25saXN0P2Jhc2U/b2JqZWN0Y2xhc3M9ZWlkQ2VydGlmaWNhdGlvbkF1dGhvcml0eTARBgNVHQ4ECgQITAgOnhr0tbowDgYDVR0PAQH/BAQDAgSwMCAGA1UdEQQZMBeBFW1hcmN1cy5oaWxkQGRzay5ndi5hdDAJBgNVHRMEAjAAMA4GByooAAoBBwEEAwEB/zAUBgcqKAAKAQEBBAkMB0JTQi1EU0swDQYJKoZIhvcNAQEFBQADggEBAHTklnvPCH/bJSOlIPbLUEkSGuFHsektSZ8Vr22x/Yv7EzsxoQrJIiz2mQ2gQqFuExdWYxvsowjiSbiis9iUf1c0zscvDS3mIZxGs4M89XHsjHnIyb+Fuwnamw65QrFvM1tNB1ZMjxJ3x+YmHLHdtT3BEBcr3/NCRHd2S0HoBspNz9HVgJaZY1llR7poKBvnAc4g1i+QTvyVb00PtKxR9Lw/9ABInX/1pzpxqrPy7Ib2OP8z6dd3WHmIsCiSHUaj0Dxwwln6fYJjhxZ141SnbovlCLYtrsZLXoi9ljIqX4xO0PwMI2RfNc9cXxTRrRS6rEOvX7PpvgXiDXhp592Yyp4=
+ </dsig:X509Certificate>
+ </dsig:X509Data>
+ </dsig:KeyInfo>
+ <dsig:Object>
+ <dsig:Manifest Id="manifest">
+ <dsig:Reference URI="">
+ <dsig:Transforms>
+ <dsig:Transform
+ Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116">
+ <dsig:XPath>not(ancestor-or-self::dsig:Signature)
+ </dsig:XPath>
+ </dsig:Transform>
+ </dsig:Transforms>
+ <dsig:DigestMethod
+ Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <dsig:DigestValue>8e7RjLnA4Mgltq5ruIJzheKGxu0=
+ </dsig:DigestValue>
+ </dsig:Reference>
+ </dsig:Manifest>
+ </dsig:Object>
+ </dsig:Signature>
</saml:Assertion> \ No newline at end of file
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasAttributePostProcessingTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasAttributePostProcessingTest.java
new file mode 100644
index 00000000..55a3ce99
--- /dev/null
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasAttributePostProcessingTest.java
@@ -0,0 +1,458 @@
+/*
+ * Copyright 2018 A-SIT Plus GmbH
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "License");
+ * You may not use this work except in compliance with the License.
+ * You may obtain a copy of the License at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test;
+
+import static org.junit.Assert.fail;
+
+import java.io.IOException;
+import java.text.SimpleDateFormat;
+import java.util.HashMap;
+import java.util.Map;
+
+import org.joda.time.DateTime;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.test.annotation.DirtiesContext;
+import org.springframework.test.annotation.DirtiesContext.ClassMode;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.ErnbEidData;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.CcSpecificEidProcessingService;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration("/SpringTest-context_tasks_test.xml")
+@DirtiesContext(classMode = ClassMode.AFTER_CLASS)
+public class EidasAttributePostProcessingTest {
+
+ @Autowired
+ private CcSpecificEidProcessingService postProcessor;
+
+ // lower case
+ private static final String P1_eIDASID =
+ "DE/AT/532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25";
+ private static final String P1_GIVENNAME = "Max";
+ private static final String P1_FAMILYNAME = "Mustermann";
+ private static final DateTime P1_DATEOFBIRTH = DateTime.now();
+ private static final String P1_PLACEOFBIRTH = "Nirgendwo";
+ private static final String P1_BIRTHNAME = "Musterkind";
+
+ // mixed
+ private static final String P3_eIDASID =
+ "DE/AT/532eaabd9574880dbf76b9b8cc00832c20A6ec113d682299550d7a6e0f345e25";
+ private static final String P3_GIVENNAME = "Max";
+ private static final String P3_FAMILYNAME = "Mustermann";
+ private static final DateTime P3_DATEOFBIRTH = DateTime.now();
+ private static final String P3_PLACEOFBIRTH = "Nirgendwo";
+ private static final String P3_BIRTHNAME = "Musterkind";
+
+ // upper case
+ private static final String P4_eIDASID =
+ "DE/AT/532EAABD9574880DBF76B9B8CC00832C20A6EC113D682299550D7A6E0F345E25";
+ private static final String P4_GIVENNAME = "Max";
+ private static final String P4_FAMILYNAME = "Mustermann";
+ private static final DateTime P4_DATEOFBIRTH = DateTime.now();
+ private static final String P4_PLACEOFBIRTH = "Nirgendwo";
+ private static final String P4_BIRTHNAME = "Musterkind";
+
+ // To long identifier
+ private static final String P5_eIDASID =
+ "DE/AT/532EAABD9574880DBF76B9B8CC00832C20A6EC113D682299550D7A6E0F345E251";
+ private static final String P5_GIVENNAME = "Max";
+ private static final String P5_FAMILYNAME = "Mustermann";
+ private static final DateTime P5_DATEOFBIRTH = DateTime.now();
+ private static final String P5_PLACEOFBIRTH = "Nirgendwo";
+ private static final String P5_BIRTHNAME = "Musterkind";
+
+ // to short identifier
+ private static final String P6_eIDASID = "DE/AT/532EAABD9574880DBF76B9B8CC00832C20A6EC113D682299550D7A6E0F";
+ private static final String P6_GIVENNAME = "Max";
+ private static final String P6_FAMILYNAME = "Mustermann";
+ private static final DateTime P6_DATEOFBIRTH = DateTime.now();
+ private static final String P6_PLACEOFBIRTH = "Nirgendwo";
+ private static final String P6_BIRTHNAME = "Musterkind";
+
+ // no hex encoded identifier
+ private static final String P7_eIDASID = "DE/AT/532EAABD9574880DBF76B9B8CC00832C20A6EC113D682299550D7A6E0F";
+ private static final String P7_GIVENNAME = "Max";
+ private static final String P7_FAMILYNAME = "Mustermann";
+ private static final DateTime P7_DATEOFBIRTH = DateTime.now();
+ private static final String P7_PLACEOFBIRTH = "Nirgendwo";
+ private static final String P7_BIRTHNAME = "Musterkind";
+
+ private static final String P2_eIDASID =
+ "EE/AT/asfasfasdfasdfasdfasdfasdfasvafasdfasdfasdfasdfasdfasvascasdfasdfasdfasdfasdfasdfasdfasdfasdfasdfasd";
+ private static final String P2_GIVENNAME = "Max";
+ private static final String P2_FAMILYNAME = "Mustermann";
+ private static final DateTime P2_DATEOFBIRTH = DateTime.now();
+ private static final String P2_PLACEOFBIRTH = "Nirgendwo";
+ private static final String P2_BIRTHNAME = "Musterkind";
+
+ /**
+ * jUnit class initializer.
+ *
+ * @throws IOException In case of an error
+ */
+ @BeforeClass
+ public static void classInitializer() throws IOException {
+ final String current = new java.io.File(".").toURI().toString();
+ System.setProperty("eidas.ms.configuration", current + "../../basicConfig/default_config.properties");
+
+ }
+
+ @Test
+ public void deWithHexLowerCase() throws Exception {
+ try {
+ final ErnbEidData result = postProcessor.postProcess(
+ generateInputData(
+ P1_eIDASID,
+ P1_FAMILYNAME,
+ P1_GIVENNAME,
+ P1_DATEOFBIRTH,
+ P1_PLACEOFBIRTH,
+ P1_BIRTHNAME));
+
+ validate(result,
+ "Uy6qvZV0iA2/drm4zACDLCCm7BE9aCKZVQ16bg80XiU=",
+ P1_FAMILYNAME,
+ P1_GIVENNAME,
+ P1_DATEOFBIRTH,
+ P1_PLACEOFBIRTH,
+ P1_BIRTHNAME);
+
+ } catch (final Exception e) {
+ e.printStackTrace();
+ fail(e.getMessage());
+
+ }
+ }
+
+ @Test
+ public void deWithHexMixedCase() throws Exception {
+ try {
+ final ErnbEidData result = postProcessor.postProcess(
+ generateInputData(
+ P3_eIDASID,
+ P3_FAMILYNAME,
+ P3_GIVENNAME,
+ P3_DATEOFBIRTH,
+ P3_PLACEOFBIRTH,
+ P3_BIRTHNAME));
+
+ validate(result,
+ "Uy6qvZV0iA2/drm4zACDLCCm7BE9aCKZVQ16bg80XiU=",
+ P3_FAMILYNAME,
+ P3_GIVENNAME,
+ P3_DATEOFBIRTH,
+ P3_PLACEOFBIRTH,
+ P3_BIRTHNAME);
+
+ } catch (final Exception e) {
+ e.printStackTrace();
+ fail(e.getMessage());
+
+ }
+ }
+
+ @Test
+ public void deWithHexUpperCase() throws Exception {
+ try {
+ final ErnbEidData result = postProcessor.postProcess(
+ generateInputData(
+ P4_eIDASID,
+ P4_FAMILYNAME,
+ P4_GIVENNAME,
+ P4_DATEOFBIRTH,
+ P4_PLACEOFBIRTH,
+ P4_BIRTHNAME));
+
+ validate(result,
+ "Uy6qvZV0iA2/drm4zACDLCCm7BE9aCKZVQ16bg80XiU=",
+ P4_FAMILYNAME,
+ P4_GIVENNAME,
+ P4_DATEOFBIRTH,
+ P4_PLACEOFBIRTH,
+ P4_BIRTHNAME);
+
+ } catch (final Exception e) {
+ e.printStackTrace();
+ fail(e.getMessage());
+
+ }
+ }
+
+ @Test
+ public void deWithHexTooLongCase() throws Exception {
+ try {
+ postProcessor.postProcess(
+ generateInputData(
+ P5_eIDASID,
+ P5_FAMILYNAME,
+ P5_GIVENNAME,
+ P5_DATEOFBIRTH,
+ P5_PLACEOFBIRTH,
+ P5_BIRTHNAME));
+
+ } catch (final Exception e) {
+ return;
+
+ }
+
+ fail("Too long input accepted");
+ }
+
+ @Test
+ public void deWithHexTooShortCase() throws Exception {
+ try {
+ postProcessor.postProcess(
+ generateInputData(
+ P6_eIDASID,
+ P6_FAMILYNAME,
+ P6_GIVENNAME,
+ P6_DATEOFBIRTH,
+ P6_PLACEOFBIRTH,
+ P6_BIRTHNAME));
+
+ } catch (final Exception e) {
+ return;
+
+ }
+
+ fail("Too short input accepted");
+ }
+
+ @Test
+ public void deWithNoHexCase() throws Exception {
+ try {
+ postProcessor.postProcess(
+ generateInputData(
+ P7_eIDASID,
+ P7_FAMILYNAME,
+ P7_GIVENNAME,
+ P7_DATEOFBIRTH,
+ P7_PLACEOFBIRTH,
+ P7_BIRTHNAME));
+
+ } catch (final Exception e) {
+ return;
+
+ }
+
+ fail("Not hex encoded input accepted");
+ }
+
+ @Test
+ public void eeTestCase() throws Exception {
+ try {
+ final ErnbEidData result = postProcessor.postProcess(
+ generateInputData(
+ P2_eIDASID,
+ P2_FAMILYNAME,
+ P2_GIVENNAME,
+ P2_DATEOFBIRTH,
+ P2_PLACEOFBIRTH,
+ P2_BIRTHNAME));
+
+ validate(result,
+ "asfasfasdfasdfasdfasdfasdfasvafasdfasdfasdfasdfasdfasvascasdfasdfasdfasdfasdfasdfasdfasdfasdfasdfasd",
+ P2_FAMILYNAME,
+ P2_GIVENNAME,
+ P2_DATEOFBIRTH,
+ P2_PLACEOFBIRTH,
+ P2_BIRTHNAME);
+
+ } catch (final Exception e) {
+ e.printStackTrace();
+ fail(e.getMessage());
+
+ }
+ }
+
+ @Test
+ public void eeTestFamilyNameMissingCase() throws Exception {
+ try {
+ final ErnbEidData result = postProcessor.postProcess(
+ generateInputData(
+ P2_eIDASID,
+ null,
+ P2_GIVENNAME,
+ P2_DATEOFBIRTH,
+ P2_PLACEOFBIRTH,
+ P2_BIRTHNAME));
+
+ validate(result,
+ "asfasfasdfasdfasdfasdfasdfasvafasdfasdfasdfasdfasdfasvascasdfasdfasdfasdfasdfasdfasdfasdfasdfasdfasd",
+ P2_FAMILYNAME,
+ P2_GIVENNAME,
+ P2_DATEOFBIRTH,
+ P2_PLACEOFBIRTH,
+ P2_BIRTHNAME);
+
+ } catch (final Exception e) {
+ return;
+
+ }
+
+ fail("FamilyName missing input accepted");
+
+ }
+
+ @Test
+ public void eeTestGivenNameMissingCase() throws Exception {
+ try {
+ final ErnbEidData result = postProcessor.postProcess(
+ generateInputData(
+ P2_eIDASID,
+ P2_FAMILYNAME,
+ null,
+ P2_DATEOFBIRTH,
+ P2_PLACEOFBIRTH,
+ P2_BIRTHNAME));
+
+ validate(result,
+ "asfasfasdfasdfasdfasdfasdfasvafasdfasdfasdfasdfasdfasvascasdfasdfasdfasdfasdfasdfasdfasdfasdfasdfasd",
+ P2_FAMILYNAME,
+ P2_GIVENNAME,
+ P2_DATEOFBIRTH,
+ P2_PLACEOFBIRTH,
+ P2_BIRTHNAME);
+
+ } catch (final Exception e) {
+ return;
+
+ }
+
+ fail("GivenName missing input accepted");
+
+ }
+
+ @Test
+ public void eeTestDateOfBirthMissingCase() throws Exception {
+ try {
+ final ErnbEidData result = postProcessor.postProcess(
+ generateInputData(
+ P2_eIDASID,
+ P2_FAMILYNAME,
+ P2_GIVENNAME,
+ null,
+ P2_PLACEOFBIRTH,
+ P2_BIRTHNAME));
+
+ validate(result,
+ "asfasfasdfasdfasdfasdfasdfasvafasdfasdfasdfasdfasdfasvascasdfasdfasdfasdfasdfasdfasdfasdfasdfasdfasd",
+ P2_FAMILYNAME,
+ P2_GIVENNAME,
+ P2_DATEOFBIRTH,
+ P2_PLACEOFBIRTH,
+ P2_BIRTHNAME);
+
+ } catch (final Exception e) {
+ return;
+
+ }
+
+ fail("DateOfBirth missing input accepted");
+
+ }
+
+ @Test
+ public void eeTestIdMissingCase() throws Exception {
+ try {
+ final ErnbEidData result = postProcessor.postProcess(
+ generateInputData(
+ null,
+ P2_FAMILYNAME,
+ P2_GIVENNAME,
+ P2_DATEOFBIRTH,
+ P2_PLACEOFBIRTH,
+ P2_BIRTHNAME));
+
+ validate(result,
+ "asfasfasdfasdfasdfasdfasdfasvafasdfasdfasdfasdfasdfasvascasdfasdfasdfasdfasdfasdfasdfasdfasdfasdfasd",
+ P2_FAMILYNAME,
+ P2_GIVENNAME,
+ P2_DATEOFBIRTH,
+ P2_PLACEOFBIRTH,
+ P2_BIRTHNAME);
+
+ } catch (final Exception e) {
+ return;
+
+ }
+
+ fail("eIDAS-Id missing input accepted");
+
+ }
+
+ private Map<String, Object> generateInputData(String id, String familyName, String givenName,
+ DateTime dateOfBirth, String placeOfBirth, String birthName) {
+ final Map<String, Object> result = new HashMap<>();
+ result.put(Constants.eIDAS_ATTR_PERSONALIDENTIFIER, id);
+ result.put(Constants.eIDAS_ATTR_CURRENTGIVENNAME, givenName);
+ result.put(Constants.eIDAS_ATTR_CURRENTFAMILYNAME, familyName);
+ result.put(Constants.eIDAS_ATTR_DATEOFBIRTH, dateOfBirth);
+ result.put(Constants.eIDAS_ATTR_PLACEOFBIRTH, placeOfBirth);
+ result.put(Constants.eIDAS_ATTR_BIRTHNAME, birthName);
+ return result;
+
+ }
+
+ private void validate(ErnbEidData result, String id, String familyName, String givenName,
+ DateTime dateOfBirth, String placeOfBirth, String birthName) {
+ if (!result.getPseudonym().equals(id)) {
+ fail(result.getPseudonym() + "is not equal to " + id);
+ }
+
+ if (!result.getFamilyName().equals(familyName)) {
+ fail(result.getFamilyName() + "is not equal to " + familyName);
+ }
+
+ if (!result.getGivenName().equals(givenName)) {
+ fail(result.getGivenName() + "is not equal to " + givenName);
+ }
+
+ if (!result.getDateOfBirth().equals(dateOfBirth)) {
+ fail(result.getDateOfBirth() + "is not equal to " + dateOfBirth);
+ }
+
+ if (!result.getFormatedDateOfBirth().equals(new SimpleDateFormat("yyyy-MM-dd").format(dateOfBirth
+ .toDate()))) {
+ fail(result.getDateOfBirth() + "is not equal to " + new SimpleDateFormat("yyyy-MM-dd").format(
+ dateOfBirth.toDate()));
+ }
+
+ if (!result.getPlaceOfBirth().equals(placeOfBirth)) {
+ fail(result.getPlaceOfBirth() + "is not equal to " + placeOfBirth);
+ }
+
+ if (!result.getBirthName().equals(birthName)) {
+ fail(result.getBirthName() + "is not equal to " + birthName);
+ }
+
+ }
+
+}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasAuthSpringResourceProviderTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasAuthSpringResourceProviderTest.java
new file mode 100644
index 00000000..aef290f5
--- /dev/null
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasAuthSpringResourceProviderTest.java
@@ -0,0 +1,56 @@
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test;
+
+import java.io.IOException;
+import java.io.InputStream;
+
+import org.apache.commons.io.IOUtils;
+import org.junit.Assert;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.junit.runners.BlockJUnit4ClassRunner;
+import org.springframework.core.io.Resource;
+
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.EidasAuthenticationSpringResourceProvider;
+import at.gv.egiz.eaaf.core.test.TestConstants;
+
+
+
+@RunWith(BlockJUnit4ClassRunner.class)
+public class EidasAuthSpringResourceProviderTest {
+
+ @Test
+ public void testSpringConfig() {
+ final EidasAuthenticationSpringResourceProvider test =
+ new EidasAuthenticationSpringResourceProvider();
+ for (final Resource el : test.getResourcesToLoad()) {
+ try {
+ IOUtils.toByteArray(el.getInputStream());
+
+ } catch (final IOException e) {
+ Assert.fail("Ressouce: " + el.getFilename() + " not found");
+ }
+
+ }
+
+ Assert.assertNotNull("no Name", test.getName());
+ Assert.assertNull("Find package definitions", test.getPackagesToScan());
+
+ }
+
+ @Test
+ public void testSpILoaderConfig() {
+ final InputStream el = this.getClass().getResourceAsStream(TestConstants.TEST_SPI_LOADER_PATH);
+ try {
+ final String spiFile = IOUtils.toString(el, "UTF-8");
+
+ Assert.assertEquals("Wrong classpath in SPI file",
+ EidasAuthenticationSpringResourceProvider.class.getName(), spiFile);
+
+
+ } catch (final IOException e) {
+ Assert.fail("Ressouce: " + TestConstants.TEST_SPI_LOADER_PATH + " not found");
+
+ }
+ }
+
+}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasDataStoreTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasDataStoreTest.java
new file mode 100644
index 00000000..1051bd9f
--- /dev/null
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasDataStoreTest.java
@@ -0,0 +1,118 @@
+/*
+ * Copyright 2018 A-SIT Plus GmbH AT-specific eIDAS Connector has been developed
+ * in a cooperation between EGIZ, A-SIT Plus GmbH, A-SIT, and Graz University of
+ * Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "License");
+ * You may not use this work except in compliance with the License. You may
+ * obtain a copy of the License at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations under
+ * the License.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses. The "NOTICE" text file
+ * is part of the distribution. Any derivative works that you distribute must
+ * include a readable copy of the "NOTICE" text file.
+*/
+
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test;
+
+//import java.security.MessageDigest;
+//
+//import org.apache.commons.lang3.StringUtils;
+//import org.junit.Test;
+//import org.junit.runner.RunWith;
+//import org.springframework.beans.factory.annotation.Autowired;
+//import org.springframework.test.context.ContextConfiguration;
+//import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+//import org.springframework.util.Base64Utils;
+//
+//import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.SQLiteServiceException;
+//import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.eIDASAuthenticationException;
+//import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.eIDASResponseUtils;
+//import at.gv.egiz.eaaf.core.impl.data.Trible;
+//
+//@RunWith(SpringJUnit4ClassRunner.class)
+//@ContextConfiguration("/SpringTest-context_basic_test.xml")
+//public class EidasDataStoreTest {
+//
+// @Autowired
+// private EidasDataStore dataStore;
+//
+// private static final String P1_TRANSID = "123456789";
+// private static final String P1_eIDASID =
+// "DE/AT/121asdf1as5f1as6f1asd2f1asdf1asdf1asd23f1asdf1asdf4sd7fsdf1asdf1asd2f1asd56f7asdf4asdfasdf1";
+//
+// private static final String P2_TRANSID = "987654321";
+// private static final String P2_eIDASID =
+// "EE/AT/asfasfasdfasdfasdfasdfasdfasvafasdfasdfasdfasdfasdfasvascasdfasdfasdfasdfasdfasdfasdfasdfasdfasdfasd";
+//
+// @Test
+// public void dummyTest() {
+//
+// }
+//
+// @Test
+// public void insertTestOne() throws SQLiteServiceException, eIDASAuthenticationException {
+// Trible<String, String, String> eidasId = eIDASResponseUtils.parseEidasPersonalIdentifier(P1_eIDASID);
+// String ernbId = createHashFromUniqueId(eidasId.getThird());
+// dataStore.storeNationalId(
+// P1_TRANSID,
+// eidasId,
+// ernbId);
+//
+// if (StringUtils.isEmpty(dataStore.getEidasRawNationalId(ernbId)) {
+// && dataStore.getEidasRawNationalId(ernbId).equals(eidasId.getThird()))
+// throw new SQLiteServiceException("No eIDAS RAW Id in SQLite DB", null);
+//
+// }
+//
+// if (StringUtils.isEmpty(dataStore.getErnbNationalId(eidasId)) {
+// && dataStore.getErnbNationalId(eidasId).equals(ernbId))
+// throw new SQLiteServiceException("No ERnB Id in SQLite DB", null);
+// }
+//
+// }
+//
+// @Test
+// public void insertTestTwo() throws SQLiteServiceException, eIDASAuthenticationException {
+// Trible<String, String, String> eidasId = eIDASResponseUtils.parseEidasPersonalIdentifier(P2_eIDASID);
+// String ernbId = createHashFromUniqueId(eidasId.getThird());
+// dataStore.storeNationalId(
+// P2_TRANSID,
+// eidasId,
+// ernbId);
+//
+// if (StringUtils.isEmpty(dataStore.getEidasRawNationalId(ernbId)) {
+// && dataStore.getEidasRawNationalId(ernbId).equals(eidasId.getThird()))
+// throw new SQLiteServiceException("No eIDAS RAW Id in SQLite DB", null);
+//
+// }
+//
+// if (StringUtils.isEmpty(dataStore.getErnbNationalId(eidasId)) {
+// && dataStore.getErnbNationalId(eidasId).equals(ernbId))
+// throw new SQLiteServiceException("No ERnB Id in SQLite DB", null);
+//
+// }
+//
+// }
+//
+// private String createHashFromUniqueId(String uniqueId) throws eIDASAuthenticationException {
+// try {
+// MessageDigest md = MessageDigest.getInstance("SHA-256");
+// byte[] hash = md.digest(uniqueId.getBytes("UTF-8"));
+// String hashBase64 = new String(Base64Utils.encode(hash), "UTF-8").replaceAll("\r\n", "");
+// return hashBase64;
+//
+// } catch (Exception ex) {
+// throw new eIDASAuthenticationException("internal.03", new Object[] {}, ex);
+//
+// }
+// }
+//}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasRequestPreProcessingFirstTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasRequestPreProcessingFirstTest.java
new file mode 100644
index 00000000..880c32ae
--- /dev/null
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasRequestPreProcessingFirstTest.java
@@ -0,0 +1,147 @@
+/*
+ * Copyright 2018 A-SIT Plus GmbH
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "License");
+ * You may not use this work except in compliance with the License.
+ * You may obtain a copy of the License at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test;
+
+import java.io.IOException;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.UUID;
+
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.test.annotation.DirtiesContext;
+import org.springframework.test.annotation.DirtiesContext.ClassMode;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidPostProcessingException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.CcSpecificEidProcessingService;
+import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants;
+import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySpConfiguration;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
+import eu.eidas.auth.commons.light.impl.LightRequest;
+import eu.eidas.auth.commons.light.impl.LightRequest.Builder;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration("/SpringTest-context_tasks_test.xml")
+@DirtiesContext(classMode = ClassMode.AFTER_CLASS)
+public class EidasRequestPreProcessingFirstTest {
+
+ @Autowired
+ private IConfigurationWithSP basicConfig;
+ @Autowired
+ private CcSpecificEidProcessingService preProcessor;
+
+ private TestRequestImpl pendingReq;
+ private DummySpConfiguration oaParam;
+ private Builder authnRequestBuilder;
+
+ /**
+ * jUnit class initializer.
+ *
+ * @throws IOException In case of an error
+ */
+ @BeforeClass
+ public static void classInitializer() throws IOException {
+ final String current = new java.io.File(".").toURI().toString();
+ System.setProperty("eidas.ms.configuration", current + "../../basicConfig/default_config.properties");
+
+ }
+
+ /**
+ * jUnit test set-up.
+ *
+ */
+ @Before
+ public void setUp() {
+
+ final Map<String, String> spConfig = new HashMap<>();
+ spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp");
+ spConfig.put("target", "urn:publicid:gv.at:cdid+XX");
+ oaParam = new DummySpConfiguration(spConfig, basicConfig);
+
+ pendingReq = new TestRequestImpl();
+ pendingReq.setSpConfig(oaParam);
+ pendingReq.setPendingReqId(at.gv.egiz.eaaf.core.impl.utils.Random.nextProcessReferenceValue());
+ pendingReq.setAuthUrl("http://test.com/");
+
+ authnRequestBuilder = LightRequest.builder();
+ authnRequestBuilder.id(UUID.randomUUID().toString());
+ authnRequestBuilder.issuer("Test");
+
+ }
+
+ @Test
+ public void prePreProcessGeneric() throws EidPostProcessingException {
+ final String testCountry = "XX";
+ authnRequestBuilder.citizenCountryCode(testCountry);
+ preProcessor.preProcess(testCountry, pendingReq, authnRequestBuilder);
+
+ final LightRequest lightReq = authnRequestBuilder.build();
+
+ Assert.assertEquals("ProviderName is not Static",
+ Constants.DEFAULT_PROPS_EIDAS_NODE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP, lightReq.getProviderName());
+ Assert.assertEquals("no PublicSP", "public", lightReq.getSpType());
+ Assert.assertEquals("Requested attribute size not match", 4, lightReq.getRequestedAttributes().size());
+
+ }
+
+ @Test
+ public void prePreProcessGenericNoCountryCode() throws EidPostProcessingException {
+ final String testCountry = "XX";
+ authnRequestBuilder.citizenCountryCode(testCountry);
+ preProcessor.preProcess(null, pendingReq, authnRequestBuilder);
+
+ final LightRequest lightReq = authnRequestBuilder.build();
+
+ Assert.assertEquals("ProviderName is not Static",
+ Constants.DEFAULT_PROPS_EIDAS_NODE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP, lightReq.getProviderName());
+ Assert.assertEquals("no PublicSP", "public", lightReq.getSpType());
+ Assert.assertEquals("Requested attribute size not match", 4, lightReq.getRequestedAttributes().size());
+
+ }
+
+ @Test
+ public void prePreProcessDE() throws EidPostProcessingException {
+
+ final String testCountry = "DE";
+ authnRequestBuilder.citizenCountryCode(testCountry);
+ preProcessor.preProcess(testCountry, pendingReq, authnRequestBuilder);
+
+ final LightRequest lightReq = authnRequestBuilder.build();
+
+ Assert.assertEquals("ProviderName is not Static",
+ Constants.DEFAULT_PROPS_EIDAS_NODE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP, lightReq.getProviderName());
+ Assert.assertEquals("no PublicSP", "public", lightReq.getSpType());
+ Assert.assertEquals("Requested attribute size not match", 8, lightReq.getRequestedAttributes().size());
+
+ }
+
+}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasRequestPreProcessingSecondTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasRequestPreProcessingSecondTest.java
new file mode 100644
index 00000000..da7e3d85
--- /dev/null
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasRequestPreProcessingSecondTest.java
@@ -0,0 +1,116 @@
+/*
+ * Copyright 2018 A-SIT Plus GmbH
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "License");
+ * You may not use this work except in compliance with the License.
+ * You may obtain a copy of the License at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test;
+
+import java.io.IOException;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.UUID;
+
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.test.annotation.DirtiesContext;
+import org.springframework.test.annotation.DirtiesContext.ClassMode;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidPostProcessingException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.CcSpecificEidProcessingService;
+import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants;
+import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySpConfiguration;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
+import eu.eidas.auth.commons.light.impl.LightRequest;
+import eu.eidas.auth.commons.light.impl.LightRequest.Builder;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration("/SpringTest-context_tasks_test.xml")
+@DirtiesContext(classMode = ClassMode.AFTER_CLASS)
+public class EidasRequestPreProcessingSecondTest {
+
+ @Autowired
+ private IConfigurationWithSP basicConfig;
+ @Autowired
+ private CcSpecificEidProcessingService preProcessor;
+
+ private TestRequestImpl pendingReq;
+ private DummySpConfiguration oaParam;
+ private Builder authnRequestBuilder;
+
+ /**
+ * jUnit class initializer.
+ *
+ * @throws IOException In case of an error
+ */
+ @BeforeClass
+ public static void classInitializer() throws IOException {
+ final String current = new java.io.File(".").toURI().toString();
+ System.setProperty("eidas.ms.configuration", current
+ + "src/test/resources/config/junit_config_1.properties");
+
+ }
+
+ /**
+ * jUnit test set-up.
+ *
+ */
+ @Before
+ public void setUp() {
+
+ final Map<String, String> spConfig = new HashMap<>();
+ spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp");
+ spConfig.put("target", "urn:publicid:gv.at:cdid+XX");
+ oaParam = new DummySpConfiguration(spConfig, basicConfig);
+
+ pendingReq = new TestRequestImpl();
+ pendingReq.setSpConfig(oaParam);
+ pendingReq.setPendingReqId(at.gv.egiz.eaaf.core.impl.utils.Random.nextProcessReferenceValue());
+ pendingReq.setAuthUrl("http://test.com/");
+
+ authnRequestBuilder = LightRequest.builder();
+ authnRequestBuilder.id(UUID.randomUUID().toString());
+ authnRequestBuilder.issuer("Test");
+
+ }
+
+ @Test
+ public void prePreProcessDeUnknownAttribute() throws EidPostProcessingException {
+
+ final String testCountry = "DE";
+ authnRequestBuilder.citizenCountryCode(testCountry);
+ preProcessor.preProcess(testCountry, pendingReq, authnRequestBuilder);
+
+ final LightRequest lightReq = authnRequestBuilder.build();
+
+ Assert.assertEquals("ProviderName is not Static", "myNode", lightReq.getProviderName());
+ Assert.assertEquals("no PublicSP", "public", lightReq.getSpType());
+ Assert.assertEquals("Requested attribute size not match", 8, lightReq.getRequestedAttributes().size());
+
+ }
+
+}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTest.java
new file mode 100644
index 00000000..81a61765
--- /dev/null
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTest.java
@@ -0,0 +1,272 @@
+/*
+ * Copyright 2018 A-SIT Plus GmbH
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "License");
+ * You may not use this work except in compliance with the License.
+ * You may obtain a copy of the License at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test;
+
+import static org.mockito.ArgumentMatchers.any;
+import static org.mockito.Mockito.when;
+
+import java.io.IOException;
+import java.security.InvalidKeyException;
+import java.security.MessageDigest;
+import java.security.NoSuchProviderException;
+
+import javax.xml.bind.JAXBContext;
+import javax.xml.bind.JAXBException;
+import javax.xml.bind.Unmarshaller;
+import javax.xml.parsers.ParserConfigurationException;
+import javax.xml.ws.soap.SOAPFaultException;
+
+import org.apache.commons.lang3.StringUtils;
+import org.apache.cxf.binding.soap.SoapFault;
+import org.junit.Assert;
+import org.junit.BeforeClass;
+import org.junit.Ignore;
+import org.junit.Rule;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import org.springframework.util.Base64Utils;
+import org.w3c.dom.Element;
+import org.xml.sax.SAXException;
+
+import com.skjolberg.mockito.soap.SoapServiceRule;
+
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.SzrCommunicationException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasSAuthenticationException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.szr.SzrClient;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.EidasResponseUtils;
+import at.gv.e_government.reference.namespace.persondata._20020228.PersonNameType;
+import at.gv.e_government.reference.namespace.persondata._20020228.PhysicalPersonType;
+import at.gv.egiz.eaaf.core.api.data.EaafConstants;
+import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
+import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink;
+import at.gv.egiz.eaaf.core.exceptions.EaafParserException;
+import at.gv.egiz.eaaf.core.impl.data.Trible;
+import at.gv.egiz.eaaf.core.impl.idp.auth.data.SimpleIdentityLinkAssertionParser;
+import at.gv.egiz.eaaf.core.impl.utils.DomUtils;
+import szrservices.GetIdentityLinkEidasResponse;
+import szrservices.IdentityLinkType;
+import szrservices.PersonInfoType;
+import szrservices.SZR;
+import szrservices.SZRException_Exception;
+import szrservices.TravelDocumentType;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration("/SpringTest-context_tasks_test.xml")
+public class SzrClientTest {
+ private static final Logger log = LoggerFactory.getLogger(SzrClientTest.class);
+
+ @Autowired
+ SzrClient szrClient;
+ @Autowired
+ IConfiguration basicConfig;
+
+ private static final String givenName = "Franz";
+ private static final String familyName = "Mustermann";
+ private static final String dateOfBirth = "1989-05-05";
+ private static final String eIDASeID = "IS/AT/1234sdgsdfg56789ABCDEF";
+
+ private static final String DUMMY_TARGET = EaafConstants.URN_PREFIX_CDID + "ZP";
+
+ /**
+ * jUnit class initializer.
+ *
+ * @throws IOException In case of an error
+ */
+ @BeforeClass
+ public static void classInitializer() throws IOException {
+ final String current = new java.io.File(".").toURI().toString();
+ System.setProperty("eidas.ms.configuration", current + "../../basicConfig/default_config.properties");
+
+ }
+
+ @Rule
+ public SoapServiceRule soap = SoapServiceRule.newInstance();
+
+ @Test
+ public void getIdentityLinkRawModeValidResponse() throws SZRException_Exception, EaafParserException,
+ NoSuchProviderException, IOException, InvalidKeyException, EidasSAuthenticationException, JAXBException {
+ setSzrResponseIdentityLink("/data/szr/szr_resp_valid_1.xml", "http://localhost:1234/demoszr");
+
+ try {
+ log.debug("Starting connecting SZR Gateway");
+ final IdentityLinkType result = szrClient.getIdentityLinkInRawMode(
+ getPersonInfo());
+
+ Assert.assertNotNull(result);
+ Assert.assertNotNull(result.getAssertion());
+
+ final IIdentityLink identityLink = new SimpleIdentityLinkAssertionParser((Element) result
+ .getAssertion()).parseIdentityLink();
+ Assert.assertNotNull(identityLink);
+
+ System.out.println(identityLink.getSerializedSamlAssertion());
+
+ checkElement("Mustermann", identityLink.getFamilyName());
+ checkElement("Hans", identityLink.getGivenName());
+ checkElement("1989-05-05", identityLink.getDateOfBirth());
+ checkElement("urn:publicid:gv.at:baseid", identityLink.getIdentificationType());
+ checkElement("k+zDM1BVpN1WJO4x7ZQ3ng==", identityLink.getIdentificationValue());
+ Assert.assertNotNull(identityLink.getSerializedSamlAssertion());
+ Assert.assertNotNull(identityLink.getSamlAssertion());
+
+ } catch (final SzrCommunicationException e) {
+ Assert.fail();
+
+ }
+
+ }
+
+ @Test
+ public void getIdentityLinkRawModeErrorTravelerDocExists() throws SZRException_Exception,
+ EaafParserException, NoSuchProviderException, IOException, InvalidKeyException,
+ EidasSAuthenticationException, JAXBException, ParserConfigurationException, SAXException {
+ setSzrExceptionIdentityLink("/data/szr/szr_resp_error_travelerdocexists.xml",
+ "http://localhost:1234/demoszr");
+
+ try {
+ log.debug("Starting connecting SZR Gateway");
+ szrClient.getIdentityLinkInRawMode(
+ getPersonInfo());
+ Assert.fail();
+
+ } catch (final SzrCommunicationException e) {
+ checkElement("ernb.02", e.getErrorId());
+ Assert.assertNotNull(e.getCause());
+ org.springframework.util.Assert.isInstanceOf(SOAPFaultException.class, e.getCause());
+ Assert.assertNotNull(((SOAPFaultException) e.getCause()).getFault());
+ checkElement("p344:F455", ((SOAPFaultException) e.getCause()).getFault().getFaultCode());
+ checkElement(
+ "The travel document you sent to insert a person already exists for another person. "
+ + "Either check the document or have the person altered accordingly",
+ ((SOAPFaultException) e.getCause()).getFault().getFaultString());
+
+ }
+
+ }
+
+ @Ignore
+ @Test
+ public void getBpkTest() throws SZRException_Exception, EidasSAuthenticationException {
+ final String bPK = szrClient.getBpk(getPersonInfo(), DUMMY_TARGET,
+ basicConfig.getBasicConfiguration(
+ Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_VKZ,
+ "no VKZ defined"));
+
+ if (StringUtils.isEmpty(bPK)) {
+ throw new SzrCommunicationException("ernb.01", new Object[] { "bPK is null or empty" });
+ }
+
+ }
+
+ private void checkElement(String expected, String value) {
+ Assert.assertNotNull(value);
+ Assert.assertEquals(expected, value);
+
+ }
+
+ private void setSzrResponseIdentityLink(String responseXmlPath, String serviceUrl) throws JAXBException,
+ SZRException_Exception {
+ final SZR szrServiceMock = soap.mock(SZR.class, serviceUrl);
+ final JAXBContext jaxbContext = JAXBContext.newInstance(
+ szrservices.ObjectFactory.class,
+ org.xmlsoap.schemas.ws._2002._04.secext.ObjectFactory.class,
+ org.w3._2001._04.xmldsig_more.ObjectFactory.class,
+ org.w3._2000._09.xmldsig.ObjectFactory.class,
+ at.gv.egov.pvp1.ObjectFactory.class,
+ at.gv.e_government.reference.namespace.persondata._20020228.ObjectFactory.class);
+ final Unmarshaller jaxbUnmarshaller = jaxbContext.createUnmarshaller();
+ final GetIdentityLinkEidasResponse szrResponse = (GetIdentityLinkEidasResponse) jaxbUnmarshaller
+ .unmarshal(this.getClass().getResourceAsStream(responseXmlPath));
+ when(szrServiceMock.getIdentityLinkEidas(any(PersonInfoType.class))).thenReturn(szrResponse
+ .getGetIdentityLinkReturn());
+
+ }
+
+ private void setSzrExceptionIdentityLink(String responseXmlPath, String serviceUrl) throws JAXBException,
+ ParserConfigurationException, SAXException, IOException, SZRException_Exception {
+ final SZR szrServiceMock = soap.mock(SZR.class, serviceUrl);
+ final Element detailerror = DomUtils.parseXmlNonValidating(this.getClass().getResourceAsStream(
+ responseXmlPath));
+ final javax.xml.namespace.QName qName = new javax.xml.namespace.QName("urn:SZRServices", "F455", "p344");
+ final SoapFault fault = new SoapFault(
+ "The travel document you sent to insert a person already exists for another person. "
+ + "Either check the document or have the person altered accordingly",
+ qName);
+ fault.setRole("urn:SZRServices");
+ fault.setDetail(detailerror);
+ when(szrServiceMock.getIdentityLinkEidas(any(PersonInfoType.class))).thenThrow(fault);
+
+ }
+
+ private String createHashFromUniqueId(String uniqueId) throws EidasSAuthenticationException {
+ try {
+ final MessageDigest md = MessageDigest.getInstance("SHA-256");
+ final byte[] hash = md.digest(uniqueId.getBytes("UTF-8"));
+ final String hashBase64 = new String(Base64Utils.encode(hash), "UTF-8").replaceAll("\r\n", "");
+ return hashBase64;
+
+ } catch (final Exception ex) {
+ throw new EidasSAuthenticationException("internal.03", new Object[] {}, ex);
+
+ }
+ }
+
+ private PersonInfoType getPersonInfo() throws EidasSAuthenticationException {
+ final PersonInfoType personInfo = new PersonInfoType();
+ final PersonNameType personName = new PersonNameType();
+ final PhysicalPersonType naturalPerson = new PhysicalPersonType();
+ final TravelDocumentType eDocument = new TravelDocumentType();
+
+ naturalPerson.setName(personName);
+ personInfo.setPerson(naturalPerson);
+ personInfo.setTravelDocument(eDocument);
+
+ // parse some eID attributes
+ final Trible<String, String, String> eIdentifier =
+ EidasResponseUtils.parseEidasPersonalIdentifier(eIDASeID);
+ final String uniqueId = createHashFromUniqueId(eIdentifier.getThird());
+ final String citizenCountry = eIdentifier.getFirst();
+
+ // person information
+ personName.setFamilyName(familyName);
+ personName.setGivenName(givenName);
+ naturalPerson.setDateOfBirth(dateOfBirth);
+ eDocument.setIssuingCountry(citizenCountry);
+ eDocument.setDocumentNumber(uniqueId);
+
+ // eID document information
+ eDocument.setDocumentType(basicConfig.getBasicConfiguration(
+ Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_EDOCUMENTTYPE,
+ Constants.SZR_CONSTANTS_DEFAULT_DOCUMENT_TYPE));
+
+ return personInfo;
+ }
+
+}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTestProduction.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTestProduction.java
new file mode 100644
index 00000000..772f94b3
--- /dev/null
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTestProduction.java
@@ -0,0 +1,189 @@
+/*
+ * Copyright 2018 A-SIT Plus GmbH
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "License");
+ * You may not use this work except in compliance with the License.
+ * You may obtain a copy of the License at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test;
+
+import java.io.IOException;
+import java.security.InvalidKeyException;
+import java.security.MessageDigest;
+import java.security.NoSuchProviderException;
+
+import org.apache.commons.lang3.StringUtils;
+import org.junit.Ignore;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import org.springframework.util.Base64Utils;
+import org.w3c.dom.Element;
+
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.SzrCommunicationException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasSAuthenticationException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.szr.SzrClient;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.EidasResponseUtils;
+import at.gv.e_government.reference.namespace.persondata._20020228.PersonNameType;
+import at.gv.e_government.reference.namespace.persondata._20020228.PhysicalPersonType;
+import at.gv.egiz.eaaf.core.api.data.EaafConstants;
+import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
+import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink;
+import at.gv.egiz.eaaf.core.exceptions.EaafParserException;
+import at.gv.egiz.eaaf.core.impl.data.Trible;
+import at.gv.egiz.eaaf.core.impl.idp.auth.data.SimpleIdentityLinkAssertionParser;
+import szrservices.IdentityLinkType;
+import szrservices.PersonInfoType;
+import szrservices.SZRException_Exception;
+import szrservices.TravelDocumentType;
+
+@Ignore
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration("/SpringTest-context_basic_test.xml")
+public class SzrClientTestProduction {
+ private static final Logger log = LoggerFactory.getLogger(SzrClientTestProduction.class);
+
+ @Autowired
+ SzrClient szrClient;
+ @Autowired
+ IConfiguration basicConfig;
+
+ private static final String givenName = "Franz";
+ private static final String familyName = "Mustermann";
+ // private static final String dateOfBirth = "1989-05-05";
+ private static final String dateOfBirth = "1989-05-04";
+ private static final String eIDASeID = "IS/AT/1234sdgsdfg56789ABCDEF";
+
+ private static final String DUMMY_TARGET = EaafConstants.URN_PREFIX_CDID + "ZP";
+
+ @Test
+ public void dummyTest() {
+
+ }
+
+ @Test
+ public void getIdentityLinkRawMode() throws SZRException_Exception, EaafParserException,
+ NoSuchProviderException, IOException, InvalidKeyException, EidasSAuthenticationException {
+ log.debug("Starting connecting SZR Gateway");
+ final IdentityLinkType result = szrClient.getIdentityLinkInRawMode(
+ getPersonInfo());
+
+ final Element idlFromSzr = (Element) result.getAssertion();
+ final IIdentityLink identityLink = new SimpleIdentityLinkAssertionParser(idlFromSzr).parseIdentityLink();
+
+ if (identityLink == null) {
+ throw new SzrCommunicationException("ernb.00", new Object[] { "NO IDL object" });
+ }
+
+ System.out.println(identityLink.getSerializedSamlAssertion());
+
+ if (StringUtils.isEmpty(identityLink.getFamilyName())) {
+ throw new SzrCommunicationException("ernb.00", new Object[] { "NO FamilyName from IDL" });
+ }
+
+ if (StringUtils.isEmpty(identityLink.getGivenName())) {
+ throw new SzrCommunicationException("ernb.00", new Object[] { "NO GivenName from IDL" });
+ }
+
+ if (StringUtils.isEmpty(identityLink.getDateOfBirth())) {
+ throw new SzrCommunicationException("ernb.00", new Object[] { "NO DateOfBirthName from IDL" });
+ }
+
+ if (StringUtils.isEmpty(identityLink.getIdentificationType())) {
+ throw new SzrCommunicationException("ernb.00", new Object[] { "NO baseIdType from IDL" });
+ }
+
+ if (StringUtils.isEmpty(identityLink.getIdentificationValue())) {
+ throw new SzrCommunicationException("ernb.00", new Object[] { "NO baseId from IDL" });
+ }
+
+ if (StringUtils.isEmpty(identityLink.getSerializedSamlAssertion())) {
+ throw new SzrCommunicationException("ernb.00", new Object[] { "NO serialized IDL" });
+ }
+
+ if (identityLink.getSamlAssertion() == null) {
+ throw new SzrCommunicationException("ernb.00", new Object[] { "NO raw IDL" });
+ }
+
+ }
+
+
+ @Ignore
+ @Test
+ public void getBpkTest() throws SZRException_Exception, EidasSAuthenticationException {
+ final String bPK = szrClient.getBpk(getPersonInfo(), DUMMY_TARGET,
+ basicConfig.getBasicConfiguration(
+ Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_VKZ,
+ "no VKZ defined"));
+
+ if (StringUtils.isEmpty(bPK)) {
+ throw new SzrCommunicationException("ernb.01", new Object[] { "bPK is null or empty" });
+ }
+
+ }
+
+ private String createHashFromUniqueId(String uniqueId) throws EidasSAuthenticationException {
+ try {
+ final MessageDigest md = MessageDigest.getInstance("SHA-256");
+ final byte[] hash = md.digest(uniqueId.getBytes("UTF-8"));
+ final String hashBase64 = new String(Base64Utils.encode(hash), "UTF-8").replaceAll("\r\n", "");
+ return hashBase64;
+
+ } catch (final Exception ex) {
+ throw new EidasSAuthenticationException("internal.03", new Object[] {}, ex);
+
+ }
+ }
+
+ private PersonInfoType getPersonInfo() throws EidasSAuthenticationException {
+ final PersonInfoType personInfo = new PersonInfoType();
+ final PersonNameType personName = new PersonNameType();
+ final PhysicalPersonType naturalPerson = new PhysicalPersonType();
+ final TravelDocumentType eDocument = new TravelDocumentType();
+
+ naturalPerson.setName(personName);
+ personInfo.setPerson(naturalPerson);
+ personInfo.setTravelDocument(eDocument);
+
+ // parse some eID attributes
+ final Trible<String, String, String> eIdentifier =
+ EidasResponseUtils.parseEidasPersonalIdentifier(eIDASeID);
+ final String uniqueId = createHashFromUniqueId(eIdentifier.getThird());
+ final String citizenCountry = eIdentifier.getFirst();
+
+ // person information
+ personName.setFamilyName(familyName);
+ personName.setGivenName(givenName);
+ naturalPerson.setDateOfBirth(dateOfBirth);
+ eDocument.setIssuingCountry(citizenCountry);
+ eDocument.setDocumentNumber(uniqueId);
+
+ // eID document information
+ eDocument.setDocumentType(basicConfig.getBasicConfiguration(
+ Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_EDOCUMENTTYPE,
+ Constants.SZR_CONSTANTS_DEFAULT_DOCUMENT_TYPE));
+
+ return personInfo;
+ }
+}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/dummy/DummySpecificCommunicationService.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/dummy/DummySpecificCommunicationService.java
new file mode 100644
index 00000000..d2b0c1ae
--- /dev/null
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/dummy/DummySpecificCommunicationService.java
@@ -0,0 +1,58 @@
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.dummy;
+
+import java.util.Collection;
+
+import eu.eidas.auth.commons.attribute.AttributeDefinition;
+import eu.eidas.auth.commons.light.ILightRequest;
+import eu.eidas.auth.commons.light.ILightResponse;
+import eu.eidas.auth.commons.tx.BinaryLightToken;
+import eu.eidas.specificcommunication.BinaryLightTokenHelper;
+import eu.eidas.specificcommunication.exception.SpecificCommunicationException;
+import eu.eidas.specificcommunication.protocol.SpecificCommunicationService;
+
+public class DummySpecificCommunicationService implements SpecificCommunicationService {
+
+ private ILightRequest lightRequest;
+ private ILightResponse lightResponse;
+
+ @Override
+ public BinaryLightToken putRequest(ILightRequest lightRequest) throws SpecificCommunicationException {
+ this.lightRequest = lightRequest;
+ return BinaryLightTokenHelper.createBinaryLightToken("Test", "TestSecret", "SHA-256");
+ }
+
+ @Override
+ public ILightRequest getAndRemoveRequest(String tokenBase64, Collection<AttributeDefinition<?>> registry)
+ throws SpecificCommunicationException {
+ return lightRequest;
+ }
+
+ @Override
+ public BinaryLightToken putResponse(ILightResponse lightResponse) throws SpecificCommunicationException {
+ this.lightResponse = lightResponse;
+ return BinaryLightTokenHelper.createBinaryLightToken("Test", "TestSecret", "SHA-256");
+ }
+
+ @Override
+ public ILightResponse getAndRemoveResponse(String tokenBase64, Collection<AttributeDefinition<?>> registry)
+ throws SpecificCommunicationException {
+ return lightResponse;
+ }
+
+ public ILightRequest getiLightRequest() {
+ return lightRequest;
+ }
+
+ public void setiLightRequest(ILightRequest lightReques) {
+ this.lightRequest = lightReques;
+ }
+
+ public ILightResponse getiLightResponse() {
+ return lightResponse;
+ }
+
+ public void setiLightResponse(ILightResponse lightResponse) {
+ this.lightResponse = lightResponse;
+ }
+
+}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAuthnRequestTaskFirstTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAuthnRequestTaskFirstTest.java
new file mode 100644
index 00000000..e8fcdd3d
--- /dev/null
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAuthnRequestTaskFirstTest.java
@@ -0,0 +1,122 @@
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.tasks;
+
+import java.io.IOException;
+import java.util.HashMap;
+import java.util.Map;
+
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
+import org.springframework.test.annotation.DirtiesContext;
+import org.springframework.test.annotation.DirtiesContext.ClassMode;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+
+import at.asitplus.eidas.specific.connector.MsEidasNodeConstants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.GenerateAuthnRequestTask;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.test.dummy.DummySpecificCommunicationService;
+import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants;
+import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
+import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException;
+import at.gv.egiz.eaaf.core.exceptions.EaafException;
+import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySpConfiguration;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
+import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl;
+import eu.eidas.auth.commons.light.ILightRequest;
+import eu.eidas.specificcommunication.exception.SpecificCommunicationException;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration("/SpringTest-context_tasks_test.xml")
+@DirtiesContext(classMode = ClassMode.BEFORE_CLASS)
+public class GenerateAuthnRequestTaskFirstTest {
+
+ @Autowired(required = true)
+ private GenerateAuthnRequestTask task;
+ @Autowired(required = true)
+ private DummySpecificCommunicationService commService;
+ @Autowired(required = true)
+ private IConfiguration basicConfig;
+
+ final ExecutionContext executionContext = new ExecutionContextImpl();
+ private MockHttpServletRequest httpReq;
+ private MockHttpServletResponse httpResp;
+ private TestRequestImpl pendingReq;
+ private DummySpConfiguration oaParam;
+
+ /**
+ * jUnit class initializer.
+ *
+ * @throws IOException In case of an error
+ */
+ @BeforeClass
+ public static void classInitializer() throws IOException {
+ final String current = new java.io.File(".").toURI().toString();
+ System.setProperty("eidas.ms.configuration", current
+ + "src/test/resources/config/junit_config_1.properties");
+
+ }
+
+ /**
+ * jUnit test set-up.
+ *
+ */
+ @Before
+ public void setUp() {
+
+ httpReq = new MockHttpServletRequest("POST", "https://localhost/authhandler");
+ httpResp = new MockHttpServletResponse();
+ RequestContextHolder.resetRequestAttributes();
+ RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp));
+
+ final Map<String, String> spConfig = new HashMap<>();
+ spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp");
+ spConfig.put("target", "urn:publicid:gv.at:cdid+XX");
+ oaParam = new DummySpConfiguration(spConfig, basicConfig);
+
+ pendingReq = new TestRequestImpl();
+ pendingReq.setSpConfig(oaParam);
+ pendingReq.setPendingReqId(at.gv.egiz.eaaf.core.impl.utils.Random.nextProcessReferenceValue());
+ pendingReq.setAuthUrl("http://test.com/");
+
+ }
+
+ @Test
+ @DirtiesContext
+ public void withCustomStaticProviderNameForPublicSPs() throws TaskExecutionException,
+ SpecificCommunicationException {
+ executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "CC");
+
+ try {
+ task.execute(pendingReq, executionContext);
+
+ } catch (final TaskExecutionException e) {
+ // forward URL is not set in example config
+ org.springframework.util.Assert.isInstanceOf(EaafConfigurationException.class, e.getOriginalException(),
+ "Wrong exception");
+ Assert.assertEquals("wrong errorCode", "config.08", ((EaafException) e.getOriginalException())
+ .getErrorId());
+ Assert.assertEquals("wrong parameter size", 1, ((EaafException) e.getOriginalException())
+ .getParams().length);
+ Assert.assertEquals("wrong errorMsg", Constants.CONIG_PROPS_EIDAS_NODE_FORWARD_URL, ((EaafException) e
+ .getOriginalException()).getParams()[0]);
+
+ }
+
+ final ILightRequest eidasReq = commService.getAndRemoveRequest(null, null);
+
+ Assert.assertEquals("ProviderName is not Static", "myNode", eidasReq.getProviderName());
+ Assert.assertEquals("no PublicSP", "public", eidasReq.getSpType());
+ Assert.assertEquals("wrong LoA", "http://eidas.europa.eu/LoA/high", eidasReq.getLevelOfAssurance());
+ }
+
+}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAuthnRequestTaskSecondTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAuthnRequestTaskSecondTest.java
new file mode 100644
index 00000000..10896f48
--- /dev/null
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAuthnRequestTaskSecondTest.java
@@ -0,0 +1,140 @@
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.tasks;
+
+import java.io.IOException;
+import java.util.HashMap;
+import java.util.Map;
+
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
+import org.springframework.test.annotation.DirtiesContext;
+import org.springframework.test.annotation.DirtiesContext.ClassMode;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+
+import at.asitplus.eidas.specific.connector.MsEidasNodeConstants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasSAuthenticationException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.GenerateAuthnRequestTask;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.test.dummy.DummySpecificCommunicationService;
+import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants;
+import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
+import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException;
+import at.gv.egiz.eaaf.core.exceptions.EaafException;
+import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySpConfiguration;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
+import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl;
+import eu.eidas.auth.commons.light.ILightRequest;
+import eu.eidas.specificcommunication.exception.SpecificCommunicationException;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration("/SpringTest-context_tasks_test.xml")
+@DirtiesContext(classMode = ClassMode.BEFORE_CLASS)
+public class GenerateAuthnRequestTaskSecondTest {
+
+ @Autowired(required = true)
+ private GenerateAuthnRequestTask task;
+ @Autowired(required = true)
+ private DummySpecificCommunicationService commService;
+ @Autowired(required = true)
+ private IConfiguration basicConfig;
+
+ final ExecutionContext executionContext = new ExecutionContextImpl();
+ private MockHttpServletRequest httpReq;
+ private MockHttpServletResponse httpResp;
+ private TestRequestImpl pendingReq;
+ private DummySpConfiguration oaParam;
+
+ /**
+ * jUnit class initializer.
+ *
+ * @throws IOException In case of an error
+ */
+ @BeforeClass
+ public static void classInitializer() throws IOException {
+ final String current = new java.io.File(".").toURI().toString();
+ System.setProperty("eidas.ms.configuration", current + "../../basicConfig/default_config.properties");
+
+ }
+
+ /**
+ * jUnit test set-up.
+ *
+ */
+ @Before
+ public void setUp() {
+
+ httpReq = new MockHttpServletRequest("POST", "https://localhost/authhandler");
+ httpResp = new MockHttpServletResponse();
+ RequestContextHolder.resetRequestAttributes();
+ RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp));
+
+ final Map<String, String> spConfig = new HashMap<>();
+ spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp");
+ spConfig.put("target", "urn:publicid:gv.at:cdid+XX");
+ oaParam = new DummySpConfiguration(spConfig, basicConfig);
+
+ pendingReq = new TestRequestImpl();
+ pendingReq.setSpConfig(oaParam);
+ pendingReq.setPendingReqId(at.gv.egiz.eaaf.core.impl.utils.Random.nextProcessReferenceValue());
+ pendingReq.setAuthUrl("http://test.com/");
+
+ }
+
+ @Test
+ public void noCountryCode() {
+ try {
+ task.execute(pendingReq, executionContext);
+ Assert.fail("No countryCode not detected");
+
+ } catch (final TaskExecutionException e) {
+ Assert.assertEquals("wrong pendingReqId", pendingReq.getPendingRequestId(), e.getPendingRequestID());
+ org.springframework.util.Assert.isInstanceOf(EidasSAuthenticationException.class, e
+ .getOriginalException(), "Wrong exception");
+ Assert.assertEquals("wrong errorCode", "eidas.03", ((EaafException) e.getOriginalException())
+ .getErrorId());
+
+ }
+
+ }
+
+ @Test
+ @DirtiesContext
+ public void withStaticProviderNameForPublicSPs() throws TaskExecutionException,
+ SpecificCommunicationException {
+ executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "CC");
+
+ try {
+ task.execute(pendingReq, executionContext);
+
+ } catch (final TaskExecutionException e) {
+ // forward URL is not set in example config
+ org.springframework.util.Assert.isInstanceOf(EaafConfigurationException.class, e.getOriginalException(),
+ "Wrong exception");
+ Assert.assertEquals("wrong errorCode", "config.08", ((EaafException) e.getOriginalException())
+ .getErrorId());
+ Assert.assertEquals("wrong parameter size", 1, ((EaafException) e.getOriginalException())
+ .getParams().length);
+ Assert.assertEquals("wrong errorMsg", Constants.CONIG_PROPS_EIDAS_NODE_FORWARD_URL, ((EaafException) e
+ .getOriginalException()).getParams()[0]);
+
+ }
+
+ final ILightRequest eidasReq = commService.getAndRemoveRequest(null, null);
+
+ Assert.assertEquals("ProviderName is not Static",
+ Constants.DEFAULT_PROPS_EIDAS_NODE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP, eidasReq.getProviderName());
+ Assert.assertEquals("no PublicSP", "public", eidasReq.getSpType());
+ Assert.assertEquals("wrong LoA", "http://eidas.europa.eu/LoA/high", eidasReq.getLevelOfAssurance());
+ }
+
+}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAuthnRequestTaskThirdTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAuthnRequestTaskThirdTest.java
new file mode 100644
index 00000000..f2e44ed1
--- /dev/null
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAuthnRequestTaskThirdTest.java
@@ -0,0 +1,106 @@
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.tasks;
+
+import java.io.IOException;
+import java.util.HashMap;
+import java.util.Map;
+
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
+import org.springframework.test.annotation.DirtiesContext;
+import org.springframework.test.annotation.DirtiesContext.ClassMode;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+
+import at.asitplus.eidas.specific.connector.MsEidasNodeConstants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.GenerateAuthnRequestTask;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.test.dummy.DummySpecificCommunicationService;
+import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants;
+import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
+import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySpConfiguration;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
+import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl;
+import eu.eidas.auth.commons.light.ILightRequest;
+import eu.eidas.specificcommunication.exception.SpecificCommunicationException;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration("/SpringTest-context_tasks_test.xml")
+@DirtiesContext(classMode = ClassMode.BEFORE_CLASS)
+public class GenerateAuthnRequestTaskThirdTest {
+
+ @Autowired(required = true)
+ private GenerateAuthnRequestTask task;
+ @Autowired(required = true)
+ private DummySpecificCommunicationService commService;
+ @Autowired(required = true)
+ private IConfiguration basicConfig;
+
+ final ExecutionContext executionContext = new ExecutionContextImpl();
+ private MockHttpServletRequest httpReq;
+ private MockHttpServletResponse httpResp;
+ private TestRequestImpl pendingReq;
+ private DummySpConfiguration oaParam;
+
+ /**
+ * jUnit class initializer.
+ *
+ * @throws IOException In case of an error
+ */
+ @BeforeClass
+ public static void classInitializer() throws IOException {
+ final String current = new java.io.File(".").toURI().toString();
+ System.setProperty("eidas.ms.configuration", current
+ + "src/test/resources/config/junit_config_2.properties");
+
+ }
+
+ /**
+ * jUnit test set-up.
+ *
+ */
+ @Before
+ public void setUp() {
+
+ httpReq = new MockHttpServletRequest("POST", "https://localhost/authhandler");
+ httpResp = new MockHttpServletResponse();
+ RequestContextHolder.resetRequestAttributes();
+ RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp));
+
+ final Map<String, String> spConfig = new HashMap<>();
+ spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp");
+ spConfig.put("target", "urn:publicid:gv.at:cdid+XX");
+ oaParam = new DummySpConfiguration(spConfig, basicConfig);
+
+ pendingReq = new TestRequestImpl();
+ pendingReq.setSpConfig(oaParam);
+ pendingReq.setPendingReqId(at.gv.egiz.eaaf.core.impl.utils.Random.nextProcessReferenceValue());
+ pendingReq.setAuthUrl("http://test.com/");
+
+ }
+
+ @Test
+ @DirtiesContext
+ public void withDynamicProviderNameForPublicSPs() throws TaskExecutionException,
+ SpecificCommunicationException {
+ executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "CC");
+
+ task.execute(pendingReq, executionContext);
+ Assert.assertEquals("Wrong http statusCode", 302, httpResp.getStatus());
+
+ final ILightRequest eidasReq = commService.getAndRemoveRequest(null, null);
+
+ Assert.assertNull("ProviderName found", eidasReq.getProviderName());
+ Assert.assertEquals("no PublicSP", "public", eidasReq.getSpType());
+ Assert.assertEquals("wrong LoA", "http://eidas.europa.eu/LoA/high", eidasReq.getLevelOfAssurance());
+ }
+
+}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/SZRClientTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/SZRClientTest.java
deleted file mode 100644
index 825fe205..00000000
--- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/SZRClientTest.java
+++ /dev/null
@@ -1,310 +0,0 @@
-/*******************************************************************************
- * Copyright 2018 A-SIT Plus GmbH
- * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
- * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "License");
- * You may not use this work except in compliance with the License.
- * You may obtain a copy of the License at:
- * https://joinup.ec.europa.eu/news/understanding-eupl-v12
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-package at.asitplus.test.eidas.specific.modules.authmodule_eIDASv2;
-
-import static org.mockito.ArgumentMatchers.any;
-import static org.mockito.Mockito.when;
-
-import java.io.IOException;
-import java.security.InvalidKeyException;
-import java.security.MessageDigest;
-import java.security.NoSuchProviderException;
-import java.util.List;
-
-import javax.xml.bind.JAXBContext;
-import javax.xml.bind.JAXBException;
-import javax.xml.bind.Unmarshaller;
-import javax.xml.parsers.ParserConfigurationException;
-import javax.xml.ws.soap.SOAPFaultException;
-
-import org.apache.commons.lang3.StringUtils;
-import org.apache.cxf.binding.soap.SoapFault;
-import org.junit.Assert;
-import org.junit.BeforeClass;
-import org.junit.Ignore;
-import org.junit.Rule;
-import org.junit.Test;
-import org.junit.runner.RunWith;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.test.context.ContextConfiguration;
-import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
-import org.springframework.util.Base64Utils;
-import org.w3._2000._09.xmldsig.KeyValueType;
-import org.w3c.dom.Element;
-import org.xml.sax.SAXException;
-
-import com.skjolberg.mockito.soap.SoapServiceRule;
-
-import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.Constants;
-import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.SZRCommunicationException;
-import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.eIDASAuthenticationException;
-import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.szr.SZRClient;
-import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.utils.eIDASResponseUtils;
-import at.gv.e_government.reference.namespace.persondata._20020228.PersonNameType;
-import at.gv.e_government.reference.namespace.persondata._20020228.PhysicalPersonType;
-import at.gv.egiz.eaaf.core.api.data.EaafConstants;
-import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
-import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink;
-import at.gv.egiz.eaaf.core.exceptions.EaafParserException;
-import at.gv.egiz.eaaf.core.impl.data.Trible;
-import at.gv.egiz.eaaf.core.impl.idp.auth.data.SimpleIdentityLinkAssertionParser;
-import at.gv.egiz.eaaf.core.impl.utils.DomUtils;
-import szrservices.GetIdentityLinkEidasResponse;
-import szrservices.IdentityLinkType;
-import szrservices.PersonInfoType;
-import szrservices.SZR;
-import szrservices.SZRException_Exception;
-import szrservices.TravelDocumentType;
-
-@RunWith(SpringJUnit4ClassRunner.class)
-@ContextConfiguration("/SpringTest-context_tasks_test.xml")
-public class SZRClientTest {
- private static final Logger log = LoggerFactory.getLogger(SZRClientTest.class);
-
- @Autowired SZRClient szrClient;
- @Autowired IConfiguration basicConfig;
-
- private static final String givenName = "Franz";
- private static final String familyName = "Mustermann";
- private static final String dateOfBirth = "1989-05-05";
- private static final String eIDASeID = "IS/AT/1234sdgsdfg56789ABCDEF";
-
- //Dummy public RSA Key
- private static final String PUBKEY_EXPONENT = "AQAB";
- private static final String PUBKEY_MODULUS = "AJZyj/+sdCMDRq9RkvbFcgSTVn/OfS8EUE81ddwP8MNuJ1kd1SWBUJPaQX2JLJHrL54mkOhrkhH2M/zcuOTu8nW9TOEgXGjrRB/0HpiYKpV+VDJViyyc/GacNLxN4Anw4pima6gHYaJIw9hQkL/nuO2hyh8PGJd7rxeFXJmbLy+X";
-
- private static final String DUMMY_TARGET = EaafConstants.URN_PREFIX_CDID + "ZP";
-
- @BeforeClass
- public static void classInitializer() throws IOException {
- final String current = new java.io.File( "." ).toURI().toString();
- System.setProperty("eidas.ms.configuration", current + "../../basicConfig/default_config.properties");
-
- }
-
- @Rule
- public SoapServiceRule soap = SoapServiceRule.newInstance();
-
- @Test
- public void getIdentityLinkRawModeValidResponse() throws SZRException_Exception, EaafParserException, NoSuchProviderException, IOException, InvalidKeyException, eIDASAuthenticationException, JAXBException {
- setSZRResponseIdentityLink("/data/szr/szr_resp_valid_1.xml", "http://localhost:1234/demoszr");
-
- try {
- log.debug("Starting connecting SZR Gateway");
- IdentityLinkType result = szrClient.getIdentityLinkInRawMode(
- getPersonInfo());
-
- Assert.assertNotNull(result);
- Assert.assertNotNull(result.getAssertion());
-
- IIdentityLink identityLink = new SimpleIdentityLinkAssertionParser((Element)result.getAssertion()).parseIdentityLink();
- Assert.assertNotNull(identityLink);
-
- System.out.println(identityLink.getSerializedSamlAssertion());
-
- checkElement("Mustermann", identityLink.getFamilyName());
- checkElement("Hans", identityLink.getGivenName());
- checkElement("1989-05-05", identityLink.getDateOfBirth());
- checkElement("urn:publicid:gv.at:baseid", identityLink.getIdentificationType());
- checkElement("k+zDM1BVpN1WJO4x7ZQ3ng==", identityLink.getIdentificationValue());
- Assert.assertNotNull(identityLink.getSerializedSamlAssertion());
- Assert.assertNotNull(identityLink.getSamlAssertion());
-
- } catch (SZRCommunicationException e) {
- Assert.fail();
-
- }
-
- }
-
- @Test
- public void getIdentityLinkRawModeErrorTravelerDocExists() throws SZRException_Exception, EaafParserException, NoSuchProviderException, IOException, InvalidKeyException, eIDASAuthenticationException, JAXBException, ParserConfigurationException, SAXException {
- setSZRExceptionIdentityLink("/data/szr/szr_resp_error_travelerdocexists.xml", "http://localhost:1234/demoszr");
-
- try {
- log.debug("Starting connecting SZR Gateway");
- IdentityLinkType result = szrClient.getIdentityLinkInRawMode(
- getPersonInfo());
- Assert.fail();
-
- } catch (SZRCommunicationException e) {
- checkElement("ernb.02", e.getErrorId());
- Assert.assertNotNull(e.getCause());
- org.springframework.util.Assert.isInstanceOf(SOAPFaultException.class, e.getCause());
- Assert.assertNotNull(((SOAPFaultException)e.getCause()).getFault());
- checkElement("p344:F455", ((SOAPFaultException)e.getCause()).getFault().getFaultCode());
- checkElement("The travel document you sent to insert a person already exists for another person. Either check the document or have the person altered accordingly", ((SOAPFaultException)e.getCause()).getFault().getFaultString());
-
- }
-
- }
-
- @Ignore
- @Test
- public void getbPKTest() throws SZRException_Exception, eIDASAuthenticationException {
- String bPK = szrClient.getBPK(getPersonInfo(), DUMMY_TARGET,
- basicConfig.getBasicConfiguration(
- Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_VKZ,
- "no VKZ defined"));
-
- if (StringUtils.isEmpty(bPK))
- throw new SZRCommunicationException("ernb.01", new Object[] {"bPK is null or empty"});
-
-
- }
-
- private void checkElement(String expected, String value) {
- Assert.assertNotNull(value);
- Assert.assertEquals(expected, value);
-
- }
-
-
- private void setSZRResponseIdentityLink(String responseXmlPath, String serviceURL) throws JAXBException, SZRException_Exception {
- final SZR szrServiceMock = soap.mock(SZR.class, serviceURL);
- final JAXBContext jaxbContext = JAXBContext.newInstance(
- szrservices.ObjectFactory.class,
- org.xmlsoap.schemas.ws._2002._04.secext.ObjectFactory.class,
- org.w3._2001._04.xmldsig_more.ObjectFactory.class,
- org.w3._2000._09.xmldsig.ObjectFactory.class,
- at.gv.egov.pvp1.ObjectFactory.class,
- at.gv.e_government.reference.namespace.persondata._20020228.ObjectFactory.class);
- final Unmarshaller jaxbUnmarshaller = jaxbContext.createUnmarshaller();
- final GetIdentityLinkEidasResponse szrResponse= (GetIdentityLinkEidasResponse) jaxbUnmarshaller.unmarshal(this.getClass().getResourceAsStream(responseXmlPath));
- when(szrServiceMock.getIdentityLinkEidas(any(PersonInfoType.class))).thenReturn(szrResponse.getGetIdentityLinkReturn());
-
- }
-
- private void setSZRExceptionIdentityLink(String responseXmlPath, String serviceURL) throws JAXBException,ParserConfigurationException, SAXException, IOException, SZRException_Exception {
- final SZR szrServiceMock = soap.mock(SZR.class, serviceURL);
- final Element detailerror = DomUtils.parseXmlNonValidating(this.getClass().getResourceAsStream(responseXmlPath));
- final javax.xml.namespace.QName qName = new javax.xml.namespace.QName("urn:SZRServices","F455", "p344");
- final SoapFault fault = new SoapFault("The travel document you sent to insert a person already exists for another person. Either check the document or have the person altered accordingly", qName);
- fault.setRole("urn:SZRServices");
- fault.setDetail(detailerror);
- when(szrServiceMock.getIdentityLinkEidas(any(PersonInfoType.class))).thenThrow(fault);
-
- }
-
- private String createHashFromUniqueId(String uniqueId) throws eIDASAuthenticationException {
- try {
- MessageDigest md = MessageDigest.getInstance("SHA-256");
- byte[] hash = md.digest(uniqueId.getBytes("UTF-8"));
- String hashBase64 = new String(Base64Utils.encode(hash), "UTF-8").replaceAll("\r\n", "");
- return hashBase64;
-
- } catch (Exception ex) {
- throw new eIDASAuthenticationException("internal.03", new Object[]{}, ex);
-
- }
- }
-
- private PersonInfoType getPersonInfo() throws eIDASAuthenticationException {
- PersonInfoType personInfo = new PersonInfoType();
- PersonNameType personName = new PersonNameType();
- PhysicalPersonType naturalPerson = new PhysicalPersonType();
- TravelDocumentType eDocument = new TravelDocumentType();
-
- naturalPerson.setName(personName );
- personInfo.setPerson(naturalPerson );
- personInfo.setTravelDocument(eDocument );
-
- //parse some eID attributes
- Trible<String, String, String> eIdentifier =
- eIDASResponseUtils.parseEidasPersonalIdentifier((String)eIDASeID);
- String uniqueId = createHashFromUniqueId(eIdentifier.getThird());
- String citizenCountry = eIdentifier.getFirst();
-
- //person information
- personName.setFamilyName((String)familyName);
- personName.setGivenName((String)givenName);
- naturalPerson.setDateOfBirth(dateOfBirth);
- eDocument.setIssuingCountry(citizenCountry);
- eDocument.setDocumentNumber(uniqueId);
-
- //eID document information
- eDocument.setDocumentType(basicConfig.getBasicConfiguration(
- Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_EDOCUMENTTYPE,
- Constants.SZR_CONSTANTS_DEFAULT_DOCUMENT_TYPE));
-
- //TODO: that should be removed
-// eDocument.setIssueDate(basicConfig.getBasicConfiguration(
-// Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_ISSUING_DATE));
-// eDocument.setIssuingAuthority(basicConfig.getBasicConfiguration(
-// Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_ISSUING_AUTHORITY));
-
- return personInfo;
- }
-
-
- private List<KeyValueType> dummyCodeForKeys() throws IOException, NoSuchProviderException, InvalidKeyException {
-// if (basicConfig.getBasicMOAIDConfigurationBoolean(
-// Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_KEYS_USEDUMMY,
-// false)) {
-// List<KeyValueType> keyvalueList = new ArrayList<KeyValueType>();
-// try {
-// // set key values
-// RSAKeyValueType rsa = new RSAKeyValueType();
-// rsa.setExponent(PUBKEY_EXPONENT);
-// rsa.setModulus(PUBKEY_MODULUS);
-//
-// KeyValueType key = new KeyValueType();
-// key.setRSAKeyValue(rsa);
-// keyvalueList.add(key);
-//
-// return keyvalueList;
-// } catch (Exception e) {
-// log.error("TestCode has an internal ERROR", e);
-// throw e;
-//
-// }
-//
-// }
-
- return null;
-
- }
-
- /*
- * getIdentityLink without RAW mode does not contain a valid signature
- */
- //@Test
-// public void getIdentityLink() throws SZRException_Exception, EAAFParserException, NoSuchProviderException, IOException, InvalidKeyException, eIDASAuthenticationException {
-// log.debug("Starting connecting SZR Gateway");
-// IdentityLinkType result = szrClient.getIdentityLink(
-// getPersonInfo(),
-// dummyCodeForKeys(),
-// basicConfig.getBasicMOAIDConfigurationBoolean(
-// Constants.CONIG_PROPS_EIDAS_SZRCLIENT_DEBUG_INSERTERNB,
-// true)
-// );
-//
-// Element idlFromSZR = (Element)result.getAssertion();
-// IIdentityLink identityLink = new SimpleIdentityLinkAssertionParser(idlFromSZR).parseIdentityLink();
-// if (identityLink == null)
-// throw new SZRCommunicationException("ernb.00", new Object[] {"bPK is null or empty"});
-//
-// }
-}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/SZRClientTestProduction.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/SZRClientTestProduction.java
deleted file mode 100644
index a4aa7ca0..00000000
--- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/SZRClientTestProduction.java
+++ /dev/null
@@ -1,240 +0,0 @@
-/*******************************************************************************
- * Copyright 2018 A-SIT Plus GmbH
- * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
- * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "License");
- * You may not use this work except in compliance with the License.
- * You may obtain a copy of the License at:
- * https://joinup.ec.europa.eu/news/understanding-eupl-v12
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-package at.asitplus.test.eidas.specific.modules.authmodule_eIDASv2;
-
-import java.io.IOException;
-import java.security.InvalidKeyException;
-import java.security.MessageDigest;
-import java.security.NoSuchProviderException;
-import java.util.List;
-
-import org.apache.commons.lang3.StringUtils;
-import org.junit.Ignore;
-import org.junit.Test;
-import org.junit.runner.RunWith;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.test.context.ContextConfiguration;
-import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
-import org.springframework.util.Base64Utils;
-import org.w3._2000._09.xmldsig.KeyValueType;
-import org.w3c.dom.Element;
-
-import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.Constants;
-import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.SZRCommunicationException;
-import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.eIDASAuthenticationException;
-import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.szr.SZRClient;
-import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.utils.eIDASResponseUtils;
-import at.gv.e_government.reference.namespace.persondata._20020228.PersonNameType;
-import at.gv.e_government.reference.namespace.persondata._20020228.PhysicalPersonType;
-import at.gv.egiz.eaaf.core.api.data.EaafConstants;
-import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
-import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink;
-import at.gv.egiz.eaaf.core.exceptions.EaafParserException;
-import at.gv.egiz.eaaf.core.impl.data.Trible;
-import at.gv.egiz.eaaf.core.impl.idp.auth.data.SimpleIdentityLinkAssertionParser;
-import szrservices.IdentityLinkType;
-import szrservices.PersonInfoType;
-import szrservices.SZRException_Exception;
-import szrservices.TravelDocumentType;
-
-@Ignore
-@RunWith(SpringJUnit4ClassRunner.class)
-@ContextConfiguration("/SpringTest-context_basic_test.xml")
-public class SZRClientTestProduction {
- private static final Logger log = LoggerFactory.getLogger(SZRClientTestProduction.class);
-
- @Autowired SZRClient szrClient;
- @Autowired IConfiguration basicConfig;
-
- private static final String givenName = "Franz";
- private static final String familyName = "Mustermann";
- //private static final String dateOfBirth = "1989-05-05";
- private static final String dateOfBirth = "1989-05-04";
- private static final String eIDASeID = "IS/AT/1234sdgsdfg56789ABCDEF";
-
- //Dummy public RSA Key
- private static final String PUBKEY_EXPONENT = "AQAB";
- private static final String PUBKEY_MODULUS = "AJZyj/+sdCMDRq9RkvbFcgSTVn/OfS8EUE81ddwP8MNuJ1kd1SWBUJPaQX2JLJHrL54mkOhrkhH2M/zcuOTu8nW9TOEgXGjrRB/0HpiYKpV+VDJViyyc/GacNLxN4Anw4pima6gHYaJIw9hQkL/nuO2hyh8PGJd7rxeFXJmbLy+X";
-
- private static final String DUMMY_TARGET = EaafConstants.URN_PREFIX_CDID + "ZP";
-
- @Test
- public void dummyTest() {
-
- }
-
-
- /*
- * getIdentityLink without RAW mode does not contain a valid signature
- */
- //@Test
-// public void getIdentityLink() throws SZRException_Exception, EAAFParserException, NoSuchProviderException, IOException, InvalidKeyException, eIDASAuthenticationException {
-// log.debug("Starting connecting SZR Gateway");
-// IdentityLinkType result = szrClient.getIdentityLink(
-// getPersonInfo(),
-// dummyCodeForKeys(),
-// basicConfig.getBasicMOAIDConfigurationBoolean(
-// Constants.CONIG_PROPS_EIDAS_SZRCLIENT_DEBUG_INSERTERNB,
-// true)
-// );
-//
-// Element idlFromSZR = (Element)result.getAssertion();
-// IIdentityLink identityLink = new SimpleIdentityLinkAssertionParser(idlFromSZR).parseIdentityLink();
-// if (identityLink == null)
-// throw new SZRCommunicationException("ernb.00", new Object[] {"bPK is null or empty"});
-//
-// }
-
- @Test
- public void getIdentityLinkRawMode() throws SZRException_Exception, EaafParserException, NoSuchProviderException, IOException, InvalidKeyException, eIDASAuthenticationException {
- log.debug("Starting connecting SZR Gateway");
- IdentityLinkType result = szrClient.getIdentityLinkInRawMode(
- getPersonInfo());
-
- Element idlFromSZR = (Element)result.getAssertion();
- IIdentityLink identityLink = new SimpleIdentityLinkAssertionParser(idlFromSZR).parseIdentityLink();
-
- if (identityLink == null)
- throw new SZRCommunicationException("ernb.00", new Object[] {"NO IDL object"});
-
- System.out.println(identityLink.getSerializedSamlAssertion());
-
- if (StringUtils.isEmpty(identityLink.getFamilyName()))
- throw new SZRCommunicationException("ernb.00", new Object[] {"NO FamilyName from IDL"});
-
- if (StringUtils.isEmpty(identityLink.getGivenName()))
- throw new SZRCommunicationException("ernb.00", new Object[] {"NO GivenName from IDL"});
-
- if (StringUtils.isEmpty(identityLink.getDateOfBirth()))
- throw new SZRCommunicationException("ernb.00", new Object[] {"NO DateOfBirthName from IDL"});
-
- if (StringUtils.isEmpty(identityLink.getIdentificationType()))
- throw new SZRCommunicationException("ernb.00", new Object[] {"NO baseIdType from IDL"});
-
- if (StringUtils.isEmpty(identityLink.getIdentificationValue()))
- throw new SZRCommunicationException("ernb.00", new Object[] {"NO baseId from IDL"});
-
- if (StringUtils.isEmpty(identityLink.getSerializedSamlAssertion()))
- throw new SZRCommunicationException("ernb.00", new Object[] {"NO serialized IDL"});
-
- if (identityLink.getSamlAssertion() == null )
- throw new SZRCommunicationException("ernb.00", new Object[] {"NO raw IDL"});
-
-
-
- }
-
-// @Test
- public void getbPKTest() throws SZRException_Exception, eIDASAuthenticationException {
- String bPK = szrClient.getBPK(getPersonInfo(), DUMMY_TARGET,
- basicConfig.getBasicConfiguration(
- Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_VKZ,
- "no VKZ defined"));
-
- if (StringUtils.isEmpty(bPK))
- throw new SZRCommunicationException("ernb.01", new Object[] {"bPK is null or empty"});
-
-
- }
-
- private String createHashFromUniqueId(String uniqueId) throws eIDASAuthenticationException {
- try {
- MessageDigest md = MessageDigest.getInstance("SHA-256");
- byte[] hash = md.digest(uniqueId.getBytes("UTF-8"));
- String hashBase64 = new String(Base64Utils.encode(hash), "UTF-8").replaceAll("\r\n", "");
- return hashBase64;
-
- } catch (Exception ex) {
- throw new eIDASAuthenticationException("internal.03", new Object[]{}, ex);
-
- }
- }
-
- private PersonInfoType getPersonInfo() throws eIDASAuthenticationException {
- PersonInfoType personInfo = new PersonInfoType();
- PersonNameType personName = new PersonNameType();
- PhysicalPersonType naturalPerson = new PhysicalPersonType();
- TravelDocumentType eDocument = new TravelDocumentType();
-
- naturalPerson.setName(personName );
- personInfo.setPerson(naturalPerson );
- personInfo.setTravelDocument(eDocument );
-
- //parse some eID attributes
- Trible<String, String, String> eIdentifier =
- eIDASResponseUtils.parseEidasPersonalIdentifier((String)eIDASeID);
- String uniqueId = createHashFromUniqueId(eIdentifier.getThird());
- String citizenCountry = eIdentifier.getFirst();
-
- //person information
- personName.setFamilyName((String)familyName);
- personName.setGivenName((String)givenName);
- naturalPerson.setDateOfBirth(dateOfBirth);
- eDocument.setIssuingCountry(citizenCountry);
- eDocument.setDocumentNumber(uniqueId);
-
- //eID document information
- eDocument.setDocumentType(basicConfig.getBasicConfiguration(
- Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_EDOCUMENTTYPE,
- Constants.SZR_CONSTANTS_DEFAULT_DOCUMENT_TYPE));
-
- //TODO: that should be removed
-// eDocument.setIssueDate(basicConfig.getBasicConfiguration(
-// Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_ISSUING_DATE));
-// eDocument.setIssuingAuthority(basicConfig.getBasicConfiguration(
-// Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_ISSUING_AUTHORITY));
-
- return personInfo;
- }
-
-
- private List<KeyValueType> dummyCodeForKeys() throws IOException, NoSuchProviderException, InvalidKeyException {
-// if (basicConfig.getBasicMOAIDConfigurationBoolean(
-// Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_KEYS_USEDUMMY,
-// false)) {
-// List<KeyValueType> keyvalueList = new ArrayList<KeyValueType>();
-// try {
-// // set key values
-// RSAKeyValueType rsa = new RSAKeyValueType();
-// rsa.setExponent(PUBKEY_EXPONENT);
-// rsa.setModulus(PUBKEY_MODULUS);
-//
-// KeyValueType key = new KeyValueType();
-// key.setRSAKeyValue(rsa);
-// keyvalueList.add(key);
-//
-// return keyvalueList;
-// } catch (Exception e) {
-// log.error("TestCode has an internal ERROR", e);
-// throw e;
-//
-// }
-//
-// }
-
- return null;
-
- }
-}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/dummy/DummySpecificCommunicationService.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/dummy/DummySpecificCommunicationService.java
deleted file mode 100644
index c2b6f08f..00000000
--- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/dummy/DummySpecificCommunicationService.java
+++ /dev/null
@@ -1,60 +0,0 @@
-package at.asitplus.test.eidas.specific.modules.authmodule_eIDASv2.dummy;
-
-import java.util.Collection;
-
-import eu.eidas.auth.commons.attribute.AttributeDefinition;
-import eu.eidas.auth.commons.light.ILightRequest;
-import eu.eidas.auth.commons.light.ILightResponse;
-import eu.eidas.auth.commons.tx.BinaryLightToken;
-import eu.eidas.specificcommunication.BinaryLightTokenHelper;
-import eu.eidas.specificcommunication.exception.SpecificCommunicationException;
-import eu.eidas.specificcommunication.protocol.SpecificCommunicationService;
-
-public class DummySpecificCommunicationService implements SpecificCommunicationService {
-
- private ILightRequest iLightRequest;
- private ILightResponse iLightResponse;
-
- @Override
- public BinaryLightToken putRequest(ILightRequest iLightRequest) throws SpecificCommunicationException {
- this.iLightRequest = iLightRequest;
- return BinaryLightTokenHelper.createBinaryLightToken("Test", "TestSecret", "SHA-256");
- }
-
- @Override
- public ILightRequest getAndRemoveRequest(String tokenBase64, Collection<AttributeDefinition<?>> registry)
- throws SpecificCommunicationException {
- return iLightRequest;
- }
-
- @Override
- public BinaryLightToken putResponse(ILightResponse iLightResponse) throws SpecificCommunicationException {
- this.iLightResponse = iLightResponse;
- return BinaryLightTokenHelper.createBinaryLightToken("Test", "TestSecret", "SHA-256");
- }
-
- @Override
- public ILightResponse getAndRemoveResponse(String tokenBase64, Collection<AttributeDefinition<?>> registry)
- throws SpecificCommunicationException {
- return iLightResponse;
- }
-
- public ILightRequest getiLightRequest() {
- return iLightRequest;
- }
-
- public void setiLightRequest(ILightRequest iLightReques) {
- this.iLightRequest = iLightReques;
- }
-
- public ILightResponse getiLightResponse() {
- return iLightResponse;
- }
-
- public void setiLightResponse(ILightResponse iLightResponse) {
- this.iLightResponse = iLightResponse;
- }
-
-
-
-}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/eIDASAttributePostProcessingTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/eIDASAttributePostProcessingTest.java
deleted file mode 100644
index 2b19e1e2..00000000
--- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/eIDASAttributePostProcessingTest.java
+++ /dev/null
@@ -1,463 +0,0 @@
-/*******************************************************************************
- * Copyright 2018 A-SIT Plus GmbH
- * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
- * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "License");
- * You may not use this work except in compliance with the License.
- * You may obtain a copy of the License at:
- * https://joinup.ec.europa.eu/news/understanding-eupl-v12
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-package at.asitplus.test.eidas.specific.modules.authmodule_eIDASv2;
-
-import static org.junit.Assert.fail;
-
-import java.io.IOException;
-import java.text.SimpleDateFormat;
-import java.util.HashMap;
-import java.util.Map;
-
-import org.joda.time.DateTime;
-import org.junit.BeforeClass;
-import org.junit.Test;
-import org.junit.runner.RunWith;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.test.annotation.DirtiesContext;
-import org.springframework.test.annotation.DirtiesContext.ClassMode;
-import org.springframework.test.context.ContextConfiguration;
-import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
-
-import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.Constants;
-import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.DAO.ERnBeIDData;
-import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.service.CCSpecificEIDProcessingService;
-
-@RunWith(SpringJUnit4ClassRunner.class)
-@ContextConfiguration("/SpringTest-context_tasks_test.xml")
-@DirtiesContext(classMode = ClassMode.AFTER_CLASS)
-public class eIDASAttributePostProcessingTest {
-
- @Autowired private CCSpecificEIDProcessingService postProcessor;
-
- //lower case
- private static final String P1_eIDASID = "DE/AT/532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25";
- private static final String P1_GIVENNAME = "Max";
- private static final String P1_FAMILYNAME = "Mustermann";
- private static final DateTime P1_DATEOFBIRTH = DateTime.now();
- private static final String P1_PLACEOFBIRTH = "Nirgendwo";
- private static final String P1_BIRTHNAME = "Musterkind";
-
- //mixed
- private static final String P3_eIDASID = "DE/AT/532eaabd9574880dbf76b9b8cc00832c20A6ec113d682299550d7a6e0f345e25";
- private static final String P3_GIVENNAME = "Max";
- private static final String P3_FAMILYNAME = "Mustermann";
- private static final DateTime P3_DATEOFBIRTH = DateTime.now();
- private static final String P3_PLACEOFBIRTH = "Nirgendwo";
- private static final String P3_BIRTHNAME = "Musterkind";
-
- //upper case
- private static final String P4_eIDASID = "DE/AT/532EAABD9574880DBF76B9B8CC00832C20A6EC113D682299550D7A6E0F345E25";
- private static final String P4_GIVENNAME = "Max";
- private static final String P4_FAMILYNAME = "Mustermann";
- private static final DateTime P4_DATEOFBIRTH = DateTime.now();
- private static final String P4_PLACEOFBIRTH = "Nirgendwo";
- private static final String P4_BIRTHNAME = "Musterkind";
-
- //To long identifier
- private static final String P5_eIDASID = "DE/AT/532EAABD9574880DBF76B9B8CC00832C20A6EC113D682299550D7A6E0F345E251";
- private static final String P5_GIVENNAME = "Max";
- private static final String P5_FAMILYNAME = "Mustermann";
- private static final DateTime P5_DATEOFBIRTH = DateTime.now();
- private static final String P5_PLACEOFBIRTH = "Nirgendwo";
- private static final String P5_BIRTHNAME = "Musterkind";
-
- //to short identifier
- private static final String P6_eIDASID = "DE/AT/532EAABD9574880DBF76B9B8CC00832C20A6EC113D682299550D7A6E0F";
- private static final String P6_GIVENNAME = "Max";
- private static final String P6_FAMILYNAME = "Mustermann";
- private static final DateTime P6_DATEOFBIRTH = DateTime.now();
- private static final String P6_PLACEOFBIRTH = "Nirgendwo";
- private static final String P6_BIRTHNAME = "Musterkind";
-
- //no hex encoded identifier
- private static final String P7_eIDASID = "DE/AT/532EAABD9574880DBF76B9B8CC00832C20A6EC113D682299550D7A6E0F";
- private static final String P7_GIVENNAME = "Max";
- private static final String P7_FAMILYNAME = "Mustermann";
- private static final DateTime P7_DATEOFBIRTH = DateTime.now();
- private static final String P7_PLACEOFBIRTH = "Nirgendwo";
- private static final String P7_BIRTHNAME = "Musterkind";
-
-
- private static final String P2_eIDASID = "EE/AT/asfasfasdfasdfasdfasdfasdfasvafasdfasdfasdfasdfasdfasvascasdfasdfasdfasdfasdfasdfasdfasdfasdfasdfasd";
- private static final String P2_GIVENNAME = "Max";
- private static final String P2_FAMILYNAME = "Mustermann";
- private static final DateTime P2_DATEOFBIRTH = DateTime.now();
- private static final String P2_PLACEOFBIRTH = "Nirgendwo";
- private static final String P2_BIRTHNAME = "Musterkind";
-
-
- @BeforeClass
- public static void classInitializer() throws IOException {
- final String current = new java.io.File( "." ).toURI().toString();
- System.setProperty("eidas.ms.configuration", current + "../../basicConfig/default_config.properties");
-
- }
-
-
- @Test
- public void DEWithHexLowerCase() throws Exception {
- try {
- ERnBeIDData result = postProcessor.postProcess(
- generateInputData(
- P1_eIDASID,
- P1_FAMILYNAME,
- P1_GIVENNAME,
- P1_DATEOFBIRTH,
- P1_PLACEOFBIRTH,
- P1_BIRTHNAME)
- );
-
- validate(result,
- "Uy6qvZV0iA2/drm4zACDLCCm7BE9aCKZVQ16bg80XiU=",
- P1_FAMILYNAME,
- P1_GIVENNAME,
- P1_DATEOFBIRTH,
- P1_PLACEOFBIRTH,
- P1_BIRTHNAME
- );
-
- } catch (Exception e) {
- e.printStackTrace();
- fail(e.getMessage());
-
- }
- }
-
-
- @Test
- public void DEWithHexMixedCase() throws Exception {
- try {
- ERnBeIDData result = postProcessor.postProcess(
- generateInputData(
- P3_eIDASID,
- P3_FAMILYNAME,
- P3_GIVENNAME,
- P3_DATEOFBIRTH,
- P3_PLACEOFBIRTH,
- P3_BIRTHNAME)
- );
-
- validate(result,
- "Uy6qvZV0iA2/drm4zACDLCCm7BE9aCKZVQ16bg80XiU=",
- P3_FAMILYNAME,
- P3_GIVENNAME,
- P3_DATEOFBIRTH,
- P3_PLACEOFBIRTH,
- P3_BIRTHNAME
- );
-
- } catch (Exception e) {
- e.printStackTrace();
- fail(e.getMessage());
-
- }
- }
-
- @Test
- public void DEWithHexUpperCase() throws Exception {
- try {
- ERnBeIDData result = postProcessor.postProcess(
- generateInputData(
- P4_eIDASID,
- P4_FAMILYNAME,
- P4_GIVENNAME,
- P4_DATEOFBIRTH,
- P4_PLACEOFBIRTH,
- P4_BIRTHNAME)
- );
-
- validate(result,
- "Uy6qvZV0iA2/drm4zACDLCCm7BE9aCKZVQ16bg80XiU=",
- P4_FAMILYNAME,
- P4_GIVENNAME,
- P4_DATEOFBIRTH,
- P4_PLACEOFBIRTH,
- P4_BIRTHNAME
- );
-
- } catch (Exception e) {
- e.printStackTrace();
- fail(e.getMessage());
-
- }
- }
-
- @Test
- public void DEWithHexTooLongCase() throws Exception {
- try {
- ERnBeIDData result = postProcessor.postProcess(
- generateInputData(
- P5_eIDASID,
- P5_FAMILYNAME,
- P5_GIVENNAME,
- P5_DATEOFBIRTH,
- P5_PLACEOFBIRTH,
- P5_BIRTHNAME)
- );
-
-
-
- } catch (Exception e) {
- return;
-
- }
-
- fail("Too long input accepted");
- }
-
- @Test
- public void DEWithHexTooShortCase() throws Exception {
- try {
- ERnBeIDData result = postProcessor.postProcess(
- generateInputData(
- P6_eIDASID,
- P6_FAMILYNAME,
- P6_GIVENNAME,
- P6_DATEOFBIRTH,
- P6_PLACEOFBIRTH,
- P6_BIRTHNAME)
- );
-
-
- } catch (Exception e) {
- return;
-
- }
-
- fail("Too short input accepted");
- }
-
- @Test
- public void DEWithNoHexCase() throws Exception {
- try {
- ERnBeIDData result = postProcessor.postProcess(
- generateInputData(
- P7_eIDASID,
- P7_FAMILYNAME,
- P7_GIVENNAME,
- P7_DATEOFBIRTH,
- P7_PLACEOFBIRTH,
- P7_BIRTHNAME)
- );
-
-
- } catch (Exception e) {
- return;
-
- }
-
- fail("Not hex encoded input accepted");
- }
-
- @Test
- public void EETestCase() throws Exception {
- try {
- ERnBeIDData result = postProcessor.postProcess(
- generateInputData(
- P2_eIDASID,
- P2_FAMILYNAME,
- P2_GIVENNAME,
- P2_DATEOFBIRTH,
- P2_PLACEOFBIRTH,
- P2_BIRTHNAME)
- );
-
- validate(result,
- "asfasfasdfasdfasdfasdfasdfasvafasdfasdfasdfasdfasdfasvascasdfasdfasdfasdfasdfasdfasdfasdfasdfasdfasd",
- P2_FAMILYNAME,
- P2_GIVENNAME,
- P2_DATEOFBIRTH,
- P2_PLACEOFBIRTH,
- P2_BIRTHNAME
- );
-
- } catch (Exception e) {
- e.printStackTrace();
- fail(e.getMessage());
-
- }
- }
-
-
- @Test
- public void EETestFamilyNameMissingCase() throws Exception {
- try {
- ERnBeIDData result = postProcessor.postProcess(
- generateInputData(
- P2_eIDASID,
- null,
- P2_GIVENNAME,
- P2_DATEOFBIRTH,
- P2_PLACEOFBIRTH,
- P2_BIRTHNAME)
- );
-
- validate(result,
- "asfasfasdfasdfasdfasdfasdfasvafasdfasdfasdfasdfasdfasvascasdfasdfasdfasdfasdfasdfasdfasdfasdfasdfasd",
- P2_FAMILYNAME,
- P2_GIVENNAME,
- P2_DATEOFBIRTH,
- P2_PLACEOFBIRTH,
- P2_BIRTHNAME
- );
-
- } catch (Exception e) {
- return;
-
- }
-
- fail("FamilyName missing input accepted");
-
- }
-
- @Test
- public void EETestGivenNameMissingCase() throws Exception {
- try {
- ERnBeIDData result = postProcessor.postProcess(
- generateInputData(
- P2_eIDASID,
- P2_FAMILYNAME,
- null,
- P2_DATEOFBIRTH,
- P2_PLACEOFBIRTH,
- P2_BIRTHNAME)
- );
-
- validate(result,
- "asfasfasdfasdfasdfasdfasdfasvafasdfasdfasdfasdfasdfasvascasdfasdfasdfasdfasdfasdfasdfasdfasdfasdfasd",
- P2_FAMILYNAME,
- P2_GIVENNAME,
- P2_DATEOFBIRTH,
- P2_PLACEOFBIRTH,
- P2_BIRTHNAME
- );
-
- } catch (Exception e) {
- return;
-
- }
-
- fail("GivenName missing input accepted");
-
- }
-
- @Test
- public void EETestDateOfBirthMissingCase() throws Exception {
- try {
- ERnBeIDData result = postProcessor.postProcess(
- generateInputData(
- P2_eIDASID,
- P2_FAMILYNAME,
- P2_GIVENNAME,
- null,
- P2_PLACEOFBIRTH,
- P2_BIRTHNAME)
- );
-
- validate(result,
- "asfasfasdfasdfasdfasdfasdfasvafasdfasdfasdfasdfasdfasvascasdfasdfasdfasdfasdfasdfasdfasdfasdfasdfasd",
- P2_FAMILYNAME,
- P2_GIVENNAME,
- P2_DATEOFBIRTH,
- P2_PLACEOFBIRTH,
- P2_BIRTHNAME
- );
-
- } catch (Exception e) {
- return;
-
- }
-
- fail("DateOfBirth missing input accepted");
-
- }
-
- @Test
- public void EETestIDMissingCase() throws Exception {
- try {
- ERnBeIDData result = postProcessor.postProcess(
- generateInputData(
- null,
- P2_FAMILYNAME,
- P2_GIVENNAME,
- P2_DATEOFBIRTH,
- P2_PLACEOFBIRTH,
- P2_BIRTHNAME)
- );
-
- validate(result,
- "asfasfasdfasdfasdfasdfasdfasvafasdfasdfasdfasdfasdfasvascasdfasdfasdfasdfasdfasdfasdfasdfasdfasdfasd",
- P2_FAMILYNAME,
- P2_GIVENNAME,
- P2_DATEOFBIRTH,
- P2_PLACEOFBIRTH,
- P2_BIRTHNAME
- );
-
- } catch (Exception e) {
- return;
-
- }
-
- fail("eIDAS-Id missing input accepted");
-
- }
-
- private Map<String, Object> generateInputData(String id, String familyName, String givenName, DateTime dateOfBirth, String placeOfBirth, String birthName) {
- Map<String, Object> result = new HashMap<String, Object>();
- result.put(Constants.eIDAS_ATTR_PERSONALIDENTIFIER, id);
- result.put(Constants.eIDAS_ATTR_CURRENTGIVENNAME, givenName);
- result.put(Constants.eIDAS_ATTR_CURRENTFAMILYNAME, familyName);
- result.put(Constants.eIDAS_ATTR_DATEOFBIRTH, dateOfBirth);
- result.put(Constants.eIDAS_ATTR_PLACEOFBIRTH, placeOfBirth);
- result.put(Constants.eIDAS_ATTR_BIRTHNAME, birthName);
- return result;
-
- }
-
- private void validate(ERnBeIDData result, String id, String familyName, String givenName, DateTime dateOfBirth, String placeOfBirth, String birthName) {
- if (!result.getPseudonym().equals(id))
- fail(result.getPseudonym() + "is not equal to " + id);
-
- if (!result.getFamilyName().equals(familyName))
- fail(result.getFamilyName() + "is not equal to " + familyName);
-
- if (!result.getGivenName().equals(givenName))
- fail(result.getGivenName() + "is not equal to " + givenName);
-
- if (!result.getDateOfBirth().equals(dateOfBirth))
- fail(result.getDateOfBirth() + "is not equal to " + dateOfBirth);
-
- if (!result.getFormatedDateOfBirth().equals(new SimpleDateFormat("yyyy-MM-dd").format(dateOfBirth.toDate())))
- fail(result.getDateOfBirth() + "is not equal to " + new SimpleDateFormat("yyyy-MM-dd").format(dateOfBirth.toDate()));
-
- if (!result.getPlaceOfBirth().equals(placeOfBirth))
- fail(result.getPlaceOfBirth() + "is not equal to " + placeOfBirth);
-
- if (!result.getBirthName().equals(birthName))
- fail(result.getBirthName() + "is not equal to " + birthName);
-
- }
-
-}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/eIDASDataStoreTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/eIDASDataStoreTest.java
deleted file mode 100644
index dede8202..00000000
--- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/eIDASDataStoreTest.java
+++ /dev/null
@@ -1,109 +0,0 @@
-/*******************************************************************************
- * Copyright 2018 A-SIT Plus GmbH
- * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
- * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "License");
- * You may not use this work except in compliance with the License.
- * You may obtain a copy of the License at:
- * https://joinup.ec.europa.eu/news/understanding-eupl-v12
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-//package at.asitplus.test.eidas.specific.modules.authmodule_eIDASv2;
-//
-//import java.security.MessageDigest;
-//
-//import org.apache.commons.lang3.StringUtils;
-//import org.junit.Test;
-//import org.junit.runner.RunWith;
-//import org.springframework.beans.factory.annotation.Autowired;
-//import org.springframework.test.context.ContextConfiguration;
-//import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
-//import org.springframework.util.Base64Utils;
-//
-//import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.SQLiteServiceException;
-//import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.eIDASAuthenticationException;
-//import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.service.eIDASDataStore;
-//import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.utils.eIDASResponseUtils;
-//import at.gv.egiz.eaaf.core.impl.data.Trible;
-//
-//@RunWith(SpringJUnit4ClassRunner.class)
-//@ContextConfiguration("/SpringTest-context_basic_test.xml")
-//public class eIDASDataStoreTest {
-//
-// @Autowired private eIDASDataStore dataStore;
-//
-// private static final String P1_TRANSID = "123456789";
-// private static final String P1_eIDASID = "DE/AT/121asdf1as5f1as6f1asd2f1asdf1asdf1asd23f1asdf1asdf4sd7fsdf1asdf1asd2f1asd56f7asdf4asdfasdf1";
-//
-// private static final String P2_TRANSID = "987654321";
-// private static final String P2_eIDASID = "EE/AT/asfasfasdfasdfasdfasdfasdfasvafasdfasdfasdfasdfasdfasvascasdfasdfasdfasdfasdfasdfasdfasdfasdfasdfasd";
-//
-// @Test
-// public void dummyTest() {
-//
-// }
-//
-// @Test
-// public void insertTestOne() throws SQLiteServiceException, eIDASAuthenticationException {
-// Trible<String, String, String> eidasId = eIDASResponseUtils.parseEidasPersonalIdentifier(P1_eIDASID);
-// String ernbId = createHashFromUniqueId(eidasId.getThird());
-// dataStore.storeNationalId(
-// P1_TRANSID,
-// eidasId,
-// ernbId);
-//
-//
-// if (StringUtils.isEmpty(dataStore.getEidasRawNationalId(ernbId))
-// && dataStore.getEidasRawNationalId(ernbId).equals(eidasId.getThird()))
-// throw new SQLiteServiceException("No eIDAS RAW Id in SQLite DB", null);
-//
-// if (StringUtils.isEmpty(dataStore.getErnbNationalId(eidasId))
-// && dataStore.getErnbNationalId(eidasId).equals(ernbId) )
-// throw new SQLiteServiceException("No ERnB Id in SQLite DB", null);
-//
-// }
-//
-// @Test
-// public void insertTestTwo() throws SQLiteServiceException, eIDASAuthenticationException {
-// Trible<String, String, String> eidasId = eIDASResponseUtils.parseEidasPersonalIdentifier(P2_eIDASID);
-// String ernbId = createHashFromUniqueId(eidasId.getThird());
-// dataStore.storeNationalId(
-// P2_TRANSID,
-// eidasId,
-// ernbId);
-//
-// if (StringUtils.isEmpty(dataStore.getEidasRawNationalId(ernbId))
-// && dataStore.getEidasRawNationalId(ernbId).equals(eidasId.getThird()))
-// throw new SQLiteServiceException("No eIDAS RAW Id in SQLite DB", null);
-//
-// if (StringUtils.isEmpty(dataStore.getErnbNationalId(eidasId))
-// && dataStore.getErnbNationalId(eidasId).equals(ernbId))
-// throw new SQLiteServiceException("No ERnB Id in SQLite DB", null);
-//
-// }
-//
-// private String createHashFromUniqueId(String uniqueId) throws eIDASAuthenticationException {
-// try {
-// MessageDigest md = MessageDigest.getInstance("SHA-256");
-// byte[] hash = md.digest(uniqueId.getBytes("UTF-8"));
-// String hashBase64 = new String(Base64Utils.encode(hash), "UTF-8").replaceAll("\r\n", "");
-// return hashBase64;
-//
-// } catch (Exception ex) {
-// throw new eIDASAuthenticationException("internal.03", new Object[]{}, ex);
-//
-// }
-// }
-//}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/eIDASRequestPreProcessingFirstTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/eIDASRequestPreProcessingFirstTest.java
deleted file mode 100644
index 09af53b7..00000000
--- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/eIDASRequestPreProcessingFirstTest.java
+++ /dev/null
@@ -1,133 +0,0 @@
-/*******************************************************************************
- * Copyright 2018 A-SIT Plus GmbH
- * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
- * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "License");
- * You may not use this work except in compliance with the License.
- * You may obtain a copy of the License at:
- * https://joinup.ec.europa.eu/news/understanding-eupl-v12
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-package at.asitplus.test.eidas.specific.modules.authmodule_eIDASv2;
-
-import java.io.IOException;
-import java.util.HashMap;
-import java.util.Map;
-import java.util.UUID;
-
-import org.junit.Assert;
-import org.junit.Before;
-import org.junit.BeforeClass;
-import org.junit.Test;
-import org.junit.runner.RunWith;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.test.annotation.DirtiesContext;
-import org.springframework.test.annotation.DirtiesContext.ClassMode;
-import org.springframework.test.context.ContextConfiguration;
-import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
-
-import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.Constants;
-import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.eIDPostProcessingException;
-import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.service.CCSpecificEIDProcessingService;
-import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants;
-import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP;
-import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySpConfiguration;
-import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
-import eu.eidas.auth.commons.light.impl.LightRequest;
-import eu.eidas.auth.commons.light.impl.LightRequest.Builder;
-
-@RunWith(SpringJUnit4ClassRunner.class)
-@ContextConfiguration("/SpringTest-context_tasks_test.xml")
-@DirtiesContext(classMode = ClassMode.AFTER_CLASS)
-public class eIDASRequestPreProcessingFirstTest {
-
- @Autowired private IConfigurationWithSP basicConfig;
- @Autowired private CCSpecificEIDProcessingService preProcessor;
-
- private TestRequestImpl pendingReq;
- private DummySpConfiguration oaParam;
- private Builder authnRequestBuilder;
-
-
- @BeforeClass
- public static void classInitializer() throws IOException {
- final String current = new java.io.File( "." ).toURI().toString();
- System.setProperty("eidas.ms.configuration", current + "../../basicConfig/default_config.properties");
-
- }
-
- @Before
- public void setUp() {
-
- Map<String, String> spConfig = new HashMap<>();
- spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp");
- spConfig.put("target", "urn:publicid:gv.at:cdid+XX");
- oaParam = new DummySpConfiguration(spConfig , basicConfig);
-
- pendingReq = new TestRequestImpl();
- pendingReq.setSpConfig(oaParam);
- pendingReq.setPendingReqId(at.gv.egiz.eaaf.core.impl.utils.Random.nextProcessReferenceValue());
- pendingReq.setAuthUrl("http://test.com/");
-
- authnRequestBuilder = LightRequest.builder();
- authnRequestBuilder.id(UUID.randomUUID().toString());
- authnRequestBuilder.issuer("Test");
-
- }
-
- @Test
- public void prePreProcessGeneric() throws eIDPostProcessingException {
- String testCountry = "XX";
- authnRequestBuilder.citizenCountryCode(testCountry);
- preProcessor.preProcess(testCountry, pendingReq, authnRequestBuilder);
-
- LightRequest lightReq = authnRequestBuilder.build();
-
- Assert.assertEquals("ProviderName is not Static", Constants.DEFAULT_PROPS_EIDAS_NODE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP, lightReq.getProviderName());
- Assert.assertEquals("no PublicSP", "public", lightReq.getSpType());
- Assert.assertEquals("Requested attribute size not match", 4, lightReq.getRequestedAttributes().size());
-
- }
-
- @Test
- public void prePreProcessGenericNoCountryCode() throws eIDPostProcessingException {
- String testCountry = "XX";
- authnRequestBuilder.citizenCountryCode(testCountry);
- preProcessor.preProcess(null, pendingReq, authnRequestBuilder);
-
- LightRequest lightReq = authnRequestBuilder.build();
-
- Assert.assertEquals("ProviderName is not Static", Constants.DEFAULT_PROPS_EIDAS_NODE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP, lightReq.getProviderName());
- Assert.assertEquals("no PublicSP", "public", lightReq.getSpType());
- Assert.assertEquals("Requested attribute size not match", 4, lightReq.getRequestedAttributes().size());
-
- }
-
- @Test
- public void prePreProcessDE() throws eIDPostProcessingException {
-
- String testCountry = "DE";
- authnRequestBuilder.citizenCountryCode(testCountry);
- preProcessor.preProcess(testCountry, pendingReq, authnRequestBuilder);
-
- LightRequest lightReq = authnRequestBuilder.build();
-
- Assert.assertEquals("ProviderName is not Static", Constants.DEFAULT_PROPS_EIDAS_NODE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP, lightReq.getProviderName());
- Assert.assertEquals("no PublicSP", "public", lightReq.getSpType());
- Assert.assertEquals("Requested attribute size not match", 8, lightReq.getRequestedAttributes().size());
-
- }
-
-}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/eIDASRequestPreProcessingSecondTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/eIDASRequestPreProcessingSecondTest.java
deleted file mode 100644
index c6b1c8d3..00000000
--- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/eIDASRequestPreProcessingSecondTest.java
+++ /dev/null
@@ -1,104 +0,0 @@
-/*******************************************************************************
- * Copyright 2018 A-SIT Plus GmbH
- * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
- * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "License");
- * You may not use this work except in compliance with the License.
- * You may obtain a copy of the License at:
- * https://joinup.ec.europa.eu/news/understanding-eupl-v12
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-package at.asitplus.test.eidas.specific.modules.authmodule_eIDASv2;
-
-import java.io.IOException;
-import java.util.HashMap;
-import java.util.Map;
-import java.util.UUID;
-
-import org.junit.Assert;
-import org.junit.Before;
-import org.junit.BeforeClass;
-import org.junit.Test;
-import org.junit.runner.RunWith;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.test.annotation.DirtiesContext;
-import org.springframework.test.annotation.DirtiesContext.ClassMode;
-import org.springframework.test.context.ContextConfiguration;
-import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
-
-import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.eIDPostProcessingException;
-import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.service.CCSpecificEIDProcessingService;
-import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants;
-import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP;
-import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySpConfiguration;
-import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
-import eu.eidas.auth.commons.light.impl.LightRequest;
-import eu.eidas.auth.commons.light.impl.LightRequest.Builder;
-
-@RunWith(SpringJUnit4ClassRunner.class)
-@ContextConfiguration("/SpringTest-context_tasks_test.xml")
-@DirtiesContext(classMode = ClassMode.AFTER_CLASS)
-public class eIDASRequestPreProcessingSecondTest {
-
- @Autowired private IConfigurationWithSP basicConfig;
- @Autowired private CCSpecificEIDProcessingService preProcessor;
-
- private TestRequestImpl pendingReq;
- private DummySpConfiguration oaParam;
- private Builder authnRequestBuilder;
-
-
- @BeforeClass
- public static void classInitializer() throws IOException {
- final String current = new java.io.File( "." ).toURI().toString();
- System.setProperty("eidas.ms.configuration", current + "src/test/resources/config/junit_config_1.properties");
-
- }
-
- @Before
- public void setUp() {
-
- Map<String, String> spConfig = new HashMap<>();
- spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp");
- spConfig.put("target", "urn:publicid:gv.at:cdid+XX");
- oaParam = new DummySpConfiguration(spConfig , basicConfig);
-
- pendingReq = new TestRequestImpl();
- pendingReq.setSpConfig(oaParam);
- pendingReq.setPendingReqId(at.gv.egiz.eaaf.core.impl.utils.Random.nextProcessReferenceValue());
- pendingReq.setAuthUrl("http://test.com/");
-
- authnRequestBuilder = LightRequest.builder();
- authnRequestBuilder.id(UUID.randomUUID().toString());
- authnRequestBuilder.issuer("Test");
-
- }
-
- @Test
- public void prePreProcessDEUnknownAttribute() throws eIDPostProcessingException {
-
- String testCountry = "DE";
- authnRequestBuilder.citizenCountryCode(testCountry);
- preProcessor.preProcess(testCountry, pendingReq, authnRequestBuilder);
-
- LightRequest lightReq = authnRequestBuilder.build();
-
- Assert.assertEquals("ProviderName is not Static", "myNode", lightReq.getProviderName());
- Assert.assertEquals("no PublicSP", "public", lightReq.getSpType());
- Assert.assertEquals("Requested attribute size not match", 8, lightReq.getRequestedAttributes().size());
-
- }
-
-}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/tasks/GenerateAuthnRequestTaskFirstTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/tasks/GenerateAuthnRequestTaskFirstTest.java
deleted file mode 100644
index d89f7751..00000000
--- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/tasks/GenerateAuthnRequestTaskFirstTest.java
+++ /dev/null
@@ -1,104 +0,0 @@
-package at.asitplus.test.eidas.specific.modules.authmodule_eIDASv2.tasks;
-
-import java.io.IOException;
-import java.util.HashMap;
-import java.util.Map;
-
-import org.junit.Assert;
-import org.junit.Before;
-import org.junit.BeforeClass;
-import org.junit.Test;
-import org.junit.runner.RunWith;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.mock.web.MockHttpServletRequest;
-import org.springframework.mock.web.MockHttpServletResponse;
-import org.springframework.test.annotation.DirtiesContext;
-import org.springframework.test.annotation.DirtiesContext.ClassMode;
-import org.springframework.test.context.ContextConfiguration;
-import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
-import org.springframework.web.context.request.RequestContextHolder;
-import org.springframework.web.context.request.ServletRequestAttributes;
-
-import at.asitplus.eidas.specific.connector.MSeIDASNodeConstants;
-import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.Constants;
-import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.tasks.GenerateAuthnRequestTask;
-import at.asitplus.test.eidas.specific.modules.authmodule_eIDASv2.dummy.DummySpecificCommunicationService;
-import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants;
-import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
-import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
-import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException;
-import at.gv.egiz.eaaf.core.exceptions.EaafException;
-import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
-import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySpConfiguration;
-import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
-import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl;
-import eu.eidas.auth.commons.light.ILightRequest;
-import eu.eidas.specificcommunication.exception.SpecificCommunicationException;
-
-@RunWith(SpringJUnit4ClassRunner.class)
-@ContextConfiguration("/SpringTest-context_tasks_test.xml")
-@DirtiesContext(classMode = ClassMode.BEFORE_CLASS)
-public class GenerateAuthnRequestTaskFirstTest {
-
- @Autowired(required=true) private GenerateAuthnRequestTask task;
- @Autowired(required=true) private DummySpecificCommunicationService commService;
- @Autowired(required=true) private IConfiguration basicConfig;
-
- final ExecutionContext executionContext = new ExecutionContextImpl();
- private MockHttpServletRequest httpReq;
- private MockHttpServletResponse httpResp;
- private TestRequestImpl pendingReq;
- private DummySpConfiguration oaParam;
-
- @BeforeClass
- public static void classInitializer() throws IOException {
- final String current = new java.io.File( "." ).toURI().toString();
- System.setProperty("eidas.ms.configuration", current + "src/test/resources/config/junit_config_1.properties");
-
- }
-
- @Before
- public void setUp() {
-
- httpReq = new MockHttpServletRequest("POST", "https://localhost/authhandler");
- httpResp = new MockHttpServletResponse();
- RequestContextHolder.resetRequestAttributes();
- RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp));
-
- Map<String, String> spConfig = new HashMap<>();
- spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp");
- spConfig.put("target", "urn:publicid:gv.at:cdid+XX");
- oaParam = new DummySpConfiguration(spConfig , basicConfig);
-
- pendingReq = new TestRequestImpl();
- pendingReq.setSpConfig(oaParam);
- pendingReq.setPendingReqId(at.gv.egiz.eaaf.core.impl.utils.Random.nextProcessReferenceValue());
- pendingReq.setAuthUrl("http://test.com/");
-
- }
-
- @Test
- @DirtiesContext
- public void withCustomStaticProviderNameForPublicSPs() throws TaskExecutionException, SpecificCommunicationException {
- executionContext.put(MSeIDASNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "CC");
-
- try {
- task.execute(pendingReq, executionContext);
-
- } catch (TaskExecutionException e) {
- //forward URL is not set in example config
- org.springframework.util.Assert.isInstanceOf(EaafConfigurationException.class, e.getOriginalException(), "Wrong exception");
- Assert.assertEquals("wrong errorCode", "config.08", ((EaafException) e.getOriginalException()).getErrorId());
- Assert.assertEquals("wrong parameter size", 1, ((EaafException) e.getOriginalException()).getParams().length);
- Assert.assertEquals("wrong errorMsg", Constants.CONIG_PROPS_EIDAS_NODE_FORWARD_URL, ((EaafException) e.getOriginalException()).getParams()[0]);
-
- }
-
- ILightRequest eIDASReq = commService.getAndRemoveRequest(null, null);
-
- Assert.assertEquals("ProviderName is not Static", "myNode", eIDASReq.getProviderName());
- Assert.assertEquals("no PublicSP", "public", eIDASReq.getSpType());
- Assert.assertEquals("wrong LoA", "http://eidas.europa.eu/LoA/high", eIDASReq.getLevelOfAssurance());
- }
-
-}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/tasks/GenerateAuthnRequestTaskSecondTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/tasks/GenerateAuthnRequestTaskSecondTest.java
deleted file mode 100644
index 8eac7d3f..00000000
--- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/tasks/GenerateAuthnRequestTaskSecondTest.java
+++ /dev/null
@@ -1,120 +0,0 @@
-package at.asitplus.test.eidas.specific.modules.authmodule_eIDASv2.tasks;
-
-import java.io.IOException;
-import java.util.HashMap;
-import java.util.Map;
-
-import org.junit.Assert;
-import org.junit.Before;
-import org.junit.BeforeClass;
-import org.junit.Test;
-import org.junit.runner.RunWith;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.mock.web.MockHttpServletRequest;
-import org.springframework.mock.web.MockHttpServletResponse;
-import org.springframework.test.annotation.DirtiesContext;
-import org.springframework.test.annotation.DirtiesContext.ClassMode;
-import org.springframework.test.context.ContextConfiguration;
-import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
-import org.springframework.web.context.request.RequestContextHolder;
-import org.springframework.web.context.request.ServletRequestAttributes;
-
-import at.asitplus.eidas.specific.connector.MSeIDASNodeConstants;
-import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.Constants;
-import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.eIDASAuthenticationException;
-import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.tasks.GenerateAuthnRequestTask;
-import at.asitplus.test.eidas.specific.modules.authmodule_eIDASv2.dummy.DummySpecificCommunicationService;
-import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants;
-import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
-import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
-import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException;
-import at.gv.egiz.eaaf.core.exceptions.EaafException;
-import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
-import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySpConfiguration;
-import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
-import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl;
-import eu.eidas.auth.commons.light.ILightRequest;
-import eu.eidas.specificcommunication.exception.SpecificCommunicationException;
-
-@RunWith(SpringJUnit4ClassRunner.class)
-@ContextConfiguration("/SpringTest-context_tasks_test.xml")
-@DirtiesContext(classMode = ClassMode.BEFORE_CLASS)
-public class GenerateAuthnRequestTaskSecondTest {
-
- @Autowired(required=true) private GenerateAuthnRequestTask task;
- @Autowired(required=true) private DummySpecificCommunicationService commService;
- @Autowired(required=true) private IConfiguration basicConfig;
-
- final ExecutionContext executionContext = new ExecutionContextImpl();
- private MockHttpServletRequest httpReq;
- private MockHttpServletResponse httpResp;
- private TestRequestImpl pendingReq;
- private DummySpConfiguration oaParam;
-
- @BeforeClass
- public static void classInitializer() throws IOException {
- final String current = new java.io.File( "." ).toURI().toString();
- System.setProperty("eidas.ms.configuration", current + "../../basicConfig/default_config.properties");
-
- }
-
- @Before
- public void setUp() {
-
- httpReq = new MockHttpServletRequest("POST", "https://localhost/authhandler");
- httpResp = new MockHttpServletResponse();
- RequestContextHolder.resetRequestAttributes();
- RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp));
-
- Map<String, String> spConfig = new HashMap<>();
- spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp");
- spConfig.put("target", "urn:publicid:gv.at:cdid+XX");
- oaParam = new DummySpConfiguration(spConfig , basicConfig);
-
- pendingReq = new TestRequestImpl();
- pendingReq.setSpConfig(oaParam);
- pendingReq.setPendingReqId(at.gv.egiz.eaaf.core.impl.utils.Random.nextProcessReferenceValue());
- pendingReq.setAuthUrl("http://test.com/");
-
- }
-
- @Test
- public void noCountryCode() {
- try {
- task.execute(pendingReq, executionContext);
- Assert.fail("No countryCode not detected");
-
- } catch (TaskExecutionException e) {
- Assert.assertEquals("wrong pendingReqId", pendingReq.getPendingRequestId(), e.getPendingRequestID());
- org.springframework.util.Assert.isInstanceOf(eIDASAuthenticationException.class, e.getOriginalException(), "Wrong exception");
- Assert.assertEquals("wrong errorCode", "eidas.03", ((EaafException) e.getOriginalException()).getErrorId());
-
- }
-
- }
-
- @Test
- @DirtiesContext
- public void withStaticProviderNameForPublicSPs() throws TaskExecutionException, SpecificCommunicationException {
- executionContext.put(MSeIDASNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "CC");
-
- try {
- task.execute(pendingReq, executionContext);
-
- } catch (TaskExecutionException e) {
- //forward URL is not set in example config
- org.springframework.util.Assert.isInstanceOf(EaafConfigurationException.class, e.getOriginalException(), "Wrong exception");
- Assert.assertEquals("wrong errorCode", "config.08", ((EaafException) e.getOriginalException()).getErrorId());
- Assert.assertEquals("wrong parameter size", 1, ((EaafException) e.getOriginalException()).getParams().length);
- Assert.assertEquals("wrong errorMsg", Constants.CONIG_PROPS_EIDAS_NODE_FORWARD_URL, ((EaafException) e.getOriginalException()).getParams()[0]);
-
- }
-
- ILightRequest eIDASReq = commService.getAndRemoveRequest(null, null);
-
- Assert.assertEquals("ProviderName is not Static", Constants.DEFAULT_PROPS_EIDAS_NODE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP, eIDASReq.getProviderName());
- Assert.assertEquals("no PublicSP", "public", eIDASReq.getSpType());
- Assert.assertEquals("wrong LoA", "http://eidas.europa.eu/LoA/high", eIDASReq.getLevelOfAssurance());
- }
-
-}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/tasks/GenerateAuthnRequestTaskThirdTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/tasks/GenerateAuthnRequestTaskThirdTest.java
deleted file mode 100644
index 429b2aca..00000000
--- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/tasks/GenerateAuthnRequestTaskThirdTest.java
+++ /dev/null
@@ -1,93 +0,0 @@
-package at.asitplus.test.eidas.specific.modules.authmodule_eIDASv2.tasks;
-
-import java.io.IOException;
-import java.util.HashMap;
-import java.util.Map;
-
-import org.junit.Assert;
-import org.junit.Before;
-import org.junit.BeforeClass;
-import org.junit.Test;
-import org.junit.runner.RunWith;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.mock.web.MockHttpServletRequest;
-import org.springframework.mock.web.MockHttpServletResponse;
-import org.springframework.test.annotation.DirtiesContext;
-import org.springframework.test.annotation.DirtiesContext.ClassMode;
-import org.springframework.test.context.ContextConfiguration;
-import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
-import org.springframework.web.context.request.RequestContextHolder;
-import org.springframework.web.context.request.ServletRequestAttributes;
-
-import at.asitplus.eidas.specific.connector.MSeIDASNodeConstants;
-import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.tasks.GenerateAuthnRequestTask;
-import at.asitplus.test.eidas.specific.modules.authmodule_eIDASv2.dummy.DummySpecificCommunicationService;
-import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants;
-import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
-import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
-import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
-import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySpConfiguration;
-import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
-import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl;
-import eu.eidas.auth.commons.light.ILightRequest;
-import eu.eidas.specificcommunication.exception.SpecificCommunicationException;
-
-@RunWith(SpringJUnit4ClassRunner.class)
-@ContextConfiguration("/SpringTest-context_tasks_test.xml")
-@DirtiesContext(classMode = ClassMode.BEFORE_CLASS)
-public class GenerateAuthnRequestTaskThirdTest {
-
- @Autowired(required=true) private GenerateAuthnRequestTask task;
- @Autowired(required=true) private DummySpecificCommunicationService commService;
- @Autowired(required=true) private IConfiguration basicConfig;
-
- final ExecutionContext executionContext = new ExecutionContextImpl();
- private MockHttpServletRequest httpReq;
- private MockHttpServletResponse httpResp;
- private TestRequestImpl pendingReq;
- private DummySpConfiguration oaParam;
-
- @BeforeClass
- public static void classInitializer() throws IOException {
- final String current = new java.io.File( "." ).toURI().toString();
- System.setProperty("eidas.ms.configuration", current + "src/test/resources/config/junit_config_2.properties");
-
- }
-
- @Before
- public void setUp() {
-
- httpReq = new MockHttpServletRequest("POST", "https://localhost/authhandler");
- httpResp = new MockHttpServletResponse();
- RequestContextHolder.resetRequestAttributes();
- RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp));
-
- Map<String, String> spConfig = new HashMap<>();
- spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp");
- spConfig.put("target", "urn:publicid:gv.at:cdid+XX");
- oaParam = new DummySpConfiguration(spConfig , basicConfig);
-
- pendingReq = new TestRequestImpl();
- pendingReq.setSpConfig(oaParam);
- pendingReq.setPendingReqId(at.gv.egiz.eaaf.core.impl.utils.Random.nextProcessReferenceValue());
- pendingReq.setAuthUrl("http://test.com/");
-
-
- }
-
- @Test
- @DirtiesContext
- public void withDynamicProviderNameForPublicSPs() throws TaskExecutionException, SpecificCommunicationException {
- executionContext.put(MSeIDASNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "CC");
-
- task.execute(pendingReq, executionContext);
- Assert.assertEquals("Wrong http statusCode", 302, httpResp.getStatus());
-
- ILightRequest eIDASReq = commService.getAndRemoveRequest(null, null);
-
- Assert.assertNull("ProviderName found", eIDASReq.getProviderName());
- Assert.assertEquals("no PublicSP", "public", eIDASReq.getSpType());
- Assert.assertEquals("wrong LoA", "http://eidas.europa.eu/LoA/high", eIDASReq.getLevelOfAssurance());
- }
-
-}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_basic_test.xml b/eidas_modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_basic_test.xml
index 79256673..1f198e20 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_basic_test.xml
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_basic_test.xml
@@ -1,36 +1,39 @@
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:context="http://www.springframework.org/schema/context"
- xmlns:tx="http://www.springframework.org/schema/tx" xmlns:aop="http://www.springframework.org/schema/aop"
- xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd
- http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
- http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd
- http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd">
-
- <context:annotation-config />
-
- <bean id="SZRClientForeIDAS"
- class="at.asitplus.eidas.specific.modules.authmodule_eIDASv2.szr.SZRClient" />
-
-<!-- <bean id="eIDASDataStore"
- class="at.asitplus.eidas.specific.modules.authmodule_eIDASv2.service.eIDASDataStore" /> -->
-
- <bean id="EIDPostProcessingService"
- class="at.asitplus.eidas.specific.modules.authmodule_eIDASv2.service.CCSpecificEIDProcessingService" />
-
- <bean id="DE-PostProcessor"
- class="at.asitplus.eidas.specific.modules.authmodule_eIDASv2.handler.DEeIDProcessor">
- <property name="priority" value="1" />
- </bean>
-
- <bean id="Default-PostProcessor"
- class="at.asitplus.eidas.specific.modules.authmodule_eIDASv2.handler.GenericeIDProcessor">
- <property name="priority" value="0" />
- </bean>
-
- <bean id="BasicMSSpecificNodeConfig"
- class="at.asitplus.eidas.specific.connector.config.BasicConfigurationProvider">
- <constructor-arg value="#{systemProperties['eidas.ms.configuration'] != null ? systemProperties['eidas.ms.configuration'] : 'file:/F:/Projekte/configs/ms_connector/default_config.properties' }"/>
- </bean>
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns:context="http://www.springframework.org/schema/context"
+ xmlns:tx="http://www.springframework.org/schema/tx"
+ xmlns:aop="http://www.springframework.org/schema/aop"
+ xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd
+ http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
+ http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd
+ http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd">
+
+ <context:annotation-config />
+
+ <bean id="SZRClientForeIDAS"
+ class="at.asitplus.eidas.specific.modules.auth.eidas.v2.szr.SzrClient" />
+
+ <!-- <bean id="eIDASDataStore" class="at.asitplus.eidas.specific.modules.auth.eidas.v2.service.eIDASDataStore"
+ /> -->
+
+ <bean id="EIDPostProcessingService"
+ class="at.asitplus.eidas.specific.modules.auth.eidas.v2.service.CcSpecificEidProcessingService" />
+
+ <bean id="DE-PostProcessor"
+ class="at.asitplus.eidas.specific.modules.auth.eidas.v2.handler.DeEidProcessor">
+ <property name="priority" value="1" />
+ </bean>
+
+ <bean id="Default-PostProcessor"
+ class="at.asitplus.eidas.specific.modules.auth.eidas.v2.handler.GenericEidProcessor">
+ <property name="priority" value="0" />
+ </bean>
+
+ <bean id="BasicMSSpecificNodeConfig"
+ class="at.asitplus.eidas.specific.connector.config.BasicConfigurationProvider">
+ <constructor-arg
+ value="#{systemProperties['eidas.ms.configuration'] != null ? systemProperties['eidas.ms.configuration'] : 'file:/F:/Projekte/configs/ms_connector/default_config.properties' }" />
+ </bean>
</beans> \ No newline at end of file
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_tasks_test.xml b/eidas_modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_tasks_test.xml
index dafdcf94..dd116bd3 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_tasks_test.xml
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_tasks_test.xml
@@ -1,53 +1,61 @@
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:context="http://www.springframework.org/schema/context"
- xmlns:tx="http://www.springframework.org/schema/tx" xmlns:aop="http://www.springframework.org/schema/aop"
- xmlns:mvc="http://www.springframework.org/schema/mvc"
- xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd
- http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
- http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd
- http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd
- http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc.xsd">
-
- <context:annotation-config />
- <mvc:annotation-driven />
- <mvc:default-servlet-handler/>
-
-
- <import resource="SpringTest-context_authManager.xml"/>
- <import resource="SpringTest-context_basic_test.xml"/>
-
- <bean id="mvcGUIBuilderImpl"
- class="at.asitplus.eidas.specific.connector.gui.SpringMvcGuiFormBuilderImpl"/>
-
- <bean id="springManagedSpecificConnectorCommunicationService"
- class="at.asitplus.test.eidas.specific.modules.authmodule_eIDASv2.dummy.DummySpecificCommunicationService" />
-
- <bean id="specificConnectorAttributesFileWithPath" class="java.lang.String">
- <constructor-arg value="src/test/resources/config/eidas-attributes.xml"/>
- </bean>
-
- <bean id="specificConnectorAdditionalAttributesFileWithPath" class="java.lang.String">
- <constructor-arg value="src/test/resources/config/additional-attributes.xml"/>
- </bean>
-
- <bean id="attributeRegistry"
- class="at.asitplus.eidas.specific.modules.authmodule_eIDASv2.service.eIDASAttributeRegistry">
- <property name="eidasAttributesFile" ref="specificConnectorAttributesFileWithPath"/>
- <property name="additionalAttributesFile" ref="specificConnectorAdditionalAttributesFileWithPath"/>
- </bean>
-
- <!-- Authentication Process Tasks -->
- <bean id="ConnecteIDASNodeTask"
- class="at.asitplus.eidas.specific.modules.authmodule_eIDASv2.tasks.GenerateAuthnRequestTask"
- scope="prototype" />
-
- <bean id="ReceiveResponseFromeIDASNodeTask"
- class="at.asitplus.eidas.specific.modules.authmodule_eIDASv2.tasks.ReceiveAuthnResponseTask"
- scope="prototype" />
-
- <bean id="CreateIdentityLinkTask"
- class="at.asitplus.eidas.specific.modules.authmodule_eIDASv2.tasks.CreateIdentityLinkTask"
- scope="prototype" />
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns:context="http://www.springframework.org/schema/context"
+ xmlns:tx="http://www.springframework.org/schema/tx"
+ xmlns:aop="http://www.springframework.org/schema/aop"
+ xmlns:mvc="http://www.springframework.org/schema/mvc"
+ xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd
+ http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
+ http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd
+ http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd
+ http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc.xsd">
+
+ <context:annotation-config />
+ <mvc:annotation-driven />
+ <mvc:default-servlet-handler />
+
+
+ <import resource="SpringTest-context_authManager.xml" />
+ <import resource="SpringTest-context_basic_test.xml" />
+
+ <bean id="mvcGUIBuilderImpl"
+ class="at.asitplus.eidas.specific.connector.gui.SpringMvcGuiFormBuilderImpl" />
+
+ <bean id="springManagedSpecificConnectorCommunicationService"
+ class="at.asitplus.eidas.specific.modules.auth.eidas.v2.test.dummy.DummySpecificCommunicationService" />
+
+ <bean id="specificConnectorAttributesFileWithPath"
+ class="java.lang.String">
+ <constructor-arg
+ value="src/test/resources/config/eidas-attributes.xml" />
+ </bean>
+
+ <bean id="specificConnectorAdditionalAttributesFileWithPath"
+ class="java.lang.String">
+ <constructor-arg
+ value="src/test/resources/config/additional-attributes.xml" />
+ </bean>
+
+ <bean id="attributeRegistry"
+ class="at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry">
+ <property name="eidasAttributesFile"
+ ref="specificConnectorAttributesFileWithPath" />
+ <property name="additionalAttributesFile"
+ ref="specificConnectorAdditionalAttributesFileWithPath" />
+ </bean>
+
+ <!-- Authentication Process Tasks -->
+ <bean id="ConnecteIDASNodeTask"
+ class="at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.GenerateAuthnRequestTask"
+ scope="prototype" />
+
+ <bean id="ReceiveResponseFromeIDASNodeTask"
+ class="at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.ReceiveAuthnResponseTask"
+ scope="prototype" />
+
+ <bean id="CreateIdentityLinkTask"
+ class="at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.CreateIdentityLinkTask"
+ scope="prototype" />
</beans> \ No newline at end of file
diff --git a/pom.xml b/pom.xml
index d0856171..ee85e79a 100644
--- a/pom.xml
+++ b/pom.xml
@@ -12,6 +12,7 @@
<properties>
<!-- Project versions -->
+ <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<egiz.eidas.version>${project.version}</egiz.eidas.version>
@@ -215,6 +216,13 @@
</dependency>
<dependency>
<groupId>at.gv.egiz.eaaf</groupId>
+ <artifactId>eaaf_core_utils</artifactId>
+ <version>${eaaf-core.version}</version>
+ <scope>test</scope>
+ <type>test-jar</type>
+ </dependency>
+ <dependency>
+ <groupId>at.gv.egiz.eaaf</groupId>
<artifactId>eaaf-core</artifactId>
<version>${eaaf-core.version}</version>
<scope>test</scope>
@@ -278,10 +286,9 @@
<configLocation>https://apps.egiz.gv.at/checkstyle/egiz_checks.xml</configLocation>
<suppressionsLocation>checks/checkstyleSuppress.xml</suppressionsLocation>
<failsOnError>false</failsOnError>
- <failOnViolation>false</failOnViolation>
+ <failOnViolation>true</failOnViolation>
<violationSeverity>warning</violationSeverity>
<includeTestResources>false</includeTestResources>
- <!-- excludes>**/moaspss_config/**,**/data/**</excludes -->
</configuration>
<executions>
<execution>
@@ -371,11 +378,14 @@
<sourceEncoding>utf-8</sourceEncoding>
<minimumTokens>100</minimumTokens>
<targetJdk>1.8</targetJdk>
- <failOnViolation>false</failOnViolation>
+ <failOnViolation>true</failOnViolation>
<printFailingErrors>true</printFailingErrors>
<rulesets>
<ruleset>${pmw_rules_location}</ruleset>
</rulesets>
+ <excludeRoots>
+ <excludeRoot>target/generated/cxf</excludeRoot>
+ </excludeRoots>
</configuration>
</plugin>
@@ -393,7 +403,7 @@
</execution>
</executions>
<configuration>
- <failOnError>false</failOnError>
+ <failOnError>true</failOnError>
</configuration>
</plugin>
</plugins>