From fa2384985454568439dc286a6a9051fba47322ed Mon Sep 17 00:00:00 2001
From: Thomas Lenz <thomas.lenz@egiz.gv.at>
Date: Mon, 25 Jan 2021 16:30:07 +0100
Subject: add ID Austria communication-module and additional jUnit test It's
 first alpha-version of eIDAS MS-specific Proxy-Service with ID Austria
 authentication

---
 .../IdAustriaAuthMetadataController.java           | 150 +++++++++++++++++++++
 1 file changed, 150 insertions(+)
 create mode 100644 eidas_modules/authmodule_id-austria/src/main/java/at/asitplus/eidas/specific/modules/auth/idaustria/controller/IdAustriaAuthMetadataController.java

(limited to 'eidas_modules/authmodule_id-austria/src/main/java/at/asitplus/eidas/specific/modules/auth/idaustria/controller/IdAustriaAuthMetadataController.java')

diff --git a/eidas_modules/authmodule_id-austria/src/main/java/at/asitplus/eidas/specific/modules/auth/idaustria/controller/IdAustriaAuthMetadataController.java b/eidas_modules/authmodule_id-austria/src/main/java/at/asitplus/eidas/specific/modules/auth/idaustria/controller/IdAustriaAuthMetadataController.java
new file mode 100644
index 00000000..ad708d30
--- /dev/null
+++ b/eidas_modules/authmodule_id-austria/src/main/java/at/asitplus/eidas/specific/modules/auth/idaustria/controller/IdAustriaAuthMetadataController.java
@@ -0,0 +1,150 @@
+package at.asitplus.eidas.specific.modules.auth.idaustria.controller;
+
+import java.io.IOException;
+import java.net.MalformedURLException;
+import java.net.URL;
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Map;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.apache.commons.lang3.StringUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Controller;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestMethod;
+
+import com.google.common.net.MediaType;
+
+import at.asitplus.eidas.specific.modules.auth.idaustria.IdAustriaAuthConstants;
+import at.asitplus.eidas.specific.modules.auth.idaustria.config.IdAustriaAuthMetadataConfiguration;
+import at.asitplus.eidas.specific.modules.auth.idaustria.utils.IdAustriaAuthCredentialProvider;
+import at.gv.egiz.eaaf.core.exceptions.EaafAuthenticationException;
+import at.gv.egiz.eaaf.core.exceptions.EaafException;
+import at.gv.egiz.eaaf.core.impl.data.Pair;
+import at.gv.egiz.eaaf.core.impl.http.HttpUtils;
+import at.gv.egiz.eaaf.core.impl.idp.controller.AbstractController;
+import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils;
+import at.gv.egiz.eaaf.modules.pvp2.api.IPvp2BasicConfiguration;
+import at.gv.egiz.eaaf.modules.pvp2.impl.builder.PvpMetadataBuilder;
+import lombok.extern.slf4j.Slf4j;
+
+/**
+ * Controller that generates SAML2 metadata for ID Austria authentication client.
+ *
+ * @author tlenz
+ *
+ */
+@Slf4j
+@Controller
+public class IdAustriaAuthMetadataController extends AbstractController {
+
+  private static final String ERROR_CODE_INTERNAL_00 = "eaaf.core.00";
+
+  @Autowired
+  PvpMetadataBuilder metadatabuilder;
+  @Autowired
+  IdAustriaAuthCredentialProvider credentialProvider;
+  @Autowired
+  IPvp2BasicConfiguration pvpConfiguration;
+
+  /**
+   * Default construction with logging.
+   *
+   */
+  public IdAustriaAuthMetadataController() {
+    super();
+    log.debug("Registering servlet " + getClass().getName()
+        + " with mappings '" + IdAustriaAuthConstants.ENDPOINT_METADATA
+        + "'.");
+
+  }
+
+  /**
+   * End-point that produce PVP2 metadata for ID Austria authentication client.
+   *
+   * @param req  http Request
+   * @param resp http Response
+   * @throws IOException   In case of an I/O error
+   * @throws EaafException In case of a metadata generation error
+   */
+  @RequestMapping(value = IdAustriaAuthConstants.ENDPOINT_METADATA,
+      method = { RequestMethod.GET })
+  public void getSpMetadata(HttpServletRequest req, HttpServletResponse resp) throws IOException,
+      EaafException {
+    // check PublicURL prefix
+    try {
+      final String authUrl = getAuthUrlFromHttpContext(req);
+
+      // initialize metadata builder configuration
+      final IdAustriaAuthMetadataConfiguration metadataConfig =
+          new IdAustriaAuthMetadataConfiguration(authUrl, credentialProvider, pvpConfiguration);
+      metadataConfig.setAdditionalRequiredAttributes(getAdditonalRequiredAttributes());
+
+      // build metadata
+      final String xmlMetadata = metadatabuilder.buildPvpMetadata(metadataConfig);
+
+      // write response
+      final byte[] content = xmlMetadata.getBytes("UTF-8");
+      resp.setStatus(HttpServletResponse.SC_OK);
+      resp.setContentLength(content.length);
+      resp.setContentType(MediaType.XML_UTF_8.toString());
+      resp.getOutputStream().write(content);
+
+    } catch (final Exception e) {
+      log.warn("Build PVP metadata for ID Austria client FAILED.", e);
+      protAuthService.handleErrorNoRedirect(e, req, resp, false);
+
+    }
+
+  }
+
+  private String getAuthUrlFromHttpContext(HttpServletRequest req) throws EaafException {
+    // check if End-Point is valid
+    final String authUrlString = HttpUtils.extractAuthUrlFromRequest(req);
+    URL authReqUrl;
+    try {
+      authReqUrl = new URL(authUrlString);
+
+    } catch (final MalformedURLException e) {
+      log.warn("Requested URL: {} is not a valid URL.", authUrlString);
+      throw new EaafAuthenticationException(ERROR_CODE_INTERNAL_00, new Object[] { authUrlString }, e);
+
+    }
+
+    final String idpAuthUrl = authConfig.validateIdpUrl(authReqUrl);
+    if (idpAuthUrl == null) {
+      log.warn("Requested URL: {} is NOT found in configuration.", authReqUrl);
+      throw new EaafAuthenticationException(ERROR_CODE_INTERNAL_00, new Object[] { authUrlString });
+
+    }
+
+    return idpAuthUrl;
+  }
+
+  private List<Pair<String, Boolean>> getAdditonalRequiredAttributes() {
+    final List<Pair<String, Boolean>> result = new ArrayList<>();
+    // load attributes from configuration
+    final Map<String, String> addReqAttributes = authConfig.getBasicConfigurationWithPrefix(
+        IdAustriaAuthConstants.CONFIG_PROPS_REQUIRED_PVP_ATTRIBUTES_LIST);
+    for (final String el : addReqAttributes.values()) {
+      if (StringUtils.isNotEmpty(el)) {
+        log.trace("Parse additional attr. definition: " + el);
+        final List<String> attr = KeyValueUtils.getListOfCsvValues(el.trim());
+        if (attr.size() == 2) {
+          result.add(Pair.newInstance(attr.get(0), Boolean.parseBoolean(attr.get(1))));
+
+        } else {
+          log.info("IGNORE additional attr. definition: " + el
+              + " Reason: Format not valid");
+        }
+      }
+    }
+
+    return result;
+
+  }
+
+}
-- 
cgit v1.2.3