From 32376822fd108ddd820a98b93135ef798c2510b6 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <thomas.lenz@egiz.gv.at>
Date: Fri, 8 Mar 2019 08:05:07 +0100
Subject: update MOA-ID SAML1 client implementation

---
 .../java/at/gv/util/client/moaid/MOAIDClient.java  | 76 ++++++++++++----------
 .../AbstractGenericMOAIDAuthenticationServlet.java | 16 +++--
 2 files changed, 52 insertions(+), 40 deletions(-)

diff --git a/src/main/java/at/gv/util/client/moaid/MOAIDClient.java b/src/main/java/at/gv/util/client/moaid/MOAIDClient.java
index d755792..ca1129c 100644
--- a/src/main/java/at/gv/util/client/moaid/MOAIDClient.java
+++ b/src/main/java/at/gv/util/client/moaid/MOAIDClient.java
@@ -43,37 +43,19 @@ public class MOAIDClient {
 	private EgovUtilConfiguration config = null;
 	Logger log = LoggerFactory.getLogger(MOAIDClient.class);
 	
+	private IdentificationPortType port = null;
+	
 	public MOAIDClient() {}
 	
-	public MOAIDClient(EgovUtilConfiguration config) {
+	public MOAIDClient(EgovUtilConfiguration config) throws MOAIDClientException, EgovUtilException {
 		this.config = config;
 		
-
-	}
-	
-  @SuppressWarnings("unchecked")
-  public ResponseType sendGetAuthenticationDataRequest(String getAuthDataServiceURL, String artifact) throws MOAIDClientException {
-    
-  	// verify that parameters are not null
-  	if (getAuthDataServiceURL == null) {
-  		throw new NullPointerException("Parameter 'getAuthDataServiceURL' must not be null.");
-  	}
-  	if (artifact == null) {
-  		throw new NullPointerException("Parameter 'artifact' must not be null.");
-  	}
-  	
 		URL url = MOAIDClient.class.getResource("/wsdl/MOA-ID-1.x.wsdl");
 		GetAuthenticationDataService service = new GetAuthenticationDataService(url, new QName("http://reference.e-government.gv.at/namespace/moa/20020822#", "GetAuthenticationDataService"));
-		IdentificationPortType port = service.getIdentificationPort();
+		port = service.getIdentificationPort();
   	
-  	log.trace("Authentication data service request URL: " + getAuthDataServiceURL);
-    try {
-    
 	    // set endpoint address
   		BindingProvider bindingProvider = (BindingProvider) port;
-  		Map<String, Object> requestContext = bindingProvider.getRequestContext();
-    	requestContext.put(
-          BindingProvider.ENDPOINT_ADDRESS_PROPERTY, getAuthDataServiceURL);
       
     	// add trace log
     	log.trace("Adding JAX-WS request/response trace handler.");
@@ -88,16 +70,19 @@ public class MOAIDClient {
       // initialize ssl
       
       
-      if (getAuthDataServiceURL.toLowerCase().startsWith("https")) {
-      	if (this.config == null) {
-      		throw new MOAIDClientException("SSL requires a valid configuration for MOA-ID client.");
-      	}
-      	log.trace("Using ssl for MOA-ID get authentication data request.");
-      	SSLContext sslContext = config.getMOAIDsslConfiguration().getSSLContext(false);
-      	if (sslContext == null) {
-					throw new MOAIDClientException("SSL context from configuration is empty. Please configure an SSL context in the configuration first.");
-				}
-		Client client = ClientProxy.getClient(port);
+      
+      if (this.config == null) {
+      	throw new MOAIDClientException("SSL requires a valid configuration for MOA-ID client.");
+      }
+      
+      log.trace("Using ssl for MOA-ID get authentication data request.");
+      SSLContext sslContext = config.getMOAIDsslConfiguration().getSSLContext(false);
+      if (sslContext == null) {
+		throw new MOAIDClientException("SSL context from configuration is empty. Please configure an SSL context in the configuration first.");
+				
+	  }
+      
+      Client client = ClientProxy.getClient(port);
 		HTTPConduit http = (HTTPConduit) client.getConduit();
 		HTTPClientPolicy httpClientPolicy = new HTTPClientPolicy();
 		 
@@ -117,7 +102,28 @@ public class MOAIDClient {
 		}
 		
 		http.setTlsClientParameters(tlsParams );
-      }
+
+	}
+	
+  @SuppressWarnings("unchecked")
+  public ResponseType sendGetAuthenticationDataRequest(String getAuthDataServiceURL, String artifact) throws MOAIDClientException {
+    
+  	// verify that parameters are not null
+  	if (getAuthDataServiceURL == null) {
+  		throw new NullPointerException("Parameter 'getAuthDataServiceURL' must not be null.");
+  	}
+  	if (artifact == null) {
+  		throw new NullPointerException("Parameter 'artifact' must not be null.");
+  	}
+  	
+  	log.trace("Authentication data service request URL: " + getAuthDataServiceURL);
+    try {
+    
+    	BindingProvider bindingProvider = (BindingProvider) port;
+  		Map<String, Object> requestContext = bindingProvider.getRequestContext();
+    	requestContext.put(
+          BindingProvider.ENDPOINT_ADDRESS_PROPERTY, getAuthDataServiceURL);
+
       
       // make simple moa-id request
       RequestType request = new RequestType();
@@ -128,10 +134,8 @@ public class MOAIDClient {
       
       request.getAssertionArtifact().add(artifact);
       
-			return port.getAuthenticationData(request);
+		return port.getAuthenticationData(request);
       
-    } catch (EgovUtilException e) {
-    	throw new MOAIDClientException(e);
     } catch (MOAFault e) {
     	throw new MOAIDClientException(e);
     } catch (DatatypeConfigurationException e) {
diff --git a/src/main/java/at/gv/util/filter/moaid/AbstractGenericMOAIDAuthenticationServlet.java b/src/main/java/at/gv/util/filter/moaid/AbstractGenericMOAIDAuthenticationServlet.java
index f9edb35..21e7d97 100644
--- a/src/main/java/at/gv/util/filter/moaid/AbstractGenericMOAIDAuthenticationServlet.java
+++ b/src/main/java/at/gv/util/filter/moaid/AbstractGenericMOAIDAuthenticationServlet.java
@@ -41,6 +41,7 @@ import at.gv.util.WebAppUtil;
 import at.gv.util.client.moaid.MOAIDClient;
 import at.gv.util.client.moaid.MOAIDClientException;
 import at.gv.util.config.EgovUtilConfiguration;
+import at.gv.util.ex.EgovUtilException;
 import at.gv.util.xsd.saml.assertion.AssertionType;
 import at.gv.util.xsd.saml.protocol.ResponseType;
 
@@ -58,6 +59,7 @@ public abstract class AbstractGenericMOAIDAuthenticationServlet extends HttpServ
   private HttpServletResponse response = null;
    
 	private final Logger log = LoggerFactory.getLogger(AbstractGenericMOAIDAuthenticationServlet.class);
+	private static MOAIDClient moaclient = null;
 	
 	@Override
 	protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
@@ -108,14 +110,13 @@ public abstract class AbstractGenericMOAIDAuthenticationServlet extends HttpServ
 		log.debug("SAMLArtifact = \"" + artifact + "\".");
 
 		AssertionType assertion = null;
-		try {
-			MOAIDClient client = new MOAIDClient(this.getConfiguration());
-			ResponseType moaidResponse = client.sendGetAuthenticationDataRequest(this.getAuthDataURL(), artifact);
+		try {							
+			ResponseType moaidResponse = getMOAIDClient().sendGetAuthenticationDataRequest(this.getAuthDataURL(), artifact);
 			if (!"Success".equals(moaidResponse.getStatus().getStatusCode().getValue().getLocalPart())) {
 				throw new MOAIDClientException("Wrong MOA-ID return code: " + moaidResponse.getStatus().getStatusCode().getValue().toString());
 			}
 			assertion = moaidResponse.getAssertion().get(0);
-		} catch (MOAIDClientException c) {
+		} catch (MOAIDClientException | EgovUtilException c) {
 			String em = "Error retrieving authentication data (" + c.getMessage() + ")."; 
 			log.error(em);
 			this.errorPage(request, response, em);
@@ -211,6 +212,13 @@ public abstract class AbstractGenericMOAIDAuthenticationServlet extends HttpServ
 		}
 	}
 
+	private synchronized MOAIDClient getMOAIDClient() throws MOAIDClientException, EgovUtilException {
+		if (moaclient  == null)
+			moaclient = new MOAIDClient(this.getConfiguration());
+		
+		return moaclient;
+	}
+
 	public HttpServletRequest getRequest() {
   	return request;
   }
-- 
cgit v1.2.3