diff options
Diffstat (limited to 'connector_lib/src/main/java/at/asitplus/eidas/specific/connector/config')
3 files changed, 0 insertions, 437 deletions
diff --git a/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/config/BasicConfigurationProvider.java b/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/config/BasicConfigurationProvider.java deleted file mode 100644 index 89ccdfe7..00000000 --- a/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/config/BasicConfigurationProvider.java +++ /dev/null @@ -1,155 +0,0 @@ -/* - * Copyright 2018 A-SIT Plus GmbH - * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ, - * A-SIT Plus GmbH, A-SIT, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "License"); - * You may not use this work except in compliance with the License. - * You may obtain a copy of the License at: - * https://joinup.ec.europa.eu/news/understanding-eupl-v12 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. -*/ - -package at.asitplus.eidas.specific.connector.config; - -import java.net.URL; -import java.util.HashMap; -import java.util.Map; -import java.util.Map.Entry; - -import org.apache.commons.lang3.StringUtils; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.springframework.context.annotation.Profile; -import org.springframework.stereotype.Service; - -import at.asitplus.eidas.specific.connector.MsEidasNodeConstants; -import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration; -import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException; -import at.gv.egiz.eaaf.core.exceptions.EaafException; -import at.gv.egiz.eaaf.core.impl.idp.conf.AbstractConfigurationImpl; -import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils; - -@Service("BasicMSSpecificNodeConfig") -@Profile("deprecatedConfig") -public class BasicConfigurationProvider extends AbstractConfigurationImpl { - private static final Logger log = LoggerFactory.getLogger(BasicConfigurationProvider.class); - - private final Map<String, ISpConfiguration> spConfigCache = new HashMap<>(); - - public BasicConfigurationProvider(String configPath) throws EaafConfigurationException { - super(configPath); - - } - - @Override - public ISpConfiguration getServiceProviderConfiguration(String entityId) throws EaafConfigurationException { - if (!spConfigCache.containsKey(entityId)) { - log.debug("SP: " + entityId + " is NOT cached. Starting load operation ... "); - final Map<String, String> allSPs = getBasicConfigurationWithPrefix( - MsEidasNodeConstants.PROP_CONFIG_SP_LIST_PREFIX + KeyValueUtils.KEY_DELIMITER); - for (Entry<String, String> entry : allSPs.entrySet()) { - if (entry.getKey().endsWith(MsEidasNodeConstants.PROP_CONFIG_SP_UNIQUEIDENTIFIER) - && entry.getValue().equals(entityId)) { - final String listId = KeyValueUtils.getParentKey(entry.getKey()); - log.trace("Find SP configuration with list-Id: " + listId - + ". Extracting configuration elements ... "); - final Map<String, String> spConfig = KeyValueUtils.getSubSetWithPrefix(allSPs, listId - + KeyValueUtils.KEY_DELIMITER); - spConfigCache.put(entityId, - new ServiceProviderConfiguration(spConfig, this)); - break; - } - } - - if (spConfigCache.containsKey(entityId)) { - log.info("SP: " + entityId + " is loaded. Continuing auth. process ... "); - } else { - log.warn("SP: " + entityId + " is NOT found in configuration. Stopping auth. process ... "); - return null; - - } - - } else { - log.trace("SP: " + entityId + " is already cached. Use configuration from there ... "); - } - - return spConfigCache.get(entityId); - } - - @Override - public <T> T getServiceProviderConfiguration(String entityId, Class<T> decorator) - throws EaafConfigurationException { - final ISpConfiguration spConfig = getServiceProviderConfiguration(entityId); - if (spConfig != null && decorator != null) { - if (decorator.isInstance(spConfig)) { - return (T) spConfig; - } else { - log.error("SPConfig: " + spConfig.getClass().getName() + " is NOT instance of: " + decorator - .getName()); - } - - } - - return null; - - } - - @Override - public String validateIdpUrl(URL url) throws EaafException { - log.trace("Validate requested URL: " + url); - String urlPrefixFromConfig = getBasicConfiguration( - MsEidasNodeConstants.PROP_CONFIG_APPLICATION_PUBLIC_URL_PREFIX); - if (StringUtils.isEmpty(urlPrefixFromConfig)) { - log.warn("Application config containts NO URL prefix"); - throw new EaafConfigurationException("config.27", - new Object[] { "Application config containts NO " - + getApplicationSpecificKeyPrefix() - + MsEidasNodeConstants.PROP_CONFIG_APPLICATION_PUBLIC_URL_PREFIX }); - - } - - // remove last slash - if (urlPrefixFromConfig.endsWith("/")) { - urlPrefixFromConfig = urlPrefixFromConfig.substring(0, urlPrefixFromConfig.length() - 1); - } - - if (getBasicConfigurationBoolean( - MsEidasNodeConstants.PROP_CONFIG_APPLICATION_PUBLIC_URL_REQUEST_VALIDATION, false)) { - if (url != null && url.toExternalForm().startsWith(urlPrefixFromConfig)) { - return urlPrefixFromConfig; - } - - log.info("URL: " + url + " does NOT match to allowed application prefix: " + urlPrefixFromConfig); - return null; - - } else { - return urlPrefixFromConfig; - - } - } - - @Override - public String getApplicationSpecificKeyPrefix() { - return MsEidasNodeConstants.PROP_CONFIG_APPLICATION_PREFIX; - - } - - @Override - protected String getBackupConfigPath() { - return null; - - } - -} diff --git a/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/config/ServiceProviderConfiguration.java b/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/config/ServiceProviderConfiguration.java deleted file mode 100644 index 362d0244..00000000 --- a/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/config/ServiceProviderConfiguration.java +++ /dev/null @@ -1,160 +0,0 @@ -/* - * Copyright 2018 A-SIT Plus GmbH - * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ, - * A-SIT Plus GmbH, A-SIT, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "License"); - * You may not use this work except in compliance with the License. - * You may obtain a copy of the License at: - * https://joinup.ec.europa.eu/news/understanding-eupl-v12 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. -*/ - -package at.asitplus.eidas.specific.connector.config; - -import java.util.Arrays; -import java.util.List; -import java.util.Map; -import java.util.regex.Matcher; -import java.util.regex.Pattern; - -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import at.asitplus.eidas.specific.connector.MsEidasNodeConstants; -import at.gv.egiz.eaaf.core.api.data.EaafConstants; -import at.gv.egiz.eaaf.core.api.idp.IConfiguration; -import at.gv.egiz.eaaf.core.exceptions.EaafException; -import at.gv.egiz.eaaf.core.impl.idp.conf.SpConfigurationImpl; - -public class ServiceProviderConfiguration extends SpConfigurationImpl { - private static final long serialVersionUID = 1L; - private static final Logger log = LoggerFactory.getLogger(ServiceProviderConfiguration.class); - - private List<String> minimumLoA = Arrays.asList(EaafConstants.EIDAS_LOA_HIGH); - private String bpkTargetIdentifier; - private String loaMachtingMode = EaafConstants.EIDAS_LOA_MATCHING_MINIMUM; - - public ServiceProviderConfiguration(Map<String, String> spConfig, IConfiguration authConfig) { - super(spConfig, authConfig); - - } - - @Override - public boolean hasBaseIdInternalProcessingRestriction() { - return false; - - } - - - @Override - public boolean hasBaseIdTransferRestriction() { - final Boolean spConfigPolicy = isConfigurationValue( - MsEidasNodeConstants.PROP_CONFIG_SP_POLICY_BASEIDTRANSFER_RESTRICTION); - if (spConfigPolicy) { - return spConfigPolicy; - - } else { - log.trace("SP configuration defines no baseID transfer restriction. Enforce default policy ..."); - for (final String el : getTargetsWithNoBaseIdTransferRestriction()) { - if (this.bpkTargetIdentifier != null && this.bpkTargetIdentifier.startsWith(el)) { - log.debug("SP-Target: " + this.bpkTargetIdentifier - + " has NO baseID transfer restriction in default policy"); - return false; - - } - } - } - - log.debug("Default-policy defines baseID transfer restriction for SP-Target: " - + this.bpkTargetIdentifier); - return true; - } - - @Override - public List<String> getRequiredLoA() { - return minimumLoA; - - } - - @Override - public String getLoAMatchingMode() { - return loaMachtingMode; - - } - - @Override - public String getAreaSpecificTargetIdentifier() { - return bpkTargetIdentifier; - } - - @Override - public String getFriendlyName() { - return getConfigurationValue( - MsEidasNodeConstants.PROP_CONFIG_SP_FRIENDLYNAME, - "NO FRIENDLYNAME SET"); - - } - - /** - * Set the minimum level of eIDAS authentication for this SP <br> - * <b>Default:</b> http://eidas.europa.eu/LoA/high <br> - * <b>Info:</b> In case of MINIMUM matching-mode, only one entry is allowed - * - * @param minimumLoA eIDAS LoA URIs - */ - - public void setRequiredLoA(List<String> minimumLoA) { - this.minimumLoA = minimumLoA; - } - - /** - * Set the mode of operation for LoA matching for this SP. <b>Default: - * minimum</b> <br> - * <b>Info:</b> Currently only 'minimum' and 'exact' are supported - * - * @param mode LoA matching mode according to SAML2 core specification - */ - public void setLoAMachtingMode(String mode) { - this.loaMachtingMode = mode; - } - - /** - * Set the bPK Target for this service provider. - * - * @param bpkTargetIdentifier Set the bPK sector - * @throws EAAFException If the bPKTargetIdentifier is NOT ALLOWED for this - * service provider - */ - public void setBpkTargetIdentifier(String bpkTargetIdentifier) throws EaafException { - final String allowedTargetIdentifierRegExPattern = getConfigurationValue( - MsEidasNodeConstants.PROP_CONFIG_SP_POLICY_ALLOWED_TARGETS, - MsEidasNodeConstants.POLICY_DEFAULT_ALLOWED_TARGETS); - log.trace("Use bPK-target regex pattern: " + allowedTargetIdentifierRegExPattern); - - final Pattern p = Pattern.compile(allowedTargetIdentifierRegExPattern); - final Matcher m = p.matcher(bpkTargetIdentifier); - if (m.matches()) { - log.debug("Requested bPK-target: " + bpkTargetIdentifier + " matches regex pattern"); - this.bpkTargetIdentifier = bpkTargetIdentifier; - - } else { - log.warn("Requested bPK-target: " + bpkTargetIdentifier + " does NOT match regex pattern."); - throw new EaafException("auth.37", new Object[] { bpkTargetIdentifier, getUniqueIdentifier() }); - - } - - } - -} diff --git a/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/config/SpringBootBasicConfigurationProvider.java b/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/config/SpringBootBasicConfigurationProvider.java deleted file mode 100644 index 76e2c01f..00000000 --- a/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/config/SpringBootBasicConfigurationProvider.java +++ /dev/null @@ -1,122 +0,0 @@ -package at.asitplus.eidas.specific.connector.config; - -import java.net.URL; -import java.util.HashMap; -import java.util.Map; -import java.util.Map.Entry; - -import org.apache.commons.lang3.StringUtils; - -import at.asitplus.eidas.specific.connector.MsEidasNodeConstants; -import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration; -import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException; -import at.gv.egiz.eaaf.core.exceptions.EaafException; -import at.gv.egiz.eaaf.core.impl.idp.conf.AbstractSpringBootConfigurationImpl; -import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils; -import lombok.extern.slf4j.Slf4j; - -@Slf4j -public class SpringBootBasicConfigurationProvider extends AbstractSpringBootConfigurationImpl { - - private final Map<String, ISpConfiguration> spConfigCache = new HashMap<>(); - - @Override - public ISpConfiguration getServiceProviderConfiguration(String entityId) throws EaafConfigurationException { - if (!spConfigCache.containsKey(entityId)) { - log.debug("SP: " + entityId + " is NOT cached. Starting load operation ... "); - final Map<String, String> allSPs = getBasicConfigurationWithPrefix( - MsEidasNodeConstants.PROP_CONFIG_SP_LIST_PREFIX); - for (Entry<String, String> entry : allSPs.entrySet()) { - if (entry.getKey().endsWith(MsEidasNodeConstants.PROP_CONFIG_SP_UNIQUEIDENTIFIER) - && entry.getValue().equals(entityId)) { - final String listId = KeyValueUtils.getParentKey(entry.getKey()); - log.trace("Find SP configuration with list-Id: " + listId - + ". Extracting configuration elements ... "); - final Map<String, String> spConfig = KeyValueUtils.getSubSetWithPrefix(allSPs, listId - + KeyValueUtils.KEY_DELIMITER); - spConfigCache.put(entityId, - new ServiceProviderConfiguration(spConfig, this)); - break; - } - } - - if (spConfigCache.containsKey(entityId)) { - log.info("SP: " + entityId + " is loaded. Continuing auth. process ... "); - } else { - log.warn("SP: " + entityId + " is NOT found in configuration. Stopping auth. process ... "); - return null; - - } - - } else { - log.trace("SP: " + entityId + " is already cached. Use configuration from there ... "); - } - - return spConfigCache.get(entityId); - } - - @Override - public <T> T getServiceProviderConfiguration(String entityId, Class<T> decorator) - throws EaafConfigurationException { - final ISpConfiguration spConfig = getServiceProviderConfiguration(entityId); - if (spConfig != null && decorator != null) { - if (decorator.isInstance(spConfig)) { - return (T) spConfig; - } else { - log.error("SPConfig: " + spConfig.getClass().getName() + " is NOT instance of: " + decorator - .getName()); - } - - } - - return null; - - } - - @Override - public String validateIdpUrl(URL url) throws EaafException { - log.trace("Validate requested URL: " + url); - String urlPrefixFromConfig = getBasicConfiguration( - MsEidasNodeConstants.PROP_CONFIG_APPLICATION_PUBLIC_URL_PREFIX); - if (StringUtils.isEmpty(urlPrefixFromConfig)) { - log.warn("Application config containts NO URL prefix"); - throw new EaafConfigurationException("config.27", - new Object[] { "Application config containts NO " - + getApplicationSpecificKeyPrefix() - + MsEidasNodeConstants.PROP_CONFIG_APPLICATION_PUBLIC_URL_PREFIX }); - - } - - // remove last slash - if (urlPrefixFromConfig.endsWith("/")) { - urlPrefixFromConfig = urlPrefixFromConfig.substring(0, urlPrefixFromConfig.length() - 1); - } - - if (getBasicConfigurationBoolean( - MsEidasNodeConstants.PROP_CONFIG_APPLICATION_PUBLIC_URL_REQUEST_VALIDATION, false)) { - if (url != null && url.toExternalForm().startsWith(urlPrefixFromConfig)) { - return urlPrefixFromConfig; - } - - log.info("URL: " + url + " does NOT match to allowed application prefix: " + urlPrefixFromConfig); - return null; - - } else { - return urlPrefixFromConfig; - - } - } - - @Override - public String getApplicationSpecificKeyPrefix() { - return MsEidasNodeConstants.PROP_CONFIG_APPLICATION_PREFIX; - - } - - @Override - protected String getBackupConfigPath() { - return null; - - } - -} |