diff options
Diffstat (limited to 'connector/src/main/java/at/asitplus/eidas/specific/connector/provider')
-rw-r--r-- | connector/src/main/java/at/asitplus/eidas/specific/connector/provider/PVPEndPointCredentialProvider.java | 116 | ||||
-rw-r--r-- | connector/src/main/java/at/asitplus/eidas/specific/connector/provider/PVPMetadataProvider.java | 146 | ||||
-rw-r--r-- | connector/src/main/java/at/asitplus/eidas/specific/connector/provider/PvpEndPointCredentialProvider.java | 119 | ||||
-rw-r--r-- | connector/src/main/java/at/asitplus/eidas/specific/connector/provider/PvpMetadataConfigurationFactory.java (renamed from connector/src/main/java/at/asitplus/eidas/specific/connector/provider/PVPMetadataConfigurationFactory.java) | 35 | ||||
-rw-r--r-- | connector/src/main/java/at/asitplus/eidas/specific/connector/provider/PvpMetadataProvider.java | 155 | ||||
-rw-r--r-- | connector/src/main/java/at/asitplus/eidas/specific/connector/provider/StatusMessageProvider.java | 191 |
6 files changed, 388 insertions, 374 deletions
diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/provider/PVPEndPointCredentialProvider.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/provider/PVPEndPointCredentialProvider.java deleted file mode 100644 index 2259acd5..00000000 --- a/connector/src/main/java/at/asitplus/eidas/specific/connector/provider/PVPEndPointCredentialProvider.java +++ /dev/null @@ -1,116 +0,0 @@ -/******************************************************************************* - * Copyright 2018 A-SIT Plus GmbH - * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ, - * A-SIT Plus GmbH, A-SIT, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "License"); - * You may not use this work except in compliance with the License. - * You may obtain a copy of the License at: - * https://joinup.ec.europa.eu/news/understanding-eupl-v12 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -/******************************************************************************* - *******************************************************************************/ -package at.asitplus.eidas.specific.connector.provider; - -import java.net.MalformedURLException; - -import org.apache.commons.lang3.StringUtils; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.springframework.beans.factory.annotation.Autowired; - -import at.asitplus.eidas.specific.connector.MSeIDASNodeConstants; -import at.gv.egiz.eaaf.core.api.idp.IConfiguration; -import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException; -import at.gv.egiz.eaaf.core.exceptions.EaafException; -import at.gv.egiz.eaaf.core.impl.utils.FileUtils; -import at.gv.egiz.eaaf.modules.pvp2.impl.utils.AbstractCredentialProvider; - -public class PVPEndPointCredentialProvider extends AbstractCredentialProvider { - private static final Logger log = LoggerFactory.getLogger(PVPEndPointCredentialProvider.class); - - @Autowired(required=true) IConfiguration basicConfiguration; - - @Override - public String getFriendlyName() { - return "PVP2 S-Profile EndPoint"; - } - - @Override - public String getKeyStoreFilePath() throws EaafException { - try { - String path = basicConfiguration.getBasicConfiguration(MSeIDASNodeConstants.PROP_CONFIG_PVP2_KEYSTORE_PATH); - if (StringUtils.isEmpty(path)) { - log.error(getFriendlyName() + " | Path to keyStore is NULL or EMPTY"); - throw new EaafConfigurationException("config.27", - new Object[] {getFriendlyName() + " | Path to keyStore is NULL or EMPTY"}); - - } - - return FileUtils.makeAbsoluteUrl( - path, - basicConfiguration.getConfigurationRootDirectory()); - - } catch (MalformedURLException e) { - log.error(getFriendlyName() + " | Path to keyStore NOT valid.", e); - throw new EaafConfigurationException("config.27", - new Object[] {getFriendlyName() + " | Path to keyStore NOT valid."}, e); - - } - - } - - @Override - public String getKeyStorePassword() { - return basicConfiguration.getBasicConfiguration(MSeIDASNodeConstants.PROP_CONFIG_PVP2_KEYSTORE_PASSWORD); - - } - - @Override - public String getMetadataKeyAlias() { - return basicConfiguration.getBasicConfiguration(MSeIDASNodeConstants.PROP_CONFIG_PVP2_KEY_METADATA_ALIAS); - } - - @Override - public String getMetadataKeyPassword() { - return basicConfiguration.getBasicConfiguration(MSeIDASNodeConstants.PROP_CONFIG_PVP2_KEY_METADATA_PASSWORD); - - } - - @Override - public String getSignatureKeyAlias() { - return basicConfiguration.getBasicConfiguration(MSeIDASNodeConstants.PROP_CONFIG_PVP2_KEY_SIGNING_ALIAS); - - } - - @Override - public String getSignatureKeyPassword() { - return basicConfiguration.getBasicConfiguration(MSeIDASNodeConstants.PROP_CONFIG_PVP2_KEY_SIGNING_PASSWORD); - - } - - @Override - public String getEncryptionKeyAlias() { - return null; - - } - - @Override - public String getEncryptionKeyPassword() { - return null; - - } - -} diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/provider/PVPMetadataProvider.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/provider/PVPMetadataProvider.java deleted file mode 100644 index 4db6ac5a..00000000 --- a/connector/src/main/java/at/asitplus/eidas/specific/connector/provider/PVPMetadataProvider.java +++ /dev/null @@ -1,146 +0,0 @@ -/******************************************************************************* - * Copyright 2018 A-SIT Plus GmbH - * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ, - * A-SIT Plus GmbH, A-SIT, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "License"); - * You may not use this work except in compliance with the License. - * You may obtain a copy of the License at: - * https://joinup.ec.europa.eu/news/understanding-eupl-v12 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -/******************************************************************************* - *******************************************************************************/ -package at.asitplus.eidas.specific.connector.provider; - -import java.io.IOException; -import java.security.cert.CertificateException; -import java.util.List; - -import org.apache.commons.httpclient.HttpClient; -import org.apache.commons.httpclient.params.HttpClientParams; -import org.apache.commons.lang3.StringUtils; -import org.opensaml.saml2.metadata.provider.MetadataProvider; -import org.opensaml.xml.parse.BasicParserPool; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.stereotype.Service; - -import at.asitplus.eidas.specific.connector.MSeIDASNodeConstants; -import at.asitplus.eidas.specific.connector.verification.MetadataSignatureVerificationFilter; -import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP; -import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration; -import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException; -import at.gv.egiz.eaaf.core.impl.utils.FileUtils; -import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2MetadataException; -import at.gv.egiz.eaaf.modules.pvp2.impl.metadata.AbstractChainingMetadataProvider; -import at.gv.egiz.eaaf.modules.pvp2.impl.metadata.MetadataFilterChain; -import at.gv.egiz.eaaf.modules.pvp2.impl.validation.metadata.PvpEntityCategoryFilter; -import at.gv.egiz.eaaf.modules.pvp2.impl.validation.metadata.SchemaValidationFilter; - -@Service("PVPMetadataProvider") -public class PVPMetadataProvider extends AbstractChainingMetadataProvider{ - private static final Logger log = LoggerFactory.getLogger(PVPMetadataProvider.class); - - @Autowired(required=true) IConfigurationWithSP basicConfig; - - @Override - protected String getMetadataUrl(String entityId) throws EaafConfigurationException { - ISpConfiguration spConfig = basicConfig.getServiceProviderConfiguration(entityId); - if (spConfig != null) { - String metadataURL = entityId; - - String metadataURLFromConfig = spConfig.getConfigurationValue(MSeIDASNodeConstants.PROP_CONFIG_SP_PVP2_METADATA_URL); - if (StringUtils.isNotEmpty(metadataURLFromConfig)) { - log.debug("Use metdataURL from configuration for EntityId: " + entityId); - metadataURL = metadataURLFromConfig; - - } - - return metadataURL; - - } else - log.info("No ServiceProvider with entityId: " + entityId + " in configuration."); - - return null; - } - - @Override - protected MetadataProvider createNewMetadataProvider(String entityId) - throws EaafConfigurationException, IOException, CertificateException { - ISpConfiguration spConfig = basicConfig.getServiceProviderConfiguration(entityId); - if (spConfig != null) { - try { - String metadataURL = spConfig.getConfigurationValue(MSeIDASNodeConstants.PROP_CONFIG_SP_PVP2_METADATA_URL); - if (StringUtils.isEmpty(metadataURL)) { - log.debug("Use EntityId: " + entityId + " instead of explicite metadataURL ... "); - metadataURL = entityId; - - } - String trustStoreUrl = FileUtils.makeAbsoluteUrl( - spConfig.getConfigurationValue(MSeIDASNodeConstants.PROP_CONFIG_SP_PVP2_METADATA_TRUSTSTORE), - authConfig.getConfigurationRootDirectory()); - String trustStorePassword = spConfig.getConfigurationValue(MSeIDASNodeConstants.PROP_CONFIG_SP_PVP2_METADATA_TRUSTSTORE_PASSWORD); - - return createNewSimpleMetadataProvider(metadataURL, - buildMetadataFilterChain(spConfig, metadataURL, trustStoreUrl, trustStorePassword), - spConfig.getConfigurationValue(MSeIDASNodeConstants.PROP_CONFIG_SP_UNIQUEIDENTIFIER), - getTimer(), - new BasicParserPool(), - createHttpClient(metadataURL)); - - } catch (Pvp2MetadataException e) { - log.info("Can NOT initialize Metadata signature-verification filter. Reason: " + e.getMessage()); - throw new EaafConfigurationException("config.27", - new Object[] {"Can NOT initialize Metadata signature-verification filter. Reason: " + e.getMessage()}, e); - - } - - } else - log.info("No ServiceProvider with entityId: " + entityId + " in configuration."); - - return null; - } - - @Override - protected List<String> getAllMetadataUrlsFromConfiguration() throws EaafConfigurationException { - // TODO Auto-generated method stub - return null; - } - - private HttpClient createHttpClient(String metadataURL) { - HttpClient httpClient = new HttpClient(); - HttpClientParams httpClientParams = new HttpClientParams(); - httpClientParams.setSoTimeout(MSeIDASNodeConstants.METADATA_SOCKED_TIMEOUT); - httpClient.setParams(httpClientParams); - return httpClient; - - } - - private MetadataFilterChain buildMetadataFilterChain(ISpConfiguration oaParam, String metadataURL, String trustStoreUrl, String trustStorePassword) throws CertificateException, Pvp2MetadataException{ - MetadataFilterChain filterChain = new MetadataFilterChain(); - filterChain.getFilters().add(new SchemaValidationFilter( - basicConfig.getBasicConfigurationBoolean(MSeIDASNodeConstants.PROP_CONFIG_PVP_SCHEME_VALIDATION, true))); - - filterChain.getFilters().add( - new MetadataSignatureVerificationFilter( - trustStoreUrl, trustStorePassword, metadataURL)); - - filterChain.getFilters().add(new PvpEntityCategoryFilter( - basicConfig.getBasicConfigurationBoolean(MSeIDASNodeConstants.PROP_CONFIG_PVP_ENABLE_ENTITYCATEGORIES, true))); - - return filterChain; - } -} diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/provider/PvpEndPointCredentialProvider.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/provider/PvpEndPointCredentialProvider.java new file mode 100644 index 00000000..92373328 --- /dev/null +++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/provider/PvpEndPointCredentialProvider.java @@ -0,0 +1,119 @@ +/* + * Copyright 2018 A-SIT Plus GmbH + * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ, + * A-SIT Plus GmbH, A-SIT, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "License"); + * You may not use this work except in compliance with the License. + * You may obtain a copy of the License at: + * https://joinup.ec.europa.eu/news/understanding-eupl-v12 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. +*/ + +package at.asitplus.eidas.specific.connector.provider; + +import java.net.MalformedURLException; + +import org.apache.commons.lang3.StringUtils; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.beans.factory.annotation.Autowired; + +import at.asitplus.eidas.specific.connector.MsEidasNodeConstants; +import at.gv.egiz.eaaf.core.api.idp.IConfiguration; +import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException; +import at.gv.egiz.eaaf.core.exceptions.EaafException; +import at.gv.egiz.eaaf.core.impl.utils.FileUtils; +import at.gv.egiz.eaaf.modules.pvp2.impl.utils.AbstractCredentialProvider; + +public class PvpEndPointCredentialProvider extends AbstractCredentialProvider { + private static final Logger log = LoggerFactory.getLogger(PvpEndPointCredentialProvider.class); + + @Autowired(required = true) + IConfiguration basicConfiguration; + + @Override + public String getFriendlyName() { + return "PVP2 S-Profile EndPoint"; + } + + @Override + public String getKeyStoreFilePath() throws EaafException { + try { + final String path = basicConfiguration.getBasicConfiguration( + MsEidasNodeConstants.PROP_CONFIG_PVP2_KEYSTORE_PATH); + if (StringUtils.isEmpty(path)) { + log.error(getFriendlyName() + " | Path to keyStore is NULL or EMPTY"); + throw new EaafConfigurationException("config.27", + new Object[] { getFriendlyName() + " | Path to keyStore is NULL or EMPTY" }); + + } + + return FileUtils.makeAbsoluteUrl( + path, + basicConfiguration.getConfigurationRootDirectory()); + + } catch (final MalformedURLException e) { + log.error(getFriendlyName() + " | Path to keyStore NOT valid.", e); + throw new EaafConfigurationException("config.27", + new Object[] { getFriendlyName() + " | Path to keyStore NOT valid." }, e); + + } + + } + + @Override + public String getKeyStorePassword() { + return basicConfiguration.getBasicConfiguration(MsEidasNodeConstants.PROP_CONFIG_PVP2_KEYSTORE_PASSWORD); + + } + + @Override + public String getMetadataKeyAlias() { + return basicConfiguration.getBasicConfiguration(MsEidasNodeConstants.PROP_CONFIG_PVP2_KEY_METADATA_ALIAS); + } + + @Override + public String getMetadataKeyPassword() { + return basicConfiguration.getBasicConfiguration( + MsEidasNodeConstants.PROP_CONFIG_PVP2_KEY_METADATA_PASSWORD); + + } + + @Override + public String getSignatureKeyAlias() { + return basicConfiguration.getBasicConfiguration(MsEidasNodeConstants.PROP_CONFIG_PVP2_KEY_SIGNING_ALIAS); + + } + + @Override + public String getSignatureKeyPassword() { + return basicConfiguration.getBasicConfiguration( + MsEidasNodeConstants.PROP_CONFIG_PVP2_KEY_SIGNING_PASSWORD); + + } + + @Override + public String getEncryptionKeyAlias() { + return null; + + } + + @Override + public String getEncryptionKeyPassword() { + return null; + + } + +} diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/provider/PVPMetadataConfigurationFactory.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/provider/PvpMetadataConfigurationFactory.java index 6965a407..8b0419d0 100644 --- a/connector/src/main/java/at/asitplus/eidas/specific/connector/provider/PVPMetadataConfigurationFactory.java +++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/provider/PvpMetadataConfigurationFactory.java @@ -1,6 +1,6 @@ -/******************************************************************************* +/* * Copyright 2018 A-SIT Plus GmbH - * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ, + * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ, * A-SIT Plus GmbH, A-SIT, and Graz University of Technology. * * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by @@ -19,15 +19,14 @@ * file for details on the various modules and licenses. * The "NOTICE" text file is part of the distribution. Any derivative works * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -/******************************************************************************* - *******************************************************************************/ +*/ + package at.asitplus.eidas.specific.connector.provider; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; -import at.asitplus.eidas.specific.connector.config.PVPMetadataConfiguration; +import at.asitplus.eidas.specific.connector.config.PvpMetadataConfiguration; import at.gv.egiz.eaaf.core.api.idp.IConfiguration; import at.gv.egiz.eaaf.modules.pvp2.api.IPvp2BasicConfiguration; import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvpMetadataBuilderConfiguration; @@ -35,16 +34,18 @@ import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvpMetadataConfigurationFactor import at.gv.egiz.eaaf.modules.pvp2.impl.utils.AbstractCredentialProvider; @Service("PVPMetadataConfigurationFactory") -public class PVPMetadataConfigurationFactory implements IPvpMetadataConfigurationFactory { - - @Autowired private IConfiguration basicConfig; - @Autowired private IPvp2BasicConfiguration pvpBasicConfig; - - @Override - public IPvpMetadataBuilderConfiguration generateMetadataBuilderConfiguration(String authURL, - AbstractCredentialProvider pvpIDPCredentials) { - return new PVPMetadataConfiguration(basicConfig, authURL, pvpBasicConfig, pvpIDPCredentials); - - } +public class PvpMetadataConfigurationFactory implements IPvpMetadataConfigurationFactory { + + @Autowired + private IConfiguration basicConfig; + @Autowired + private IPvp2BasicConfiguration pvpBasicConfig; + + @Override + public IPvpMetadataBuilderConfiguration generateMetadataBuilderConfiguration(String authUrl, + AbstractCredentialProvider pvpIdpCredentials) { + return new PvpMetadataConfiguration(basicConfig, authUrl, pvpBasicConfig, pvpIdpCredentials); + + } } diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/provider/PvpMetadataProvider.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/provider/PvpMetadataProvider.java new file mode 100644 index 00000000..6a223fd0 --- /dev/null +++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/provider/PvpMetadataProvider.java @@ -0,0 +1,155 @@ +/* + * Copyright 2018 A-SIT Plus GmbH + * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ, + * A-SIT Plus GmbH, A-SIT, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "License"); + * You may not use this work except in compliance with the License. + * You may obtain a copy of the License at: + * https://joinup.ec.europa.eu/news/understanding-eupl-v12 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. +*/ + +package at.asitplus.eidas.specific.connector.provider; + +import java.io.IOException; +import java.security.cert.CertificateException; +import java.util.List; + +import org.apache.commons.httpclient.HttpClient; +import org.apache.commons.httpclient.params.HttpClientParams; +import org.apache.commons.lang3.StringUtils; +import org.opensaml.saml2.metadata.provider.MetadataProvider; +import org.opensaml.xml.parse.BasicParserPool; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Service; + +import at.asitplus.eidas.specific.connector.MsEidasNodeConstants; +import at.asitplus.eidas.specific.connector.verification.MetadataSignatureVerificationFilter; +import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP; +import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration; +import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException; +import at.gv.egiz.eaaf.core.impl.utils.FileUtils; +import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2MetadataException; +import at.gv.egiz.eaaf.modules.pvp2.impl.metadata.AbstractChainingMetadataProvider; +import at.gv.egiz.eaaf.modules.pvp2.impl.metadata.MetadataFilterChain; +import at.gv.egiz.eaaf.modules.pvp2.impl.validation.metadata.PvpEntityCategoryFilter; +import at.gv.egiz.eaaf.modules.pvp2.impl.validation.metadata.SchemaValidationFilter; + +@Service("PVPMetadataProvider") +public class PvpMetadataProvider extends AbstractChainingMetadataProvider { + private static final Logger log = LoggerFactory.getLogger(PvpMetadataProvider.class); + + @Autowired(required = true) + IConfigurationWithSP basicConfig; + + @Override + protected String getMetadataUrl(String entityId) throws EaafConfigurationException { + final ISpConfiguration spConfig = basicConfig.getServiceProviderConfiguration(entityId); + if (spConfig != null) { + String metadataUrl = entityId; + + final String metadataUrlFromConfig = spConfig.getConfigurationValue( + MsEidasNodeConstants.PROP_CONFIG_SP_PVP2_METADATA_URL); + if (StringUtils.isNotEmpty(metadataUrlFromConfig)) { + log.debug("Use metdataURL from configuration for EntityId: " + entityId); + metadataUrl = metadataUrlFromConfig; + + } + + return metadataUrl; + + } else { + log.info("No ServiceProvider with entityId: " + entityId + " in configuration."); + } + + return null; + } + + @Override + protected MetadataProvider createNewMetadataProvider(String entityId) + throws EaafConfigurationException, IOException, CertificateException { + final ISpConfiguration spConfig = basicConfig.getServiceProviderConfiguration(entityId); + if (spConfig != null) { + try { + String metadataUrl = spConfig.getConfigurationValue( + MsEidasNodeConstants.PROP_CONFIG_SP_PVP2_METADATA_URL); + if (StringUtils.isEmpty(metadataUrl)) { + log.debug("Use EntityId: " + entityId + " instead of explicite metadataURL ... "); + metadataUrl = entityId; + + } + final String trustStoreUrl = FileUtils.makeAbsoluteUrl( + spConfig.getConfigurationValue(MsEidasNodeConstants.PROP_CONFIG_SP_PVP2_METADATA_TRUSTSTORE), + authConfig.getConfigurationRootDirectory()); + final String trustStorePassword = spConfig.getConfigurationValue( + MsEidasNodeConstants.PROP_CONFIG_SP_PVP2_METADATA_TRUSTSTORE_PASSWORD); + + return createNewSimpleMetadataProvider(metadataUrl, + buildMetadataFilterChain(metadataUrl, trustStoreUrl, trustStorePassword), + spConfig.getConfigurationValue(MsEidasNodeConstants.PROP_CONFIG_SP_UNIQUEIDENTIFIER), + getTimer(), + new BasicParserPool(), + createHttpClient()); + + } catch (final Pvp2MetadataException e) { + log.info("Can NOT initialize Metadata signature-verification filter. Reason: " + e.getMessage()); + throw new EaafConfigurationException("config.27", + new Object[] { "Can NOT initialize Metadata signature-verification filter. Reason: " + e + .getMessage() }, e); + + } + + } else { + log.info("No ServiceProvider with entityId: " + entityId + " in configuration."); + } + + return null; + } + + @Override + protected List<String> getAllMetadataUrlsFromConfiguration() throws EaafConfigurationException { + // TODO Auto-generated method stub + return null; + } + + private HttpClient createHttpClient() { + final HttpClient httpClient = new HttpClient(); + final HttpClientParams httpClientParams = new HttpClientParams(); + httpClientParams.setSoTimeout(MsEidasNodeConstants.METADATA_SOCKED_TIMEOUT); + httpClient.setParams(httpClientParams); + return httpClient; + + } + + private MetadataFilterChain buildMetadataFilterChain(String metadataUrl, + String trustStoreUrl, String trustStorePassword) throws CertificateException, Pvp2MetadataException { + final MetadataFilterChain filterChain = new MetadataFilterChain(); + filterChain.getFilters().add(new SchemaValidationFilter( + basicConfig.getBasicConfigurationBoolean(MsEidasNodeConstants.PROP_CONFIG_PVP_SCHEME_VALIDATION, + true))); + + filterChain.getFilters().add( + new MetadataSignatureVerificationFilter( + trustStoreUrl, trustStorePassword, metadataUrl)); + + filterChain.getFilters().add(new PvpEntityCategoryFilter( + basicConfig.getBasicConfigurationBoolean(MsEidasNodeConstants.PROP_CONFIG_PVP_ENABLE_ENTITYCATEGORIES, + true))); + + return filterChain; + } +} diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/provider/StatusMessageProvider.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/provider/StatusMessageProvider.java index f4dee848..d38da6fe 100644 --- a/connector/src/main/java/at/asitplus/eidas/specific/connector/provider/StatusMessageProvider.java +++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/provider/StatusMessageProvider.java @@ -1,6 +1,6 @@ -/******************************************************************************* +/* * Copyright 2018 A-SIT Plus GmbH - * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ, + * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ, * A-SIT Plus GmbH, A-SIT, and Graz University of Technology. * * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by @@ -19,15 +19,13 @@ * file for details on the various modules and licenses. * The "NOTICE" text file is part of the distribution. Any derivative works * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -/******************************************************************************* - *******************************************************************************/ +*/ + package at.asitplus.eidas.specific.connector.provider; import java.text.MessageFormat; import java.util.Locale; import java.util.MissingResourceException; -import java.util.PropertyResourceBundle; import java.util.ResourceBundle; import org.slf4j.Logger; @@ -39,94 +37,97 @@ import at.gv.egiz.eaaf.core.exceptions.EaafException; @Service("StatusMessageProvider") public class StatusMessageProvider implements IStatusMessenger { - private static final Logger log = LoggerFactory.getLogger(StatusMessageProvider.class); - - private static final String ERROR_MESSAGES_UNAVAILABLE = "Error messages can NOT be load from application. Only errorCode: {0} is availabe" ; - private static final String ERROR_NO_MESSAGE = "No errormesseage for error with number.={0}"; - - private static final String ERROR_EXTERNALERROR_CODES_UNAVAILABLE = "External error-codes can NOT be load from application. Only internal errorCode: {0} is availabe" ; - private static final String ERROR_NO_EXTERNALERROR_CODE = "No external error for internal error with number.={0}"; - - //internal messanges - private static final String DEFAULT_MESSAGE_RESOURCES = "properties/status_messages_en"; - private static final Locale DEFAULT_MESSAGE_LOCALES = new Locale("en", "GB"); - private ResourceBundle messages; - - //external error codes - private static final String DEFAULT_EXTERNALERROR_RESOURCES = "properties/external_statuscodes_map"; - private static final Locale DEFAULT_EXTERNALERROR_LOCALES = new Locale("en", "GB"); - private ResourceBundle externalError = null; - - @Override - public String getMessageWithoutDefault(String messageId, Object[] parameters) { - // initialize messages - if (messages == null) { - this.messages = PropertyResourceBundle.getBundle( - DEFAULT_MESSAGE_RESOURCES, - DEFAULT_MESSAGE_LOCALES); - - } - - // create the message - if (messages == null) { - return MessageFormat.format(ERROR_MESSAGES_UNAVAILABLE, new Object[] { messageId }); - - } else { - String rawMessage = messages.getString(messageId); - return MessageFormat.format(rawMessage, parameters); - - } - } - - @Override - public String getMessage(String messageId, Object[] parameters) { - try { - return getMessageWithoutDefault(messageId, parameters); - - } catch (MissingResourceException e2) { - return MessageFormat.format(ERROR_NO_MESSAGE, new Object[] { messageId }); - - } - } - - @Override - public String getResponseErrorCode(Throwable throwable) { - String errorCode = IStatusMessenger.CODES_EXTERNAL_ERROR_GENERIC; - if (throwable instanceof EaafException) { - errorCode = ((EaafException) throwable).getErrorId(); - - } - //TODO: maybe more internal switches are required - - return errorCode; - - } - - @Override - public String mapInternalErrorToExternalError(String intErrorCode) { - // initialize messages - if (externalError == null) { - this.externalError = PropertyResourceBundle.getBundle( - DEFAULT_EXTERNALERROR_RESOURCES, - DEFAULT_EXTERNALERROR_LOCALES); - - } - - // create the message - if (externalError == null) { - log.warn(MessageFormat.format(ERROR_EXTERNALERROR_CODES_UNAVAILABLE, new Object[] { intErrorCode })); - return IStatusMessenger.CODES_EXTERNAL_ERROR_GENERIC; - - } else { - try { - return externalError.getString(intErrorCode); - - } catch (MissingResourceException e2) { - log.info(MessageFormat.format(ERROR_NO_EXTERNALERROR_CODE, new Object[] { intErrorCode })); - return IStatusMessenger.CODES_EXTERNAL_ERROR_GENERIC; - - } - } - } + private static final Logger log = LoggerFactory.getLogger(StatusMessageProvider.class); + + private static final String ERROR_MESSAGES_UNAVAILABLE = + "Error messages can NOT be load from application. Only errorCode: {0} is availabe"; + private static final String ERROR_NO_MESSAGE = "No errormesseage for error with number.={0}"; + + private static final String ERROR_EXTERNALERROR_CODES_UNAVAILABLE = + "External error-codes can NOT be load from application. Only internal errorCode: {0} is availabe"; + private static final String ERROR_NO_EXTERNALERROR_CODE = + "No external error for internal error with number.={0}"; + + // internal messanges + private static final String DEFAULT_MESSAGE_RESOURCES = "properties/status_messages_en"; + private static final Locale DEFAULT_MESSAGE_LOCALES = new Locale("en", "GB"); + private ResourceBundle messages; + + // external error codes + private static final String DEFAULT_EXTERNALERROR_RESOURCES = "properties/external_statuscodes_map"; + private static final Locale DEFAULT_EXTERNALERROR_LOCALES = new Locale("en", "GB"); + private ResourceBundle externalError = null; + + @Override + public String getMessageWithoutDefault(String messageId, Object[] parameters) { + // initialize messages + if (messages == null) { + this.messages = ResourceBundle.getBundle( + DEFAULT_MESSAGE_RESOURCES, + DEFAULT_MESSAGE_LOCALES); + + } + + // create the message + if (messages == null) { + return MessageFormat.format(ERROR_MESSAGES_UNAVAILABLE, new Object[] { messageId }); + + } else { + final String rawMessage = messages.getString(messageId); + return MessageFormat.format(rawMessage, parameters); + + } + } + + @Override + public String getMessage(String messageId, Object[] parameters) { + try { + return getMessageWithoutDefault(messageId, parameters); + + } catch (final MissingResourceException e2) { + return MessageFormat.format(ERROR_NO_MESSAGE, new Object[] { messageId }); + + } + } + + @Override + public String getResponseErrorCode(Throwable throwable) { + String errorCode = IStatusMessenger.CODES_EXTERNAL_ERROR_GENERIC; + if (throwable instanceof EaafException) { + errorCode = ((EaafException) throwable).getErrorId(); + + } + // TODO: maybe more internal switches are required + + return errorCode; + + } + + @Override + public String mapInternalErrorToExternalError(String intErrorCode) { + // initialize messages + if (externalError == null) { + this.externalError = ResourceBundle.getBundle( + DEFAULT_EXTERNALERROR_RESOURCES, + DEFAULT_EXTERNALERROR_LOCALES); + + } + + // create the message + if (externalError == null) { + log.warn(MessageFormat.format(ERROR_EXTERNALERROR_CODES_UNAVAILABLE, new Object[] { intErrorCode })); + return IStatusMessenger.CODES_EXTERNAL_ERROR_GENERIC; + + } else { + try { + return externalError.getString(intErrorCode); + + } catch (final MissingResourceException e2) { + log.info(MessageFormat.format(ERROR_NO_EXTERNALERROR_CODE, new Object[] { intErrorCode })); + return IStatusMessenger.CODES_EXTERNAL_ERROR_GENERIC; + + } + } + } } |