diff options
Diffstat (limited to 'connector_lib/src/main/java/at/asitplus/eidas/specific/connector/config/ServiceProviderConfiguration.java')
| -rw-r--r-- | connector_lib/src/main/java/at/asitplus/eidas/specific/connector/config/ServiceProviderConfiguration.java | 160 |
1 files changed, 0 insertions, 160 deletions
diff --git a/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/config/ServiceProviderConfiguration.java b/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/config/ServiceProviderConfiguration.java deleted file mode 100644 index 362d0244..00000000 --- a/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/config/ServiceProviderConfiguration.java +++ /dev/null @@ -1,160 +0,0 @@ -/* - * Copyright 2018 A-SIT Plus GmbH - * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ, - * A-SIT Plus GmbH, A-SIT, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "License"); - * You may not use this work except in compliance with the License. - * You may obtain a copy of the License at: - * https://joinup.ec.europa.eu/news/understanding-eupl-v12 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. -*/ - -package at.asitplus.eidas.specific.connector.config; - -import java.util.Arrays; -import java.util.List; -import java.util.Map; -import java.util.regex.Matcher; -import java.util.regex.Pattern; - -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import at.asitplus.eidas.specific.connector.MsEidasNodeConstants; -import at.gv.egiz.eaaf.core.api.data.EaafConstants; -import at.gv.egiz.eaaf.core.api.idp.IConfiguration; -import at.gv.egiz.eaaf.core.exceptions.EaafException; -import at.gv.egiz.eaaf.core.impl.idp.conf.SpConfigurationImpl; - -public class ServiceProviderConfiguration extends SpConfigurationImpl { - private static final long serialVersionUID = 1L; - private static final Logger log = LoggerFactory.getLogger(ServiceProviderConfiguration.class); - - private List<String> minimumLoA = Arrays.asList(EaafConstants.EIDAS_LOA_HIGH); - private String bpkTargetIdentifier; - private String loaMachtingMode = EaafConstants.EIDAS_LOA_MATCHING_MINIMUM; - - public ServiceProviderConfiguration(Map<String, String> spConfig, IConfiguration authConfig) { - super(spConfig, authConfig); - - } - - @Override - public boolean hasBaseIdInternalProcessingRestriction() { - return false; - - } - - - @Override - public boolean hasBaseIdTransferRestriction() { - final Boolean spConfigPolicy = isConfigurationValue( - MsEidasNodeConstants.PROP_CONFIG_SP_POLICY_BASEIDTRANSFER_RESTRICTION); - if (spConfigPolicy) { - return spConfigPolicy; - - } else { - log.trace("SP configuration defines no baseID transfer restriction. Enforce default policy ..."); - for (final String el : getTargetsWithNoBaseIdTransferRestriction()) { - if (this.bpkTargetIdentifier != null && this.bpkTargetIdentifier.startsWith(el)) { - log.debug("SP-Target: " + this.bpkTargetIdentifier - + " has NO baseID transfer restriction in default policy"); - return false; - - } - } - } - - log.debug("Default-policy defines baseID transfer restriction for SP-Target: " - + this.bpkTargetIdentifier); - return true; - } - - @Override - public List<String> getRequiredLoA() { - return minimumLoA; - - } - - @Override - public String getLoAMatchingMode() { - return loaMachtingMode; - - } - - @Override - public String getAreaSpecificTargetIdentifier() { - return bpkTargetIdentifier; - } - - @Override - public String getFriendlyName() { - return getConfigurationValue( - MsEidasNodeConstants.PROP_CONFIG_SP_FRIENDLYNAME, - "NO FRIENDLYNAME SET"); - - } - - /** - * Set the minimum level of eIDAS authentication for this SP <br> - * <b>Default:</b> http://eidas.europa.eu/LoA/high <br> - * <b>Info:</b> In case of MINIMUM matching-mode, only one entry is allowed - * - * @param minimumLoA eIDAS LoA URIs - */ - - public void setRequiredLoA(List<String> minimumLoA) { - this.minimumLoA = minimumLoA; - } - - /** - * Set the mode of operation for LoA matching for this SP. <b>Default: - * minimum</b> <br> - * <b>Info:</b> Currently only 'minimum' and 'exact' are supported - * - * @param mode LoA matching mode according to SAML2 core specification - */ - public void setLoAMachtingMode(String mode) { - this.loaMachtingMode = mode; - } - - /** - * Set the bPK Target for this service provider. - * - * @param bpkTargetIdentifier Set the bPK sector - * @throws EAAFException If the bPKTargetIdentifier is NOT ALLOWED for this - * service provider - */ - public void setBpkTargetIdentifier(String bpkTargetIdentifier) throws EaafException { - final String allowedTargetIdentifierRegExPattern = getConfigurationValue( - MsEidasNodeConstants.PROP_CONFIG_SP_POLICY_ALLOWED_TARGETS, - MsEidasNodeConstants.POLICY_DEFAULT_ALLOWED_TARGETS); - log.trace("Use bPK-target regex pattern: " + allowedTargetIdentifierRegExPattern); - - final Pattern p = Pattern.compile(allowedTargetIdentifierRegExPattern); - final Matcher m = p.matcher(bpkTargetIdentifier); - if (m.matches()) { - log.debug("Requested bPK-target: " + bpkTargetIdentifier + " matches regex pattern"); - this.bpkTargetIdentifier = bpkTargetIdentifier; - - } else { - log.warn("Requested bPK-target: " + bpkTargetIdentifier + " does NOT match regex pattern."); - throw new EaafException("auth.37", new Object[] { bpkTargetIdentifier, getUniqueIdentifier() }); - - } - - } - -} |