aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorThomas Lenz <tlenz@iaik.tugraz.at>2014-02-03 08:06:55 +0100
committerThomas Lenz <tlenz@iaik.tugraz.at>2014-02-03 08:06:55 +0100
commit04ba04826a5f88e0459b7a47a55118933d929cc6 (patch)
tree7f5083300ac4026bbf06b51ac8c3ba01423bbd29
parent080e499cc22a0065ea7f47e04b6c0f336533e21e (diff)
parent3c1884ee275350e7b2a78256342d9610b1766898 (diff)
downloadmoa-id-spss-04ba04826a5f88e0459b7a47a55118933d929cc6.tar.gz
moa-id-spss-04ba04826a5f88e0459b7a47a55118933d929cc6.tar.bz2
moa-id-spss-04ba04826a5f88e0459b7a47a55118933d929cc6.zip
Merge remote-tracking branch 'remotes/origin/outgoingstork' into moa2_0_tlenz
Conflicts: id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/StorkAttributes.java id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/BuildMetadata.java id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetForeignIDServlet.java id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKAuthnRequestProcessor.java id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/client/szrgw/SZRGWClient.java id/server/idserverlib/src/main/resources/resources/templates/loginFormFull.html
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralStorkConfig.java75
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/AttributeHelper.java60
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java102
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java36
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java27
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ImportExportAction.java18
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java89
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASTORKConfigValidation.java19
-rw-r--r--id/ConfigWebTool/src/main/resources/applicationResources.properties22
-rw-r--r--id/ConfigWebTool/src/main/webapp/js/common.js25
-rw-r--r--id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp29
-rw-r--r--id/ConfigWebTool/src/main/webapp/jsp/editOAGeneral.jsp28
-rw-r--r--id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/BuildMetadata.java26
-rw-r--r--id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/DemoApplication.java15
-rw-r--r--id/server/auth/src/main/webapp/info_stork.html4
-rw-r--r--id/server/idserverlib/pom.xml25
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java755
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/LoginFormBuilder.java3
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SendAssertionFormBuilder.java3
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/StartAuthenticationBuilder.java7
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java26
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetForeignIDServlet.java29
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java248
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/PEPSConnectorResponseVerifier.java2
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java398
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/client/szrgw/SZRGWClient.java95
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java17
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java40
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java68
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/ConfigurationBuilder.java176
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/OAAuthParameter.java59
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/STORKConfig.java99
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/SAMLVerifierMOASP.java2
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java14
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/FormBuildUtils.java11
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/XMLUtil.java (renamed from id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/util/XMLUtil.java)2
-rw-r--r--id/server/idserverlib/src/main/resources/resources/templates/fetchGender.html16
-rw-r--r--id/server/idserverlib/src/main/resources/resources/templates/loginFormFull.html325
-rw-r--r--id/server/idserverlib/src/main/resources/resources/templates/saml2-post-binding-moa.vm (renamed from id/server/stork-saml-engine/src/main/resources/saml2-post-binding-moa.vm)0
-rw-r--r--id/server/moa-id-commons/pom.xml43
-rw-r--r--id/server/moa-id-commons/src/main/resources/config/moaid_config_2.0.xsd41
-rw-r--r--id/server/stork-saml-engine/pom.xml92
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/mw/messages/saml/STORKAuthnRequest.java139
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/mw/messages/saml/STORKResponse.java52
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/builder/STORKMessagesBuilder.java1367
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/common/STORKBootstrap.java75
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/common/STORKConstants.java176
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/exception/SAMLException.java60
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/exception/SAMLValidationException.java60
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/STORKAttribute.java65
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/STORKAttributeValue.java51
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/STORKExtensions.java78
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/STORKRequestedAttribute.java53
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/impl/STORKAttributeBuilder.java60
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/impl/STORKAttributeImpl.java63
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/impl/STORKAttributeMarshaller.java56
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/impl/STORKAttributeUnmarshaller.java58
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/impl/STORKAuthnRequestBuilder.java48
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/impl/STORKAuthnRequestImpl.java170
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/impl/STORKAuthnRequestMarshaller.java44
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/impl/STORKAuthnRequestUnmarshaller.java137
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/impl/STORKExtensionsBuilder.java45
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/impl/STORKExtensionsImpl.java74
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/impl/STORKExtensionsMarshaller.java32
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/impl/STORKExtensionsUnmarshaller.java58
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/impl/STORKRequestedAttributeBuilder.java57
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/impl/STORKRequestedAttributeImpl.java66
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/impl/STORKRequestedAttributeUnmarshaller.java64
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/impl/STORKResponseBuilder.java48
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/impl/STORKResponseImpl.java59
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/impl/STORKResponseMarshaller.java44
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/impl/STORKResponseUnmarshaller.java51
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/AuthenticationAttributes.java55
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/CitizenCountryCode.java48
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/EIDCrossBorderShare.java54
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/EIDCrossSectorShare.java54
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/EIDSectorShare.java54
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/QualityAuthenticationAssuranceLevel.java48
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/RequestedAttributes.java58
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/SPAuthRequest.java46
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/SPCertEnc.java44
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/SPCertSig.java44
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/SPCertType.java49
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/SPID.java48
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/SPInformation.java67
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/SpApplication.java48
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/SpCountry.java48
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/SpInstitution.java48
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/SpSector.java48
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/VIDPAuthenticationAttributes.java60
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/AuthenticationAttributesBuilder.java46
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/AuthenticationAttributesImpl.java74
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/AuthenticationAttributesMarshaller.java35
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/AuthenticationAttributesUnmarshaller.java52
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/CitizenCountryCodeBuilder.java46
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/CitizenCountryCodeImpl.java60
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/CitizenCountryCodeMarshaller.java45
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/CitizenCountryCodeUnmarshaller.java45
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/EIDCrossBorderShareBuilder.java46
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/EIDCrossBorderShareImpl.java80
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/EIDCrossBorderShareMarshaller.java45
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/EIDCrossBorderShareUnmarshaller.java45
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/EIDCrossSectorShareBuilder.java46
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/EIDCrossSectorShareImpl.java80
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/EIDCrossSectorShareMarshaller.java45
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/EIDCrossSectorShareUnmarshaller.java45
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/EIDSectorShareBuilder.java46
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/EIDSectorShareImpl.java80
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/EIDSectorShareMarshaller.java45
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/EIDSectorShareUnmarshaller.java45
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/QualityAuthenticationAssuranceLevelBuilder.java46
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/QualityAuthenticationAssuranceLevelImpl.java60
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/QualityAuthenticationAssuranceLevelMarshaller.java45
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/QualityAuthenticationAssuranceLevelUnmarshaller.java45
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/RequestedAttributesBuilder.java58
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/RequestedAttributesImpl.java88
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/RequestedAttributesMarshaller.java40
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/RequestedAttributesUnmarshaller.java55
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPAuthRequestBuilder.java50
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPAuthRequestImpl.java76
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPAuthRequestMarshaller.java57
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPAuthRequestUnmarshaller.java70
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPCertEncBuilder.java46
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPCertEncImpl.java39
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPCertEncMarshaller.java34
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPCertEncUnmarshaller.java33
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPCertSigBuilder.java46
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPCertSigImpl.java39
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPCertSigMarshaller.java34
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPCertSigUnmarshaller.java33
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPCertTypeImpl.java72
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPCertTypeMarshaller.java34
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPCertTypeUnmarshaller.java53
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPIDBuilder.java46
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPIDImpl.java60
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPIDMarshaller.java45
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPIDUnmarshaller.java45
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPInformationBuilder.java46
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPInformationImpl.java121
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPInformationMarshaller.java35
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPInformationUnmarshaller.java61
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SpApplicationBuilder.java46
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SpApplicationImpl.java60
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SpApplicationMarshaller.java45
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SpApplicationUnmarshaller.java45
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SpCountryBuilder.java46
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SpCountryImpl.java60
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SpCountryMarshaller.java45
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SpCountryUnmarshaller.java45
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SpInstitutionBuilder.java46
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SpInstitutionImpl.java60
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SpInstitutionMarshaller.java45
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SpInstitutionUnmarshaller.java45
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SpSectorBuilder.java47
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SpSectorImpl.java60
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SpSectorMarshaller.java45
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SpSectorUnmarshaller.java45
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/VIDPAuthenticationAttributesBuilder.java46
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/VIDPAuthenticationAttributesImpl.java91
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/VIDPAuthenticationAttributesMarshaller.java35
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/VIDPAuthenticationAttributesUnmarshaller.java55
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/util/SAMLUtil.java414
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkAssertionValidator.java91
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkAttributeValidator.java204
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkAudienceRestrictionValidator.java56
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkAuthenticationAttributesValidator.java57
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkAuthnRequestValidator.java137
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkAuthnStatementValidator.java62
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkCitizenCountryCodeValidator.java63
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkConditionsValidator.java70
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkEIDSectorShareValidator.java51
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkEncryptedAttributeValidator.java50
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkEncryptedIdValidator.java51
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkExtensionsValidator.java66
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkIssuerValidator.java61
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkNameIDValidator.java67
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkNameIdPolicyValidator.java52
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkQualityAuthenticationAssuranceLevelValidator.java54
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkRequestedAttributeValidator.java92
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkRequestedAttributesValidator.java45
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkResponseValidator.java137
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkSPIDValidator.java64
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkSPInformationValidator.java49
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkSpApplicationValidator.java63
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkSpCountryValidator.java58
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkSpInstitutionValidator.java62
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkSpSectorValidator.java65
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkStatusCodeValidator.java139
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkStatusValidator.java55
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkSubjectConfirmationValidator.java128
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkSubjectLocalityValidator.java47
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkSubjectValidator.java60
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkVIDPAuthenticationAttributesValidator.java57
-rw-r--r--id/server/stork-saml-engine/src/main/resources/saml2-stork-config.xml242
-rw-r--r--id/server/stork2-commons/Releases62
-rw-r--r--id/server/stork2-commons/pom.xml213
-rw-r--r--id/server/stork2-commons/src/main/config/embedded/pepsUtil.properties267
-rw-r--r--id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/AttributeConstants.java72
-rw-r--r--id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/AttributeName.java74
-rw-r--r--id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/AttributeProvider.java80
-rw-r--r--id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/AttributeProvidersMap.java96
-rw-r--r--id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/AttributeSource.java188
-rw-r--r--id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/AttributeUtil.java231
-rw-r--r--id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/CitizenConsent.java123
-rw-r--r--id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/Country.java95
-rw-r--r--id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/CountryCodes.java79
-rw-r--r--id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/DateUtil.java169
-rw-r--r--id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/IAttributeListProcessor.java148
-rw-r--r--id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/IAttributeProvidersMap.java82
-rw-r--r--id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/IPersonalAttributeList.java194
-rw-r--r--id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/IStorkLogger.java239
-rw-r--r--id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/IStorkSession.java85
-rw-r--r--id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/Linker.java316
-rw-r--r--id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PEPSErrors.java392
-rw-r--r--id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PEPSParameters.java619
-rw-r--r--id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PEPSUtil.java353
-rw-r--r--id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PEPSValues.java329
-rw-r--r--id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PersonalAttribute.java348
-rw-r--r--id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PersonalAttributeList.java396
-rw-r--r--id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKAttrQueryRequest.java447
-rw-r--r--id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKAttrQueryResponse.java388
-rw-r--r--id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKAuthnRequest.java495
-rw-r--r--id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKAuthnResponse.java383
-rw-r--r--id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKLogoutRequest.java197
-rw-r--r--id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKLogoutResponse.java250
-rw-r--r--id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKStatusCode.java68
-rw-r--r--id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKSubStatusCode.java71
-rw-r--r--id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/AbstractPEPSException.java173
-rw-r--r--id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/CPEPSException.java143
-rw-r--r--id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/InternalErrorPEPSException.java74
-rw-r--r--id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/InvalidParameterPEPSException.java54
-rw-r--r--id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/InvalidSessionPEPSException.java46
-rw-r--r--id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/SecurityPEPSException.java67
-rw-r--r--id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/StorkPEPSException.java53
-rw-r--r--id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/package-info.java7
-rw-r--r--id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/package-info.java9
-rw-r--r--id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/IAUService.java215
-rw-r--r--id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/ICheckAttributeValue.java37
-rw-r--r--id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/IDeriveAttribute.java40
-rw-r--r--id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/INormaliseValue.java35
-rw-r--r--id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/ITranslatorService.java100
-rw-r--r--id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/package-info.java8
-rw-r--r--id/server/stork2-commons/src/main/resources/log4j.xml19
-rw-r--r--id/server/stork2-commons/src/test/java/eu/stork/peps/tests/AttributeProvidersMapTestCase.java134
-rw-r--r--id/server/stork2-commons/src/test/java/eu/stork/peps/tests/AttributeSourceTestCase.java88
-rw-r--r--id/server/stork2-commons/src/test/java/eu/stork/peps/tests/AttributeUtilTestCase.java537
-rw-r--r--id/server/stork2-commons/src/test/java/eu/stork/peps/tests/DateUtilTestCase.java294
-rw-r--r--id/server/stork2-commons/src/test/java/eu/stork/peps/tests/PEPSUtilTestCase.java553
-rw-r--r--id/server/stork2-commons/src/test/java/eu/stork/peps/tests/PersonalAttributeListTestCase.java747
-rw-r--r--id/server/stork2-commons/src/test/java/eu/stork/peps/tests/PersonalAttributeTestCase.java182
-rw-r--r--id/server/stork2-commons/src/test/java/eu/stork/peps/tests/package-info.java5
-rw-r--r--id/server/stork2-commons/src/test/resources/log4j.xml19
-rw-r--r--id/server/stork2-saml-engine/Releases83
-rw-r--r--id/server/stork2-saml-engine/pom.xml196
-rw-r--r--id/server/stork2-saml-engine/src/main/config/embedded/StorkSamlEngine_CPEPS.xml69
-rw-r--r--id/server/stork2-saml-engine/src/main/config/embedded/quartz.properties5
-rw-r--r--id/server/stork2-saml-engine/src/main/config/jBoss/context.xml1
-rw-r--r--id/server/stork2-saml-engine/src/main/config/jBoss/jboss-classloading.xml4
-rw-r--r--id/server/stork2-saml-engine/src/main/java/META-INF/MANIFEST.MF3
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/SAMLEngine.java420
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/SAMLEngineUtils.java885
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/STORKSAMLEngine.java3705
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/X509PrincipalUtil.java69
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/AuthenticationAttributes.java57
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/CitizenCountryCode.java56
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/CustomAttributeQuery.java51
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/CustomRequestAbstractType.java176
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/EIDCrossBorderShare.java58
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/EIDCrossSectorShare.java56
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/EIDSectorShare.java57
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/QAAAttribute.java63
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/RequestedAttribute.java140
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/RequestedAttributes.java51
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SAMLCore.java98
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SAMLEngineSignI.java88
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SPApplication.java56
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SPCountry.java56
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SPID.java56
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SPInformation.java56
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SPInstitution.java56
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SPSector.java56
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/STORKSAMLCore.java508
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/VIDPAuthenticationAttributes.java72
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/AuthenticationAttributesBuilder.java56
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/AuthenticationAttributesImpl.java109
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/AuthenticationAttributesMarshaller.java30
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/AuthenticationAttributesUnmarshaller.java54
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CitizenCountryCodeBuilder.java50
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CitizenCountryCodeImpl.java82
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CitizenCountryCodeMarshaller.java45
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CitizenCountryCodeUnmarshaller.java41
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CustomAttributeQueryBuilder.java26
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CustomAttributeQueryImpl.java65
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CustomAttributeQueryMarshaller.java50
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CustomAttributeQueryUnmarshaller.java114
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossBorderShareBuilder.java52
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossBorderShareImpl.java87
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossBorderShareMarshaller.java47
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossBorderShareUnmarshaller.java43
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossSectorShareBuilder.java52
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossSectorShareImpl.java89
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossSectorShareMarshaller.java46
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossSectorShareUnmarshaller.java47
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDSectorShareBuilder.java51
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDSectorShareImpl.java85
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDSectorShareMarshaller.java46
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDSectorShareUnmarshaller.java47
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/QAAAttributeBuilder.java52
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/QAAAttributeImpl.java84
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/QAAAttributeMarshaller.java45
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/QAAAttributeUnmarshaller.java41
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributeBuilder.java54
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributeImpl.java220
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributeMarshaller.java89
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributeUnmarshaller.java96
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributesBuilder.java54
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributesImpl.java95
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributesMarshaller.java33
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributesUnmarshaller.java52
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPApplicationBuilder.java51
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPApplicationImpl.java84
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPApplicationMarshaller.java46
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPApplicationUnmarshaller.java42
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPCountryBuilder.java52
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPCountryImpl.java82
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPCountryMarshaller.java45
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPCountryUnmarshaller.java42
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPIDBuilder.java50
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPIDImpl.java82
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPIDMarshaller.java45
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPIDUnmarshaller.java41
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInformationBuilder.java41
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInformationImpl.java110
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInformationMarshaller.java33
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInformationUnmarshaller.java52
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInstitutionBuilder.java51
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInstitutionImpl.java84
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInstitutionMarshaller.java46
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInstitutionUnmarshaller.java41
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPSectorBuilder.java50
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPSectorImpl.java84
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPSectorMarshaller.java45
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPSectorUnmarshaller.java42
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SignHW.java468
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SignModuleFactory.java64
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SignP12.java556
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SignSW.java538
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/VIDPAuthenticationAttributesBuilder.java41
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/VIDPAuthenticationAttributesImpl.java132
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/VIDPAuthenticationAttributesMarshaller.java33
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/VIDPAuthenticationAttributesUnmarshaller.java55
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/package-info.java19
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/package-info.java19
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/CustomAttributeQueryValidator.java57
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/ExtensionsSchemaValidator.java61
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/QAAAttributeSchemaValidator.java65
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/package-info.java19
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/package-info.java19
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/ConfigurationCreator.java136
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/ConfigurationEngine.java69
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/ConfigurationReader.java233
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/ConfigurationSingleton.java74
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/InstanceEngine.java70
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/package-info.java19
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/exceptions/SAMLEngineException.java57
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/exceptions/STORKSAMLEngineException.java135
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/exceptions/STORKSAMLEngineRuntimeException.java56
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/exceptions/package-info.java19
-rw-r--r--id/server/stork2-saml-engine/src/test/resources/SamlEngine.xml21
-rw-r--r--id/server/stork2-saml-engine/src/test/resources/SignModule_Conf0.xml12
-rw-r--r--id/server/stork2-saml-engine/src/test/resources/SignModule_Conf1.xml12
-rw-r--r--id/server/stork2-saml-engine/src/test/resources/SignModule_Conf2.xml12
-rw-r--r--id/server/stork2-saml-engine/src/test/resources/SignModule_Conf3.xml12
-rw-r--r--id/server/stork2-saml-engine/src/test/resources/SignModule_P11.xml11
-rw-r--r--id/server/stork2-saml-engine/src/test/resources/SignModule_outgoing.xml12
-rw-r--r--id/server/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf0.xml91
-rw-r--r--id/server/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf1.xml91
-rw-r--r--id/server/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf2.xml64
-rw-r--r--id/server/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf3.xml61
-rw-r--r--id/server/stork2-saml-engine/src/test/resources/StorkSamlEngine_outgoing.xml93
-rw-r--r--id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryRequest.xml16
-rw-r--r--id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryRequestTagDelete.xml15
-rw-r--r--id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryResponse.xml15
-rw-r--r--id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AuthnRequest.xml26
-rw-r--r--id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AuthnRequestTagDelete.xml14
-rw-r--r--id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AuthnRequestTagDeleteEncoded.xml14
-rw-r--r--id/server/stork2-saml-engine/src/test/resources/keyStoreCountry0.jksbin0 -> 1376 bytes
-rw-r--r--id/server/stork2-saml-engine/src/test/resources/keyStoreCountry1.jksbin0 -> 1313 bytes
-rw-r--r--id/server/stork2-saml-engine/src/test/resources/keyStoreCountry2.jksbin0 -> 1313 bytes
-rw-r--r--id/server/stork2-saml-engine/src/test/resources/keyStoreCountry3.jksbin0 -> 1313 bytes
-rw-r--r--id/server/stork2-saml-engine/src/test/resources/logback-test.xml23
-rw-r--r--id/server/stork2-saml-engine/src/test/resources/p11Conf.cfg24
-rw-r--r--id/server/stork2-saml-engine/src/test/resources/storkDemoKeys.jksbin0 -> 4592 bytes
-rw-r--r--repository/eu/stork/oasis-dss-api/1.0.0-SNAPSHOT/maven-metadata-local.xml12
-rw-r--r--repository/eu/stork/oasis-dss-api/1.0.0-SNAPSHOT/oasis-dss-api-1.0.0-SNAPSHOT.jarbin0 -> 180095 bytes
-rw-r--r--repository/eu/stork/oasis-dss-api/1.0.0-SNAPSHOT/oasis-dss-api-1.0.0-SNAPSHOT.pom85
-rw-r--r--repository/eu/stork/oasis-dss-api/maven-metadata-local.xml12
397 files changed, 27603 insertions, 12470 deletions
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralStorkConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralStorkConfig.java
index f21be44ba..980aa4731 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralStorkConfig.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralStorkConfig.java
@@ -22,6 +22,81 @@
*******************************************************************************/
package at.gv.egovernment.moa.id.configuration.data;
+import java.util.ArrayList;
+import java.util.List;
+
+import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentGeneral;
+import at.gv.egovernment.moa.id.commons.db.dao.config.CPEPS;
+import at.gv.egovernment.moa.id.commons.db.dao.config.ForeignIdentities;
+import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration;
+import at.gv.egovernment.moa.id.commons.db.dao.config.STORK;
+import at.gv.egovernment.moa.id.commons.db.dao.config.StorkAttribute;
+
public class GeneralStorkConfig {
+ private List<CPEPS> cpepslist;
+ private List<StorkAttribute> attributes;
+ private int qaa;
+
+ public void parse(MOAIDConfiguration config) {
+
+ if (config != null) {
+ AuthComponentGeneral auth = config.getAuthComponentGeneral();
+
+ if (auth != null) {
+ ForeignIdentities foreign = auth.getForeignIdentities();
+
+ if (foreign != null) {
+ STORK stork = foreign.getSTORK();
+ if (stork != null) {
+ // deep clone all the things
+ // to foreclose lazyloading session timeouts
+ cpepslist = new ArrayList<CPEPS>();
+ for(CPEPS current : stork.getCPEPS()) {
+ cpepslist.add(current);
+ }
+
+ List<StorkAttribute> tmp = stork.getAttributes();
+ if(null != tmp) {
+ attributes = new ArrayList<StorkAttribute>();
+ for(StorkAttribute current : tmp)
+ attributes.add(current);
+ }
+ if(attributes.isEmpty())
+ attributes.add(new StorkAttribute());
+
+ try {
+ qaa = stork.getQualityAuthenticationAssuranceLevel();
+ } catch(NullPointerException e) {
+ qaa = 4;
+ }
+ }
+ }
+ }
+ }
+ }
+
+ public List<CPEPS> getCpepslist() {
+ return cpepslist;
+ }
+
+ public void setCpepslist(List<CPEPS> list) {
+ cpepslist = list;
+ }
+
+ public List<StorkAttribute> getAttributes() {
+ return attributes;
+ }
+
+ public void setAttributes(List<StorkAttribute> attributes) {
+ this.attributes = attributes;
+ }
+
+ public int getDefaultQaa() {
+ return qaa;
+ }
+
+ public void setDefaultQaa(int qaa) {
+ this.qaa = qaa;
+ }
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/AttributeHelper.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/AttributeHelper.java
new file mode 100644
index 000000000..349f3bf4a
--- /dev/null
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/AttributeHelper.java
@@ -0,0 +1,60 @@
+package at.gv.egovernment.moa.id.configuration.data.oa;
+
+import at.gv.egovernment.moa.id.commons.db.dao.config.OAStorkAttribute;
+import at.gv.egovernment.moa.id.commons.db.dao.config.StorkAttribute;
+
+public class AttributeHelper {
+ private boolean isUsed = false;
+ private String name;
+ private boolean mandatory;
+ private boolean readonly;
+
+ public AttributeHelper() {
+ // TODO Auto-generated constructor stub
+ }
+
+ public AttributeHelper(OAStorkAttribute attribute) {
+ isUsed = true;
+ name = attribute.getName();
+ mandatory = attribute.isMandatory();
+ }
+
+ public AttributeHelper(StorkAttribute attribute) {
+ name = attribute.getName();
+ mandatory = false;
+ readonly = attribute.isMandatory();
+ isUsed = readonly;
+ }
+
+ public boolean isUsed() {
+ return isUsed;
+ }
+
+ public void setUsed(boolean used) {
+ isUsed = used;
+ }
+
+ public String getName() {
+ return name;
+ }
+
+ public void setName(String newname) {
+ name = newname;
+ }
+
+ public boolean isMandatory() {
+ return mandatory;
+ }
+
+ public void setMandatory(boolean value) {
+ mandatory = value;
+ }
+
+ public boolean isReadOnly() {
+ return readonly;
+ }
+
+ public void setReadOnly(boolean value) {
+ // we do not allow setting the readonly field
+ }
+} \ No newline at end of file
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java
index d7c71105d..da07b10b0 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java
@@ -22,6 +22,108 @@
*******************************************************************************/
package at.gv.egovernment.moa.id.configuration.data.oa;
+import java.util.ArrayList;
+import java.util.List;
+
+import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead;
+import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentOA;
+import at.gv.egovernment.moa.id.commons.db.dao.config.OASTORK;
+import at.gv.egovernment.moa.id.commons.db.dao.config.OAStorkAttribute;
+import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication;
+import at.gv.egovernment.moa.id.commons.db.dao.config.StorkAttribute;
+
public class OASTORKConfig {
+ private boolean isStorkLogonEnabled = false;
+ private int qaa;
+
+ private List<AttributeHelper> attributes;
+
+ public OASTORKConfig() {
+
+ }
+
+ /**
+ * Parses the OA config for stork entities.
+ *
+ * @param dbOAConfig
+ * the db oa config
+ */
+ public void parse(OnlineApplication dbOAConfig) {
+ AuthComponentOA authdata = dbOAConfig.getAuthComponentOA();
+ if (authdata != null) {
+ OASTORK config = authdata.getOASTORK();
+ if(config != null) {
+ setStorkLogonEnabled(config.isStorkLogonEnabled());
+
+ try {
+ setQaa(config.getQaa());
+ } catch(NullPointerException e) {
+ // if there is no configuration available for the OA, get the default qaa level
+ setQaa(ConfigurationDBRead.getMOAIDConfiguration().getAuthComponentGeneral().getForeignIdentities().getSTORK().getQualityAuthenticationAssuranceLevel());
+ }
+
+ // prepare attribute helper list
+ attributes = new ArrayList<AttributeHelper>();
+ for(StorkAttribute current : ConfigurationDBRead.getMOAIDConfiguration().getAuthComponentGeneral().getForeignIdentities().getSTORK().getAttributes()) {
+ AttributeHelper tmp = null;
+
+ for(OAStorkAttribute sepp : config.getOAAttributes())
+ if(sepp.getName().equals(current.getName()))
+ tmp = new AttributeHelper(sepp);
+
+ if(null == tmp)
+ tmp = new AttributeHelper(current);
+
+ attributes.add(tmp);
+ }
+ }
+ }
+ }
+
+ public boolean isStorkLogonEnabled() {
+ return isStorkLogonEnabled;
+ }
+
+ public void setStorkLogonEnabled(boolean enabled) {
+ this.isStorkLogonEnabled = enabled;
+ }
+
+ public int getQaa() {
+ return qaa;
+ }
+
+ public void setQaa(int qaa) {
+ this.qaa = qaa;
+ }
+
+ public List<OAStorkAttribute> getAttributes() {
+ List<OAStorkAttribute> result = new ArrayList<OAStorkAttribute>();
+
+ if(null == getHelperAttributes())
+ return result;
+
+ for(AttributeHelper current : getHelperAttributes()) {
+ for(StorkAttribute currentAttribute : ConfigurationDBRead.getMOAIDConfiguration().getAuthComponentGeneral().getForeignIdentities().getSTORK().getAttributes())
+ if(currentAttribute.getName().equals(current.getName())) {
+ if(current.isUsed() || currentAttribute.isMandatory()) {
+ OAStorkAttribute tmp = new OAStorkAttribute();
+ tmp.setName(current.getName());
+ tmp.setMandatory(current.isMandatory());
+ result.add(tmp);
+ }
+ break;
+ }
+ }
+
+ return result;
+ }
+
+ public List<AttributeHelper> getHelperAttributes() {
+ return attributes;
+ }
+
+ public void setHelperAttributes(List<AttributeHelper> attributes) {
+ this.attributes = attributes;
+ }
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java
index 362579c9f..3c8c0e18d 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java
@@ -72,8 +72,10 @@ import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
import at.gv.egovernment.moa.id.configuration.Constants;
import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser;
import at.gv.egovernment.moa.id.configuration.data.GeneralMOAIDConfig;
+import at.gv.egovernment.moa.id.configuration.data.GeneralStorkConfig;
import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
import at.gv.egovernment.moa.id.configuration.validation.moaconfig.MOAConfigValidator;
+import at.gv.egovernment.moa.id.configuration.validation.moaconfig.StorkConfigValidator;
import at.gv.egovernment.moa.id.util.Random;
import at.gv.egovernment.moa.util.MiscUtil;
@@ -89,7 +91,8 @@ public class EditGeneralConfigAction extends ActionSupport
private AuthenticatedUser authUser;
private GeneralMOAIDConfig moaconfig;
-
+ private GeneralStorkConfig storkconfig;
+
private String formID;
public String loadConfig() {
@@ -108,6 +111,8 @@ public class EditGeneralConfigAction extends ActionSupport
moaconfig = new GeneralMOAIDConfig();
moaconfig.parse(dbconfig);
+ storkconfig = new GeneralStorkConfig();
+ storkconfig.parse(dbconfig);
ConfigurationDBUtils.closeSession();
@@ -152,6 +157,8 @@ public class EditGeneralConfigAction extends ActionSupport
MOAConfigValidator validator = new MOAConfigValidator();
List<String> errors = validator.validate(moaconfig);
+
+ errors.addAll(new StorkConfigValidator().validate(storkconfig));
if (errors.size() > 0) {
log.info("General MOA-ID configuration has some erros.");
@@ -429,10 +436,15 @@ public class EditGeneralConfigAction extends ActionSupport
if (oldforeign != null) {
STORK oldstork = oldforeign.getSTORK();
if (oldstork != null)
- dbforeign.setSTORK(oldstork);
+ oldstork = new STORK();
+
+ oldstork.setQualityAuthenticationAssuranceLevel(storkconfig.getDefaultQaa());
+ oldstork.setAttributes(storkconfig.getAttributes());
+ oldstork.setCPEPS(storkconfig.getCpepslist());
+ dbforeign.setSTORK(oldstork);
}
}
-
+
if (MiscUtil.isNotEmpty(moaconfig.getMandateURL())) {
OnlineMandates dbmandate = dbauth.getOnlineMandates();
if (dbmandate == null) {
@@ -572,6 +584,24 @@ public class EditGeneralConfigAction extends ActionSupport
public void setMoaconfig(GeneralMOAIDConfig moaconfig) {
this.moaconfig = moaconfig;
}
+
+ /**
+ * Gets the storkconfig.
+ *
+ * @return the storkconfig
+ */
+ public GeneralStorkConfig getStorkconfig() {
+ return storkconfig;
+ }
+
+ /**
+ * Sets the storkconfig.
+ *
+ * @param storkconfig the new storkconfig
+ */
+ public void setStorkconfig(GeneralStorkConfig storkconfig) {
+ this.storkconfig = storkconfig;
+ }
/**
* @return the formID
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java
index 5366aff23..775443689 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java
@@ -60,6 +60,7 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.OAOAUTH20;
import at.gv.egovernment.moa.id.commons.db.dao.config.OAPVP2;
import at.gv.egovernment.moa.id.commons.db.dao.config.OASAML1;
import at.gv.egovernment.moa.id.commons.db.dao.config.OASSO;
+import at.gv.egovernment.moa.id.commons.db.dao.config.OASTORK;
import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication;
import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplicationType;
import at.gv.egovernment.moa.id.commons.db.dao.config.STORK;
@@ -123,7 +124,7 @@ public class EditOAAction extends ActionSupport implements ServletRequestAware,
private OASAML1Config saml1OA = new OASAML1Config();
private OASSOConfig ssoOA = new OASSOConfig();
private OAOAuth20Config oauth20OA = new OAOAuth20Config();
- private OASTORKConfig storkOA;
+ private OASTORKConfig storkOA = new OASTORKConfig();
private FormularCustomization formOA = new FormularCustomization();
private InputStream stream;
@@ -182,6 +183,8 @@ public class EditOAAction extends ActionSupport implements ServletRequestAware,
saml1OA.parse(onlineapplication);
oauth20OA.parse(onlineapplication);
session.setAttribute(Constants.SESSION_OAUTH20SECRET, this.oauth20OA.getClientSecret());
+
+ storkOA.parse(onlineapplication);
Map<String, String> map = new HashMap<String, String>();
map.putAll(FormBuildUtils.getDefaultMap());
@@ -698,7 +701,7 @@ public class EditOAAction extends ActionSupport implements ServletRequestAware,
}
}
}
- preview = FormBuildUtils.customiceLayoutBKUSelection(preview, true, false, map);
+ preview = FormBuildUtils.customiceLayoutBKUSelection(preview, true, false, map, true);
}
} else {
@@ -948,12 +951,6 @@ public class EditOAAction extends ActionSupport implements ServletRequestAware,
sso.setSingleLogOutURL(ssoOA.getSingleLogOutURL());
- STORK stork = authoa.getSTORK();
- if (stork == null) {
- // TODO: make stork configurable
-
- }
-
if (oauth20OA != null) {
log.debug("Saving OAuth 2.0 configuration:");
OAOAUTH20 oaOAuth20 = authoa.getOAOAUTH20();
@@ -974,6 +971,20 @@ public class EditOAAction extends ActionSupport implements ServletRequestAware,
}
+
+ // fetch stork configuration from database model
+ OASTORK stork = authoa.getOASTORK();
+ if (stork == null) {
+ // if there is none, create a new one with default values.
+ stork = new OASTORK();
+ authoa.setOASTORK(stork);
+ stork.setStorkLogonEnabled(false);
+ }
+ // transfer the incoming data to the database model
+ stork.setStorkLogonEnabled(storkOA.isStorkLogonEnabled());
+ stork.setQaa(storkOA.getQaa());
+ stork.setOAAttributes(storkOA.getAttributes());
+
try {
if (newentry) {
ConfigurationDBUtils.save(dboa);
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ImportExportAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ImportExportAction.java
index 9fa58ca1e..3bc2d4ac5 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ImportExportAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ImportExportAction.java
@@ -56,8 +56,6 @@ import at.gv.egovernment.moa.id.util.Random;
import com.opensymphony.xwork2.ActionSupport;
-import eu.stork.vidp.messages.common.STORKBootstrap;
-
public class ImportExportAction extends ActionSupport
implements ServletRequestAware, ServletResponseAware {
@@ -136,21 +134,7 @@ implements ServletRequestAware, ServletResponseAware {
session.setAttribute(Constants.SESSION_FORMID, formID);
return Constants.STRUTS_ERROR_VALIDATION;
}
-
- //Initialize OpenSAML for STORK
- log.info("Starting initialization of OpenSAML...");
- try {
- STORKBootstrap.bootstrap();
-
- } catch (org.opensaml.xml.ConfigurationException e1) {
- log.info("Legacy configuration has an Import Error", e1);
- addActionError(LanguageHelper.getErrorString("errors.importexport.legacyimport", new Object[] {e1.getMessage()}));
-
- formID = Random.nextRandom();
- session.setAttribute(Constants.SESSION_FORMID, formID);
- return Constants.STRUTS_ERROR_VALIDATION;
- }
- log.debug("OpenSAML successfully initialized");
+
try {
MOAIDConfiguration moaidconfig = ConfigurationDBRead.getMOAIDConfiguration();
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java
new file mode 100644
index 000000000..318b3b3e7
--- /dev/null
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java
@@ -0,0 +1,89 @@
+package at.gv.egovernment.moa.id.configuration.validation.moaconfig;
+
+import java.util.ArrayList;
+import java.util.List;
+import org.apache.log4j.Logger;
+
+import at.gv.egovernment.moa.id.commons.db.dao.config.CPEPS;
+import at.gv.egovernment.moa.id.commons.db.dao.config.StorkAttribute;
+import at.gv.egovernment.moa.id.configuration.data.GeneralStorkConfig;
+import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
+import at.gv.egovernment.moa.id.configuration.validation.ValidationHelper;
+import at.gv.egovernment.moa.util.MiscUtil;
+
+public class StorkConfigValidator {
+
+ private static final Logger log = Logger.getLogger(StorkConfigValidator.class);
+
+ public List<String> validate(GeneralStorkConfig form) {
+
+ List<String> errors = new ArrayList<String>();
+
+ log.debug("Validate general STORK configuration");
+
+ // check peps list
+ for(CPEPS current : form.getCpepslist()) {
+ // check country code
+ String check = current.getCountryCode();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ log.warn("CPEPS config countrycode contains potentail XSS characters: " + check);
+ errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.cc",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ));
+ }
+ if(!check.toLowerCase().matches("^[a-z][a-z]$")) {
+ log.warn("CPEPS config countrycode does not comply to ISO 3166-2 : " + check);
+ errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.cc",
+ new Object[] {check} ));
+ }
+ } else {
+ log.warn("CPEPS config countrycode is empty : " + check);
+ errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.empty",
+ new Object[] {check} ));
+ }
+
+ // check url
+ check = current.getURL();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!ValidationHelper.validateURL(check)) {
+ log.info("CPEPS config URL is invalid : " + check);
+ errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.url"));
+ }
+ } else {
+ log.warn("CPEPS config url is empty : " + check);
+ errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.empty",
+ new Object[] {check} ));
+ }
+ }
+
+ // check qaa
+ int qaa = form.getDefaultQaa();
+ if(1 > qaa && 4 < qaa) {
+ log.warn("QAA is out of range : " + qaa);
+ errors.add(LanguageHelper.getErrorString("validation.stork.qaa.outofrange",
+ new Object[] {qaa} ));
+ }
+
+ // check attributes
+ if (MiscUtil.isNotEmpty(form.getAttributes())) {
+ for(StorkAttribute check : form.getAttributes()) {
+ if (ValidationHelper.containsPotentialCSSCharacter(check.getName(), true)) {
+ log.warn("default attributes contains potentail XSS characters: " + check);
+ errors.add(LanguageHelper.getErrorString("validation.stork.requestedattributes",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(true)} ));
+ }
+ if(!check.getName().toLowerCase().matches("^[a-z0-9]*$")) {
+ log.warn("default attributes do not match the requested format : " + check);
+ errors.add(LanguageHelper.getErrorString("validation.stork.requestedattributes",
+ new Object[] {check} ));
+ }
+ }
+ } else {
+ log.warn("no attributes specified");
+ errors.add(LanguageHelper.getErrorString("validation.stork.attributes.empty",
+ new Object[] {} ));
+ }
+
+ return errors;
+ }
+}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASTORKConfigValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASTORKConfigValidation.java
index def5aa5ed..f72999020 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASTORKConfigValidation.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASTORKConfigValidation.java
@@ -25,14 +25,27 @@ package at.gv.egovernment.moa.id.configuration.validation.oa;
import java.util.ArrayList;
import java.util.List;
+import org.apache.log4j.Logger;
+
import at.gv.egovernment.moa.id.configuration.data.oa.OASTORKConfig;
+import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
public class OASTORKConfigValidation {
+
+ private static final Logger log = Logger.getLogger(OASTORKConfigValidation.class);
+
public List<String> validate(OASTORKConfig oageneral) {
-
+
List<String> errors = new ArrayList<String>();
-
-
+
+ // check qaa
+ int qaa = oageneral.getQaa();
+ if(1 > qaa && 4 < qaa) {
+ log.warn("QAA is out of range : " + qaa);
+ errors.add(LanguageHelper.getErrorString("validation.stork.qaa.outofrange",
+ new Object[] {qaa} ));
+ }
+
return errors;
}
}
diff --git a/id/ConfigWebTool/src/main/resources/applicationResources.properties b/id/ConfigWebTool/src/main/resources/applicationResources.properties
index 454175125..d82855616 100644
--- a/id/ConfigWebTool/src/main/resources/applicationResources.properties
+++ b/id/ConfigWebTool/src/main/resources/applicationResources.properties
@@ -224,6 +224,19 @@ webpages.oaconfig.sso.singlelogouturl=Single Log-Out URL
webpages.oaconfig.sso.useauthdataframe=Zus\u00E4tzliche Userabfrage
webpages.oaconfig.sso.usesso=Single Sign-On verwenden
+webpages.oaconfig.stork.header=Secure idenTity acrOss boRders linKed
+webpages.oaconfig.stork.usestork=STORK Logon aktivieren
+webpages.moaconfig.stork.pepslist=C-PEPS Konfiguration
+webpages.moaconfig.stork.newpeps=Neuen PEPS konfigurieren
+webpages.moaconfig.stork.removepeps=l\u00F6schen
+webpages.moaconfig.stork.qaa.default=Standard QAA-Level ausw\u00E4hlen
+webpages.moaconfig.stork.attributes.heading=Attributkonfiguration
+webpages.moaconfig.stork.attributes.new=Neues Attribut hinzuf\u00FCgen
+webpages.moaconfig.stork.attributes.heading.name=Attributname
+webpages.moaconfig.stork.attributes.heading.mandatory=zwingend
+webpages.moaconfig.stork.attributes.remove=l\u00F6schen
+webpages.moaconfig.stork.qaa=Mindest-QAA-Level f\u00FCr diese OA ausw\u00E4hlen
+
webpages.oaconfig.protocols.saml1.header=SAML1 Konfiguration
webpages.oaconfig.saml1.isActice=SAML1 aktivieren
webpages.oaconfig.saml1.provideStammZahl=Stammzahl \u00FCbertragen
@@ -366,6 +379,13 @@ validation.general.oaidentifier.empty=Es wurde kein eindeutiger Identifier f\u00
validation.general.oaidentifier.valid=Der eindeutige Identifier f\u00FCr die Online-Applikation ist keine g\u00FCltige URL.
validation.general.oaidentifier.notunique=Der gew\u00E4hlte eindeutige Identifier ist bereits vorhanden. Eine Eintragung der Online-Applikation ist nicht m\u00F6glich.
+validation.stork.cpeps.cc=CPEPS L\u00E4ndercode folgt nicht ISO 3166-2
+validation.stork.cpeps.empty=CPEPS Konfiguration ist unvollst\u00E4ndig
+validation.stork.cpeps.url=CPEPS URL ist ung\u00FCltig
+validation.stork.requestedattributes=STORK Attribute sind fehlerhaft. Bsp.: attr1, attr2
+validation.stork.qaa.outofrange=Gültige QAA Werte sind 1, 2, 3, und 4
+validation.stork.attributes.empty=Es muss mindestens ein Attribut definiert sein
+
validation.pvp2.metadataurl.empty=Keine Metadaten URL angegeben.
validation.pvp2.metadataurl.valid=Die Metadaten URL wei\u00DFt kein g\u00FCltiges URL Format auf.
validation.pvp2.metadataurl.read=Unter der angegebenen Metadaten URL konnten keine Informationen abgerufen werden.
@@ -389,4 +409,4 @@ validation.general.form.button.color.back.focus=Die Hintergrundfarbe f\\u00FCr F
validation.general.form.button.color.back=Die Hintergrundfarbe der BKU-Auswahlbuttons enth\\u00E4lt keinen g\\u00FCltigen Hexadezimalwert. (z.B. \\\#FFFFFF)
validation.general.form.button.color.front=Die Vordergrundfarbe der BKU-Auswahlbuttons enth\\u00E4lt keinen g\\u00FCltigen Hexadezimalwert. (z.B. \\\#FFFFFF)
validation.general.form.appletredirecttarget=Der RedirectTarget beinhaltet einen ung\\u00FCltiten Wert.
-validation.general.form.fonttype=Der BKU-Auswahl Schrifttyp enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0} \ No newline at end of file
+validation.general.form.fonttype=Der BKU-Auswahl Schrifttyp enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
diff --git a/id/ConfigWebTool/src/main/webapp/js/common.js b/id/ConfigWebTool/src/main/webapp/js/common.js
index 11fc0b2be..384e40509 100644
--- a/id/ConfigWebTool/src/main/webapp/js/common.js
+++ b/id/ConfigWebTool/src/main/webapp/js/common.js
@@ -44,6 +44,13 @@ function oaSSOService() {
}
}
+function oaStork() {
+ if ($('#OAuseSTORKLogon').attr('checked') == 'checked') {
+ $('#stork_block').css('display', "block");
+ } else {
+ $('#stork_block').css('display', "none");
+ }
+}
function oaSAML1() {
if ($('#oa_saml1_area').css('display') == "block") {
$('#oa_saml1_area').css('display', "none");
@@ -199,4 +206,22 @@ function oaOnLoad() {
);
return true;
+}
+function newPeps() {
+ var target = $(document.getElementById("stork_pepslist").getElementsByTagName("tr")).last()[0];
+ var clone = target.cloneNode(true);
+ var lastindex = parseInt(clone.innerHTML.match(/name="storkconfig.cpepslist\[(\d)/)[1]);
+ var nextindex = lastindex + 1;
+ clone.innerHTML = clone.innerHTML.replace(/name="storkconfig.cpepslist\[\d/g, 'name="storkconfig.cpepslist[' + nextindex);
+ clone.innerHTML = clone.innerHTML.replace(/(.*" value=").*?(".*)/g, '$1$2');
+ target.parentNode.appendChild(clone);
+}
+function newStorkAttribute() {
+ var target = $(document.getElementById("stork_attributelist").getElementsByTagName("tr")).last()[0];
+ var clone = target.cloneNode(true);
+ var lastindex = parseInt(clone.innerHTML.match(/name="storkconfig.attributes\[(\d)/)[1]);
+ var nextindex = lastindex + 1;
+ clone.innerHTML = clone.innerHTML.replace(/name="storkconfig.attributes\[\d/g, 'name="storkconfig.attributes[' + nextindex);
+ clone.innerHTML = clone.innerHTML.replace(/(.*" value=").*?(".*)/g, '$1$2');
+ target.parentNode.appendChild(clone);
} \ No newline at end of file
diff --git a/id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp b/id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp
index de2548535..41702cbbb 100644
--- a/id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp
+++ b/id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp
@@ -227,6 +227,35 @@
</div>
<div class="oa_config_block">
+ <h3><%=LanguageHelper.getGUIString("webpages.oaconfig.stork.header", request) %></h3>
+ <s:select list="#{1:'1', 2:'2', 3:'3', 4:'4'}"
+ value="#{storkconfig.defaultQaa}"
+ name="storkconfig.defaultQaa"
+ key="webpages.moaconfig.stork.qaa.default"
+ labelposition="left" />
+ <h4><%=LanguageHelper.getGUIString("webpages.moaconfig.stork.pepslist", request) %></h4>
+ <table id="stork_pepslist">
+ <tr><th>Country Shortcode</th><th>PEPS URL</th>
+ <s:iterator value="storkconfig.cpepslist" status="stat">
+ <tr><td><s:textfield name="storkconfig.cpepslist[%{#stat.index}].countryCode" value="%{countryCode}" cssClass="textfield_short"/></td>
+ <td><s:textfield name="storkconfig.cpepslist[%{#stat.index}].URL" value="%{URL}" cssClass="textfield_long"/></td>
+ <td><input type="button" value="<%=LanguageHelper.getGUIString("webpages.moaconfig.stork.removepeps", request) %>" onclick='this.parentNode.parentNode.parentNode.removeChild(this.parentNode.parentNode);'/></td></tr>
+ </s:iterator>
+ </table>
+ <input type="button" value="<%=LanguageHelper.getGUIString("webpages.moaconfig.stork.newpeps", request) %>" onclick='newPeps();' />
+ <h4><%=LanguageHelper.getGUIString("webpages.moaconfig.stork.attributes.heading", request) %></h4>
+ <table id="stork_attributelist">
+ <tr><th><%=LanguageHelper.getGUIString("webpages.moaconfig.stork.attributes.heading.name", request) %></th><th><%=LanguageHelper.getGUIString("webpages.moaconfig.stork.attributes.heading.mandatory", request) %></th></tr>
+ <s:iterator value="storkconfig.attributes" status="stat">
+ <tr><td><s:textfield name="storkconfig.attributes[%{#stat.index}].name" value="%{name}"/></td>
+ <td><s:checkbox name="storkconfig.attributes[%{#stat.index}].mandatory" value="%{mandatory}" /></td>
+ <td><input type="button" value="<%=LanguageHelper.getGUIString("webpages.moaconfig.stork.attributes.remove", request) %>" onclick='this.parentNode.parentNode.parentNode.removeChild(this.parentNode.parentNode);'/></td></tr>
+ </s:iterator>
+ </table>
+ <input type="button" value="<%=LanguageHelper.getGUIString("webpages.moaconfig.stork.attributes.new", request) %>" onclick='newStorkAttribute();' />
+ </div>
+
+ <div class="oa_config_block">
<h3><%=LanguageHelper.getGUIString("webpages.moaconfig.protocols.header", request) %></h3>
<div id="moageneral_active_protocol" class="moageneral_protocol_area">
diff --git a/id/ConfigWebTool/src/main/webapp/jsp/editOAGeneral.jsp b/id/ConfigWebTool/src/main/webapp/jsp/editOAGeneral.jsp
index 97f0d01c2..b58b997ec 100644
--- a/id/ConfigWebTool/src/main/webapp/jsp/editOAGeneral.jsp
+++ b/id/ConfigWebTool/src/main/webapp/jsp/editOAGeneral.jsp
@@ -303,6 +303,34 @@
</div>
<div class="oa_config_block">
+ <h3><%=LanguageHelper.getGUIString("webpages.oaconfig.stork.header", request) %></h3>
+
+ <s:checkbox name="storkOA.storkLogonEnabled"
+ value="%{storkOA.storkLogonEnabled}"
+ labelposition="left"
+ key="webpages.oaconfig.stork.usestork"
+ cssClass="checkbox"
+ onclick="oaStork();"
+ id="OAuseSTORKLogon" />
+ <div id="stork_block">
+ <s:select list="#{1:'1', 2:'2', 3:'3', 4:'4'}"
+ value="#{storkOA.qaa}"
+ name="storkOA.qaa"
+ key="webpages.moaconfig.stork.qaa"
+ labelposition="left" />
+ <h4>Attributes</h4>
+ <table>
+ <tr><th>verwendet</th><th>Attributname</th><th>mandatory</th></tr>
+ <s:iterator value="storkOA.helperAttributes" status="stat">
+ <tr><td><s:checkbox name="storkOA.helperAttributes[%{#stat.index}].used" value="%{used}" disabled="%{readOnly}" /></td>
+ <td><s:property value="%{name}" /><s:hidden name="storkOA.helperAttributes[%{#stat.index}].name" value="%{name}" /></td>
+ <td><s:checkbox name="storkOA.helperAttributes[%{#stat.index}].mandatory" value="%{mandatory}" /></td></tr>
+ </s:iterator>
+ </table>
+ </div>
+ </div>
+
+ <div class="oa_config_block">
<h3><%=LanguageHelper.getGUIString("webpages.oaconfig.protocols.header", request) %></h3>
<s:if test="authUser.isAdmin() || saml1OA.isActive()">
diff --git a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/BuildMetadata.java b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/BuildMetadata.java
index 95b776cc2..72a253694 100644
--- a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/BuildMetadata.java
+++ b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/BuildMetadata.java
@@ -42,7 +42,6 @@ import javax.xml.transform.TransformerFactoryConfigurationError;
import javax.xml.transform.dom.DOMSource;
import javax.xml.transform.stream.StreamResult;
-import org.apache.log4j.Logger;
import org.joda.time.DateTime;
import org.opensaml.common.impl.SecureRandomIdentifierGenerator;
import org.opensaml.common.xml.SAMLConstants;
@@ -73,13 +72,12 @@ import at.gv.egovernment.moa.id.demoOA.Constants;
import at.gv.egovernment.moa.id.demoOA.exception.ConfigurationException;
import at.gv.egovernment.moa.id.demoOA.utils.AttributeListBuilder;
import at.gv.egovernment.moa.id.demoOA.utils.SAML2Utils;
+import at.gv.egovernment.moa.logging.Logger;
import at.iaik.commons.util.MiscUtil;
public class BuildMetadata extends HttpServlet {
private static final long serialVersionUID = 1L;
- private static final Logger log = Logger.getLogger(BuildMetadata.class);
-
/**
* @see HttpServlet#HttpServlet()
*/
@@ -111,7 +109,7 @@ public class BuildMetadata extends HttpServlet {
String name = config.getPVP2MetadataEntitiesName();
if (MiscUtil.isEmpty(name)) {
- log.info("NO Metadata EntitiesName configurated");
+ Logger.info("NO Metadata EntitiesName configurated");
throw new ConfigurationException("NO Metadata EntitiesName configurated");
}
@@ -133,7 +131,7 @@ public class BuildMetadata extends HttpServlet {
if (!serviceURL.endsWith("/"))
serviceURL = serviceURL + "/";
- log.debug("Set OnlineApplicationURL to " + serviceURL);
+ Logger.debug("Set OnlineApplicationURL to " + serviceURL);
spEntityDescriptor.setEntityID(serviceURL);
SPSSODescriptor spSSODescriptor = SAML2Utils
@@ -155,7 +153,7 @@ public class BuildMetadata extends HttpServlet {
config.getPVP2KeystoreMetadataKeyPassword().toCharArray());
- log.debug("Set Metadata key information");
+ Logger.debug("Set Metadata key information");
//Set MetaData Signing key
KeyDescriptor entitiesSignKeyDescriptor = SAML2Utils
.createSAMLObject(KeyDescriptor.class);
@@ -191,7 +189,7 @@ public class BuildMetadata extends HttpServlet {
spSSODescriptor.getKeyDescriptors().add(encryKeyDescriptor);
} else {
- log.warn("No Assertion Encryption-Key defined. This setting is not recommended!");
+ Logger.warn("No Assertion Encryption-Key defined. This setting is not recommended!");
}
@@ -266,32 +264,32 @@ public class BuildMetadata extends HttpServlet {
response.getOutputStream().close();
} catch (ConfigurationException e) {
- log.warn("Configuration can not be loaded.", e);
+ Logger.warn("Configuration can not be loaded.", e);
throw new ServletException("MetaData can not be created. Look into LogFiles for more details.");
} catch (NoSuchAlgorithmException e) {
- log.warn("Requested Algorithm could not found.", e);
+ Logger.warn("Requested Algorithm could not found.", e);
throw new ServletException("MetaData can not be created. Look into LogFiles for more details.");
} catch (ParserConfigurationException e) {
- log.warn("PVP2 Metadata createn error", e);
+ Logger.warn("PVP2 Metadata createn error", e);
throw new ServletException("MetaData can not be created. Look into LogFiles for more details.");
} catch (TransformerConfigurationException e) {
- log.warn("PVP2 Metadata createn error", e);
+ Logger.warn("PVP2 Metadata createn error", e);
throw new ServletException("MetaData can not be created. Look into LogFiles for more details.");
} catch (TransformerFactoryConfigurationError e) {
- log.warn("PVP2 Metadata createn error", e);
+ Logger.warn("PVP2 Metadata createn error", e);
throw new ServletException("MetaData can not be created. Look into LogFiles for more details.");
} catch (TransformerException e) {
- log.warn("PVP2 Metadata createn error", e);
+ Logger.warn("PVP2 Metadata createn error", e);
throw new ServletException("MetaData can not be created. Look into LogFiles for more details.");
}
catch (Exception e) {
- log.warn("Unspecific PVP2 Metadata createn error", e);
+ Logger.warn("Unspecific PVP2 Metadata createn error", e);
throw new ServletException("MetaData can not be created. Look into LogFiles for more details.");
}
diff --git a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/DemoApplication.java b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/DemoApplication.java
index f9c8d6cab..0b30d7d86 100644
--- a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/DemoApplication.java
+++ b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/DemoApplication.java
@@ -33,7 +33,6 @@ import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
-import org.apache.log4j.Logger;
import org.opensaml.common.SAMLObject;
import org.opensaml.common.binding.BasicSAMLMessageContext;
import org.opensaml.common.xml.SAMLConstants;
@@ -75,13 +74,13 @@ import at.gv.egovernment.moa.id.demoOA.Configuration;
import at.gv.egovernment.moa.id.demoOA.PVPConstants;
import at.gv.egovernment.moa.id.demoOA.utils.ApplicationBean;
import at.gv.egovernment.moa.id.demoOA.utils.SAML2Utils;
+import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.DOMUtils;
public class DemoApplication extends HttpServlet {
private static final long serialVersionUID = -2129228304760706063L;
- private static final Logger log = Logger.getLogger(DemoApplication.class);
@@ -95,7 +94,7 @@ public class DemoApplication extends HttpServlet {
String method = request.getMethod();
HttpSession session = request.getSession();
if (session == null) {
- log.info("NO HTTP Session");
+ Logger.info("NO HTTP Session");
bean.setErrorMessage("NO HTTP session");
setAnser(request, response, bean);
return;
@@ -118,7 +117,7 @@ public class DemoApplication extends HttpServlet {
Signature sign = samlResponse.getSignature();
if (sign == null) {
- log.info("Only http POST Requests can be used");
+ Logger.info("Only http POST Requests can be used");
bean.setErrorMessage("Only http POST Requests can be used");
setAnser(request, response, bean);
return;
@@ -148,7 +147,7 @@ public class DemoApplication extends HttpServlet {
ExplicitKeySignatureTrustEngine trustEngine = new ExplicitKeySignatureTrustEngine(credentialResolver, keyInfoResolver);
trustEngine.validate(sign, criteriaSet);
- log.info("PVP2 Assertion is valid");
+ Logger.info("PVP2 Assertion is valid");
if (samlResponse.getStatus().getStatusCode().getValue().equals(StatusCode.SUCCESS_URI)) {
@@ -159,7 +158,7 @@ public class DemoApplication extends HttpServlet {
if (encryAssertionList != null && encryAssertionList.size() > 0) {
//decrypt assertions
- log.debug("Found encryped assertion. Start decryption ...");
+ Logger.debug("Found encryped assertion. Start decryption ...");
KeyStore keyStore = config.getPVP2KeyStore();
@@ -185,7 +184,7 @@ public class DemoApplication extends HttpServlet {
}
- log.debug("Assertion decryption finished. ");
+ Logger.debug("Assertion decryption finished. ");
} else {
saml2assertions = samlResponse.getAssertions();
@@ -241,7 +240,7 @@ public class DemoApplication extends HttpServlet {
}
} catch (Exception e) {
- log.warn(e);
+ Logger.warn(e);
bean.setErrorMessage("Internal Error: " + e.getMessage());
setAnser(request, response, bean);
return;
diff --git a/id/server/auth/src/main/webapp/info_stork.html b/id/server/auth/src/main/webapp/info_stork.html
index 3bd88300c..2bdf62711 100644
--- a/id/server/auth/src/main/webapp/info_stork.html
+++ b/id/server/auth/src/main/webapp/info_stork.html
@@ -28,16 +28,14 @@
</div>
</div>
<div id="main">
- <div id="centercontent">
<h2 id="contentheader" class="dunkel">
Information using STORK for secure authentication
</h2>
<div id="content" class="hell">
<p>The STORK project makes it easier for citizens to access online public services across borders by implementing Europe-wide interoperable cross border platforms for the mutual recognition of national electronic identity (eID) between participating countries.</p>
- <p>For more information, please consult the STORK website:</p><a href="https://www.eid-stork.eu/">https://www.eid-stork.eu/</a>
+ <p>For more information, please consult the STORK website:</p><a href="https://www.eid-stork2.eu/">https://www.eid-stork2.eu/</a>
</div>
- </div>
</div>
</div>
</body>
diff --git a/id/server/idserverlib/pom.xml b/id/server/idserverlib/pom.xml
index b137fa7ca..e5670f9a7 100644
--- a/id/server/idserverlib/pom.xml
+++ b/id/server/idserverlib/pom.xml
@@ -25,16 +25,21 @@
</repositories>
<dependencies>
- <dependency>
- <groupId>MOA.id</groupId>
- <artifactId>stork-saml-engine</artifactId>
- <version>1.5.2</version>
- </dependency>
- <dependency>
- <groupId>MOA.id.server</groupId>
- <artifactId>moa-id-commons</artifactId>
- <version>${pom.version}</version>
- </dependency>
+ <dependency>
+ <groupId>eu.stork</groupId>
+ <artifactId>SamlEngine</artifactId>
+ <version>1.1.0</version>
+ </dependency>
+ <dependency>
+ <groupId>eu.stork</groupId>
+ <artifactId>oasis-dss-api</artifactId>
+ <version>1.0.0-SNAPSHOT</version>
+ </dependency>
+ <dependency>
+ <groupId>MOA.id.server</groupId>
+ <artifactId>moa-id-commons</artifactId>
+ <version>${pom.version}</version>
+ </dependency>
<dependency>
<groupId>MOA</groupId>
<artifactId>moa-common</artifactId>
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
index 1348d2a56..e9c8dbc75 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
@@ -2,18 +2,19 @@
package at.gv.egovernment.moa.id.auth;
import iaik.asn1.ObjectID;
-import iaik.pki.PKIException;
import iaik.x509.X509Certificate;
import iaik.x509.X509ExtensionInitException;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
-import java.security.GeneralSecurityException;
+import java.io.StringWriter;
+import java.math.BigInteger;
+import java.security.NoSuchAlgorithmException;
import java.security.Principal;
import java.security.cert.CertificateException;
-//import java.security.cert.CertificateFactory;
import java.util.ArrayList;
+//import java.security.cert.CertificateFactory;
import java.util.Calendar;
import java.util.Date;
import java.util.Iterator;
@@ -27,12 +28,17 @@ import javax.servlet.http.HttpSession;
import javax.xml.parsers.ParserConfigurationException;
import javax.xml.transform.TransformerException;
+import org.apache.commons.io.IOUtils;
import org.apache.commons.lang.StringEscapeUtils;
+import org.apache.velocity.Template;
+import org.apache.velocity.VelocityContext;
+import org.apache.velocity.app.VelocityEngine;
import org.apache.xpath.XPathAPI;
-import org.opensaml.saml2.metadata.RequestedAttribute;
+import org.opensaml.common.IdentifierGenerator;
+import org.opensaml.common.impl.SecureRandomIdentifierGenerator;
import org.opensaml.xml.util.Base64;
import org.opensaml.xml.util.XMLHelper;
-import org.springframework.util.xml.DomUtils;
+import org.w3c.dom.DOMException;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
@@ -68,7 +74,7 @@ import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser;
import at.gv.egovernment.moa.id.auth.parser.InfoboxReadResponseParser;
import at.gv.egovernment.moa.id.auth.parser.VerifyXMLSignatureResponseParser;
import at.gv.egovernment.moa.id.auth.servlet.PEPSConnectorServlet;
-import at.gv.egovernment.moa.id.auth.stork.STORKAuthnRequestProcessor;
+import at.gv.egovernment.moa.id.auth.stork.VelocityProvider;
import at.gv.egovernment.moa.id.auth.validator.CreateXMLSignatureResponseValidator;
import at.gv.egovernment.moa.id.auth.validator.IdentityLinkValidator;
import at.gv.egovernment.moa.id.auth.validator.InfoboxValidator;
@@ -81,6 +87,8 @@ import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.SZRGWConstants
import at.gv.egovernment.moa.id.client.SZRGWClient;
import at.gv.egovernment.moa.id.client.SZRGWClientException;
import at.gv.egovernment.moa.id.commons.db.dao.config.IdentificationNumber;
+import at.gv.egovernment.moa.id.commons.db.dao.config.OAStorkAttribute;
+import at.gv.egovernment.moa.id.commons.db.dao.config.StorkAttribute;
import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
import at.gv.egovernment.moa.id.config.ConfigurationException;
import at.gv.egovernment.moa.id.config.ConnectionParameter;
@@ -95,7 +103,7 @@ import at.gv.egovernment.moa.id.storage.DBExceptionStoreImpl;
import at.gv.egovernment.moa.id.util.HTTPUtils;
import at.gv.egovernment.moa.id.util.MOAIDMessageProvider;
import at.gv.egovernment.moa.id.util.Random;
-import at.gv.egovernment.moa.id.util.SSLUtils;
+import at.gv.egovernment.moa.id.util.XMLUtil;
import at.gv.egovernment.moa.id.util.client.mis.simple.MISMandate;
import at.gv.egovernment.moa.logging.LogMsg;
import at.gv.egovernment.moa.logging.Logger;
@@ -106,22 +114,33 @@ import at.gv.egovernment.moa.util.FileUtils;
import at.gv.egovernment.moa.util.MiscUtil;
import at.gv.egovernment.moa.util.StringUtils;
import at.gv.egovernment.moa.util.XPathUtils;
+import at.gv.util.xsd.mis.MandateIdentifiers;
+import at.gv.util.xsd.mis.Target;
import at.gv.util.xsd.srzgw.CreateIdentityLinkRequest;
+import at.gv.util.xsd.srzgw.CreateIdentityLinkRequest.PEPSData;
import at.gv.util.xsd.srzgw.CreateIdentityLinkResponse;
-import eu.stork.mw.messages.saml.STORKAuthnRequest;
-import eu.stork.vidp.messages.builder.STORKMessagesBuilder;
-import eu.stork.vidp.messages.common.STORKConstants;
-import eu.stork.vidp.messages.exception.SAMLException;
-import eu.stork.vidp.messages.exception.SAMLValidationException;
-import eu.stork.vidp.messages.stork.QualityAuthenticationAssuranceLevel;
-import eu.stork.vidp.messages.stork.RequestedAttributes;
-import eu.stork.vidp.messages.util.SAMLUtil;
-import eu.stork.vidp.messages.util.XMLUtil;
+import at.gv.util.xsd.srzgw.MISType;
+import at.gv.util.xsd.srzgw.MISType.Filters;
+import eu.stork.oasisdss.api.AdditionalProfiles;
+import eu.stork.oasisdss.api.ApiUtils;
+import eu.stork.oasisdss.api.ApiUtilsException;
+import eu.stork.oasisdss.api.Profiles;
+import eu.stork.oasisdss.api.QualityLevels;
+import eu.stork.oasisdss.api.SignatureTypes;
+import eu.stork.oasisdss.profile.AnyType;
+import eu.stork.oasisdss.profile.DocumentType;
+import eu.stork.oasisdss.profile.SignRequest;
+import eu.stork.peps.auth.commons.PEPSUtil;
+import eu.stork.peps.auth.commons.PersonalAttribute;
+import eu.stork.peps.auth.commons.PersonalAttributeList;
+import eu.stork.peps.auth.commons.STORKAuthnRequest;
+import eu.stork.peps.auth.engine.STORKSAMLEngine;
+import eu.stork.peps.exceptions.STORKSAMLEngineException;
/**
* API for MOA ID Authentication Service.<br> {@link AuthenticationSession} is
* stored in a session store and retrieved by giving the session ID.
- *
+ *
* @author Paul Ivancsics
* @version $Id: AuthenticationServer.java 1273 2012-02-27 14:50:18Z kstranacher
* $
@@ -144,7 +163,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
/**
* Returns the single instance of <code>AuthenticationServer</code>.
- *
+ *
* @return the single instance of <code>AuthenticationServer</code>
*/
public static AuthenticationServer getInstance() {
@@ -175,7 +194,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
* response to</li>
* </ul>
* </ul>
- *
+ *
* @param authURL
* URL of the servlet to be used as data URL
* @param target
@@ -210,13 +229,13 @@ public class AuthenticationServer implements MOAIDAuthConstants {
if (session == null) {
throw new AuthenticationException("auth.18", new Object[] { });
}
-
+
//load OnlineApplication configuration
OAAuthParameter oaParam =
AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(session.getPublicOAURLPrefix());
if (oaParam == null)
throw new AuthenticationException("auth.00", new Object[] { session.getPublicOAURLPrefix() });
-
+
//load Template
String template = null;
if (session.getTemplateURL() != null) {
@@ -229,7 +248,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
}
String infoboxReadRequest = "";
-
+
if (session.isSsoRequested()) {
//load identityLink with SSO Target
boolean isbuisness = false;
@@ -239,50 +258,50 @@ public class AuthenticationServer implements MOAIDAuthConstants {
isbuisness = true;
domainIdentifier = ssobusiness.getValue();
}
-
+
//build ReadInfobox request
infoboxReadRequest = new InfoboxReadRequestBuilder().build(
isbuisness, domainIdentifier);
-
+
} else {
//build ReadInfobox request
infoboxReadRequest = new InfoboxReadRequestBuilder().build(
oaParam.getBusinessService(), oaParam
.getIdentityLinkDomainIdentifier());
}
-
+
String dataURL = new DataURLBuilder().buildDataURL(
session.getAuthURL(), REQ_VERIFY_IDENTITY_LINK, session
.getSessionID());
-
+
//removed in MOAID 2.0
String pushInfobox = "";
-
+
// VerifyInfoboxParameters verifyInfoboxParameters = oaParam
// .getVerifyInfoboxParameters();
// if (verifyInfoboxParameters != null) {
// pushInfobox = verifyInfoboxParameters.getPushInfobox();
// session.setPushInfobox(pushInfobox);
// }
-
+
//build CertInfo request
String certInfoRequest = new CertInfoVerifyXMLSignatureRequestBuilder()
.build();
String certInfoDataURL = new DataURLBuilder()
.buildDataURL(session.getAuthURL(), REQ_START_AUTHENTICATION,
session.getSessionID());
-
+
//get Applet Parameters
String appletwidth = req.getParameter(PARAM_APPLET_WIDTH);
String appletheigth = req.getParameter(PARAM_APPLET_HEIGTH);
appletheigth = StringEscapeUtils.escapeHtml(appletheigth);
appletwidth = StringEscapeUtils.escapeHtml(appletwidth);
-
+
String htmlForm = new GetIdentityLinkFormBuilder().build(template,
session.getBkuURL(), infoboxReadRequest, dataURL, certInfoRequest,
certInfoDataURL, pushInfobox, oaParam, appletheigth, appletwidth);
-
+
return htmlForm;
}
@@ -302,7 +321,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
* containg the authentication block, meant to be returned to the security
* layer implementation</li>
* </ul>
- *
+ *
* @param sessionID
* ID of associated authentication session data
* @param infoboxReadResponseParameters
@@ -310,7 +329,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
* including the <code>&lt;InfoboxReadResponse&gt;</code>
* @return String representation of the
* <code>&lt;CreateXMLSignatureRequest&gt;</code>
- * @throws BKUException
+ * @throws BKUException
*/
public String verifyIdentityLink(AuthenticationSession session,
Map<String, String> infoboxReadResponseParameters) throws AuthenticationException,
@@ -327,7 +346,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
if (isEmpty(xmlInfoboxReadResponse))
throw new AuthenticationException("auth.10", new Object[] {
REQ_VERIFY_IDENTITY_LINK, PARAM_XMLRESPONSE });
-
+
AuthConfigurationProvider authConf = AuthConfigurationProvider
.getInstance();
@@ -387,7 +406,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
session.setIdentityLink(identityLink);
// now validate the extended infoboxes
-
+
//Removed in MOA-ID 2.0
//verifyInfoboxes(session, infoboxReadResponseParameters, false);
@@ -410,7 +429,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
* containg the authentication block, meant to be returned to the security
* layer implementation</li>
* </ul>
- *
+ *
* @param sessionID
* ID of associated authentication session data
* @param infoboxReadResponseParameters
@@ -435,14 +454,14 @@ public class AuthenticationServer implements MOAIDAuthConstants {
if (certificate.getExtension(OWid) != null) {
session.setOW(true);
}
-
+
}
-
+
} catch (X509ExtensionInitException e) {
Logger.warn("Certificate extension is not readable.");
session.setOW(false);
}
-
+
AuthConfigurationProvider authConf = AuthConfigurationProvider
.getInstance();
@@ -451,10 +470,10 @@ public class AuthenticationServer implements MOAIDAuthConstants {
String returnvalue = getCreateXMLSignatureRequestAuthBlockOrRedirect(session,
authConf, oaParam);
-
+
return returnvalue;
}
-
+
/**
* Processes an <code>Mandate</code> sent by the MIS.<br>
* <ul>
@@ -465,7 +484,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
* containg the authentication block, meant to be returned to the security
* layer implementation</li>
* </ul>
- *
+ *
* @param sessionID
* ID of associated authentication session data
* @param infoboxReadResponseParameters
@@ -489,10 +508,10 @@ public class AuthenticationServer implements MOAIDAuthConstants {
// sets the extended SAML attributes for OID (Organwalter)
setExtendedSAMLAttributeForMandatesOID(session, mandate, oaParam
.getBusinessService());
-
+
validateExtendedSAMLAttributeForMandates(session, mandate, oaParam.getBusinessService());
-
-
+
+
} catch (SAXException e) {
throw new AuthenticationException("auth.16",
new Object[] { GET_MIS_SESSIONID }, e);
@@ -506,11 +525,11 @@ public class AuthenticationServer implements MOAIDAuthConstants {
throw new AuthenticationException("auth.16",
new Object[] { GET_MIS_SESSIONID }, e);
}
-
+
}
/**
- *
+ *
* @param session
* @param authConf
* @param oaParam
@@ -555,7 +574,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
* <ul>
* <li>Creates an CreateXMLSignatureRequest to be signed by the user</li>
* </ul>
- *
+ *
* @param sessionID
* ID of associated authentication session data
* @param cert
@@ -577,7 +596,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
OAAuthParameter oaParam = AuthConfigurationProvider.getInstance()
.getOnlineApplicationParameter(session.getPublicOAURLPrefix());
-
+
return getCreateXMLSignatureRequestForeigID(session, authConf, oaParam,
cert);
}
@@ -615,13 +634,13 @@ public class AuthenticationServer implements MOAIDAuthConstants {
* <li>Verifies signature by calling the MOA SP component</li>
* <li>Returns the signer certificate</li>
* </ul>
- *
+ *
* @param sessionID
* ID of associated authentication session data
* @param createXMLSignatureResponseParameters
* The parameters from the response returned from the BKU
* including the <code>&lt;CreateXMLSignatureResponse&gt;</code>
- * @throws BKUException
+ * @throws BKUException
*/
public X509Certificate verifyXMLSignature(String sessionID,
Map<String, String> createXMLSignatureResponseParameters)
@@ -675,13 +694,13 @@ public class AuthenticationServer implements MOAIDAuthConstants {
* <li>Verifies signature by calling the MOA SP component</li>
* <li>Returns the signer certificate</li>
* </ul>
- *
+ *
* @param sessionID
* ID of associated authentication session data
* @param readInfoboxResponseParameters
* The parameters from the response returned from the BKU
* including the <code>&lt;ReadInfoboxResponse&gt;</code>
- * @throws BKUException
+ * @throws BKUException
*/
public X509Certificate getCertificate(String sessionID,
Map<String, String> readInfoboxResponseParameters) throws AuthenticationException,
@@ -711,80 +730,80 @@ public class AuthenticationServer implements MOAIDAuthConstants {
/**
* Builds an authentication block <code>&lt;saml:Assertion&gt;</code> from
* given session data.
- *
+ *
* @param session
* authentication session
- *
+ *
* @return <code>&lt;saml:Assertion&gt;</code> as a String
- *
+ *
* @throws BuildException
* If an error occurs on serializing an extended SAML attribute
* to be appended to the AUTH-Block.
*/
private String buildAuthenticationBlock(AuthenticationSession session,
OAAuthParameter oaParam) throws BuildException {
-
+
IdentityLink identityLink = session.getIdentityLink();
String issuer = identityLink.getName();
String gebDat = identityLink.getDateOfBirth();
String identificationValue = null;
String identificationType = null;
-
+
//set empty AuthBlock BPK in case of OW or SSO or bpk is not requested
if (session.isOW() || session.isSsoRequested() || oaParam.isRemovePBKFromAuthBlock()) {
identificationType = "";
identificationValue = "";
-
+
} else if (identityLink.getIdentificationType().equals(Constants.URN_PREFIX_BASEID)) {
if (oaParam.getBusinessService()) {
-
+
String bpkBase64 = new BPKBuilder().buildWBPK(identityLink
.getIdentificationValue(), oaParam.getIdentityLinkDomainIdentifier());
identificationValue = bpkBase64;
-
+
if (oaParam.getIdentityLinkDomainIdentifier().startsWith(Constants.URN_PREFIX_WBPK + "+" ))
identificationType = oaParam.getIdentityLinkDomainIdentifier();
else
identificationType = Constants.URN_PREFIX_WBPK + "+" + oaParam.getIdentityLinkDomainIdentifier();
-
+
} else {
String bpkBase64 = new BPKBuilder().buildBPK(identityLink
.getIdentificationValue(), session.getTarget());
identificationValue = bpkBase64;
identificationType = Constants.URN_PREFIX_CDID + "+" + session.getTarget();
}
-
+
} else {
identificationValue = identityLink.getIdentificationValue();
identificationType = identityLink.getIdentificationType();
-
+
}
-
+
String issueInstant = DateTimeUtils.buildDateTimeUTC(Calendar
.getInstance());
session.setIssueInstant(issueInstant);
String authURL = session.getAuthURL();
String target = session.getTarget();
String targetFriendlyName = session.getTargetFriendlyName();
-
+
// Bug #485
// (https://egovlabs.gv.at/tracker/index.php?func=detail&aid=485&group_id=6&atid=105)
// String oaURL = session.getPublicOAURLPrefix();
-
+
List<ExtendedSAMLAttribute> extendedSAMLAttributes = session.getExtendedSAMLAttributesAUTH();
-
-
+
+
if (session.isSsoRequested()) {
String oaURL =new String();
try {
oaURL = AuthConfigurationProvider.getInstance().getSSOPublicUrl();
-
+
if (MiscUtil.isNotEmpty(oaURL))
oaURL = oaURL.replaceAll("&", "&amp;");
-
+
} catch (ConfigurationException e) {
}
String authBlock = new AuthenticationBlockAssertionBuilder()
@@ -793,7 +812,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
identificationType, oaURL, gebDat,
extendedSAMLAttributes, session, oaParam);
return authBlock;
-
+
} else {
String oaURL = session.getPublicOAURLPrefix().replaceAll("&", "&amp;");
String authBlock = new AuthenticationBlockAssertionBuilder()
@@ -802,20 +821,20 @@ public class AuthenticationServer implements MOAIDAuthConstants {
identificationType, oaURL, gebDat,
extendedSAMLAttributes, session, oaParam);
return authBlock;
- }
+ }
}
-
+
/**
* Verifies the infoboxes (except of the identity link infobox) returned by
* the BKU by calling appropriate validator classes.
- *
+ *
* @param session
* The actual authentication session.
* @param mandate
* The Mandate from the MIS
- *
+ *
* @throws AuthenticationException
* @throws ConfigurationException
* @throws TransformerException
@@ -838,19 +857,19 @@ public class AuthenticationServer implements MOAIDAuthConstants {
verifySAMLAttribute(samlAttribute, i, "MISService",
"MISService");
-
+
}
}
/**
* Verifies the infoboxes (except of the identity link infobox) returned by
* the BKU by calling appropriate validator classes.
- *
+ *
* @param session
* The actual authentication session.
* @param mandate
* The Mandate from the MIS
- *
+ *
* @throws AuthenticationException
* @throws ConfigurationException
* @throws TransformerException
@@ -875,7 +894,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
* Adds given SAML Attributes to the current session. They will be appended
* to the final SAML Assertion or the AUTH block. If the attributes are
* already in the list, they will be replaced.
- *
+ *
* @param session
* The current session
* @param extendedSAMLAttributes
@@ -946,7 +965,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
* Adds the AUTH block related SAML attributes to the validation result.
* This is needed always before the AUTH block is to be signed, because the
* name of the mandator has to be set
- *
+ *
* @throws ParserConfigurationException
* @throws IOException
* @throws SAXException
@@ -1013,7 +1032,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
* Adds the AUTH block related SAML attributes to the validation result.
* This is needed always before the AUTH block is to be signed, because the
* name of the mandator has to be set
- *
+ *
* @throws ParserConfigurationException
* @throws IOException
* @throws SAXException
@@ -1058,7 +1077,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
}
/**
- *
+ *
* @param mandate
* @return
* @throws ParserConfigurationException
@@ -1110,7 +1129,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
* <li>Deletes authentication session</li>
* <li>Returns the SAML artifact, encoded BASE64</li>
* </ul>
- *
+ *
* @param sessionID
* session ID of the running authentication session
* @param xmlCreateXMLSignatureReadResponse
@@ -1118,20 +1137,20 @@ public class AuthenticationServer implements MOAIDAuthConstants {
* <code>&lt;CreateXMLSignatureResponse&gt;</code>
* @return SAML artifact needed for retrieving authentication data, encoded
* BASE64
- * @throws BKUException
+ * @throws BKUException
*/
public String verifyAuthenticationBlock(AuthenticationSession session,
String xmlCreateXMLSignatureReadResponse)
throws AuthenticationException, BuildException, ParseException,
ConfigurationException, ServiceException, ValidateException, BKUException {
-
+
if (session == null)
throw new AuthenticationException("auth.10", new Object[] {
REQ_VERIFY_AUTH_BLOCK, PARAM_SESSIONID });
if (isEmpty(xmlCreateXMLSignatureReadResponse))
throw new AuthenticationException("auth.10", new Object[] {
REQ_VERIFY_AUTH_BLOCK, PARAM_XMLRESPONSE });
-
+
AuthConfigurationProvider authConf = AuthConfigurationProvider
.getInstance();
// parses <CreateXMLSignatureResponse>
@@ -1154,7 +1173,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
new CreateXMLSignatureResponseValidator().validateSSO(csresp, session);
else
new CreateXMLSignatureResponseValidator().validate(csresp, session);
-
+
// builds a <VerifyXMLSignatureRequest> for a MOA-SPSS call
List<String> vtids = authConf.getMoaSpAuthBlockVerifyTransformsInfoIDs();
String tpid = authConf.getMoaSpAuthBlockTrustProfileID();
@@ -1193,7 +1212,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
// Compare AuthBlock Data with information stored in session, especially
// date and time
CreateXMLSignatureResponseValidator.getInstance().validateSigningDateTime(csresp);
-
+
// compares the public keys from the identityLink with the AuthBlock
VerifyXMLSignatureResponseValidator.getInstance().validateCertificate(
vsresp, session.getIdentityLink());
@@ -1236,29 +1255,29 @@ public class AuthenticationServer implements MOAIDAuthConstants {
}
}
}
-
+
session.setXMLVerifySignatureResponse(vsresp);
session.setSignerCertificate(vsresp.getX509certificate());
vsresp.setX509certificate(null);
session.setForeigner(false);
-
+
if (session.getUseMandate()) {
// mandate mode
return null;
-
+
} else {
-
+
session.setAuthenticatedUsed(false);
session.setAuthenticated(true);
-
+
String oldsessionID = session.getSessionID();
-
+
//Session is implicte stored in changeSessionID!!!
String newMOASessionID = AuthenticationSessionStoreage.changeSessionID(session);
-
+
Logger.info("Changed MOASession " + oldsessionID + " to Session " + newMOASessionID);
Logger.info("Daten angelegt zu MOASession " + newMOASessionID);
-
+
return newMOASessionID;
}
}
@@ -1280,7 +1299,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
* <li>Deletes authentication session</li>
* <li>Returns the SAML artifact, encoded BASE64</li>
* </ul>
- *
+ *
* @param sessionID
* session ID of the running authentication session
* @param xmlCreateXMLSignatureReadResponse
@@ -1341,7 +1360,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
* <li>Deletes authentication session</li>
* <li>Returns the SAML artifact, encoded BASE64</li>
* </ul>
- *
+ *
* @param sessionID
* session ID of the running authentication session
* @return SAML artifact needed for retrieving authentication data, encoded
@@ -1350,11 +1369,11 @@ public class AuthenticationServer implements MOAIDAuthConstants {
public String getForeignAuthenticationData(AuthenticationSession session)
throws AuthenticationException, BuildException, ParseException,
ConfigurationException, ServiceException, ValidateException {
-
+
if (session == null)
throw new AuthenticationException("auth.10", new Object[] {
REQ_VERIFY_AUTH_BLOCK, PARAM_SESSIONID });
-
+
// post processing of the infoboxes
Iterator iter = session.getInfoboxValidatorIterator();
boolean formpending = false;
@@ -1397,10 +1416,10 @@ public class AuthenticationServer implements MOAIDAuthConstants {
VerifyXMLSignatureResponse vsresp = new VerifyXMLSignatureResponse();
X509Certificate cert = session.getSignerCertificate();
vsresp.setX509certificate(cert);
-
+
session.setAuthenticatedUsed(false);
session.setAuthenticated(true);
-
+
session.setXMLVerifySignatureResponse(vsresp);
session.setSignerCertificate(vsresp.getX509certificate());
@@ -1414,7 +1433,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
/**
* Builds the AuthenticationData object together with the corresponding
* <code>&lt;saml:Assertion&gt;</code>
- *
+ *
* @param session
* authentication session
* @param verifyXMLSigResp
@@ -1434,23 +1453,23 @@ public class AuthenticationServer implements MOAIDAuthConstants {
IdentityLink identityLink = session.getIdentityLink();
AuthenticationData authData = new AuthenticationData();
-
+
VerifyXMLSignatureResponse verifyXMLSigResp = session.getXMLVerifySignatureResponse();
-
+
boolean businessService = oaParam.getBusinessService();
-
+
authData.setMajorVersion(1);
authData.setMinorVersion(0);
authData.setAssertionID(Random.nextRandom());
authData.setIssuer(session.getAuthURL());
-
+
authData.setIssueInstant(DateTimeUtils.buildDateTimeUTC(Calendar
.getInstance()));
-
+
//baseID or wbpk in case of BusinessService without SSO or BusinessService SSO
authData.setIdentificationValue(identityLink.getIdentificationValue());
authData.setIdentificationType(identityLink.getIdentificationType());
-
+
authData.setGivenName(identityLink.getGivenName());
authData.setFamilyName(identityLink.getFamilyName());
authData.setDateOfBirth(identityLink.getDateOfBirth());
@@ -1460,25 +1479,25 @@ public class AuthenticationServer implements MOAIDAuthConstants {
authData.setPublicAuthorityCode(verifyXMLSigResp
.getPublicAuthorityCode());
authData.setBkuURL(session.getBkuURL());
-
+
try {
-
+
if (session.getUseMandate() && session.isOW()) {
MISMandate mandate = session.getMISMandate();
authData.setBPK(mandate.getOWbPK());
authData.setBPKType(Constants.URN_PREFIX_CDID + "+" + "OW");
authData.setIdentityLink(identityLink);
-
+
Logger.trace("Authenticated User is OW: " + mandate.getOWbPK());
-
+
} else {
-
+
if (businessService) {
//since we have foreigner, wbPK is not calculated in BKU
if(identityLink.getIdentificationType().equals(Constants.URN_PREFIX_BASEID)) {
-
+
String registerAndOrdNr = oaParam.getIdentityLinkDomainIdentifier();
-
+
if (registerAndOrdNr.startsWith(AuthenticationSession.REGISTERANDORDNR_PREFIX_)) {
// If domainIdentifier starts with prefix
// "urn:publicid:gv.at:wbpk+"; remove this prefix
@@ -1486,47 +1505,47 @@ public class AuthenticationServer implements MOAIDAuthConstants {
.substring(AuthenticationSession.REGISTERANDORDNR_PREFIX_.length());
Logger.debug("Register and ordernumber prefix stripped off; resulting register string: "
+ registerAndOrdNr);
- }
-
+ }
+
String wbpkBase64 = new BPKBuilder().buildWBPK(identityLink.getIdentificationValue(), registerAndOrdNr);
authData.setBPK(wbpkBase64);
authData.setBPKType( Constants.URN_PREFIX_WBPK + "+" + registerAndOrdNr);
-
+
} else {
authData.setBPK(identityLink.getIdentificationValue());
authData.setBPKType(identityLink.getIdentificationType());
-
+
}
-
+
Logger.trace("Authenticate user with wbPK " + authData.getBPK());
-
+
Element idlassertion = session.getIdentityLink().getSamlAssertion();
//set bpk/wpbk;
Node prIdentification = XPathUtils.selectSingleNode(idlassertion, IdentityLinkAssertionParser.PERSON_IDENT_VALUE_XPATH);
prIdentification.getFirstChild().setNodeValue(authData.getBPK());
- //set bkp/wpbk type
+ //set bkp/wpbk type
Node prIdentificationType = XPathUtils.selectSingleNode(idlassertion, IdentityLinkAssertionParser.PERSON_IDENT_TYPE_XPATH);
prIdentificationType.getFirstChild().setNodeValue(authData.getBPKType());
-
+
IdentityLinkAssertionParser idlparser = new IdentityLinkAssertionParser(idlassertion);
IdentityLink idl = idlparser.parseIdentityLink();
authData.setIdentityLink(idl);
-
+
} else {
-
- if(identityLink.getIdentificationType().equals(Constants.URN_PREFIX_BASEID)) {
+
+ if(identityLink.getIdentificationType().equals(Constants.URN_PREFIX_BASEID)) {
// only compute bPK if online application is a public service and we have the Stammzahl
String bpkBase64 = new BPKBuilder().buildBPK(identityLink.getIdentificationValue(), target);
authData.setBPK(bpkBase64);
authData.setBPKType(Constants.URN_PREFIX_CDID + "+" + oaParam.getTarget());
}
-
+
Logger.trace("Authenticate user with bPK " + authData.getBPK());
-
+
authData.setIdentityLink(identityLink);
}
}
-
+
return authData;
} catch (Throwable ex) {
@@ -1537,7 +1556,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
/**
* Retrieves a session from the session store.
- *
+ *
* @param id
* session ID
* @return <code>AuthenticationSession</code> stored with given session ID,
@@ -1545,7 +1564,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
*/
public static AuthenticationSession getSession(String id)
throws AuthenticationException {
-
+
AuthenticationSession session;
try {
session = AuthenticationSessionStoreage.getSession(id);
@@ -1553,10 +1572,10 @@ public class AuthenticationServer implements MOAIDAuthConstants {
if (session == null)
throw new AuthenticationException("auth.02", new Object[] { id });
return session;
-
+
} catch (MOADatabaseException e) {
throw new AuthenticationException("parser.04", new Object[] { id });
- }
+ }
}
/**
@@ -1564,38 +1583,38 @@ public class AuthenticationServer implements MOAIDAuthConstants {
*/
public void cleanup() {
long now = new Date().getTime();
-
- //clean AuthenticationSessionStore
-
+
+ //clean AuthenticationSessionStore
+
AuthenticationSessionStoreage.clean(now, sessionTimeOutCreated, sessionTimeOutUpdated);
-
+
//clean AssertionStore
AssertionStorage assertionstore = AssertionStorage.getInstance();
assertionstore.clean(now, authDataTimeOut);
-
- //clean ExeptionStore
+
+ //clean ExeptionStore
DBExceptionStoreImpl exstore = DBExceptionStoreImpl.getStore();
exstore.clean(now, authDataTimeOut);
-
+
}
/**
* Sets the sessionTimeOut.
- *
+ *
* @param seconds
* Time out of the session in seconds
*/
public void setSecondsSessionTimeOutCreated(long seconds) {
sessionTimeOutCreated = seconds * 1000;
}
-
+
public void setSecondsSessionTimeOutUpdated(long seconds) {
sessionTimeOutUpdated = seconds * 1000;
}
/**
* Sets the authDataTimeOut.
- *
+ *
* @param seconds
* Time out for signing AuthData in seconds
*/
@@ -1605,7 +1624,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
/**
* Checks a parameter.
- *
+ *
* @param param
* parameter
* @return true if the parameter is null or empty
@@ -1616,7 +1635,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
/**
* Checks the correctness of SAML attributes and returns its value.
- *
+ *
* @param param
* samlAttribute
* @param i
@@ -1665,94 +1684,151 @@ public class AuthenticationServer implements MOAIDAuthConstants {
return value;
}
-
+
/**
* Does the request to the SZR-GW
- * @param signature XMLDSIG signature
+ * @param oaFriendlyName
+ * @param signature XMLDSIG signature
* @return Identity link assertion
* @throws SZRGWClientException
*/
- public at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.CreateIdentityLinkResponse
- getIdentityLink(String PEPSIdentifier, String PEPSFirstname, String PEPSFamilyname, String PEPSDateOfBirth, Element signature) throws SZRGWClientException {
- SZRGWClient client = null;
-
+ public CreateIdentityLinkResponse getIdentityLink(String PEPSIdentifier, String PEPSFirstname, String PEPSFamilyname, String PEPSDateOfBirth, String gender, String citizenSignature, String represented, String representative, String mandateContent, String organizationAddress, String organizationType, String targetType, String targetValue, String oaFriendlyName, String filters) throws SZRGWClientException {
+
try {
AuthConfigurationProvider authConf = AuthConfigurationProvider.getInstance();
ConnectionParameter connectionParameters = authConf.getForeignIDConnectionParameter();
- client = new SZRGWClient(connectionParameters);
+ SZRGWClient client = new SZRGWClient(connectionParameters);
CreateIdentityLinkRequest request = new CreateIdentityLinkRequest();
- request.setSignature(DOMUtils.serializeNode(signature).getBytes());
+ request.setSignature(citizenSignature.getBytes());
+
+ PEPSData data = new PEPSData();
+ data.setDateOfBirth(PEPSDateOfBirth);
+ data.setFamilyname(PEPSFamilyname);
+ data.setFirstname(PEPSFirstname);
+ data.setIdentifier(PEPSIdentifier);
+
+ data.setRepresentative(representative);
+ data.setRepresented(represented);
+ data.setMandateContent(mandateContent);
- CreateIdentityLinkResponse response = client.sentCreateIDLRequest(request , connectionParameters.getUrl());
+ data.setLegalPersonCanonicalRegisteredAddress(organizationAddress);
+ data.setLegalPersonTranslatableType(organizationType);
+
+ if(null != mandateContent) {
+ MISType mis = new MISType();
+
+ Target targetObject = new Target();
+ targetObject.setType(targetType);
+ targetObject.setValue(targetValue);
+ mis.setTarget(targetObject);
+
+ mis.setOAFriendlyName(oaFriendlyName);
+
+ Filters filterObject = new Filters();
+ MandateIdentifiers mandateIds = new MandateIdentifiers();
+ for(String current : filters.split(","))
+ mandateIds.getMandateIdentifier().add(current.trim());
+ filterObject.setMandateIdentifiers(mandateIds);
+ mis.setFilters(filterObject);
+
+ request.setMIS(mis);
+ }
-
-
-// client.setAddress(connectionParameters.getUrl());
-// if (connectionParameters.getUrl().toLowerCase().startsWith("https:")) {
-// Logger.debug("Initialisiere SSL Verbindung");
-// try {
-// client.setSSLSocketFactory(SSLUtils.getSSLSocketFactory(AuthConfigurationProvider.getInstance(), connectionParameters));
-// } catch (IOException e) {
-// Logger.error("Could not initialize SSL Factory", e);
-// throw new SZRGWClientException("Could not initialize SSL Factory");
-// } catch (GeneralSecurityException e) {
-// Logger.error("Could not initialize SSL Factory", e);
-// throw new SZRGWClientException("Could not initialize SSL Factory");
-// } catch (PKIException e) {
-// Logger.error("Could not initialize SSL Factory", e);
-// throw new SZRGWClientException("Could not initialize SSL Factory");
-// }
-// }
Logger.info("Starte Kommunikation mit dem Stammzahlenregister Gateway(" + connectionParameters.getUrl() + ")...");
+ CreateIdentityLinkResponse response = client.sentCreateIDLRequest(request , connectionParameters.getUrl());
+ return response;
+
}
catch (ConfigurationException e) {
Logger.warn(e);
Logger.warn(MOAIDMessageProvider.getInstance().getMessage("config.12", null ));
- } catch (TransformerException e) {
- // TODO Auto-generated catch block
- e.printStackTrace();
- } catch (IOException e) {
- // TODO Auto-generated catch block
- e.printStackTrace();
}
-// // create request
-// CreateIdentityLinkResponse response = null;
-// Element request = null;
-// try {
-// Document doc = client.buildGetIdentityLinkRequest(PEPSIdentifier, PEPSFirstname, PEPSFamilyname, PEPSDateOfBirth, signature);
-// request = doc.getDocumentElement();
-//
-// // send request
-// response = client.createIdentityLinkResponse(request, connectionParameters.getUrl());
-//
-//
-//
-// } catch (SZRGWClientException e) {
-// // give him a second try - Nach dem Starten des Tomcat wird beim ersten Mal das Client-Zertifikat offenbar vom HTTPClient nicht mitgeschickt.
-//// try {
-//// response = client.createIdentityLinkResponse(request);
-//// }
-//// catch (SZRGWClientException e1) {
-//// throw new SZRGWClientException(e1);
-//// }
-// }
-
-
return null;
}
+
+ /**
+ * Does the request to the SZR-GW.
+ *
+ * @param signature the signature
+ * @return the identity link
+ * @throws SZRGWClientException the sZRGW client exception
+ * @throws ConfigurationException the configuration exception
+ */
+ public CreateIdentityLinkResponse getIdentityLink(Element signature) throws SZRGWClientException, ConfigurationException {
+ return getIdentityLink(null, null, null, null, XMLHelper.nodeToString(signature));
+ }
+
+ /**
+ * Does the request to the SZR-GW.
+ *
+ * @param PEPSIdentifier the pEPS identifier
+ * @param PEPSFirstname the pEPS firstname
+ * @param PEPSFamilyname the pEPS familyname
+ * @param PEPSDateOfBirth the pEPS date of birth
+ * @param signature XMLDSIG signature
+ * @return Identity link assertion
+ * @throws SZRGWClientException the sZRGW client exception
+ * @throws ConfigurationException the configuration exception
+ */
+ public CreateIdentityLinkResponse getIdentityLink(String PEPSIdentifier, String PEPSFirstname, String PEPSFamilyname, String PEPSDateOfBirth, String signature) throws SZRGWClientException {
+ return getIdentityLink(PEPSIdentifier, PEPSFirstname, PEPSFamilyname, PEPSDateOfBirth, null, signature, null, null, null, null, null, null, null);
+ }
+
+ /**
+ * Gets the identity link.
+ *
+ * @param citizenSignature the citizen signature
+ * @param representative the representative
+ * @param represented the represented
+ * @param mandate the mandate
+ * @param organizationAddress the organization address
+ * @param organizationType the organization type
+ * @return the identity link
+ * @throws SZRGWClientException
+ */
+ public CreateIdentityLinkResponse getIdentityLink(String citizenSignature,
+ String representative, String represented, String mandateContent,
+ String organizationAddress, String organizationType, String targetType, String targetValue, String oaFriendlyName, String filters) throws SZRGWClientException {
+ return getIdentityLink(null, null, null, null, null,
+ citizenSignature, represented, representative, mandateContent, organizationAddress,
+ organizationType, targetType, targetValue, oaFriendlyName, filters);
+ }
+ /**
+ * SZR-GW Client interface.
+ *
+ * @param eIdentifier the e identifier
+ * @param givenName the given name
+ * @param lastName the last name
+ * @param dateOfBirth the date of birth
+ * @param citizenSignature the citizen signature
+ * @param representative the representative
+ * @param represented the represented
+ * @param mandate the mandate
+ * @return the identity link
+ * @throws SZRGWClientException the sZRGW client exception
+ */
+ public CreateIdentityLinkResponse getIdentityLink(String eIdentifier,
+ String givenName, String lastName, String dateOfBirth, String gender,
+ String citizenSignature, String representative, String represented,
+ String mandate, String targetType, String targetValue, String oaFriendlyName, String filters) throws SZRGWClientException {
+ return getIdentityLink(eIdentifier, givenName, lastName, dateOfBirth, gender,
+ citizenSignature, representative, represented, mandate, null,
+ null, targetType, targetValue, oaFriendlyName, filters);
+ }
+
/**
* Starts a MOA-ID authentication process using STORK
* @param req HttpServletRequest
* @param resp HttpServletResponse
* @param ccc Citizen country code
- * @param oaURL URL of the online application
+ * @param oaURL URL of the online application
* @param target Target parameter
* @param targetFriendlyName Friendly Name of Target
* @param authURL Authentication URL
@@ -1764,138 +1840,116 @@ public class AuthenticationServer implements MOAIDAuthConstants {
*/
public static void startSTORKAuthentication(
HttpServletRequest req,
- HttpServletResponse resp,
+ HttpServletResponse resp,
AuthenticationSession moasession) throws MOAIDException, AuthenticationException, WrongParametersException, ConfigurationException {
-
+
if (moasession == null) {
throw new AuthenticationException("auth.18", new Object[] { });
}
-
+
//read configuration paramters of OA
OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moasession.getPublicOAURLPrefix());
if (oaParam == null)
throw new AuthenticationException("auth.00", new Object[] { moasession.getPublicOAURLPrefix() });
-
- //Start of STORK Processing
+
+ //Start of STORK Processing
STORKConfig storkConfig = AuthConfigurationProvider.getInstance().getStorkConfig();
-
+
CPEPS cpeps = storkConfig.getCPEPS(moasession.getCcc());
-
- Logger.debug("Preparing to assemble STORK AuthnRequest witht the following values:");
- String destination = cpeps.getPepsURL().toExternalForm();
+
+ Logger.debug("Preparing to assemble STORK AuthnRequest witt the following values:");
+ String destination = cpeps.getPepsURL().toExternalForm();
Logger.debug("C-PEPS URL: " + destination);
-
+
String acsURL = HTTPUtils.getBaseURL(req) + PEPSConnectorServlet.PEPSCONNECTOR_SERVLET_URL_PATTERN;
Logger.debug("MOA Assertion Consumer URL (PEPSConnctor): " + acsURL);
-
+
String providerName= oaParam.getFriendlyName();
String issuerValue = HTTPUtils.getBaseURL(req);
Logger.debug("Issuer value: " + issuerValue);
-
-
- QualityAuthenticationAssuranceLevel qaaLevel = STORKMessagesBuilder.buildQualityAuthenticationAssuranceLevel(oaParam.getQaaLevel().getValue());
- //Logger.debug("QAALevel: " + qaaLevel.getValue());
-
- RequestedAttributes requestedAttributes = null;
-
- requestedAttributes = oaParam.getRequestedAttributes();
- requestedAttributes.detach();
- List<RequestedAttribute> reqAttributeList = new ArrayList<RequestedAttribute>();
- List<RequestedAttribute> oaReqAttributeList = null;
- oaReqAttributeList = new ArrayList<RequestedAttribute>(oaParam.getRequestedAttributes().getRequestedAttributes());
-
- //check if country specific attributes must be additionally requested
- if (!cpeps.getCountrySpecificRequestedAttributes().isEmpty()) {
- //add country specific attributes to be requested (Hierarchy: default oa attributes > country specific attributes > oa specific attributes
- Logger.debug("We have addtional country specific attributes to be requested from the C-PEPS of country: " + moasession.getCcc());
- Logger.debug("The following attributes are requested for this specific country:");
- List<RequestedAttribute> countrySpecificReqAttributeList = new ArrayList<RequestedAttribute>(cpeps.getCountrySpecificRequestedAttributes());
- for (RequestedAttribute csReqAttr : countrySpecificReqAttributeList) {
- csReqAttr.detach();
- if (!STORKConstants.DEFAULT_STORK_REQUESTED_ATTRIBUTE_SET.contains(csReqAttr.getName())) {
- //this country specific attribute does not override default attribute
- if (SAMLUtil.containsAttribute(oaReqAttributeList, csReqAttr.getName())) {
- //the same attribute is requested for OA, applying hierachy
- //remove oa attribute
- oaReqAttributeList.remove(SAMLUtil.getAttribute(oaReqAttributeList, csReqAttr.getName()));
- //add country specific attribute instead
- Logger.debug("Requested Attribute (" + csReqAttr.getName() + ") is also requested by OA but we use Country Specific value instead");
- }
- oaReqAttributeList.add(csReqAttr);
- Logger.debug("Country specific requested attribute: " + csReqAttr.getName() + ", isRequired: " + csReqAttr.isRequired());
- } else {
- Logger.debug("Country specific requested attribute: " + csReqAttr.getName() + ", isRequired: " + csReqAttr.isRequired() + " tries to overwrite default requested and required attributes, hence we skip it.");
- }
-
- }
- reqAttributeList.addAll(oaReqAttributeList);
- } else {
- //no country specific requested attributes
- reqAttributeList.addAll(oaReqAttributeList);
+
+ // prepare collection of required attributes
+ // - attributes for online application
+ List<OAStorkAttribute> attributesFromConfig = oaParam.getRequestedAttributes();
+
+ // - prepare attribute list
+ PersonalAttributeList attributeList = new PersonalAttributeList();
+
+ // - fill container
+ for(OAStorkAttribute current : attributesFromConfig) {
+ PersonalAttribute newAttribute = new PersonalAttribute();
+ newAttribute.setName(current.getName());
+
+ boolean globallyMandatory = false;
+ for(StorkAttribute currentGlobalAttribute : storkConfig.getStorkAttributes())
+ if(current.getName().equals(currentGlobalAttribute.getName())) {
+ globallyMandatory = currentGlobalAttribute.isMandatory();
+ break;
+ }
+
+ newAttribute.setIsRequired(current.isMandatory() || globallyMandatory);
+ attributeList.add(newAttribute);
}
-
- reqAttributeList = (List<RequestedAttribute>) SAMLUtil.releaseDOM(reqAttributeList);
- requestedAttributes = STORKMessagesBuilder.buildRequestedAttributes(reqAttributeList);
-
+
+ // add sign request
+ PersonalAttribute newAttribute = new PersonalAttribute();
+ newAttribute.setName("signedDoc");
+ List<String> value = new ArrayList<String>();
+ value.add(generateDssSignRequest(CreateXMLSignatureRequestBuilder.buildForeignIDTextToBeSigned("wie im Signaturzertifikat (as in my signature certificate)", oaParam, moasession),
+ "application/xhtml+xml",
+ moasession.getCcc()));
+ newAttribute.setValue(value);
+ attributeList.add(newAttribute);
+
+
if (Logger.isDebugEnabled()) {
Logger.debug("The following attributes are requested for this OA:");
- for (RequestedAttribute logReqAttr : reqAttributeList) {
- Logger.debug("OA specific requested attribute: " + logReqAttr.getName() + ", isRequired: " + logReqAttr.isRequired());
-
- }
+ for (OAStorkAttribute logReqAttr : attributesFromConfig)
+ Logger.debug("OA specific requested attribute: " + logReqAttr.getName() + ", isRequired: " + logReqAttr.isMandatory());
}
-
-
+
//TODO: check Target in case of SSO!!
String spSector = StringUtils.isEmpty(moasession.getTarget()) ? "Business" : moasession.getTarget();
String spInstitution = StringUtils.isEmpty(oaParam.getFriendlyName()) ? "UNKNOWN" : oaParam.getFriendlyName();
String spApplication = spInstitution;
String spCountry = "AT";
-
- String textToBeSigned =
- CreateXMLSignatureRequestBuilder.buildForeignIDTextToBeSigned("wie im Signaturzertifikat (as in my signature certificate)", oaParam, moasession);
-
- //generate AuthnRquest
- STORKAuthnRequest storkAuthnRequest = STORKAuthnRequestProcessor.generateSTORKAuthnRequest(
- destination,
- acsURL,
- providerName,
- issuerValue,
- qaaLevel,
- requestedAttributes,
- spSector,
- spInstitution,
- spApplication,
- spCountry,
- textToBeSigned,
- "application/xhtml+xml");
-
+
+ //generate AuthnRquest
+ STORKAuthnRequest authnRequest = new STORKAuthnRequest();
+ authnRequest.setDestination(destination);
+ authnRequest.setAssertionConsumerServiceURL(acsURL);
+ authnRequest.setProviderName(providerName);
+ authnRequest.setIssuer(issuerValue);
+ authnRequest.setQaa(oaParam.getQaaLevel());
+ authnRequest.setSpInstitution(spInstitution);
+ authnRequest.setCountry(spCountry);
+ authnRequest.setSpApplication(spApplication);
+ authnRequest.setSpSector(spSector);
+ authnRequest.setPersonalAttributeList(attributeList);
+
+ authnRequest.setEIDCrossBorderShare(true);
+ authnRequest.setEIDCrossSectorShare(true);
+ authnRequest.setEIDSectorShare(true);
+
+ authnRequest.setCitizenCountryCode(moasession.getCcc());
+
+
Logger.debug("STORK AuthnRequest succesfully assembled.");
-
- //sign AuthnRequest
- String keyStorePath = storkConfig.getSignatureCreationParameter().getKeyStorePath();
- String keyStorePassword = storkConfig.getSignatureCreationParameter().getKeyStorePassword();
- String keyName = storkConfig.getSignatureCreationParameter().getKeyName();
- String keyPassword = storkConfig.getSignatureCreationParameter().getKeyPassword();
-
- Logger.debug("Starting signing process of STORK AuthnRequest.");
- Logger.trace("Using the following Keystore and Key for that:");
- Logger.trace("KeyStore: " + keyStorePath);
- Logger.trace("KeyName: " + keyName);
-
+
+ STORKSAMLEngine samlEngine = STORKSAMLEngine.getInstance("outgoing");
try {
- storkAuthnRequest = STORKAuthnRequestProcessor.signSTORKAuthnRequest(storkAuthnRequest, keyStorePath, keyStorePassword, keyName, keyPassword);
- } catch (SAMLException e) {
+ authnRequest = samlEngine.generateSTORKAuthnRequest(authnRequest);
+ } catch (STORKSAMLEngineException e) {
Logger.error("Could not sign STORK SAML AuthnRequest.", e);
throw new MOAIDException("stork.00", null);
}
-
+
Logger.info("STORK AuthnRequest successfully signed!");
//validate AuthnRequest
try {
- STORKAuthnRequestProcessor.validateSTORKAuthnRequest(storkAuthnRequest);
- } catch (SAMLValidationException e) {
+ samlEngine.validateSTORKAuthnRequest(authnRequest.getTokenSaml());
+ } catch (STORKSAMLEngineException e) {
Logger.error("STORK SAML AuthnRequest not valid.", e);
throw new MOAIDException("stork.01", null);
}
@@ -1903,28 +1957,83 @@ public class AuthenticationServer implements MOAIDAuthConstants {
Logger.debug("STORK AuthnRequest successfully internally validated.");
//send
- moasession.setStorkAuthnRequest(storkAuthnRequest);
+ moasession.setStorkAuthnRequest(authnRequest);
HttpSession httpSession = req.getSession();
httpSession.setAttribute("MOA-Session-ID", moasession.getSessionID());
-
- Logger.debug("Preparing to send STORK AuthnRequest.");
-
+
+
+ Logger.info("Preparing to send STORK AuthnRequest.");
+ Logger.info("prepared STORKAuthnRequest: ");
+ Logger.info(new String(authnRequest.getTokenSaml()));
+
try {
- STORKAuthnRequestProcessor.sendSTORKAuthnRequest(req, resp, storkAuthnRequest);
+ Logger.trace("Initialize VelocityEngine...");
+
+ VelocityEngine velocityEngine = VelocityProvider.getClassPathVelocityEngine();
+ Template template = velocityEngine.getTemplate("/resources/templates/saml2-post-binding-moa.vm");
+ VelocityContext context = new VelocityContext();
+ context.put("SAMLRequest", PEPSUtil.encodeSAMLToken(authnRequest.getTokenSaml()));
+ context.put("action", destination);
+
+ StringWriter writer = new StringWriter();
+ template.merge(context, writer);
+
+ resp.getOutputStream().write(writer.toString().getBytes());
} catch (Exception e) {
Logger.error("Error sending STORK SAML AuthnRequest.", e);
httpSession.invalidate();
throw new MOAIDException("stork.02", new Object[] { destination });
}
-
- Logger.info("STORK AuthnRequest successfully sent to: " + storkAuthnRequest.getDestination());
- Logger.debug("STORKAuthnRequest sent (pretty print): ");
- Logger.debug(XMLHelper.prettyPrintXML(storkAuthnRequest.getDOM()));
- Logger.trace("STORKAuthnRequest sent (original): ");
- Logger.trace(XMLUtil.printXML(storkAuthnRequest.getDOM()));
-
+
+ Logger.info("STORK AuthnRequest successfully successfully prepared for client with target location: " + authnRequest.getDestination());
}
-
+
+ private static String generateDssSignRequest(String text, String mimeType, String citizenCountry) {
+ IdentifierGenerator idGenerator;
+ try {
+ idGenerator = new SecureRandomIdentifierGenerator();
+
+ DocumentType doc = new DocumentType();
+ doc.setBase64XML(text.getBytes());
+ doc.setID(idGenerator.generateIdentifier());
+
+ SignRequest request = new SignRequest();
+ request.setInputDocuments(ApiUtils.createInputDocuments(doc));
+
+ String id = idGenerator.generateIdentifier();
+ request.setRequestID(id);
+ request.setDocUI(id);
+
+ request.setProfile(Profiles.XADES_BES.toString());
+ request.setNumberOfSigners(BigInteger.ONE);
+ request.setTargetCountry(citizenCountry);
+
+ // no, no todo. PEPS will alter this value anyhow.
+ request.setReturnURL("http://invalid_return");
+
+ AnyType required = new AnyType();
+ required.getAny().add(ApiUtils.createSignatureType(SignatureTypes.XMLSIG_RFC3275.toString()));
+ required.getAny().add(ApiUtils.createAdditionalProfile(AdditionalProfiles.XADES.toString()));
+ required.getAny().add(ApiUtils.createQualityRequirements(QualityLevels.QUALITYLEVEL_QUALIFIEDSIG));
+ required.getAny().add(ApiUtils.createIncludeObject(doc));
+ request.setOptionalInputs(required);
+
+ return IOUtils.toString(ApiUtils.marshalToInputStream(request));
+ } catch (NoSuchAlgorithmException e) {
+ Logger.error("Cannot generate id", e);
+ throw new RuntimeException(e);
+ } catch (ApiUtilsException e) {
+ Logger.error("Could not create SignRequest", e);
+ throw new RuntimeException(e);
+ } catch (DOMException e) {
+ Logger.error("Could not create SignRequest", e);
+ throw new RuntimeException(e);
+ } catch (IOException e) {
+ Logger.error("Could not create SignRequest", e);
+ throw new RuntimeException(e);
+ }
+ }
+
/**
* Extracts an X509 Certificate out of an XML signagture element
* @param signedXML XML signature element
@@ -1932,27 +2041,27 @@ public class AuthenticationServer implements MOAIDAuthConstants {
* @throws CertificateException
*/
public static X509Certificate getCertificateFromXML(Element signedXML) throws CertificateException {
-
+
NodeList nList = signedXML.getElementsByTagNameNS(Constants.DSIG_NS_URI, "X509Certificate");
-
+
String base64CertString = XMLUtil.getFirstTextValueFromNodeList(nList);
-
- if (StringUtils.isEmpty(base64CertString)) {
+
+ if (StringUtils.isEmpty(base64CertString)) {
String msg = "XML does not contain a X509Certificate element.";
Logger.error(msg);
throw new CertificateException(msg);
}
-
+
InputStream is = new ByteArrayInputStream(Base64.decode(base64CertString));
-
+
X509Certificate cert;
try {
cert = new X509Certificate(is);
return cert;
-
+
} catch (Throwable e) {
throw new CertificateException(e);
}
}
-
+
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/LoginFormBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/LoginFormBuilder.java
index 0746d1be1..90ad3cf42 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/LoginFormBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/LoginFormBuilder.java
@@ -136,7 +136,8 @@ public class LoginFormBuilder {
value = FormBuildUtils.customiceLayoutBKUSelection(value,
oaParam.isShowMandateCheckBox(),
oaParam.isOnlyMandateAllowed(),
- oaParam.getFormCustomizaten());
+ oaParam.getFormCustomizaten(),
+ oaParam.isShowStorkLogin());
}
return value;
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SendAssertionFormBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SendAssertionFormBuilder.java
index d8a53fba8..f65a3c011 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SendAssertionFormBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SendAssertionFormBuilder.java
@@ -123,7 +123,8 @@ public class SendAssertionFormBuilder {
value = FormBuildUtils.customiceLayoutBKUSelection(value,
oaParam.isShowMandateCheckBox(),
oaParam.isOnlyMandateAllowed(),
- oaParam.getFormCustomizaten());
+ oaParam.getFormCustomizaten(),
+ oaParam.isShowStorkLogin());
}
return value;
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/StartAuthenticationBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/StartAuthenticationBuilder.java
index 0bd690827..9f2d5b641 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/StartAuthenticationBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/StartAuthenticationBuilder.java
@@ -58,8 +58,7 @@ public class StartAuthenticationBuilder {
Logger.info("Starting authentication for a citizen of country: " + (StringUtils.isEmpty(moasession.getCcc()) ? "AT" : moasession.getCcc()));
// STORK or normal authentication
- //TODO: commented because npe was thrown
- /*if (storkConfig.isSTORKAuthentication(moasession.getCcc())) {
+ if (storkConfig.isSTORKAuthentication(moasession.getCcc())) {
//STORK authentication
Logger.trace("Found C-PEPS configuration for citizen of country: " + moasession.getCcc());
Logger.debug("Starting STORK authentication");
@@ -67,13 +66,13 @@ public class StartAuthenticationBuilder {
AuthenticationServer.startSTORKAuthentication(req, resp, moasession);
return "";
- } else {*/
+ } else {
//normal MOA-ID authentication
Logger.debug("Starting normal MOA-ID authentication");
String getIdentityLinkForm = AuthenticationServer.getInstance().startAuthentication(moasession, req);
return getIdentityLinkForm;
- //}
+ }
}
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java
index f84409d53..767172823 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java
@@ -48,6 +48,9 @@ import java.util.Vector;
import org.w3c.dom.Element;
+import eu.stork.peps.auth.commons.IPersonalAttributeList;
+import eu.stork.peps.auth.commons.STORKAuthnRequest;
+
import at.gv.egovernment.moa.id.auth.validator.InfoboxValidator;
import at.gv.egovernment.moa.id.auth.validator.parep.ParepUtils;
import at.gv.egovernment.moa.id.protocols.oauth20.OAuth20SessionObject;
@@ -55,7 +58,6 @@ import at.gv.egovernment.moa.id.util.client.mis.simple.MISMandate;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.Constants;
import at.gv.egovernment.moa.util.DOMUtils;
-import eu.stork.mw.messages.saml.STORKAuthnRequest;
/**
* Session data to be stored between <code>AuthenticationServer</code> API calls.
@@ -275,7 +277,9 @@ public class AuthenticationSession implements Serializable {
private VerifyXMLSignatureResponse XMLVerifySignatureResponse;
private boolean isForeigner;
-
+
+ private IPersonalAttributeList storkAttributes;
+
// private String requestedProtocolURL = null;
public String getModul() {
@@ -983,6 +987,24 @@ public class AuthenticationSession implements Serializable {
public void setAuthBlockTokken(String authBlockTokken) {
this.authBlockTokken = authBlockTokken;
}
+
+ /**
+ * Memorizes the stork attribute list.
+ *
+ * @param personalAttributeList the new stork attributes
+ */
+ public void setStorkAttributes(IPersonalAttributeList personalAttributeList) {
+ this.storkAttributes = personalAttributeList;
+ }
+
+ /**
+ * Recalls the stork attribute list.
+ *
+ * @return the stork attributes
+ */
+ public IPersonalAttributeList getStorkAttributes() {
+ return this.storkAttributes;
+ }
/**
// * @return the oAuth20SessionObject
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetForeignIDServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetForeignIDServlet.java
index 2c8b3fb33..7908578ef 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetForeignIDServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetForeignIDServlet.java
@@ -46,6 +46,7 @@
package at.gv.egovernment.moa.id.auth.servlet;
+import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.security.cert.CertificateException;
import java.util.Map;
@@ -69,14 +70,14 @@ import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
import at.gv.egovernment.moa.id.auth.parser.CreateXMLSignatureResponseParser;
import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser;
-import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.CreateIdentityLinkResponse;
-import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.SZRGWClientException;
+import at.gv.egovernment.moa.id.client.SZRGWClientException;
import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
import at.gv.egovernment.moa.id.moduls.ModulUtils;
import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
import at.gv.egovernment.moa.id.util.ParamValidatorUtils;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.DOMUtils;
+import at.gv.util.xsd.srzgw.CreateIdentityLinkResponse;
/**
* Servlet requested for getting the foreign eID
@@ -184,23 +185,15 @@ public class GetForeignIDServlet extends AuthServlet {
}
// make SZR request to the identity link
- CreateIdentityLinkResponse response = AuthenticationServer.getInstance().getIdentityLink(null, null, null, null, signature);
+ CreateIdentityLinkResponse response = AuthenticationServer.getInstance().getIdentityLink(signature);
- if (response.isError()) {
- throw new SZRGWClientException(response.getError());
+ if (null != response.getErrorResponse()){
+ // TODO fix exception parameter
+ throw new SZRGWClientException(response.getErrorResponse().getErrorCode().toString(), null);
}
else {
-
- Element samlAssertion = response.getAssertion();
-
- try {
- System.out.println("PB: " + DOMUtils.serializeNode(samlAssertion));
- } catch (TransformerException e) {
- e.printStackTrace();
- }
-
- IdentityLinkAssertionParser ilParser = new IdentityLinkAssertionParser(samlAssertion);
+ IdentityLinkAssertionParser ilParser = new IdentityLinkAssertionParser(new ByteArrayInputStream(response.getIdentityLink()));
IdentityLink identitylink = ilParser.parseIdentityLink();
session.setIdentityLink(identitylink);
@@ -247,9 +240,9 @@ public class GetForeignIDServlet extends AuthServlet {
}
catch (MOAIDException ex) {
handleError(null, ex, req, resp, pendingRequestID);
- }
- catch (SZRGWClientException ex) {
- handleError(null, ex, req, resp, pendingRequestID);
+ } catch (Exception e1) {
+ // TODO Auto-generated catch block
+ e1.printStackTrace();
}
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java
index 9a13129d8..1e6821912 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java
@@ -22,7 +22,12 @@
******************************************************************************/
package at.gv.egovernment.moa.id.auth.servlet;
+import iaik.x509.X509Certificate;
import java.io.IOException;
+import java.io.InputStream;
+import java.io.StringWriter;
+import java.net.URL;
+import java.util.ArrayList;
import java.util.List;
import javax.servlet.ServletException;
@@ -31,42 +36,53 @@ import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import javax.xml.bind.JAXBContext;
+import javax.xml.bind.JAXBElement;
+import javax.xml.transform.stream.StreamSource;
-import org.opensaml.saml2.core.Assertion;
+import org.apache.commons.io.IOUtils;
+import org.apache.velocity.Template;
+import org.apache.velocity.VelocityContext;
+import org.apache.velocity.app.VelocityEngine;
import org.opensaml.saml2.core.StatusCode;
-import org.opensaml.xml.util.XMLHelper;
-import org.w3c.dom.Element;
import at.gv.egovernment.moa.id.auth.AuthenticationServer;
import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder;
import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
-import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute;
import at.gv.egovernment.moa.id.auth.data.IdentityLink;
import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
import at.gv.egovernment.moa.id.auth.stork.STORKException;
import at.gv.egovernment.moa.id.auth.stork.STORKResponseProcessor;
+import at.gv.egovernment.moa.id.auth.stork.VelocityProvider;
import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
+import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
+import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
import at.gv.egovernment.moa.id.moduls.ModulUtils;
import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
import at.gv.egovernment.moa.id.util.HTTPUtils;
import at.gv.egovernment.moa.logging.Logger;
-import at.gv.egovernment.moa.util.DOMUtils;
import at.gv.egovernment.moa.util.StringUtils;
import at.gv.util.xsd.xmldsig.SignatureType;
-import eu.stork.mw.messages.saml.STORKAuthnRequest;
-import eu.stork.mw.messages.saml.STORKResponse;
-import eu.stork.vidp.messages.util.XMLUtil;
+import at.gv.util.xsd.xmldsig.X509DataType;
+import eu.stork.oasisdss.api.ApiUtils;
+import eu.stork.oasisdss.profile.DocumentWithSignature;
+import eu.stork.oasisdss.profile.SignResponse;
+import eu.stork.peps.auth.commons.PEPSUtil;
+import eu.stork.peps.auth.commons.PersonalAttribute;
+import eu.stork.peps.auth.commons.STORKAuthnRequest;
+import eu.stork.peps.auth.commons.STORKAuthnResponse;
+import eu.stork.peps.auth.engine.STORKSAMLEngine;
+import eu.stork.peps.exceptions.STORKSAMLEngineException;
/**
* Endpoint for receiving STORK response messages
*/
public class PEPSConnectorServlet extends AuthServlet {
private static final long serialVersionUID = 1L;
-
+
public static final String PEPSCONNECTOR_SERVLET_URL_PATTERN = "/PEPSConnector";
-
+
/**
* @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response)
*/
@@ -101,9 +117,6 @@ public class PEPSConnectorServlet extends AuthServlet {
//No authentication session has been started before
Logger.error("MOA-SessionID was not found, no previous AuthnRequest had been started");
throw new AuthenticationException("auth.02", new Object[] { moaSessionID });
- } else {
- //We know user and MOA takes over session handling, invalidate HttpSession
- httpSession.invalidate();
}
pendingRequestID = AuthenticationSessionStoreage.getPendingRequestID(moaSessionID);
@@ -113,33 +126,35 @@ public class PEPSConnectorServlet extends AuthServlet {
Logger.debug("Beginning to extract SAMLResponse out of HTTP Request");
//extract STORK Response from HTTP Request
- STORKResponse storkResponse = null;
+ //Decodes SAML Response
+ byte[] decSamlToken;
try {
- storkResponse = STORKResponseProcessor.receiveSTORKRepsonse(request, response);
- } catch (STORKException e) {
+ decSamlToken = PEPSUtil.decodeSAMLToken(request.getParameter("SAMLResponse"));
+ } catch(NullPointerException e) {
Logger.error("Unable to retrieve STORK Response", e);
throw new MOAIDException("stork.04", null);
}
-
- Logger.info("STORK SAML Response message succesfully extracted");
- Logger.debug("STORK response (pretty print): ");
- Logger.debug(XMLHelper.prettyPrintXML(storkResponse.getDOM()));
- Logger.trace("STORK response (original): ");
- Logger.trace(XMLUtil.printXML(storkResponse.getDOM()));
-
- Logger.debug("Starting validation of SAML response");
- //verify SAML response
+
+ //Get SAMLEngine instance
+ STORKSAMLEngine engine = STORKSAMLEngine.getInstance("outgoing");
+
+ STORKAuthnResponse authnResponse = null;
try {
- STORKResponseProcessor.verifySTORKResponse(storkResponse);
- } catch (STORKException e) {
+ //validate SAML Token
+ Logger.debug("Starting validation of SAML response");
+ authnResponse = engine.validateSTORKAuthnResponse(decSamlToken, (String) request.getRemoteHost());
+ Logger.info("SAML response succesfully verified!");
+ }catch(STORKSAMLEngineException e){
Logger.error("Failed to verify STORK SAML Response", e);
throw new MOAIDException("stork.05", null);
}
-
- Logger.info("SAML response succesfully verified!");
-
- String statusCodeValue = storkResponse.getStatus().getStatusCode().getValue();
-
+
+ Logger.info("STORK SAML Response message succesfully extracted");
+ Logger.debug("STORK response: ");
+ Logger.debug(authnResponse.toString());
+
+ String statusCodeValue = authnResponse.getStatusCode();
+
if (!statusCodeValue.equals(StatusCode.SUCCESS_URI)) {
Logger.error("Received ErrorResponse from PEPS: " + statusCodeValue);
throw new MOAIDException("stork.06", new Object[] { statusCodeValue });
@@ -160,46 +175,132 @@ public class PEPSConnectorServlet extends AuthServlet {
}
Logger.debug("Found a preceeding STORK AuthnRequest to this MOA session: " + moaSessionID);
+
+ ////////////// incorporate gender from parameters if not in stork response
- Logger.debug("Starting validation of SAML assertion");
- //verify SAML assertion
- Assertion storkAssertion = storkResponse.getAssertions().get(0);
- try {
- STORKResponseProcessor.verifySTORKAssertion(
- storkAssertion, //assertion
- request.getRemoteAddr(), //IP address of user
- storkAuthnRequest.getID(), //ID of STORK AuthnRequest
- request.getRequestURL().toString(), //destination
- HTTPUtils.getBaseURL(request), //audience
- storkAuthnRequest.getRequestedAttributes()); //Requested Attributes
- } catch (STORKException e) {
- Logger.error("Failed to verify STORK SAML Assertion", e);
- throw new MOAIDException("stork.08", null);
+ PersonalAttribute gender = authnResponse.getPersonalAttributeList().get("gender");
+ if(null == gender) {
+ String gendervalue = (String) request.getParameter("gender");
+ if(null != gendervalue) {
+ gender = new PersonalAttribute();
+ gender.setName("gender");
+ ArrayList<String> tmp = new ArrayList<String>();
+ tmp.add(gendervalue);
+ gender.setValue(tmp);
+
+ authnResponse.getPersonalAttributeList().add(gender);
+ } else {
+ // this is really nasty but we work against the system here. We are supposed to get the gender attribute from
+ // stork. If we do not, we cannot register the person in the ERnP - we have to have the
+ // gender for the represented person. So here comes the dirty hack.
+ try {
+ Logger.trace("Initialize VelocityEngine...");
+
+ VelocityEngine velocityEngine = VelocityProvider.getClassPathVelocityEngine();
+ Template template = velocityEngine.getTemplate("/resources/templates/fetchGender.html");
+ VelocityContext context = new VelocityContext();
+ context.put("SAMLResponse", request.getParameter("SAMLResponse"));
+ context.put("action", request.getRequestURL());
+
+ StringWriter writer = new StringWriter();
+ template.merge(context, writer);
+
+ response.getOutputStream().write(writer.toString().getBytes());
+ } catch (Exception e1) {
+ Logger.error("Error sending gender retrival form.", e1);
+ httpSession.invalidate();
+ throw new MOAIDException("stork.10", null);
+ }
+
+ return;
+ }
}
- Logger.info("SAML assertion succesfully verified!");
+ //////////////////////////////////////////////////////////////////////////
- Logger.debug("Starting extraction of signedDoc attribute");
+ Logger.debug("Starting extraction of signedDoc attribute");
//extract signed doc element and citizen signature
- Element citizenSignature = null;
+ String citizenSignature = null;
try {
-
- citizenSignature = STORKResponseProcessor.extractCitizenSignature(storkAssertion);
- moaSession.setAuthBlock(DOMUtils.serializeNode(citizenSignature));
- moaSession.setSignerCertificate(AuthenticationServer.getCertificateFromXML(citizenSignature));
+ String signatureInfo = authnResponse.getPersonalAttributeList().get("signedDoc").getValue().get(0);
+ SignResponse dssSignResponse = (SignResponse) ApiUtils.unmarshal(new StreamSource(new java.io.StringReader(signatureInfo)));
+
+ List<DocumentWithSignature> doclocations = ApiUtils.findNamedElement(dssSignResponse.getOptionalOutputs(), DocumentWithSignature.class.getSimpleName(), DocumentWithSignature.class);
+ // TODO handle multiple docs?
+ Logger.debug("trying first doclocation");
+ String docUrl = doclocations.get(0).getDocument().getDocumentURL();
+ Logger.debug("trying first doclocation successful");
- } catch (Exception e) {
+ // fetch signed doc
+ URL url = new URL(docUrl);
+ InputStream incomming = url.openStream();
+ citizenSignature = IOUtils.toString(incomming);
+ incomming.close();
+
+ JAXBContext ctx = JAXBContext.newInstance(SignatureType.class.getPackage().getName());
+ SignatureType root = ((JAXBElement<SignatureType>) ctx.createUnmarshaller().unmarshal(IOUtils.toInputStream(citizenSignature))).getValue();
+
+ // memorize signature into authblock
+ moaSession.setAuthBlock(citizenSignature);
+
+ // extract certificate
+ for(Object current : root.getKeyInfo().getContent())
+ if(((JAXBElement<?>) current).getValue() instanceof X509DataType) {
+ for(Object currentX509Data : ((JAXBElement<X509DataType>) current).getValue().getX509IssuerSerialOrX509SKIOrX509SubjectName()) {
+ JAXBElement<?> casted = ((JAXBElement<?>) currentX509Data);
+ if(casted.getName().getLocalPart().equals("X509Certificate")) {
+ moaSession.setSignerCertificate(new X509Certificate(((String)casted.getValue()).getBytes()));
+ break;
+ }
+ }
+ }
+
+
+ } catch (Throwable e) {
Logger.error("Could not extract citizen signature from C-PEPS", e);
throw new MOAIDException("stork.09", null);
}
Logger.debug("Foregin Citizen signature successfully extracted from STORK Assertion (signedDoc)");
Logger.debug("Citizen signature will be verified by SZR Gateway!");
+ Logger.debug("fetching OAParameters from database");
+
+ //read configuration paramters of OA
+ AuthenticationSession moasession;
+ try {
+ moasession = AuthenticationSessionStoreage.getSession(moaSessionID);
+ } catch (MOADatabaseException e2) {
+ Logger.error("could not retrieve moa session");
+ throw new AuthenticationException("auth.01", null);
+ }
+ OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moasession.getPublicOAURLPrefix());
+ if (oaParam == null)
+ throw new AuthenticationException("auth.00", new Object[] { moasession.getPublicOAURLPrefix() });
+
+ // retrieve target
+ //TODO: check in case of SSO!!!
+ String targetType = null;
+ String targetValue = null;
+ if(oaParam.getBusinessService()) {
+ String id = oaParam.getIdentityLinkDomainIdentifier();
+ if (id.startsWith(AuthenticationSession.REGISTERANDORDNR_PREFIX_))
+ targetValue = id.substring(AuthenticationSession.REGISTERANDORDNR_PREFIX_.length());
+ else
+ targetValue = moasession.getDomainIdentifier();
+ targetType = AuthenticationSession.REGISTERANDORDNR_PREFIX_;
+ } else {
+ targetType = AuthenticationSession.TARGET_PREFIX_;
+ targetValue = oaParam.getTarget();
+ }
+
Logger.debug("Starting connecting SZR Gateway");
//contact SZR Gateway
IdentityLink identityLink = null;
try {
- identityLink = STORKResponseProcessor.connectToSZRGateway(citizenSignature, storkAssertion.getAttributeStatements().get(0).getAttributes());
+ identityLink = STORKResponseProcessor.connectToSZRGateway(authnResponse.getPersonalAttributeList(),
+ oaParam.getFriendlyName(),
+ targetType, targetValue,
+ oaParam.getMandateProfiles());
} catch (STORKException e) {
Logger.error("Error connecting SZR Gateway", e);
throw new MOAIDException("stork.10", null);
@@ -213,49 +314,28 @@ public class PEPSConnectorServlet extends AuthServlet {
Logger.info("Received Identity Link from SZR Gateway");
moaSession.setIdentityLink(identityLink);
- Logger.debug("Adding addtional STORK attributes to MOA assertion");
- //add other stork attributes to MOA assertion
- List<ExtendedSAMLAttribute> moaExtendedSAMLAttibutes = STORKResponseProcessor.addAdditionalSTORKAttributes(storkAssertion.getAttributeStatements().get(0).getAttributes());
- moaSession.setExtendedSAMLAttributesOA(moaExtendedSAMLAttibutes);
+ Logger.debug("Adding addtional STORK attributes to MOA session");
+ moaSession.setStorkAttributes(authnResponse.getPersonalAttributeList());
//We don't have BKUURL, setting from null to "Not applicable"
moaSession.setBkuURL("Not applicable (STORK Authentication)");
-
- Logger.debug("Starting to assemble MOA assertion");
- //produce MOA-Assertion and artifact
- String samlArtifactBase64 =
- AuthenticationServer.getInstance().getForeignAuthenticationData(moaSession);
- Logger.info("MOA assertion assembled and SAML Artifact generated.");
+
+ // free for single use
+ moaSession.setAuthenticatedUsed(false);
+
+ // stork did the authentication step
+ moaSession.setAuthenticated(true);
//session is implicit stored in changeSessionID!!!!
String newMOASessionID = AuthenticationSessionStoreage.changeSessionID(moaSession);
Logger.info("Changed MOASession " + moaSessionID + " to Session " + newMOASessionID);
- Logger.info("Daten angelegt zu MOASession " + newMOASessionID);
//redirect
String redirectURL = null;
- if (!samlArtifactBase64.equals("Redirect to Input Processor")) {
- /*redirectURL = moaSession.getOAURLRequested();
- if (!moaSession.getBusinessService()) {
- redirectURL = addURLParameter(redirectURL, PARAM_TARGET, URLEncoder.encode(moaSession.getTarget(), "UTF-8"));
- }
- redirectURL = addURLParameter(redirectURL, PARAM_SAMLARTIFACT, URLEncoder.encode(samlArtifactBase64, "UTF-8"));
- redirectURL = response.encodeRedirectURL(redirectURL);*/
-
redirectURL = new DataURLBuilder().buildDataURL(moaSession.getAuthURL(),
ModulUtils.buildAuthURL(moaSession.getModul(), moaSession.getAction(), pendingRequestID), newMOASessionID);
redirectURL = response.encodeRedirectURL(redirectURL);
- } else {
-
- redirectURL = new DataURLBuilder().buildDataURL(moaSession.getAuthURL(), AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT, newMOASessionID);
- }
-
- try {
- AuthenticationSessionStoreage.storeSession(moaSession);
- } catch (MOADatabaseException e) {
- throw new MOAIDException("Session store error", null);
- }
response.setContentType("text/html");
response.setStatus(302);
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/PEPSConnectorResponseVerifier.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/PEPSConnectorResponseVerifier.java
index 134836a9e..f9589950f 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/PEPSConnectorResponseVerifier.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/PEPSConnectorResponseVerifier.java
@@ -62,11 +62,11 @@ import at.gv.egovernment.moa.id.auth.invoke.SignatureVerificationInvoker;
import at.gv.egovernment.moa.id.auth.parser.VerifyXMLSignatureResponseParser;
import at.gv.egovernment.moa.id.config.ConfigurationException;
import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
+import at.gv.egovernment.moa.id.util.XMLUtil;
import at.gv.egovernment.moa.logging.Logger;
import eu.stork.mw.messages.saml.STORKResponse;
import eu.stork.vidp.messages.exception.SAMLValidationException;
import eu.stork.vidp.messages.util.SAMLUtil;
-import eu.stork.vidp.messages.util.XMLUtil;
/**
* Verifies the SMAL response according to the STORK specification
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java
index 37c9376ae..57843d0f3 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java
@@ -25,6 +25,7 @@
*/
package at.gv.egovernment.moa.id.auth.stork;
+import java.io.ByteArrayInputStream;
import java.util.List;
import java.util.Vector;
@@ -35,7 +36,6 @@ import javax.xml.namespace.QName;
import org.opensaml.common.binding.BasicSAMLMessageContext;
import org.opensaml.saml2.binding.decoding.HTTPPostDecoder;
import org.opensaml.saml2.core.Assertion;
-import org.opensaml.saml2.core.Attribute;
import org.opensaml.saml2.metadata.RequestedAttribute;
import org.opensaml.ws.transport.http.HTTPInTransport;
import org.opensaml.ws.transport.http.HTTPOutTransport;
@@ -55,16 +55,15 @@ import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttributeImpl;
import at.gv.egovernment.moa.id.auth.data.IdentityLink;
import at.gv.egovernment.moa.id.auth.exception.ParseException;
import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser;
-import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.CreateIdentityLinkResponse;
-import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.SZRGWClientException;
+import at.gv.egovernment.moa.id.client.SZRGWClientException;
+import at.gv.egovernment.moa.id.util.XMLUtil;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.Constants;
import at.gv.egovernment.moa.util.DateTimeUtils;
import at.gv.egovernment.moa.util.StringUtils;
-import eu.stork.mw.messages.saml.STORKResponse;
-import eu.stork.vidp.messages.common.STORKConstants;
-import eu.stork.vidp.messages.util.SAMLUtil;
-import eu.stork.vidp.messages.util.XMLUtil;
+import at.gv.util.xsd.srzgw.CreateIdentityLinkResponse;
+import eu.stork.peps.auth.commons.IPersonalAttributeList;
+import eu.stork.peps.auth.commons.PersonalAttribute;
/**
*
@@ -81,285 +80,112 @@ public class STORKResponseProcessor {
public static final String OASIS_DSS_SUCCESS_MSG = "urn:oasis:names:tc:dss:1.0:resultmajor:Success";
/**
- * Extracts a STORK response from a HTTP message
- * @param request HttpServletRequest
- * @param response HttpServletResponse
- * @return STORK Response
- * @throws STORKException
+ * Checks for attribute.
+ *
+ * @param attributeName the attribute name
+ * @param attributeList the attribute list
+ * @return true, if successful
*/
- public static STORKResponse receiveSTORKRepsonse(HttpServletRequest request, HttpServletResponse response) throws STORKException {
-
- HTTPInTransport httpInTransport = new HttpServletRequestAdapter(request);
- HTTPOutTransport httpOutTransport = new HttpServletResponseAdapter(response, request.isSecure());
-
- httpInTransport.getPeerAddress();
-
- String samlResponseString = request.getParameter("SAMLResponse");
-
- if (StringUtils.isEmpty(samlResponseString)) {
- Logger.error("SAMLResponse not found in request.");
- throw new STORKException("SAMLResponse not found in request.");
- }
-
- BasicSAMLMessageContext samlMessageContext = new BasicSAMLMessageContext();
-
- samlMessageContext.setInboundMessageTransport(httpInTransport);
- samlMessageContext.setOutboundMessageTransport(httpOutTransport);
-
- HTTPPostDecoder postDecoder = new HTTPPostDecoder();
-
- try {
- postDecoder.decode(samlMessageContext);
- } catch (Exception e) {
- Logger.error("Error decoding SAMLResponse message", e);
- throw new STORKException("Error decoding SAMLResponse message", e);
- }
-
- if (!(samlMessageContext.getInboundSAMLMessage() instanceof STORKResponse)) {
- Logger.error("Message received is not a SAMLResponse message");
- throw new STORKException("Message received is not a SAMLResponse message");
- }
-
- STORKResponse samlResponse = (STORKResponse) samlMessageContext.getInboundSAMLMessage();
-
- return samlResponse;
- }
-
- /**
- * Verifies a STORK response according STORK specification
- * @param storkResponse STORK Response to verify
- * @throws STORKException if validation fails
- */
- public static void verifySTORKResponse(STORKResponse storkResponse) throws STORKException {
-
- ResponseVerifier responseVerifier = new PEPSConnectorResponseVerifier();
- try {
- responseVerifier.verify(storkResponse);
- } catch (SecurityException e) {
- Logger.error("Error validating response message from PEPS.", e);
- throw new STORKException("Error validating response message from PEPS.");
- }
-
- }
-
- /**
- * Verifies a STORK assertion
- * @param assertion STORK assertion
- * @param ipAddress Client IP address
- * @param authnRequestID ID of the AuthnRequest
- * @param recipient recipient for verification
- * @param audience audience for verification
- * @param reqAttributeList RequestedAttribute list for verification
- * @throws STORKException
- */
- public static void verifySTORKAssertion(
- Assertion assertion,
- String ipAddress,
- String authnRequestID,
- String recipient,
- String audience,
- List<RequestedAttribute> reqAttributeList) throws STORKException {
-
- //validate Assertion
- AssertionVerifier assertionVerifier = new PEPSConnectorAssertionVerifier();
+ private static boolean hasAttribute(String attributeName, IPersonalAttributeList attributeList) {
try {
- assertionVerifier.verify(assertion, ipAddress, authnRequestID, recipient, audience, reqAttributeList);
-
- //verify if all required attributes are present
- PEPSConnectorAssertionVerifier.validateRequiredAttributes(reqAttributeList, assertion.getAttributeStatements().get(0).getAttributes());
-
- } catch (SecurityException e) {
- Logger.error("Error verifying assertion from PEPS", e);
- throw new STORKException("Error validating assertion received from PEPS.");
- }
-
- }
-
- /**
- * Extracts the citizen signature from the signedDoc element present in the STORK assertion
- * @param storkAssertion STORK assertion
- * @return citizen signature as XML
- * @throws STORKException
- */
- public static Element extractCitizenSignature(Assertion storkAssertion) throws STORKException {
-
- Logger.debug("Processing DSS signature response from PEPS");
-
- Element signatureResponse = getSignedDocAttributeValue(storkAssertion);
-
- if (signatureResponse == null) {
- String msg = "Could not find DSS signature response in SAML assertion";
- Logger.error(msg);
- throw new STORKException(msg);
- }
-
- Logger.debug("Found DSS signature in SAML assertion");
-
- Logger.debug("DSS Signature creation response received from PEPS (pretty print):");
- Logger.debug(XMLHelper.prettyPrintXML(signatureResponse));
- Logger.trace("DSS Signature creation response received from PEPS (original):");
- Logger.trace(XMLUtil.printXML(signatureResponse));
-
- Element signature = getSignature(signatureResponse);
-
- if (signature == null) {
- String msg = "Could not find citizen signature in SAML assertion";
- Logger.error(msg);
- throw new STORKException(msg);
- }
-
- Logger.debug("Found foreign citizen signature in SAML assertion (pretty print):");
- Logger.debug(XMLHelper.prettyPrintXML(signature));
- Logger.trace("Found foreign citizen signature in SAML assertion (original):");
- Logger.trace(XMLUtil.printXML(signature));
-
- return signature;
- }
-
- /**
- * Extracts the signedDoc attribute from a STORK assertion as XML
- * @param storkAssertion STORK assertion
- * @return Value of signedDoc attribute
- * @throws STORKException
- */
- private static Element getSignedDocAttributeValue(Assertion storkAssertion) throws STORKException {
-
- XMLObject xmlObj = SAMLUtil.getAttributeValue(storkAssertion.getAttributeStatements().get(0).getAttributes(), STORKConstants.STORK_ATTRIBUTE_SIGNEDDOC);
-
-
- if (xmlObj instanceof XSAny)
- return getSignedDocAttributeValueFromAny((XSAny) xmlObj);
- else if (xmlObj instanceof XSString)
- return getSignedDocAttributValueFromString((XSString) xmlObj);
- else
- return null;
-
- }
-
- /**
- * Get signedDoc as XML if provided as anyType
- * @param any AttributeValue as anyType
- * @return signedDoc as XML
- */
- private static Element getSignedDocAttributeValueFromAny(XSAny any) {
- if (!any.getUnknownXMLObjects(new QName(OASIS_DSS_NS, "SignResponse")).isEmpty()) {
- XMLObject xmlObj = any.getUnknownXMLObjects(new QName(OASIS_DSS_NS, "SignResponse")).get(0);
- return xmlObj.getDOM();
- } else {
- return null;
+ getAttributeValue(attributeName, attributeList);
+ return true;
+ } catch(STORKException e) {
+ return false;
}
}
-
+
/**
- * Get signedDoc as XML if provided as String
- * @param string AttributeValue as String
- * @return signedDoc as XML
- * @throws STORKException
+ * helper for reading attributes. Handles logging and error handling.
+ *
+ * @param attributeName the attribute name
+ * @param attributeList the attribute list
+ * @return the attribute value
+ * @throws STORKException the sTORK exception
*/
- private static Element getSignedDocAttributValueFromString(XSString string) throws STORKException {
+ private static String getAttributeValue(String attributeName, IPersonalAttributeList attributeList) throws STORKException {
try {
- return XMLUtil.stringToDOM(string.getValue());
- } catch (Exception e) {
- Logger.error("Error building DOM", e);
- throw new STORKException(e);
-
- }
- }
-
- /**
- * Extracts the signature value out of a DSS response
- * @param signatureResponse DSS signature response
- * @return signature
- * @throws STORKException
- */
- private static Element getSignature(Element signatureResponse) throws STORKException {
-
- NodeList nList = signatureResponse.getElementsByTagNameNS(OASIS_DSS_NS, "ResultMajor");
-
- String resultMajor = XMLUtil.getFirstTextValueFromNodeList(nList);
-
- if (StringUtils.isEmpty(resultMajor)) {
- String msg = "DSS response not correct, ResultMajor element missing.";
- Logger.error(msg);
- throw new STORKException(msg);
- }
-
- Logger.trace("ResultMajor of DSS response: " + resultMajor);
-
- if (!OASIS_DSS_SUCCESS_MSG.equals(resultMajor)) {
- String msg = "DSS response not correct, ResultMajor is " + resultMajor;
- Logger.error(msg);
- throw new STORKException(msg);
+ String result = attributeList.get(attributeName).getValue().get(0);
+ Logger.trace(attributeName + " : " + result);
+ return result;
+ } catch(NullPointerException e) {
+ Logger.error(attributeName + " not found in response");
+ throw new STORKException(attributeName + " not found in response");
}
-
- NodeList nList2 = signatureResponse.getElementsByTagNameNS(OASIS_DSS_NS, "Base64Signature");;
-
- String base64SigString = XMLUtil.getFirstTextValueFromNodeList(nList2);
-
- if (StringUtils.isEmpty(base64SigString)) {
- String msg = "DSS response not correct, Base64Signature element missing.";
- Logger.error(msg);
- throw new STORKException(msg);
- }
-
- Logger.trace("Base64Signature element of DSS response: " + base64SigString);
-
- String sigString = new String(Base64.decode(base64SigString));
-
- try {
- return XMLUtil.stringToDOM(sigString);
- } catch (Exception e) {
- String msg = "Unable to extract signature from DSS response";
- Logger.error(msg);
- throw new STORKException(msg);
- }
-
-
}
-
+
/**
- * Handels connection to SZR-GW and returns Identity Link on success
- * @param citizenSignature Citizen signature
- * @param attributeList Received attribute List in assertion
+ * Handels connection to SZR-GW and returns Identity Link on success.
+ *
+ * @param attributeList the attribute list
+ * @param oaFriendlyName the oa friendly name
+ * @param targetType the target type
+ * @param targetValue the target value
+ * @param filters the filters
* @return Identity Link
- * @throws STORKException
+ * @throws STORKException the sTORK exception
*/
- public static IdentityLink connectToSZRGateway(Element citizenSignature, List<Attribute> attributeList) throws STORKException {
+ public static IdentityLink connectToSZRGateway(IPersonalAttributeList attributeList, String oaFriendlyName, String targetType, String targetValue, String filters) throws STORKException {
Logger.trace("Calling SZR Gateway with the following attributes:");
- String fiscalNumber = SAMLUtil.getAttributeStringValue(attributeList, STORKConstants.STORK_ATTRIBUTE_FISCALNUMBER);
- Logger.trace(STORKConstants.STORK_ATTRIBUTE_FISCALNUMBER + " : " + fiscalNumber);
-
- String givenName = SAMLUtil.getAttributeStringValue(attributeList, STORKConstants.STORK_ATTRIBUTE_GIVENNAME);
- Logger.trace(STORKConstants.STORK_ATTRIBUTE_GIVENNAME+ " : " + givenName);
-
- String lastName = SAMLUtil.getAttributeStringValue(attributeList, STORKConstants.STORK_ATTRIBUTE_SURNAME);
- Logger.trace(STORKConstants.STORK_ATTRIBUTE_SURNAME+ " : " + lastName);
-
- String dateOfBirth = SAMLUtil.getAttributeStringValue(attributeList, STORKConstants.STORK_ATTRIBUTE_DATEOFBIRTH);
- Logger.trace(STORKConstants.STORK_ATTRIBUTE_DATEOFBIRTH + " : " + dateOfBirth);
-
- if (!StringUtils.isEmpty(dateOfBirth)) {
- dateOfBirth = DateTimeUtils.formatPEPSDateToMOADate(dateOfBirth);
- }
-
- CreateIdentityLinkResponse response;
+ CreateIdentityLinkResponse identityLinkResponse = null;
IdentityLink identityLink = null;
try {
Logger.trace("Starting call...");
- response = AuthenticationServer.getInstance().getIdentityLink(fiscalNumber, givenName, lastName, dateOfBirth, citizenSignature);
- if (response.isError()) {
- Logger.error("Receveid ErrorResponse from SZR Gateway.");
- throw new SZRGWClientException(response.getError());
+
+
+ // if there is no signedDoc attribute, we cannot go on
+ String citizenSignature = getAttributeValue("signedDoc", attributeList);
+
+ // if we have a signedDoc we test for a representation case
+ if(hasAttribute("mandateContent", attributeList) || hasAttribute("representative", attributeList) || hasAttribute("represented", attributeList)) {
+ // we have a representation case
+ String representative = getAttributeValue("representative", attributeList);
+ String represented = getAttributeValue("represented", attributeList);
+ String mandate = getAttributeValue("mandateContent", attributeList);
+
+ if(!hasAttribute("dateOfBirth", attributeList)) {
+ // if we get here, we have a natural person representing a legal person
+ String organizationAddress = getAttributeValue("canonicalRegisteredAddress", attributeList);
+ String organizationType = getAttributeValue("translateableType", attributeList);
+
+ identityLinkResponse = AuthenticationServer.getInstance().getIdentityLink(citizenSignature, representative, represented, mandate, organizationAddress, organizationType, targetType, targetValue, oaFriendlyName, filters);
+ } else {
+ // if we get here, we have a natural person representing another natural person
+ String eIdentifier = getAttributeValue("eIdentifier", attributeList);
+ String givenName = getAttributeValue("givenName", attributeList);
+ String lastName = getAttributeValue("surname", attributeList);
+ String dateOfBirth = getAttributeValue("dateOfBirth", attributeList);
+
+ // gender attribute is mandatory here because of some legal stuff
+ String gender = getAttributeValue("gender", attributeList);
+
+ if (!StringUtils.isEmpty(dateOfBirth))
+ dateOfBirth = DateTimeUtils.formatPEPSDateToMOADate(dateOfBirth);
+
+ identityLinkResponse = AuthenticationServer.getInstance().getIdentityLink(eIdentifier,
+ givenName, lastName, dateOfBirth, gender, citizenSignature, representative,
+ represented, mandate, targetType, targetValue, oaFriendlyName, filters);
+ }
+ } else {
+ // we do not have a representation case
+ String eIdentifier = getAttributeValue("eIdentifier", attributeList);
+ String givenName = getAttributeValue("givenName", attributeList);
+ String lastName = getAttributeValue("surname", attributeList);
+ String dateOfBirth = getAttributeValue("dateOfBirth", attributeList);
+ if (!StringUtils.isEmpty(dateOfBirth))
+ dateOfBirth = DateTimeUtils.formatPEPSDateToMOADate(dateOfBirth);
+ identityLinkResponse = AuthenticationServer.getInstance().getIdentityLink(eIdentifier, givenName, lastName, dateOfBirth, citizenSignature);
+ }
+
+ if (null != identityLinkResponse.getErrorResponse()){
+ // TODO fix exception parameter
+ throw new SZRGWClientException(identityLinkResponse.getErrorResponse().getErrorCode().toString(), null);
}
else {
- Logger.trace("Receveid Success Response from SZR Gateway.");
- Element samlAssertion = response.getAssertion();
-
- IdentityLinkAssertionParser ilParser = new IdentityLinkAssertionParser(samlAssertion);
+ IdentityLinkAssertionParser ilParser = new IdentityLinkAssertionParser(new ByteArrayInputStream(identityLinkResponse.getIdentityLink()));
identityLink = ilParser.parseIdentityLink();
-
Logger.debug("Received Identity Link from SZR Gateway");
//TODO: is this ok?
// if (StringUtils.isEmpty(identityLink.getDateOfBirth())) {
@@ -373,9 +199,11 @@ public class STORKResponseProcessor {
} catch (ParseException e) {
Logger.error("Error parsing IdentityLink received from SZR-Gateway: ", e);
throw new STORKException("Error parsing IdentityLink received from SZR-Gateway: ", e);
- } catch (at.gv.egovernment.moa.id.client.SZRGWClientException e) {
- Logger.error("Error connecting SZR-Gateway: ", e);
- throw new STORKException("Error connecting SZR-Gateway: ", e);
+ } catch(STORKException e) {
+ throw e;
+ } catch (Exception e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
}
return identityLink;
@@ -385,33 +213,29 @@ public class STORKResponseProcessor {
/**
* Transforms additional STORK attributes to MOA Extended attributes
- * @param storkAttributeList STORK attribute list
+ * @param iPersonalAttributeList STORK attribute list
* @return
*/
- public static List<ExtendedSAMLAttribute> addAdditionalSTORKAttributes(List<Attribute> storkAttributeList) {
+ public static List<ExtendedSAMLAttribute> addAdditionalSTORKAttributes(IPersonalAttributeList iPersonalAttributeList) {
List<ExtendedSAMLAttribute> moaExtendedSAMLAttributeList = new Vector<ExtendedSAMLAttribute>();
+ if(null == iPersonalAttributeList)
+ return moaExtendedSAMLAttributeList;
+
Logger.trace("Adding the following attributes to MOA assertion: ");
int count = 0;
- //only add attributes different than eIdentifier, given name, surname, dateOfBirth, signedDoc
- for (Attribute attribute : storkAttributeList) {
- //attribute is not in default returned attribute set
- if (!STORKConstants.DEFAULT_STORK_RETURNED_ATTRIBUTE_SET.contains(attribute.getName())) {
-
- String attributeValue = null;
- if (!attribute.getAttributeValues().isEmpty()) {
- //we have attribute value
- attributeValue = SAMLUtil.getStringValueFromXMLObject(attribute.getAttributeValues().get(0));
- }
- ExtendedSAMLAttribute extendedSAMLAttribute =
- new ExtendedSAMLAttributeImpl(attribute.getName(), attributeValue, Constants.STORK_NS_URI, 0);
- moaExtendedSAMLAttributeList.add(extendedSAMLAttribute);
- count++;
- Logger.trace("Additional attribute: " + attribute.getName());
- }
+
+ for (PersonalAttribute attribute : iPersonalAttributeList) {
+ Object attributeValue = attribute.getValue();
+ if (null == attributeValue)
+ attributeValue = attribute.getComplexValue();
+ ExtendedSAMLAttribute extendedSAMLAttribute =
+ new ExtendedSAMLAttributeImpl(attribute.getName(), attributeValue, Constants.STORK_NS_URI, 0);
+ moaExtendedSAMLAttributeList.add(extendedSAMLAttribute);
+ count++;
+ Logger.trace("Additional attribute: " + attribute.getName());
}
-
Logger.debug("Added " + count + " STORK attribute(s) to the MOA assertion.");
return moaExtendedSAMLAttributeList;
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/client/szrgw/SZRGWClient.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/client/szrgw/SZRGWClient.java
index 5522129c4..e1cd59c26 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/client/szrgw/SZRGWClient.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/client/szrgw/SZRGWClient.java
@@ -61,7 +61,6 @@ import org.apache.commons.httpclient.protocol.Protocol;
import org.apache.xpath.XPathAPI;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
-import org.w3c.dom.Node;
import org.w3c.dom.NodeList;
import org.w3c.dom.Text;
@@ -276,9 +275,9 @@ public class SZRGWClient {
}
}
-
- public Document buildGetIdentityLinkRequest(String PEPSIdentifier, String PEPSFirstname, String PEPSFamilyname, String PEPSDateOfBirth, Element signature) throws SZRGWClientException {
+ public Document buildGetIdentityLinkRequest(String PEPSIdentifier, String PEPSFirstname, String PEPSFamilyname, String PEPSDateOfBirth, String signature, String representative, String represented, String mandateContent) throws SZRGWClientException {
+
String SZRGW_NS = "http://reference.e-government.gv.at/namespace/szrgw/20070807#";
try {
DocumentBuilderFactory factory =DocumentBuilderFactory.newInstance();
@@ -321,73 +320,25 @@ public class SZRGWClient {
Text text= doc.createTextNode(PEPSDateOfBirth);
elem.appendChild(text);
}
- }
-
- if (signature == null)
- throw new SZRGWClientException("Signature element must not be null!");
- else {
- Element sig = doc.createElementNS(SZRGW_NS, "szrgw:Signature");
- Element xmlcontent = doc.createElementNS(SZRGW_NS, "szrgw:XMLContent");
- sig.appendChild(xmlcontent);
- Node n = doc.importNode(signature, true);
- getIdentityLink.appendChild(sig);
- xmlcontent.appendChild(n);
- }
-
-
- return doc;
- } catch (ParserConfigurationException e) {
- throw new SZRGWClientException(e);
- } /*catch (CertificateEncodingException e) {
- throw new SZRGWClientException(e);
- }*/
-
-
- }
-
- public Document buildGetIdentityLinkRequest(String PEPSIdentifier, String PEPSFirstname, String PEPSFamilyname, String PEPSDateOfBirth, String signature) throws SZRGWClientException {
- String SZRGW_NS = "http://reference.e-government.gv.at/namespace/szrgw/20070807#";
-
- try {
- DocumentBuilderFactory factory =DocumentBuilderFactory.newInstance();
- factory.setNamespaceAware(true);
- DocumentBuilder builder = factory.newDocumentBuilder();
- Document doc = builder.newDocument();
-
- Element getIdentityLink = doc.createElementNS(SZRGW_NS, "szrgw:GetIdentityLinkRequest");
- getIdentityLink.setAttributeNS("http://www.w3.org/2000/xmlns/", "xmlns:szrgw", SZRGW_NS);
- doc.appendChild(getIdentityLink);
-
- if ( (PEPSIdentifier != null) || (PEPSFirstname != null) || (PEPSFamilyname != null) || (PEPSDateOfBirth != null) ) {
-
- Element pepsDataElem = doc.createElementNS(SZRGW_NS, "szrgw:PEPSData");
- getIdentityLink.appendChild(pepsDataElem);
-
- if (PEPSIdentifier != null) {
- Element elem = doc.createElementNS(SZRGW_NS, "szrgw:Identifier");
- pepsDataElem.appendChild(elem);
- Text text= doc.createTextNode(PEPSIdentifier);
- elem.appendChild(text);
- }
- if (PEPSFirstname != null) {
- Element elem = doc.createElementNS(SZRGW_NS, "szrgw:Firstname");
+ if (representative != null) {
+ Element elem = doc.createElementNS(SZRGW_NS, "szrgw:Representative");
pepsDataElem.appendChild(elem);
- Text text= doc.createTextNode(PEPSFirstname);
+ Text text= doc.createTextNode(representative);
elem.appendChild(text);
- }
+ }
- if (PEPSFamilyname != null) {
- Element elem = doc.createElementNS(SZRGW_NS, "szrgw:Familyname");
+ if (represented != null) {
+ Element elem = doc.createElementNS(SZRGW_NS, "szrgw:Represented");
pepsDataElem.appendChild(elem);
- Text text= doc.createTextNode(PEPSFamilyname);
+ Text text= doc.createTextNode(represented);
elem.appendChild(text);
}
- if (PEPSDateOfBirth != null) {
- Element elem = doc.createElementNS(SZRGW_NS, "szrgw:DateOfBirth");
+ if (mandateContent != null) {
+ Element elem = doc.createElementNS(SZRGW_NS, "szrgw:MandateContent");
pepsDataElem.appendChild(elem);
- Text text= doc.createTextNode(PEPSDateOfBirth);
+ Text text= doc.createTextNode(mandateContent);
elem.appendChild(text);
}
}
@@ -402,7 +353,27 @@ public class SZRGWClient {
Text text= doc.createTextNode(signature);
base64content.appendChild(text);
}
-
+
+ if(representative != null && represented != null && mandateContent != null) {
+ Element mis = doc.createElementNS(SZRGW_NS, "szrgw:MIS");
+ Element filters = doc.createElementNS(SZRGW_NS, "szrgw:Filters");
+ mis.appendChild(filters);
+ Element target = doc.createElementNS(SZRGW_NS, "szrgw:Target");
+ mis.appendChild(target);
+ Element friendlyName = doc.createElementNS(SZRGW_NS, "szrgw:OAFriendlyName");
+ mis.appendChild(friendlyName);
+ getIdentityLink.appendChild(mis);
+
+// TODO fetch data from oa params
+// String moasessionid = req.getParameter(MOAIDAuthConstants.PARAM_SESSIONID);
+// moasessionid = StringEscapeUtils.escapeHtml(moasessionid);
+// AuthenticationSession moasession = AuthenticationSessionStoreage.getSession(moasessionid);
+// OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moasession.getPublicOAURLPrefix());
+// if (oaParam == null)
+// throw new AuthenticationException("auth.00", new Object[] { moasession.getPublicOAURLPrefix() });
+// Text text = doc.createTextNode(oaParam.getFriendlyName());
+ }
+
return doc;
} catch (ParserConfigurationException e) {
throw new SZRGWClientException(e);
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java
index d1872b2bc..1fa7e5eb2 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java
@@ -111,11 +111,10 @@ import at.gv.egovernment.moa.id.config.stork.STORKConfig;
import at.gv.egovernment.moa.id.data.IssuerAndSerial;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.MiscUtil;
-import eu.stork.vidp.messages.common.STORKBootstrap;
/**
* A class providing access to the Auth Part of the MOA-ID configuration data.
- *
+ *
* <p>Configuration data is read from an XML file, whose location is given by
* the <code>moa.id.configuration</code> system property.</p>
* <p>This class implements the Singleton pattern. The <code>reload()</code>
@@ -364,9 +363,9 @@ public class AuthConfigurationProvider extends ConfigurationProvider {
//Initialize OpenSAML for STORK
- Logger.info("Starting initialization of OpenSAML...");
- STORKBootstrap.bootstrap();
- Logger.debug("OpenSAML successfully initialized");
+// Logger.info("Starting initialization of OpenSAML...");
+// STORKBootstrap.bootstrap();
+// Logger.debug("OpenSAML successfully initialized");
String legacyconfig = props.getProperty("configuration.xml.legacy");
@@ -456,12 +455,8 @@ public class AuthConfigurationProvider extends ConfigurationProvider {
ForeignIdentities foreign = auth.getForeignIdentities();
if (foreign == null ) {
Logger.warn("Error in MOA-ID Configuration. No STORK configuration found.");
-
- }
- //TODO: commented because npe was thrown
- //else
- //storkconfig = new STORKConfig(foreign.getSTORK(), props, rootConfigFileDir);
-
+ } else
+ storkconfig = new STORKConfig(foreign.getSTORK(), props, rootConfigFileDir);
//load Chaining modes
ChainingModes cm = moaidconfig.getChainingModes();
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java
index aa886626a..998e28f6a 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java
@@ -59,6 +59,7 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.Mandates;
import at.gv.egovernment.moa.id.commons.db.dao.config.OAPVP2;
import at.gv.egovernment.moa.id.commons.db.dao.config.OASAML1;
import at.gv.egovernment.moa.id.commons.db.dao.config.OASSO;
+import at.gv.egovernment.moa.id.commons.db.dao.config.OAStorkAttribute;
import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication;
import at.gv.egovernment.moa.id.commons.db.dao.config.TemplateType;
import at.gv.egovernment.moa.id.commons.db.dao.config.TemplatesType;
@@ -68,10 +69,6 @@ import at.gv.egovernment.moa.id.config.OAParameter;
import at.gv.egovernment.moa.id.util.FormBuildUtils;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.MiscUtil;
-import eu.stork.vidp.messages.builder.STORKMessagesBuilder;
-import eu.stork.vidp.messages.common.STORKConstants;
-import eu.stork.vidp.messages.stork.QualityAuthenticationAssuranceLevel;
-import eu.stork.vidp.messages.stork.RequestedAttributes;
/**
* Configuration parameters belonging to an online application,
@@ -100,21 +97,6 @@ public class OAAuthParameter extends OAParameter {
this.keyBoxIdentifier = oa.getKeyBoxIdentifier().value();
}
-
- /**
- * STORK QAA Level, Default = 4
- */
- private QualityAuthenticationAssuranceLevel qaaLevel = STORKMessagesBuilder.buildQualityAuthenticationAssuranceLevel(4);
-
- /**
- * STORK RequestedAttributes for Online Application
- * Default RequestedAttributes are: eIdentifier, givenName, surname, dateOfBirth
- */
- private RequestedAttributes requestedAttributes = STORKMessagesBuilder.buildRequestedAttributes(
- STORKMessagesBuilder.buildRequestedAttribute(STORKConstants.STORK_ATTRIBUTE_EIDENTIFIER, true, null),
- STORKMessagesBuilder.buildRequestedAttribute(STORKConstants.STORK_ATTRIBUTE_GIVENNAME, true, null),
- STORKMessagesBuilder.buildRequestedAttribute(STORKConstants.STORK_ATTRIBUTE_SURNAME, true, null),
- STORKMessagesBuilder.buildRequestedAttribute(STORKConstants.STORK_ATTRIBUTE_DATEOFBIRTH, false, null));
private String keyBoxIdentifier;
@@ -285,6 +267,15 @@ public boolean isOnlyMandateAllowed() {
return false;
}
+ /**
+ * Shall we show the stork login in the bku selection frontend?
+ *
+ * @return true, if is we should show stork login
+ */
+ public boolean isShowStorkLogin() {
+ return oa_auth.getOASTORK().isStorkLogonEnabled();
+ }
+
public Map<String, String> getFormCustomizaten() {
TemplatesType templates = oa_auth.getTemplates();
@@ -330,18 +321,15 @@ public Map<String, String> getFormCustomizaten() {
return map;
}
-/**
- * @return the qaaLevel
- */
-public QualityAuthenticationAssuranceLevel getQaaLevel() {
- return qaaLevel;
+public Integer getQaaLevel() {
+ return oa_auth.getOASTORK().getQaa();
}
/**
* @return the requestedAttributes
*/
-public RequestedAttributes getRequestedAttributes() {
- return requestedAttributes;
+public List<OAStorkAttribute> getRequestedAttributes() {
+ return oa_auth.getOASTORK().getOAAttributes();
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java
index 8e24bdfdd..f515ea6bd 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java
@@ -36,16 +36,11 @@ import java.util.Map;
import java.util.Properties;
import java.util.Set;
-import org.opensaml.saml2.metadata.RequestedAttribute;
import org.w3c.dom.Element;
-import eu.stork.vidp.messages.util.SAMLUtil;
-import eu.stork.vidp.messages.util.XMLUtil;
-
import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentGeneral;
import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentOA;
import at.gv.egovernment.moa.id.commons.db.dao.config.BKUURLS;
-import at.gv.egovernment.moa.id.commons.db.dao.config.CPEPS;
import at.gv.egovernment.moa.id.commons.db.dao.config.ChainingModeType;
import at.gv.egovernment.moa.id.commons.db.dao.config.ChainingModes;
import at.gv.egovernment.moa.id.commons.db.dao.config.ConnectionParameterClientAuthType;
@@ -55,8 +50,6 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.ForeignIdentities;
import at.gv.egovernment.moa.id.commons.db.dao.config.GeneralConfiguration;
import at.gv.egovernment.moa.id.commons.db.dao.config.IdentificationNumber;
import at.gv.egovernment.moa.id.commons.db.dao.config.IdentityLinkSigners;
-import at.gv.egovernment.moa.id.commons.db.dao.config.KeyName;
-import at.gv.egovernment.moa.id.commons.db.dao.config.KeyStore;
import at.gv.egovernment.moa.id.commons.db.dao.config.LegacyAllowed;
import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration;
import at.gv.egovernment.moa.id.commons.db.dao.config.MOAKeyBoxSelector;
@@ -70,13 +63,9 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineMandates;
import at.gv.egovernment.moa.id.commons.db.dao.config.Organization;
import at.gv.egovernment.moa.id.commons.db.dao.config.PVP2;
import at.gv.egovernment.moa.id.commons.db.dao.config.Protocols;
-import at.gv.egovernment.moa.id.commons.db.dao.config.SAMLSigningParameter;
import at.gv.egovernment.moa.id.commons.db.dao.config.SLRequestTemplates;
import at.gv.egovernment.moa.id.commons.db.dao.config.SSO;
-import at.gv.egovernment.moa.id.commons.db.dao.config.STORK;
import at.gv.egovernment.moa.id.commons.db.dao.config.SecurityLayer;
-import at.gv.egovernment.moa.id.commons.db.dao.config.SignatureCreationParameterType;
-import at.gv.egovernment.moa.id.commons.db.dao.config.SignatureVerificationParameterType;
import at.gv.egovernment.moa.id.commons.db.dao.config.TemplateType;
import at.gv.egovernment.moa.id.commons.db.dao.config.TemplatesType;
import at.gv.egovernment.moa.id.commons.db.dao.config.TimeOuts;
@@ -305,63 +294,6 @@ public class BuildFromLegacyConfig {
parseConnectionParameterClientAuth(foreignIDConnectionParameter);
auth_foreign.setConnectionParameter(auth_foreign_connection);
- //set STORK configuration
- STORKConfig storkConfig = new STORKConfig(builder.buildSTORKSignatureCreationParameter(),builder.buildSTORKSignatureVerificationParameter(), builder.buildSTORKcPEPSMap());
- STORK auth_foreign_stork = new STORK();
- auth_foreign.setSTORK(auth_foreign_stork);
-
- //set CPEPS
- Map<String, at.gv.egovernment.moa.id.config.legacy.CPEPS> map = storkConfig.getCpepsMap();
- Set<String> map_keys = map.keySet();
- List<CPEPS> auth_foreign_stork_cpeps = new ArrayList<CPEPS>();
- for (String key : map_keys) {
- CPEPS cpep = new CPEPS();
- cpep.setCountryCode(map.get(key).getCountryCode());
- cpep.setURL(map.get(key).getPepsURL().toExternalForm()); //check correctness!!!!
-
- List<String> cpep_reqs = new ArrayList<String>();
-
- List<RequestedAttribute> map1 = map.get(key).getCountrySpecificRequestedAttributes();
- for (RequestedAttribute e1 : map1) {
- Element element = SAMLUtil.marshallMessage(e1);
- cpep_reqs.add(XMLUtil.printXML(element));
- }
- cpep.setAttributeValue(cpep_reqs);
- auth_foreign_stork_cpeps.add(cpep);
- }
- auth_foreign_stork.setCPEPS(auth_foreign_stork_cpeps);
-
-
- //set SAMLSigningParameter
- if (storkConfig.getSignatureCreationParameter() != null &&
- storkConfig.getSignatureVerificationParameter() != null) {
- SAMLSigningParameter auth_foreign_stork_samlSign = new SAMLSigningParameter();
- auth_foreign_stork.setSAMLSigningParameter(auth_foreign_stork_samlSign);
-
- SignatureCreationParameterType stork_saml_creat = new SignatureCreationParameterType();
- auth_foreign_stork_samlSign.setSignatureCreationParameter(stork_saml_creat);
- KeyStore stork_saml_creat_keystore = new KeyStore();
- stork_saml_creat.setKeyStore(stork_saml_creat_keystore);
- stork_saml_creat_keystore.setPassword(storkConfig.getSignatureCreationParameter().getKeyStorePassword());
- stork_saml_creat_keystore.setValue(storkConfig.getSignatureCreationParameter().getKeyStorePath());
- KeyName stork_saml_creat_keyname = new KeyName();
- stork_saml_creat.setKeyName(stork_saml_creat_keyname);
- stork_saml_creat_keyname.setValue(storkConfig.getSignatureCreationParameter().getKeyName());
- stork_saml_creat_keyname.setPassword(storkConfig.getSignatureCreationParameter().getKeyPassword());
-
-
-
- SignatureVerificationParameterType stork_saml_verify = new SignatureVerificationParameterType();
- auth_foreign_stork_samlSign.setSignatureVerificationParameter(stork_saml_verify);
- stork_saml_verify.setTrustProfileID(storkConfig.getSignatureVerificationParameter().getTrustProfileID());
-
- }
-
- //TODO: check correctness
- //set QualityAuthenticationAssurance
- //set RequestedAttbutes
-
-
//set OnlineMandates config
ConnectionParameter onlineMandatesConnectionParameter = builder.buildOnlineMandatesConnectionParameter();
if (onlineMandatesConnectionParameter != null) {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/ConfigurationBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/ConfigurationBuilder.java
index 45ed39bd4..6ad45d8c9 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/ConfigurationBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/ConfigurationBuilder.java
@@ -52,8 +52,6 @@ import iaik.utils.RFC2253NameParserException;
import java.io.IOException;
import java.math.BigInteger;
-import java.net.MalformedURLException;
-import java.net.URL;
import java.security.Principal;
import java.util.ArrayList;
import java.util.HashMap;
@@ -63,8 +61,6 @@ import java.util.List;
import java.util.Map;
import java.util.Vector;
-import org.opensaml.saml2.metadata.RequestedAttribute;
-import org.opensaml.ws.message.encoder.MessageEncodingException;
import org.w3c.dom.Attr;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
@@ -78,9 +74,7 @@ import at.gv.egovernment.moa.id.config.ConfigurationException;
import at.gv.egovernment.moa.id.config.legacy.OAAuthParameter;
import at.gv.egovernment.moa.id.config.legacy.VerifyInfoboxParameter;
import at.gv.egovernment.moa.id.config.legacy.VerifyInfoboxParameters;
-import at.gv.egovernment.moa.id.config.legacy.CPEPS;
import at.gv.egovernment.moa.id.config.legacy.SignatureCreationParameter;
-import at.gv.egovernment.moa.id.config.legacy.SignatureVerificationParameter;
import at.gv.egovernment.moa.id.data.IssuerAndSerial;
import at.gv.egovernment.moa.id.util.MOAIDMessageProvider;
import at.gv.egovernment.moa.logging.Logger;
@@ -88,15 +82,9 @@ import at.gv.egovernment.moa.util.BoolUtils;
import at.gv.egovernment.moa.util.Constants;
import at.gv.egovernment.moa.util.DOMUtils;
import at.gv.egovernment.moa.util.FileUtils;
-import at.gv.egovernment.moa.util.MiscUtil;
import at.gv.egovernment.moa.util.StringUtils;
import at.gv.egovernment.moa.util.XPathException;
import at.gv.egovernment.moa.util.XPathUtils;
-import eu.stork.vidp.messages.builder.STORKMessagesBuilder;
-import eu.stork.vidp.messages.common.STORKConstants;
-import eu.stork.vidp.messages.stork.QualityAuthenticationAssuranceLevel;
-import eu.stork.vidp.messages.stork.RequestedAttributes;
-import eu.stork.vidp.messages.util.SAMLUtil;
/**
* A class that builds configuration data from a DOM based representation.
@@ -1241,170 +1229,6 @@ public List getTrustedTemplateURLs() {
}
/**
- * Creates a SignatureVerificationParameter object from the MOA-ID configuration
- * This configuration object contains the TrustProfile to be used for signature verification (STORK SAML Signature Verification)
- *
- * @return TrustProfileID for signature verification (STORK SAML Signature Verification)
- */
- public SignatureVerificationParameter buildSTORKSignatureVerificationParameter() {
-
- Logger.debug("Loading STORK signature verification parameters.");
-
- Element signatureVerificationParameterElement = (Element)XPathUtils.selectSingleNode(configElem_, AUTH_FOREIGN_IDENTITIES_STORK_SIGNATURE_VERIFICATION_PARAMETER);
- if (signatureVerificationParameterElement == null) {
- Logger.debug("No STORK verification parameters found, " +AUTH_FOREIGN_IDENTITIES_STORK_SIGNATURE_VERIFICATION_PARAMETER + "is missing.");
- return null;
- }
-
- SignatureVerificationParameter signatureVerificationParameter = new SignatureVerificationParameter();
-
- String trustProfileID = XPathUtils.getElementValue(signatureVerificationParameterElement, AUTH_FOREIGN_IDENTITIES_STORK_TRUSTPROFILE_ID, null);
- if (StringUtils.isEmpty(trustProfileID)) {
- Logger.error(AUTH_FOREIGN_IDENTITIES_STORK_TRUSTPROFILE_ID + "is missing.");
- return null;
- }
- Logger.trace("Using the following MOA-SP TrustProfile for STORK SAML signature verification: " + trustProfileID);
- signatureVerificationParameter.setTrustProfileID(trustProfileID);
-
- Logger.info("STORK signature verification parameters loaded.");
-
- return signatureVerificationParameter;
- }
-
- /**
- * Builds a C-PEPS object from configuration
- * @param cpepsElement DOM Element of C-PEPS from configuration
- * @return C-PEPS object
- */
- public CPEPS buildSTORKCpeps(Element cpepsElement) {
-
- String countryCode = cpepsElement.getAttribute(AUTH_FOREIGN_IDENTITIES_STORK_CPEPS_COUNTRY_CODE);
- String cpepsURLString = cpepsElement.getAttribute(AUTH_FOREIGN_IDENTITIES_STORK_CPEPS_URL);
- if (StringUtils.isEmpty(countryCode)) {
- Logger.error(AUTH_FOREIGN_IDENTITIES_STORK_CPEPS_COUNTRY_CODE + "is missing.");
- return null;
- }
- if (StringUtils.isEmpty(cpepsURLString)) {
- Logger.error(AUTH_FOREIGN_IDENTITIES_STORK_CPEPS_URL + "is missing.");
- return null;
- }
-
- URL cpepsURL;
- try {
- cpepsURL = new URL(cpepsURLString);
- } catch (MalformedURLException e) {
- Logger.error("Provided CPEPS-URL (" + cpepsURLString + ") for country " + countryCode + " is not a URL", e);
- return null;
- }
- CPEPS cpeps = new CPEPS(countryCode, cpepsURL);
- Logger.debug("Adding C-PEPS for country: " + cpeps.getCountryCode() + ", URL: " + cpeps.getPepsURL());
-
- Element reqAttributeElement;
- NodeIterator reqAttributeIterator = XPathUtils.selectNodeIterator(cpepsElement, AUTH_FOREIGN_IDENTITIES_STORK_CPEPS_REQUESTED_ATTRIBUTES);
-
- while ((reqAttributeElement = (Element) reqAttributeIterator.nextNode()) != null) {
- RequestedAttribute requestedAttribute;
- try {
- requestedAttribute = (RequestedAttribute) SAMLUtil.unmarshallMessage(reqAttributeElement);
- } catch (MessageEncodingException e) {
- Logger.error("Provided RequestedAttributes for CPEPS from country " + countryCode + " is malformed.", e);
- return null;
- }
- //only add if STORK attribute is correct
- if (STORKConstants.FULL_STORK_ATTRIBUTE_SET.contains(requestedAttribute.getName())) {
- cpeps.addCountrySpecificRequestedAttribute(requestedAttribute);
- Logger.debug("Adding also country specific requested attribute for C-PEPS (" + countryCode + "): " + requestedAttribute.getName() + ", isRequired: " + requestedAttribute.isRequired());
- } else {
- Logger.warn("Skipping addition of requested STORK Attribute, attribute unknown : " + requestedAttribute.getName());
- }
-
- }
-
- return cpeps;
- }
-
- /**
- * Builds the supported C-PEPS Map from configuration
- * @return Map of C-PEPS
- */
- public Map<String, CPEPS> buildSTORKcPEPSMap() {
-
- Logger.debug("Loading STORK C-PEPS information");
-
- Map<String, CPEPS> cpepsMap = new HashMap<String, CPEPS>();
-
- NodeIterator cpepsIterator = XPathUtils.selectNodeIterator(configElem_, AUTH_FOREIGN_IDENTITIES_STORK_CPEPS);
-
- Element cpepsElement;
- CPEPS cpeps;
-
- while ((cpepsElement = (Element) cpepsIterator.nextNode()) != null) {
- cpeps = buildSTORKCpeps(cpepsElement);
- if (cpeps != null) {
- cpepsMap.put(cpeps.getCountryCode(), cpeps);
- }
- }
-
- if(!cpepsMap.isEmpty()) {
- Logger.info("STORK C-PEPS information loaded");
- }
-
- return cpepsMap;
-
- }
-
- /**
- * Builds the required STORK QAALevel for this OA
- * @param authComponentElement DOM Element of AuthComponent (from MOA configuration)
- * @return STORK QAALevel for this OA
- */
- public QualityAuthenticationAssuranceLevel buildOaSTORKQAALevel(Element authComponentElement) {
- Element qaaLevelElement = (Element)XPathUtils.selectSingleNode(authComponentElement, OA_AUTH_COMPONENT_STORK_QAA);
-
- if (qaaLevelElement == null) return null;
-
- try {
- QualityAuthenticationAssuranceLevel qaaLevel = (QualityAuthenticationAssuranceLevel) SAMLUtil.unmarshallMessage(qaaLevelElement);
- return qaaLevel;
- } catch (MessageEncodingException e) {
- Logger.error("Could not build STORK QAALevel, using default.");
- return null;
- }
-
- }
-
- /**
- * Builds the Requested Attributes specific for an OA
- * @param authComponentElement DOM Element of AuthComponent (from MOA configuration)
- * @return STORK RequestedAttributes for this OA
- */
- public RequestedAttributes buildOaSTORKRequestedAttributes(Element authComponentElement) {
- List<RequestedAttribute> reqAttributeList = new ArrayList<RequestedAttribute>();
-
-
- Element reqAttributeElement;
- NodeIterator reqAttributeIterator = XPathUtils.selectNodeIterator(authComponentElement, OA_AUTH_COMPONENT_STORK_REQUESTED_ATTRIBUTE);
-
- while ((reqAttributeElement = (Element) reqAttributeIterator.nextNode()) != null) {
- RequestedAttribute requestedAttribute;
- try {
- requestedAttribute = (RequestedAttribute) SAMLUtil.unmarshallMessage(reqAttributeElement);
- } catch (MessageEncodingException e) {
- Logger.error("Provided RequestedAttributes Online Application is malformed.", e);
- return null;
- }
- //only add if STORK attribute is correct
- if (STORKConstants.FULL_STORK_ATTRIBUTE_SET.contains(requestedAttribute.getName())) {
- reqAttributeList.add(requestedAttribute);
- } else {
- Logger.warn("Skipping addition of requested STORK Attribute, attribute unknown : " + requestedAttribute.getName());
- }
- }
-
- return STORKMessagesBuilder.buildRequestedAttributes(reqAttributeList);
- }
-
- /**
* Method warn.
* @param messageId to identify a country-specific message
* @param parameters for the logger
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/OAAuthParameter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/OAAuthParameter.java
index 01977c239..6bdbd38d8 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/OAAuthParameter.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/OAAuthParameter.java
@@ -46,15 +46,6 @@
package at.gv.egovernment.moa.id.config.legacy;
-import java.util.ArrayList;
-
-import org.opensaml.saml2.metadata.RequestedAttribute;
-
-import eu.stork.vidp.messages.builder.STORKMessagesBuilder;
-import eu.stork.vidp.messages.common.STORKConstants;
-import eu.stork.vidp.messages.stork.QualityAuthenticationAssuranceLevel;
-import eu.stork.vidp.messages.stork.RequestedAttributes;
-
/**
* Configuration parameters belonging to an online application,
* to use with the MOA ID Auth component.
@@ -151,22 +142,6 @@ public class OAAuthParameter extends OAParameter {
*/
private String identityLinkDomainIdentifierType;
- /**
- * STORK QAA Level, Default = 4
- */
- private QualityAuthenticationAssuranceLevel qaaLevel = STORKMessagesBuilder.buildQualityAuthenticationAssuranceLevel(4);
-
- /**
- * STORK RequestedAttributes for Online Application
- * Default RequestedAttributes are: eIdentifier, givenName, surname, dateOfBirth
- */
- private RequestedAttributes requestedAttributes = STORKMessagesBuilder.buildRequestedAttributes(
- STORKMessagesBuilder.buildRequestedAttribute(STORKConstants.STORK_ATTRIBUTE_EIDENTIFIER, true, null),
- STORKMessagesBuilder.buildRequestedAttribute(STORKConstants.STORK_ATTRIBUTE_GIVENNAME, true, null),
- STORKMessagesBuilder.buildRequestedAttribute(STORKConstants.STORK_ATTRIBUTE_SURNAME, true, null),
- STORKMessagesBuilder.buildRequestedAttribute(STORKConstants.STORK_ATTRIBUTE_DATEOFBIRTH, false, null));
-
-
/**
* Returns <code>true</code> if the Security Layer version is version 1.2,
* otherwise <code>false</code>.
@@ -486,38 +461,4 @@ public class OAAuthParameter extends OAParameter {
return this.mandateProfiles;
}
- /**
- * Returns the defined STORK QAALevel
- * @return STORK QAALevel
- */
- public QualityAuthenticationAssuranceLevel getQaaLevel() {
- return qaaLevel;
- }
-
- /**
- * Sets the STORK QAALevel
- * @param qaaLevel
- */
- public void setQaaLevel(QualityAuthenticationAssuranceLevel qaaLevel) {
- this.qaaLevel = qaaLevel;
- }
-
- /**
- * Returns the desired STORK Requested Attributes
- * @return STORK Requested Attributes
- */
- public RequestedAttributes getRequestedAttributes() {
- return requestedAttributes;
- }
-
- /**
- * Sets the desired STORK Requested Attributes
- * @param requestedAttributes
- */
- public void setRequestedAttributes(RequestedAttributes requestedAttributes) {
- this.requestedAttributes = requestedAttributes;
- }
-
-
-
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/STORKConfig.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/STORKConfig.java
index 76cd8f994..463930fd7 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/STORKConfig.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/STORKConfig.java
@@ -21,11 +21,10 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*******************************************************************************/
/**
- *
+ *
*/
package at.gv.egovernment.moa.id.config.stork;
-import java.io.IOException;
import java.net.MalformedURLException;
import java.net.URL;
import java.util.ArrayList;
@@ -34,133 +33,91 @@ import java.util.List;
import java.util.Map;
import java.util.Properties;
-import javax.xml.parsers.ParserConfigurationException;
-
-import org.opensaml.saml2.metadata.RequestedAttribute;
-import org.opensaml.ws.message.encoder.MessageEncodingException;
-import org.w3c.dom.Element;
-import org.xml.sax.SAXException;
-
-import eu.stork.vidp.messages.util.SAMLUtil;
-import eu.stork.vidp.messages.util.XMLUtil;
-
-import at.gv.egovernment.moa.id.commons.db.dao.config.RequestedAttributeType;
-import at.gv.egovernment.moa.id.commons.db.dao.config.SAMLSigningParameter;
import at.gv.egovernment.moa.id.commons.db.dao.config.STORK;
-import at.gv.egovernment.moa.id.commons.db.dao.config.SignatureVerificationParameterType;
+import at.gv.egovernment.moa.id.commons.db.dao.config.StorkAttribute;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.StringUtils;
/**
* Encapsulates several STORK configuration parameters according MOA configuration
- *
+ *
* @author bzwattendorfer
*
*/
public class STORKConfig {
-
+
/** STORK SAML signature creation parameters */
private Properties props = null;
private Map<String, CPEPS> cpepsMap = null;
private String basedirectory = null;
private SignatureVerificationParameter sigverifyparam = null;
-
-
+ private List<StorkAttribute> attr = null;
+
+
public STORKConfig(STORK stork, Properties props, String basedirectory) {
this.basedirectory = basedirectory;
this.props = props;
-
+
//create CPEPS map
List<at.gv.egovernment.moa.id.commons.db.dao.config.CPEPS> cpeps = stork.getCPEPS();
cpepsMap = new HashMap<String, CPEPS>();
-
+
for(at.gv.egovernment.moa.id.commons.db.dao.config.CPEPS cpep : cpeps) {
-
+
try {
CPEPS moacpep = new CPEPS(cpep.getCountryCode(), new URL(cpep.getURL()));
-
- List<String> attr = cpep.getAttributeValue();
-
- ArrayList<RequestedAttribute> requestedAttributes = new ArrayList<RequestedAttribute>();
-
- for (String e1 : attr) {
- Element element = XMLUtil.stringToDOM(e1);
- RequestedAttribute requestedAttribute = (RequestedAttribute) SAMLUtil.unmarshallMessage(element);
- requestedAttributes.add(requestedAttribute);
- }
- moacpep.setCountrySpecificRequestedAttributes(requestedAttributes);
-
+
cpepsMap.put(cpep.getCountryCode(), moacpep);
-
+
} catch (MalformedURLException e) {
- Logger.warn("Error in MOA-ID Configuration. CPEP entry for country "
+ Logger.warn("Error in MOA-ID Configuration. CPEP entry for country "
+ cpep.getCountryCode() + " has an invalid URL and is ignored.");
- } catch (ParserConfigurationException e) {
- Logger.warn("Error in MOA-ID Configuration. CPEP entry for country "
- + cpep.getCountryCode() + " has an invalid Attribute and is ignored.");
- } catch (SAXException e) {
- Logger.warn("Error in MOA-ID Configuration. CPEP entry for country "
- + cpep.getCountryCode() + " has an invalid Attribute and is ignored.");
- } catch (IOException e) {
- Logger.warn("Error in MOA-ID Configuration. CPEP entry for country "
- + cpep.getCountryCode() + " has an invalid Attribute and is ignored.");
- } catch (MessageEncodingException e) {
- Logger.warn("Error in MOA-ID Configuration. CPEP entry for country "
- + cpep.getCountryCode() + " has an invalid Attribute and is ignored.");
}
}
- SAMLSigningParameter samlsign = stork.getSAMLSigningParameter();
-
- if (samlsign == null) {
- Logger.warn("Error in MOA-ID Configuration. No STORK->SAMLSigningParameter configuration found.");
- } else {
- SignatureVerificationParameterType sigverify = samlsign.getSignatureVerificationParameter();
-
- if (sigverify == null) {
- Logger.warn("Error in MOA-ID Configuration. No STORK->SignatureVerificationParameter configuration found.");
-
- } else {
- sigverifyparam = new SignatureVerificationParameter(sigverify.getTrustProfileID());
- }
+ attr = new ArrayList<StorkAttribute>();
+ for(StorkAttribute current : stork.getAttributes()) {
+ attr.add(current);
}
-
+
}
public SignatureCreationParameter getSignatureCreationParameter() {
-
+
return new SignatureCreationParameter(props, basedirectory);
}
public SignatureVerificationParameter getSignatureVerificationParameter() {
-
- return sigverifyparam;
+
+ return sigverifyparam;
}
public Map<String, CPEPS> getCpepsMap() {
return cpepsMap;
}
-
+
public boolean isSTORKAuthentication(String ccc) {
-
+
if (StringUtils.isEmpty(ccc) || this.cpepsMap.isEmpty())
return false;
-
+
if (this.cpepsMap.containsKey(ccc.toUpperCase()))
return true;
else
return false;
-
+
}
-
+
public CPEPS getCPEPS(String ccc) {
if (isSTORKAuthentication(ccc))
return this.cpepsMap.get(ccc);
else
return null;
}
-
+ public List<StorkAttribute> getStorkAttributes() {
+ return attr;
+ }
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/SAMLVerifierMOASP.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/SAMLVerifierMOASP.java
index b689de1d2..8dfebc06c 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/SAMLVerifierMOASP.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/SAMLVerifierMOASP.java
@@ -37,8 +37,8 @@ import at.gv.egovernment.moa.id.auth.invoke.SignatureVerificationInvoker;
import at.gv.egovernment.moa.id.auth.parser.VerifyXMLSignatureResponseParser;
import at.gv.egovernment.moa.id.config.ConfigurationException;
import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
+import at.gv.egovernment.moa.id.util.XMLUtil;
import at.gv.egovernment.moa.logging.Logger;
-import eu.stork.vidp.messages.util.XMLUtil;
public class SAMLVerifierMOASP implements ISAMLVerifier {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java
index 4e1b0a135..3f6495a1a 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java
@@ -22,13 +22,18 @@
*******************************************************************************/
package at.gv.egovernment.moa.id.protocols.saml1;
+import java.util.List;
+
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import at.gv.egovernment.moa.id.auth.AuthenticationServer;
import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
+import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute;
import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
import at.gv.egovernment.moa.id.auth.servlet.RedirectServlet;
+import at.gv.egovernment.moa.id.auth.stork.STORKResponseProcessor;
import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
import at.gv.egovernment.moa.id.data.AuthenticationData;
@@ -70,6 +75,15 @@ public class GetArtifactAction implements IAction {
oaParam,
target);
+ // add other stork attributes to MOA assertion if available
+ if(null != session.getStorkAttributes()) {
+ List<ExtendedSAMLAttribute> moaExtendedSAMLAttibutes = STORKResponseProcessor.addAdditionalSTORKAttributes(session.getStorkAttributes());
+ session.setExtendedSAMLAttributesOA(moaExtendedSAMLAttibutes);
+ //produce MOA-Assertion and artifact
+ AuthenticationServer.getInstance().getForeignAuthenticationData(session);
+ Logger.info("MOA assertion assembled and SAML Artifact generated.");
+ }
+
String samlArtifactBase64 = saml1server.BuildSAMLArtifact(session, oaParam, authData);
if (AuthenticationSessionStoreage.isSSOSession(session.getSessionID())) {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/FormBuildUtils.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/FormBuildUtils.java
index 9ba78165c..37ead5cff 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/FormBuildUtils.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/FormBuildUtils.java
@@ -46,6 +46,9 @@ public class FormBuildUtils {
private static String MANDATEVISIBLE = "#MANDATEVISIBLE#";
private static String MANDATECHECKED = "#MANDATECHECKED#";
+
+ private static String STORKVISIBLE = "#STORKVISIBLE#";
+
private static final String TEMPLATEVISIBLE = " display: none";
private static final String TEMPLATEDISABLED = "disabled=\"true\"";
private static final String TEMPLATECHECKED = "checked=\"true\"";
@@ -74,7 +77,8 @@ public class FormBuildUtils {
public static String customiceLayoutBKUSelection(String value, boolean isShowMandateCheckbox,
- boolean isOnlyMandateAllowed, Map<String, String> map) {
+ boolean isOnlyMandateAllowed,
+ Map<String, String> map, boolean showStorkLogin) {
if (isShowMandateCheckbox)
value = value.replace(MANDATEVISIBLE, "");
@@ -89,6 +93,11 @@ public class FormBuildUtils {
} else
value = value.replace(MANDATECHECKED, TEMPLATE_ARIACHECKED + "\"false\"");
+ if (showStorkLogin)
+ value = value.replace(STORKVISIBLE, "");
+ else
+ value = value.replace(STORKVISIBLE, TEMPLATEVISIBLE);
+
String fonttype = map.get(FONTFAMILY);
if (MiscUtil.isNotEmpty(fonttype)) {
String[] fonttypeList = fonttype.split(",");
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/util/XMLUtil.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/XMLUtil.java
index 3ca38ec03..d87d510fa 100644
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/util/XMLUtil.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/XMLUtil.java
@@ -1,7 +1,7 @@
/**
*
*/
-package eu.stork.vidp.messages.util;
+package at.gv.egovernment.moa.id.util;
import java.io.File;
import java.io.IOException;
diff --git a/id/server/idserverlib/src/main/resources/resources/templates/fetchGender.html b/id/server/idserverlib/src/main/resources/resources/templates/fetchGender.html
new file mode 100644
index 000000000..f47ee53ff
--- /dev/null
+++ b/id/server/idserverlib/src/main/resources/resources/templates/fetchGender.html
@@ -0,0 +1,16 @@
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
+
+ <body>
+ <form action="${action}" method="post" target="_parent">
+ <div>
+ <input type="hidden" name="SAMLResponse" value="${SAMLResponse}"/>
+ </div>
+ <p>Please indicate the gender of the represented.</p>
+ <div>
+ <input type="submit" name="gender" value="M"/>
+ <input type="submit" name="gender" value="F"/>
+ </div>
+ </form>
+
+ </body>
+</html> \ No newline at end of file
diff --git a/id/server/idserverlib/src/main/resources/resources/templates/loginFormFull.html b/id/server/idserverlib/src/main/resources/resources/templates/loginFormFull.html
index d1ffa4f61..3eff06daf 100644
--- a/id/server/idserverlib/src/main/resources/resources/templates/loginFormFull.html
+++ b/id/server/idserverlib/src/main/resources/resources/templates/loginFormFull.html
@@ -331,105 +331,180 @@
}
}
-* {
- margin: 0;
- padding: 0;
- font-family: #FONTTYPE #;
-}
-
-#selectArea {
- padding-top: 10px;
- padding-bottom: 55px;
- padding-left: 10px;
-}
-
-.setAssertionButton {
- background: #efefef;
- cursor: pointer;
- margin-top: 15px;
- width: 70px;
- height: 25px;
-}
-
-#leftbutton {
- width: 35%;
- float: left;
- margin-left: 15px;
-}
-
-#rightbutton {
- width: 35%;
- float: right;
- margin-right: 25px;
- text-align: right;
-}
-
-#stork {
- margin-bottom: 10px;
- margin-top: 5px;
-}
-
-#mandateLogin {
- padding-bottom: 4%;
- padding-top: 4%;
- height: 10%;
- position: relative;
- text-align: center;
-}
-
-.verticalcenter {
- vertical-align: middle;
-}
-
-#mandateLogin div {
- clear: both;
- margin-top: -1%;
- position: relative;
- top: 50%;
-}
-
-#bkuselectionarea {
- position: relative;
- display: block;
-}
-
-#localBKU {
- padding-left: 5%;
- padding-right: 2%;
- padding-bottom: 4%;
- padding-top: 4%;
- position: relative;
- clear: both;
-}
-
-#bkukarte {
- float: left;
- text-align: center;
- width: 40%;
- min-height: 70px;
- padding-left: 5%;
- padding-top: 2%;
-}
-
-#bkuhandy {
- float: right;
- text-align: center;
- width: 40%;
- min-height: 90px;
- padding-right: 5%;
- padding-top: 2%;
-}
-
-.bkuimage {
- width: 90%;
- height: auto;
-}
-
-#mandate {
- text-align: center;
- padding: 5px 5px 5px 5px;
-}
-
+
+ @media screen and (max-width: 649px) {
+
+ body {
+ margin:0;
+ padding:0;
+ color : #000;
+ text-align: center;
+ font-size: 100%;
+ background-color: #MAIN_BACKGOUNDCOLOR#;
+ }
+
+ #page {
+ visibility: hidden;
+ margin-top: 0%;
+ }
+
+ #page1 {
+ visibility: hidden;
+ }
+
+ #main {
+ visibility: hidden;
+ }
+
+ #validation {
+ visibility: hidden;
+ display: none;
+ }
+
+ .OA_header {
+ margin-bottom: 0px;
+ margin-top: 0px;
+ font-size: 0pt;
+ visibility: hidden;
+ }
+
+ #leftcontent {
+ visibility: visible;
+ margin-bottom: 0px;
+ text-align: left;
+ border:none;
+ vertical-align: middle;
+ min-height: 173px;
+ min-width: 204px;
+
+ }
+
+ #bku_header {
+ height: 10%;
+ min-height: 1.2em;
+ margin-top: 1%;
+ }
+
+ h2#tabheader{
+ padding-left: 2%;
+ padding-right: 2%;
+ position: relative;
+ top: 50%;
+ }
+
+ #bkulogin {
+ min-width: 190px;
+ min-height: 155px;
+ }
+
+ .setAssertionButton_full {
+ background: #efefef;
+ cursor: pointer;
+ margin-top: 15px;
+ width: 70px;
+ height: 25px;
+ }
+
+ input[type=button] {
+/* height: 11%; */
+ width: 70%;
+ }
+ }
+
+ * {
+ margin: 0;
+ padding: 0;
+ font-family: #FONTTYPE#;
+ }
+
+ #selectArea {
+ padding-top: 10px;
+ padding-bottom: 55px;
+ padding-left: 10px;
+ }
+
+ .setAssertionButton {
+ background: #efefef;
+ cursor: pointer;
+ margin-top: 15px;
+ width: 70px;
+ height: 25px;
+ }
+
+ #leftbutton {
+ width: 35%;
+ float:left;
+ margin-left: 15px;
+ }
+
+ #rightbutton {
+ width: 35%;
+ float:right;
+ margin-right: 25px;
+ text-align: right;
+ }
+
+ #mandateLogin {
+ padding-bottom: 4%;
+ padding-top: 4%;
+ height: 10%;
+ position: relative;
+ text-align: center;
+ }
+
+ .verticalcenter {
+ vertical-align: middle;
+ }
+
+ #mandateLogin div {
+ clear: both;
+ margin-top: -1%;
+ position: relative;
+ top: 50%;
+ }
+
+ #bkuselectionarea {
+ position: relative;
+ display: block;
+ }
+
+ #localBKU {
+ padding-left: 5%;
+ padding-right: 2%;
+ padding-bottom: 4%;
+ padding-top: 4%;
+ position: relative;
+ clear: both;
+ }
+
+ #bkukarte {
+ float:left;
+ text-align:center;
+ width:40%;
+ min-height: 70px;
+ padding-left: 5%;
+ padding-top: 2%;
+ }
+
+ #bkuhandy {
+ float:right;
+ text-align:center;
+ width:40%;
+ min-height: 90px;
+ padding-right: 5%;
+ padding-top: 2%;
+ }
+
+ .bkuimage {
+ width: 90%;
+ height: auto;
+ }
+
+ #mandate{
+ text-align:center;
+ padding : 5px 5px 5px 5px;
+ }
+
/* input[type=button], .sendButton {
background: #BUTTON_BACKGROUNDCOLOR#;
color: #BUTTON_COLOR#;
@@ -728,35 +803,29 @@ input {
role="button" class="hell">
<!--p>
<small>Alternativ können Sie eine lokal installierte BKU verwenden.</small>
- </p-->
- </form>
- </div>
-
- <!-- <div id="stork" align="center">
- <div id="leftcontent" style="margin-bottom:10px">
- <h2 id="tabheader" class="dunkel">
- Home Country Selection
- </h2>
- </div>
- <p>
- <select name="cccSelection" id="cccSelection" size="1" style="width: 120px; margin-right: 5px;" >
- <option value="BE">Belgi&euml;/Belgique</option>
- <option value="EE">Eesti</option>
- <option value="ES">Espa&ntilde;a</option>
- <option value="IS">&Iacute;sland</option>
- <option value="IT">Italia</option>
- <option value="LI">Liechtenstein</option>
- <option value="LT">Lithuania</option>
- <option value="PT">Portugal</option>
- <option value="SI">Slovenija</option>
- <option value="FI">Suomi</option>
- <option value="SE">Sverige</option>
- </select>
- <button name="bkuButton" type="button" onClick="storkClicked();">Send</button>
- <a href="info_stork.html" target="_blank" class="infobutton" style="color:#FFF">i</a>
- </p>
- </div>
- </div> -->
+ </p-->
+ </form>
+ </div>
+ <div id="stork" align="center" style="#STORKVISIBLE#">
+ <h2 id="tabheader" class="dunkel">Home Country Selection</h2>
+ <p>
+ <select name="cccSelection" id="cccSelection" size="1" style="width: 120px; margin-right: 5px;" >
+ <option value="BE">Belgi&euml;/Belgique</option>
+ <option value="EE">Eesti</option>
+ <option value="ES">Espa&ntilde;a</option>
+ <option value="IS">&Iacute;sland</option>
+ <option value="IT">Italia</option>
+ <option value="LI">Liechtenstein</option>
+ <option value="LT">Lithuania</option>
+ <option value="PT">Portugal</option>
+ <option value="SI">Slovenija</option>
+ <option value="FI">Suomi</option>
+ <option value="SE">Sverige</option>
+ </select>
+ <button name="bkuButton" type="button" onClick="storkClicked();">Proceed</button>
+ <a href="info_stork.html" target="_blank" class="infobutton" style="color:#FFF">i</a>
+ </p>
+ </div>
<div id="metroDetected" style="display: none">
<p>Anscheinend verwenden Sie Internet Explorer im
diff --git a/id/server/stork-saml-engine/src/main/resources/saml2-post-binding-moa.vm b/id/server/idserverlib/src/main/resources/resources/templates/saml2-post-binding-moa.vm
index cac0bda76..cac0bda76 100644
--- a/id/server/stork-saml-engine/src/main/resources/saml2-post-binding-moa.vm
+++ b/id/server/idserverlib/src/main/resources/resources/templates/saml2-post-binding-moa.vm
diff --git a/id/server/moa-id-commons/pom.xml b/id/server/moa-id-commons/pom.xml
index 01e81ce24..ae79990d0 100644
--- a/id/server/moa-id-commons/pom.xml
+++ b/id/server/moa-id-commons/pom.xml
@@ -62,7 +62,11 @@
<artifactId>hyperjaxb3-ejb-runtime</artifactId>
<version>0.5.6</version>
</dependency>
-
+ <dependency>
+ <groupId>org.jvnet.hyperjaxb3</groupId>
+ <artifactId>maven-hyperjaxb3-plugin</artifactId>
+ <version>0.5.6</version>
+</dependency>
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
@@ -186,5 +190,40 @@
</executions>
</plugin>
</plugins>
- </build>
+ <pluginManagement>
+ <plugins>
+ <!--This plugin's configuration is used to store Eclipse m2e settings only. It has no influence on the Maven build itself.-->
+ <plugin>
+ <groupId>org.eclipse.m2e</groupId>
+ <artifactId>lifecycle-mapping</artifactId>
+ <version>1.0.0</version>
+ <configuration>
+ <lifecycleMappingMetadata>
+ <pluginExecutions>
+ <pluginExecution>
+ <pluginExecutionFilter>
+ <groupId>
+ org.jvnet.hyperjaxb3
+ </groupId>
+ <artifactId>
+ maven-hyperjaxb3-plugin
+ </artifactId>
+ <versionRange>
+ [0.5.6,)
+ </versionRange>
+ <goals>
+ <goal>generate</goal>
+ </goals>
+ </pluginExecutionFilter>
+ <action>
+ <ignore></ignore>
+ </action>
+ </pluginExecution>
+ </pluginExecutions>
+ </lifecycleMappingMetadata>
+ </configuration>
+ </plugin>
+ </plugins>
+ </pluginManagement>
+ </build>
</project> \ No newline at end of file
diff --git a/id/server/moa-id-commons/src/main/resources/config/moaid_config_2.0.xsd b/id/server/moa-id-commons/src/main/resources/config/moaid_config_2.0.xsd
index e93cb5cc8..33ad5c990 100644
--- a/id/server/moa-id-commons/src/main/resources/config/moaid_config_2.0.xsd
+++ b/id/server/moa-id-commons/src/main/resources/config/moaid_config_2.0.xsd
@@ -49,7 +49,7 @@
<xsd:extension base="xsd:string"/>
</xsd:simpleContent>
</xsd:complexType>
- <xsd:element name="AbstractSimpleIdentification" type="AbstractSimpleIdentificationType">
+ <xsd:element name="AbstractSimpleIdentification" type="StorkAttribute">
<xsd:annotation>
<xsd:documentation>possibility to include common austrian primary
keys in human readable way, english translation not available
@@ -72,19 +72,17 @@
</xsd:simpleType>
<xsd:element name="QualityAuthenticationAssuranceLevel" type="QualityAuthenticationAssuranceLevelType"/>
<xsd:element name="AttributeValue" type="xsd:anyType"/>
- <xsd:complexType name="RequestedAttributeType"/>
- <xsd:element name="RequestedAttribute" type="RequestedAttributeType"/>
<xsd:simpleType name="CountryCodeType">
<xsd:restriction base="xsd:token">
<xsd:pattern value="[A-Z]{2}"/>
</xsd:restriction>
</xsd:simpleType>
- <xsd:complexType name="RequestedAttributesType">
+ <xsd:complexType name="StorkAttribute">
<xsd:sequence>
- <xsd:element name="AttributeValue" type="xsd:string" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="name" type="xsd:string"></xsd:element>
+ <xsd:element name="mandatory" type="xsd:boolean"></xsd:element>
</xsd:sequence>
</xsd:complexType>
- <xsd:element name="RequestedAttributes" type="RequestedAttributesType"/>
<xsd:simpleType name="LoginType">
<xsd:restriction base="xsd:token">
<xsd:enumeration value="stateless"/>
@@ -538,7 +536,7 @@
</xsd:sequence>
</xsd:complexType>
</xsd:element>
- <xsd:element ref="STORK" minOccurs="0"/>
+ <xsd:element ref="OA_STORK" minOccurs="0"/>
<xsd:element name="OA_SSO" minOccurs="0">
<xsd:complexType>
<xsd:sequence>
@@ -862,8 +860,10 @@
<xsd:element ref="SAMLSigningParameter"/>
</xsd:sequence>
<xsd:sequence>
- <xsd:element ref="QualityAuthenticationAssuranceLevel" minOccurs="0"/>
- <xsd:element ref="RequestedAttributes"/>
+ <xsd:element ref="QualityAuthenticationAssuranceLevel" minOccurs="0" />
+ </xsd:sequence>
+ <xsd:sequence>
+ <xsd:element ref="Attributes" maxOccurs="unbounded" minOccurs="0" />
</xsd:sequence>
</xsd:choice>
</xsd:complexType>
@@ -926,6 +926,16 @@
</xsd:sequence>
</xsd:complexType>
</xsd:element>
+ <xsd:element name="OA_STORK">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="StorkLogonEnabled"
+ type="xsd:boolean" />
+ <xsd:element ref="Qaa" maxOccurs="1" minOccurs="0"></xsd:element>
+ <xsd:element ref="OAAttributes" maxOccurs="unbounded" minOccurs="0"></xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
<xsd:element name="Contact">
<xsd:complexType>
<xsd:sequence>
@@ -987,4 +997,17 @@
<xsd:element name="OnlyMandateLoginAllowed" type="xsd:boolean" default="false" minOccurs="0" maxOccurs="1"/>
</xsd:sequence>
</xsd:complexType>
+
+ <xsd:element name="Attributes" type="StorkAttribute"></xsd:element>
+
+ <xsd:element name="Qaa" type="QualityAuthenticationAssuranceLevelType"></xsd:element>
+
+ <xsd:complexType name="OAStorkAttribute">
+ <xsd:sequence>
+ <xsd:element name="mandatory" type="xsd:boolean"></xsd:element>
+ <xsd:element name="name" type="xsd:string"></xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+
+ <xsd:element name="OAAttributes" type="OAStorkAttribute"></xsd:element>
</xsd:schema>
diff --git a/id/server/stork-saml-engine/pom.xml b/id/server/stork-saml-engine/pom.xml
deleted file mode 100644
index 1988b9af0..000000000
--- a/id/server/stork-saml-engine/pom.xml
+++ /dev/null
@@ -1,92 +0,0 @@
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
- <modelVersion>4.0.0</modelVersion>
- <parent>
- <artifactId>moa-id</artifactId>
- <groupId>MOA.id</groupId>
- <version>1.9.96-SNAPSHOT</version>
- </parent>
- <artifactId>stork-saml-engine</artifactId>
- <version>1.5.2</version>
- <name>STORK SAML Engine</name>
- <description>SAML2 related stuff for STORK</description>
-
- <build>
-
-<plugins>
-<plugin>
-<groupId>org.apache.maven.plugins</groupId>
-<artifactId>maven-compiler-plugin</artifactId>
-<configuration>
-<source>1.5</source>
-<target>1.5</target>
-</configuration>
-</plugin>
-</plugins>
-</build>
-
- <dependencies>
- <dependency>
- <groupId>org.opensaml</groupId>
- <artifactId>opensaml</artifactId>
- <version>2.5.3</version>
- <exclusions>
- <exclusion>
- <groupId>org.slf4j</groupId>
- <artifactId>jcl-over-slf4j</artifactId>
- </exclusion>
- <exclusion>
- <groupId>org.slf4j</groupId>
- <artifactId>jul-to-slf4j</artifactId>
- </exclusion>
- <exclusion>
- <groupId>org.slf4j</groupId>
- <artifactId>log4j-over-slf4j</artifactId>
- </exclusion>
- </exclusions>
- </dependency>
- <dependency>
- <groupId>org.opensaml</groupId>
- <artifactId>xmltooling</artifactId>
- <version>1.3.4</version>
- <exclusions>
- <exclusion>
- <groupId>org.slf4j</groupId>
- <artifactId>jcl-over-slf4j</artifactId>
- </exclusion>
- <exclusion>
- <groupId>org.slf4j</groupId>
- <artifactId>jul-to-slf4j</artifactId>
- </exclusion>
- <exclusion>
- <groupId>org.slf4j</groupId>
- <artifactId>log4j-over-slf4j</artifactId>
- </exclusion>
- </exclusions>
- </dependency>
- <dependency>
- <groupId>org.opensaml</groupId>
- <artifactId>openws</artifactId>
- <version>1.4.4</version>
- <exclusions>
- <exclusion>
- <groupId>org.slf4j</groupId>
- <artifactId>jcl-over-slf4j</artifactId>
- </exclusion>
- <exclusion>
- <groupId>org.slf4j</groupId>
- <artifactId>jul-to-slf4j</artifactId>
- </exclusion>
- <exclusion>
- <groupId>org.slf4j</groupId>
- <artifactId>log4j-over-slf4j</artifactId>
- </exclusion>
- </exclusions>
- </dependency>
- <dependency>
- <groupId>org.slf4j</groupId>
- <artifactId>slf4j-log4j12</artifactId>
- <version>1.6.4</version>
- <!-- scope>runtime</scope -->
- </dependency>
- </dependencies>
-</project> \ No newline at end of file
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/mw/messages/saml/STORKAuthnRequest.java b/id/server/stork-saml-engine/src/main/java/eu/stork/mw/messages/saml/STORKAuthnRequest.java
deleted file mode 100644
index b84721ff5..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/mw/messages/saml/STORKAuthnRequest.java
+++ /dev/null
@@ -1,139 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.mw.messages.saml;
-
-import java.security.cert.X509Certificate;
-import java.util.List;
-
-import org.opensaml.saml2.core.AuthnRequest;
-import org.opensaml.saml2.metadata.RequestedAttribute;
-import org.opensaml.xml.XMLObject;
-
-/**
- * Interface extending a SAML AuthnRequest by additional attributes required by STORK
- * @author bzwattendorfer
- *
- */
-public interface STORKAuthnRequest extends AuthnRequest {
-
- /**
- * Sets the ID of the requesting Service Provider
- * @param spID ID of the Service Provider
- */
- public void setSPID(String spID);
-
- /**
- * Gets the ID of the Service Provider
- * @return ID of the Service Provider
- */
- public String getSPID();
-
- /**
- * Sets the citizen country code
- * @param citizenCountryCode citizen country code
- */
- public void setCitizenCountryCode(String citizenCountryCode);
-
- /**
- * Gets the citizen country code
- * @return citizen country code
- */
- public String getCitizenCountryCode();
-
- /**
- * Sets the final redirect URL
- * @param finalRedirectURL Final redirect URL
- */
- public void setFinalRedirectURL(String finalRedirectURL);
-
- /**
- * Gets the final redirect URL
- * @return final redirect URL
- */
- public String getFinalRedirectURL();
-
- /**
- * Sets the signing certificate of the service provider
- * @param signingCertificate Signing certificate of the SP
- */
- public void setSPCertSig(X509Certificate signingCertificate);
-
- /**
- * Gets the signing certificate of the service provider
- * @return signing certificate of the service provider
- */
- public X509Certificate getSPCertSig();
-
- /**
- * Sets the encryption certificate of the service provider
- * @param encryptionCertificate encryption certificate of the SP
- */
- public void setSPCertEnc(X509Certificate encryptionCertificate);
-
- /**
- * Gets the encryption certificate of the service provider
- * @return encryption certificate of the SP
- */
- public X509Certificate getSPCertEnc();
-
-
- /**
- * Sets the original authentication request of the service provider
- * @param spAuthRequest original SP authentication request
- */
- public void setOriginalSPAuthRequest(XMLObject spAuthRequest);
-
- /**
- * Gets the original authentication request of the service provider
- * @return original SP authentication request
- */
- public XMLObject getOriginalSPAuthRequest();
-
- /**
- * Sets the requested STORK QAA level
- * @param authLevel Requested STORK QAA level
- */
- public void setQAALevel(int authLevel);
-
- /**
- * Gets the requested STORK QAA level
- * @return Requested STORK QAA level
- */
- public int getQAALevel();
-
- /**
- * Gets a list of requested attributes
- * @return List containg all requested attributes
- */
- public List<RequestedAttribute> getRequestedAttributes();
-
- /**
- * Sets the requested attributes
- * @param requestedAttributesList List containg all requested attributes
- */
- public void setRequestedAttributes(List<RequestedAttribute> requestedAttributesList);
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/mw/messages/saml/STORKResponse.java b/id/server/stork-saml-engine/src/main/java/eu/stork/mw/messages/saml/STORKResponse.java
deleted file mode 100644
index 28de6068b..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/mw/messages/saml/STORKResponse.java
+++ /dev/null
@@ -1,52 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-/**
- *
- */
-package eu.stork.mw.messages.saml;
-
-import org.opensaml.saml2.core.Response;
-
-/**
- * Interface extending a SAML Response by attributes required by STORK
- * @author bzwattendorfer
- *
- */
-public interface STORKResponse extends Response {
-
- /**
- * Sets the QAA level by which the user has been authenticated
- * @param authLevel STORK QAA level used for authentication
- */
- public void setQAALevel(int authLevel);
-
- /**
- * Gets the QAA level by which the user has been authenticated
- * @return STORK QAA level used for authentication
- */
- public int getQAALevel();
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/builder/STORKMessagesBuilder.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/builder/STORKMessagesBuilder.java
deleted file mode 100644
index 2f9a19620..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/builder/STORKMessagesBuilder.java
+++ /dev/null
@@ -1,1367 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-/**
- *
- */
-package eu.stork.vidp.messages.builder;
-
-import java.security.NoSuchAlgorithmException;
-import java.security.cert.CertificateEncodingException;
-import java.security.cert.X509Certificate;
-import java.util.ArrayList;
-import java.util.List;
-
-import javax.xml.namespace.QName;
-
-import org.apache.commons.lang.StringUtils;
-import org.joda.time.DateTime;
-import org.opensaml.Configuration;
-import org.opensaml.common.IdentifierGenerator;
-import org.opensaml.common.SAMLObject;
-import org.opensaml.common.SAMLObjectBuilder;
-import org.opensaml.common.SAMLVersion;
-import org.opensaml.common.impl.SecureRandomIdentifierGenerator;
-import org.opensaml.common.xml.SAMLConstants;
-import org.opensaml.saml2.core.Assertion;
-import org.opensaml.saml2.core.Attribute;
-import org.opensaml.saml2.core.AttributeStatement;
-import org.opensaml.saml2.core.AttributeValue;
-import org.opensaml.saml2.core.Audience;
-import org.opensaml.saml2.core.AudienceRestriction;
-import org.opensaml.saml2.core.AuthnContext;
-import org.opensaml.saml2.core.AuthnStatement;
-import org.opensaml.saml2.core.Conditions;
-import org.opensaml.saml2.core.Issuer;
-import org.opensaml.saml2.core.NameID;
-import org.opensaml.saml2.core.OneTimeUse;
-import org.opensaml.saml2.core.Status;
-import org.opensaml.saml2.core.StatusCode;
-import org.opensaml.saml2.core.StatusDetail;
-import org.opensaml.saml2.core.StatusMessage;
-import org.opensaml.saml2.core.Subject;
-import org.opensaml.saml2.core.SubjectConfirmation;
-import org.opensaml.saml2.core.SubjectConfirmationData;
-import org.opensaml.saml2.core.SubjectLocality;
-import org.opensaml.saml2.metadata.RequestedAttribute;
-import org.opensaml.ws.soap.common.SOAPObject;
-import org.opensaml.ws.soap.common.SOAPObjectBuilder;
-import org.opensaml.xml.XMLObject;
-import org.opensaml.xml.XMLObjectBuilder;
-import org.opensaml.xml.schema.XSAny;
-import org.opensaml.xml.schema.XSString;
-import org.opensaml.xml.schema.impl.XSAnyBuilder;
-import org.opensaml.xml.schema.impl.XSStringBuilder;
-import org.opensaml.xml.signature.KeyInfo;
-import org.opensaml.xml.signature.X509Data;
-import org.opensaml.xml.util.Base64;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import eu.stork.mw.messages.saml.STORKAuthnRequest;
-import eu.stork.mw.messages.saml.STORKResponse;
-import eu.stork.vidp.messages.common.STORKConstants;
-import eu.stork.vidp.messages.saml.STORKAttribute;
-import eu.stork.vidp.messages.saml.STORKAttributeValue;
-import eu.stork.vidp.messages.saml.STORKExtensions;
-import eu.stork.vidp.messages.saml.STORKRequestedAttribute;
-import eu.stork.vidp.messages.stork.AuthenticationAttributes;
-import eu.stork.vidp.messages.stork.CitizenCountryCode;
-import eu.stork.vidp.messages.stork.EIDCrossBorderShare;
-import eu.stork.vidp.messages.stork.EIDCrossSectorShare;
-import eu.stork.vidp.messages.stork.EIDSectorShare;
-import eu.stork.vidp.messages.stork.QualityAuthenticationAssuranceLevel;
-import eu.stork.vidp.messages.stork.RequestedAttributes;
-import eu.stork.vidp.messages.stork.SPAuthRequest;
-import eu.stork.vidp.messages.stork.SPCertEnc;
-import eu.stork.vidp.messages.stork.SPCertSig;
-import eu.stork.vidp.messages.stork.SPCertType;
-import eu.stork.vidp.messages.stork.SPID;
-import eu.stork.vidp.messages.stork.SPInformation;
-import eu.stork.vidp.messages.stork.SpApplication;
-import eu.stork.vidp.messages.stork.SpCountry;
-import eu.stork.vidp.messages.stork.SpInstitution;
-import eu.stork.vidp.messages.stork.SpSector;
-import eu.stork.vidp.messages.stork.VIDPAuthenticationAttributes;
-
-/**
- * Class providing several methods for SAML Object generation
- * @author bzwattendorfer
- *
- */
-public class STORKMessagesBuilder {
-
- final static Logger log = LoggerFactory.getLogger(STORKMessagesBuilder.class);
-
- /**
- * Builds an arbitrary OpenSAML XML object
- * @param <T> OpenSAML XMLObject
- * @param objectQName QName of the XML element
- * @return Builded OpenSAML XMLObject
- */
- @SuppressWarnings("unchecked")
- public static <T extends XMLObject> T buildXMLObject(QName objectQName) {
-
- try {
- XMLObjectBuilder<T> builder = (XMLObjectBuilder<T>) Configuration.getBuilderFactory().getBuilder(objectQName);
- return builder.buildObject(objectQName.getNamespaceURI(), objectQName.getLocalPart(), objectQName.getPrefix());
- } catch (Exception e) {
- log.error("Cannot build XML Object {}: {}", objectQName.getLocalPart(), e);
- throw new RuntimeException(e);
- }
-
- }
-
- /**
- * Builds a SOAP object
- * @param <T> SOAP Object or any extensions
- * @param objectQName QName of the XML element
- * @return SOAP Object or any extensions
- */
- @SuppressWarnings("unchecked")
- public static <T extends SOAPObject> T buildSOAPObject(QName objectQName) {
-
- try {
- SOAPObjectBuilder<T> builder = (SOAPObjectBuilder<T>) Configuration.getBuilderFactory().getBuilder(objectQName);
- return builder.buildObject();
- } catch (Exception e) {
- log.error("Cannot build SOAP Object {}: {}", objectQName.getLocalPart(), e);
- throw new RuntimeException(e);
- }
-
- }
-
- /**
- * Builds an arbitrary OpenSAML SAML object
- * @param <T> OpenSAML SAML Object
- * @param objectQName QName of the SAML element
- * @return Builded OpenSAML SAML Object
- */
- @SuppressWarnings("unchecked")
- public static <T extends SAMLObject> T buildSAMLObject(QName objectQName) {
-
- try {
- SAMLObjectBuilder<T> builder = (SAMLObjectBuilder<T>) Configuration.getBuilderFactory().getBuilder(objectQName);
- return builder.buildObject();
- } catch (Exception e) {
- log.error("Cannot build SAML Object {}: {}", objectQName.getLocalPart(), e);
- throw new RuntimeException(e);
- }
-
- }
-
-
-
- /**
- * Builds SAML Issuer object
- * @param issuerValue Value for the issuer element
- * @return Issuer object
- */
- public static Issuer buildIssuer(String issuerValue) {
- if (StringUtils.isEmpty(issuerValue))
- return null;
-
- Issuer issuer = buildXMLObject(Issuer.DEFAULT_ELEMENT_NAME);
- issuer.setValue(issuerValue);
- issuer.setFormat(Issuer.ENTITY);
-
- return issuer;
- }
-
- /**
- * Builds a QualityAuthenticationAssuranceLevel object
- * @param qaaValue QAALevel (1 to 4)
- * @return QualityAuthenticationAssuranceLevel object
- */
- public static QualityAuthenticationAssuranceLevel buildQualityAuthenticationAssuranceLevel(int qaaValue) {
- if (qaaValue < 1 || qaaValue > 4) {
- log.error("QAA Level must be between 1 and 4.");
- return null;
- }
-
- QualityAuthenticationAssuranceLevel qaaLevel = buildXMLObject(QualityAuthenticationAssuranceLevel.DEFAULT_ELEMENT_NAME);
- qaaLevel.setValue(qaaValue);
- return qaaLevel;
- }
-
- /**
- * Builds a STORK RequestedAttribute object
- * @param name Name of the RequesteAttribute
- * @param isRequired true or false if RequestedAttribute is required
- * @param value Value of RequestedAttribute
- * @return STORK RequestedAttribute object
- */
- public static RequestedAttribute buildRequestedAttribute(String name, boolean isRequired, String value) {
-
- RequestedAttribute reqAttribute = buildXMLObject(STORKRequestedAttribute.DEFAULT_ELEMENT_NAME);
- reqAttribute.setName(name);
- reqAttribute.setNameFormat(STORKRequestedAttribute.URI_REFERENCE);
- reqAttribute.setIsRequired(isRequired);
-
- if (!StringUtils.isEmpty(value)) {
- XSString stringValue = buildXSString(STORKAttributeValue.DEFAULT_ELEMENT_NAME);
- stringValue.setValue(value);
- reqAttribute.getAttributeValues().add(stringValue);
- }
-
- return reqAttribute;
- }
-
- /**
- * Builds XML String type object with given QName
- * @param qname QName for object to build
- * @return XML object as String type
- */
- public static XSString buildXSString(QName qname) {
- XSStringBuilder stringBuilder = (XSStringBuilder) Configuration.getBuilderFactory().getBuilder(XSString.TYPE_NAME);
- return stringBuilder.buildObject(qname, XSString.TYPE_NAME);
- }
-
- /**
- * Builds XML Any type object with given QName
- * @param qname QName for object to build
- * @return XML object as Any type
- */
- public static XSAny buildXSAny(QName qname) {
- XSAnyBuilder anyBuilder = (XSAnyBuilder) Configuration.getBuilderFactory().getBuilder(XSAny.TYPE_NAME);
- return anyBuilder.buildObject(qname, XSAny.TYPE_NAME);
- }
-
- /**
- * Builds a List of RequestedAttribute
- * @param requestedAttributeArguments RequestedAttributes
- * @return List of RequestedAttribute
- */
- public static RequestedAttributes buildRequestedAttributes(RequestedAttribute... requestedAttributeArguments) {
-
- if (requestedAttributeArguments == null)
- return null;
-
- RequestedAttributes reqAttributes = buildXMLObject(RequestedAttributes.DEFAULT_ELEMENT_NAME);
-
- for (RequestedAttribute reqAttr : requestedAttributeArguments) {
- reqAttributes.getRequestedAttributes().add(reqAttr);
- }
-
- return reqAttributes;
- }
-
- /**
- * Builds RequestedAttributes object out of list of RequestedAttribute
- * @param requestedAttributeList List of RequestedAttribute
- * @return RequestedAttributes object
- */
- public static RequestedAttributes buildRequestedAttributes(List<RequestedAttribute> requestedAttributeList) {
- if (requestedAttributeList == null)
- return null;
-
- RequestedAttributes reqAttributes = buildXMLObject(RequestedAttributes.DEFAULT_ELEMENT_NAME);
- reqAttributes.getRequestedAttributes().addAll(requestedAttributeList);
-
- return reqAttributes;
- }
-
- /**
- * Builds a STORK CitizenCountryCode object
- * @param ccc ISO country code
- * @return CitizenCountryCode object
- */
- public static CitizenCountryCode buildCitizenCountryCode(String ccc) {
- if (StringUtils.isEmpty(ccc)) {
- log.error("CitizenCountryCode must have a value.");
- return null;
- }
-
- CitizenCountryCode citizenCountryCode = buildXMLObject(CitizenCountryCode.DEFAULT_ELEMENT_NAME);
- citizenCountryCode.setValue(ccc);
-
- return citizenCountryCode;
- }
-
- /**
- * Builds a SPID object
- * @param spIDString String to be used as SPID
- * @return SPID object
- */
- public static SPID buildSPID(String spIDString) {
- if (StringUtils.isEmpty(spIDString)) {
- log.error("SPID must have a value.");
- return null;
- }
-
- SPID spID = buildXMLObject(SPID.DEFAULT_ELEMENT_NAME);
- spID.setValue(spIDString);
-
- return spID;
- }
-
- /**
- * Builds SPCertType
- * @param cert X509Certificate
- * @return SPCertType
- */
- private static SPCertType buildSPCertType(X509Certificate cert) {
- SPCertType spCertType = buildXMLObject(SPCertType.TYPE_NAME);
- KeyInfo keyInfo = buildXMLObject(KeyInfo.DEFAULT_ELEMENT_NAME);
- X509Data x509DataElem = buildXMLObject(X509Data.DEFAULT_ELEMENT_NAME);
- org.opensaml.xml.signature.X509Certificate x509CertElem = buildXMLObject(org.opensaml.xml.signature.X509Certificate.DEFAULT_ELEMENT_NAME);
-
- try {
- x509CertElem.setValue(Base64.encodeBytes(cert.getEncoded()));
- } catch (CertificateEncodingException e) {
- log.error("Cannot encode certificate.", e);
- throw new RuntimeException(e);
- }
-
- x509DataElem.getX509Certificates().add(x509CertElem);
- keyInfo.getX509Datas().add(x509DataElem);
- spCertType.setKeyInfo(keyInfo);
- return spCertType;
- }
-
- /**
- * Builds SPCertSig object
- * @param cert X509Certificate
- * @return SPCertSig
- */
- public static SPCertSig buildSPCertSig(X509Certificate cert) {
- return (SPCertSig) buildSPCertType(cert);
- }
-
- /**
- * Builds SPCertEnc object
- * @param cert X509Certificate
- * @return SPCertEnc
- */
- public static SPCertEnc buildSPCertEnc(X509Certificate cert) {
- return (SPCertEnc) buildSPCertType(cert);
- }
-
- /**
- * Builds SPAuthRequest object
- * @param xmlObject Abritrary XML object
- * @return SPAuthRequest
- */
- public static SPAuthRequest buildSPAuthRequest(XMLObject xmlObject) {
- SPAuthRequest authRequest = buildXMLObject(SPAuthRequest.DEFAULT_ELEMENT_NAME);
- authRequest.getUnknownXMLObjects().add(xmlObject);
- return authRequest;
- }
-
- /**
- * Builds SPInformation object
- * @param spIDString SPID
- * @param sigCert SP signature certificate
- * @param encCert SP encryption certificate
- * @param spAuthRequest Original SP AuthnRequest
- * @return SPInformations
- */
- public static SPInformation buildSPInformation(String spIDString, X509Certificate sigCert, X509Certificate encCert, XMLObject spAuthRequest) {
-
- SPInformation spInformation = buildXMLObject(SPInformation.DEFAULT_ELEMENT_NAME);
-
- SPID spID = buildSPID(spIDString);
- spInformation.setSPID(spID);
-
- if (sigCert != null) {
- SPCertSig spCertSig = buildSPCertSig(sigCert);
- spInformation.setSPCertSig(spCertSig);
- }
-
- if (encCert != null) {
- SPCertEnc spCertEnc = buildSPCertEnc(encCert);
- spInformation.setSPCertEnc(spCertEnc);
- }
-
- if (spAuthRequest != null) {
- SPAuthRequest spAuthRequestElem = buildSPAuthRequest(spAuthRequest);
- spInformation.setSPAuthRequest(spAuthRequestElem);
- }
-
- return spInformation;
-
- }
-
- /**
- * Builds VIDPAuthenticationAttributes objext
- * @param ccc ISO citizen country code
- * @param spIDString SPID
- * @param sigCert SP signature certificate
- * @param encCert SP encryption certificate
- * @param spAuthRequest Original SP AuthnRequest
- * @return VIDPAuthenticationAttributes
- */
- public static VIDPAuthenticationAttributes buildVIDPAuthenticationAttributes(String ccc, String spIDString, X509Certificate sigCert, X509Certificate encCert, XMLObject spAuthRequest) {
- VIDPAuthenticationAttributes vidpAuthenticationAttributes = buildXMLObject(VIDPAuthenticationAttributes.DEFAULT_ELEMENT_NAME);
-
- CitizenCountryCode citizenCountryCode = buildCitizenCountryCode(ccc);
- SPInformation spInformation = buildSPInformation(spIDString, sigCert, encCert, spAuthRequest);
-
- vidpAuthenticationAttributes.setCitizenCountryCode(citizenCountryCode);
- vidpAuthenticationAttributes.setSPInformation(spInformation);
-
- return vidpAuthenticationAttributes;
- }
-
- /**
- * Builds AuthenticationAttributes object
- * @param ccc ISO citizen country code
- * @param spIDString SPID
- * @param sigCert SP signature certificate
- * @param encCert SP encryption certificate
- * @param spAuthRequest Original SP AuthnRequest
- * @return AuthenticationAttributes
- */
- public static AuthenticationAttributes buildAuthenticationAttributes(String ccc, String spIDString, X509Certificate sigCert, X509Certificate encCert, XMLObject spAuthRequest) {
- AuthenticationAttributes authenticationAttributes = buildXMLObject(AuthenticationAttributes.DEFAULT_ELEMENT_NAME);
-
- VIDPAuthenticationAttributes vidpAuthenticationAttributes = buildVIDPAuthenticationAttributes(ccc, spIDString, sigCert, encCert, spAuthRequest);
-
- authenticationAttributes.setVIDPAuthenticationAttributes(vidpAuthenticationAttributes);
- return authenticationAttributes;
-
- }
-
- /**
- * Builds SpSector object
- * @param spSector Value SPSector value
- * @return SpSector
- */
- public static SpSector buildSpSector(String spSectorValue) {
-
- SpSector spSector = buildXMLObject(SpSector.DEFAULT_ELEMENT_NAME);
- spSector.setValue(spSectorValue);
-
- return spSector;
- }
-
- /**
- * Builds SpInstitution object
- * @param spInstitutionValue Value for SpInstitution
- * @return SpInstitution
- */
- public static SpInstitution buildSpInstitution(String spInstitutionValue) {
-
- SpInstitution spInstitution = buildXMLObject(SpInstitution.DEFAULT_ELEMENT_NAME);
- spInstitution.setValue(spInstitutionValue);
-
- return spInstitution;
- }
-
-
- /**
- * Builds SpApplication object
- * @param spApplicationValue Value for SpApplication
- * @return SpApplication
- */
- public static SpApplication buildSpApplication(String spApplicationValue) {
-
- SpApplication spApplication = buildXMLObject(SpApplication.DEFAULT_ELEMENT_NAME);
- spApplication.setValue(spApplicationValue);
-
- return spApplication;
- }
-
- /**
- * Builds SpCountry object
- * @param spCountryValue ISO Code Value for SpCountry
- * @return SpCountry
- */
- public static SpCountry buildSpCountry(String spCountryValue) {
-
- SpCountry spCountry = buildXMLObject(SpCountry.DEFAULT_ELEMENT_NAME);
- spCountry.setValue(spCountryValue);
-
- return spCountry;
- }
-
- /**
- * Generates secured randomized ID for SAML Messages
- * @return secured randomized ID
- */
- public static String generateID() {
- try {
- IdentifierGenerator idGenerator = new SecureRandomIdentifierGenerator();
- return idGenerator.generateIdentifier();
- } catch (NoSuchAlgorithmException e) {
- log.error("Cannot generate id", e);
- throw new RuntimeException(e);
-
- }
-
- }
-
- /**
- * Builds STORKAuthnRequest object
- * @param destination Endpoint for AuthnRequest
- * @param acsURL Endpoint where STORK response wants to be received
- * @param providerName Provider Name
- * @param issuerValue Value for Issuer element
- * @param qaaLevel STORK QAALevel
- * @param requestedAttributes Attributes to be requested
- * @param spSector SPSector
- * @param spInstitution SPInstitution
- * @param spApplication SPApplication
- * @param spCountry SPCountry
- * @return STORKAuthnRequest
- */
- public static STORKAuthnRequest buildSTORKAuthnRequest(
- String destination,
- String acsURL,
- String providerName,
- String issuerValue,
- QualityAuthenticationAssuranceLevel qaaLevel,
- RequestedAttributes requestedAttributes,
- String spSector,
- String spInstitution,
- String spApplication,
- String spCountry) {
-
- //fixed values
- String consent = STORKAuthnRequest.UNSPECIFIED_CONSENT;
- boolean forceAuthn = true;
- boolean isPassive = false;
- String binding = SAMLConstants.SAML2_POST_BINDING_URI;
- boolean eIDSectorShare = true;
- boolean eIDCrossSectorShare = true;
- boolean eIDCrossBorderShare = false;
-
- STORKAuthnRequest authnRequest = buildXMLObject(STORKAuthnRequest.DEFAULT_ELEMENT_NAME);
-
- authnRequest.setVersion(SAMLVersion.VERSION_20);
- authnRequest.setID(generateID());
- authnRequest.setIssueInstant(new DateTime());
-
- authnRequest.setConsent(consent);
- authnRequest.setForceAuthn(forceAuthn);
- authnRequest.setIsPassive(isPassive);
- authnRequest.setProtocolBinding(binding);
-
- authnRequest.setDestination(destination);
- authnRequest.setAssertionConsumerServiceURL(acsURL);
- authnRequest.setProviderName(providerName);
- authnRequest.setIssuer(buildIssuer(issuerValue));
-
- STORKExtensions extensions = buildSTORKExtensions();
-
- authnRequest.setQAALevel(qaaLevel.getValue());
- extensions.setQAALevel(qaaLevel);
-
- authnRequest.setRequestedAttributes(requestedAttributes.getRequestedAttributes());
- extensions.setRequestedAttributes(requestedAttributes);
-
- EIDSectorShare eidSectorShareObj = buildXMLObject(EIDSectorShare.DEFAULT_ELEMENT_NAME);
- eidSectorShareObj.setValue(eIDSectorShare);
-
- EIDCrossSectorShare eidCrossSectorShareObj = buildXMLObject(EIDCrossSectorShare.DEFAULT_ELEMENT_NAME);
- eidCrossSectorShareObj.setValue(eIDCrossSectorShare);
-
- EIDCrossBorderShare eidCrossBorderShareObj = buildXMLObject(EIDCrossBorderShare.DEFAULT_ELEMENT_NAME);
- eidCrossBorderShareObj.setValue(eIDCrossBorderShare);
-
- SpSector spSectorObj = buildSpSector(spSector);
- SpInstitution spInstitutionObj = buildSpInstitution(spInstitution);
- SpApplication spApplicationObj = buildSpApplication(spApplication);
- SpCountry spCountryObj = buildSpCountry(spCountry);
-
-
- extensions.getUnknownXMLObjects().add(qaaLevel);
- extensions.getUnknownXMLObjects().add(spSectorObj);
- extensions.getUnknownXMLObjects().add(spInstitutionObj);
- extensions.getUnknownXMLObjects().add(spApplicationObj);
- extensions.getUnknownXMLObjects().add(spCountryObj);
- extensions.getUnknownXMLObjects().add(eidSectorShareObj);
- extensions.getUnknownXMLObjects().add(eidCrossSectorShareObj);
- extensions.getUnknownXMLObjects().add(eidCrossBorderShareObj);
- extensions.getUnknownXMLObjects().add(requestedAttributes);
-
- authnRequest.setExtensions(extensions);
-
- return authnRequest;
- }
-
- /**
- * Builds STORKAuthnRequest object
- * @param destination Endpoint for AuthnRequest
- * @param acsURL Endpoint where STORK response wants to be received
- * @param providerName Provider Name
- * @param issuerValue Value for Issuer element
- * @param qaaLevel STORK QAALevel
- * @param requestedAttributeList List of STORK attributes to be requested
- * @param ccc ISO citizen country code
- * @param spIDString SPID
- * @param sigCert SP signature certificate
- * @param encCert SP encryption certificate
- * @param spAuthRequest Original SP AuthnRequest
- * @param spSector SPSector
- * @param spInstitution SPInstitution
- * @param spApplication SPApplication
- * @param spCountry SPCountry
- * @return STORKAuthnRequest
- */
- public static STORKAuthnRequest buildSTORKAuthnRequest(
- String destination,
- String acsURL,
- String providerName,
- String issuerValue,
- int qaaLevel,
- List<RequestedAttribute> requestedAttributeList,
- String ccc,
- String spID,
- X509Certificate sigCert,
- X509Certificate encCert,
- XMLObject spAuthRequest,
- String spSector,
- String spInstitution,
- String spApplication,
- String spCountry) {
-
- //fixed values via config
- String consent = STORKAuthnRequest.UNSPECIFIED_CONSENT;
- boolean forceAuthn = true;
- boolean isPassive = false;
- String binding = SAMLConstants.SAML2_POST_BINDING_URI;
- boolean eIDSectorShare = true;
- boolean eIDCrossSectorShare = true;
- boolean eIDCrossBorderShare = false;
-
- return buildSTORKAuthnRequest(consent, forceAuthn, isPassive, binding, eIDSectorShare, eIDCrossSectorShare, eIDCrossBorderShare, destination, acsURL, providerName, issuerValue, qaaLevel, requestedAttributeList, ccc, spID, sigCert, encCert, spAuthRequest, spSector, spInstitution, spApplication, spCountry);
-
- }
-
- /**
- * Builds STORKAuthnRequest object
- * @param consent Consent for the request
- * @param forceAuthn forceAuthn
- * @param isPassive isPassive
- * @param binding Binding the request is sent over
- * @param eIDSectorShare Should eIdentifier be shared?
- * @param eIDCrossSectorShare Should eIdentifier be shared across sectors?
- * @param eIDCrossBorderShare Should eIdentifier be shared across borders?
- * @param destination Endpoint for AuthnRequest
- * @param acsURL Endpoint where STORK response wants to be received
- * @param providerName Provider Name
- * @param issuerValue Value for Issuer element
- * @param qaaLevel STORK QAALevel
- * @param requestedAttributeList List of STORK attributes to be requested
- * @param ccc ISO citizen country code
- * @param spIDString SPID
- * @param sigCert SP signature certificate
- * @param encCert SP encryption certificate
- * @param spAuthRequest Original SP AuthnRequest
- * @param spSector SPSector
- * @param spInstitution SPInstitution
- * @param spApplication SPApplication
- * @param spCountry SPCountry
- * @return STORKAuthnRequest
- */
- public static STORKAuthnRequest buildSTORKAuthnRequest(
- String consent,
- boolean forceAuthn,
- boolean isPassive,
- String binding,
- boolean eIDSectorShare,
- boolean eIDCrossSectorShare,
- boolean eIDCrossBorderShare,
- String destination,
- String acsURL,
- String providerName,
- String issuerValue,
- int qaaLevel,
- List<RequestedAttribute> requestedAttributeList,
- String ccc,
- String spID,
- X509Certificate sigCert,
- X509Certificate encCert,
- XMLObject spAuthRequest,
- String spSector,
- String spInstitution,
- String spApplication,
- String spCountry) {
-
- STORKAuthnRequest authnRequest = buildXMLObject(STORKAuthnRequest.DEFAULT_ELEMENT_NAME);
-
- authnRequest.setVersion(SAMLVersion.VERSION_20);
- authnRequest.setID(generateID());
- authnRequest.setIssueInstant(new DateTime());
-
- authnRequest.setDestination(destination);
- authnRequest.setAssertionConsumerServiceURL(acsURL);
- authnRequest.setProviderName(providerName);
- authnRequest.setIssuer(buildIssuer(issuerValue));
- authnRequest.setQAALevel(qaaLevel);
- authnRequest.setRequestedAttributes(requestedAttributeList);
- authnRequest.setCitizenCountryCode(ccc);
- authnRequest.setSPID(spID);
- authnRequest.setSPCertSig(sigCert);
- authnRequest.setSPCertEnc(encCert);
- authnRequest.setOriginalSPAuthRequest(spAuthRequest);
-
- authnRequest.setConsent(consent);
- authnRequest.setForceAuthn(forceAuthn);
- authnRequest.setIsPassive(isPassive);
- authnRequest.setProtocolBinding(binding);
-
- addSTORKExtensionsToAuthnRequest(authnRequest, qaaLevel, requestedAttributeList, ccc, spID, sigCert, encCert, spAuthRequest, eIDSectorShare, eIDCrossSectorShare, eIDCrossBorderShare, spSector, spInstitution, spApplication, spCountry);
-
- return authnRequest;
-
- }
-
- /**
- * Adds STORK Extensions to STORKAuthnRequest
- * @param authnRequest
- * @param qaaLevel STORK QAALevel
- * @param requestedAttributeList List of STORK attributes to be requested
- * @param ccc ISO citizen country code
- * @param spIDString SPID
- * @param sigCert SP signature certificate
- * @param encCert SP encryption certificate
- * @param spAuthRequest Original SP AuthnRequest
- * @param spSector SPSector
- * @param spInstitution SPInstitution
- * @param spApplication SPApplication
- * @param spCountry SPCountry
- */
- public static void addSTORKExtensionsToAuthnRequest(
- STORKAuthnRequest authnRequest,
- int qaaLevel,
- List<RequestedAttribute> requestedAttributeList,
- String ccc,
- String spID,
- X509Certificate sigCert,
- X509Certificate encCert,
- XMLObject spAuthRequest,
- boolean eIDSectorShare,
- boolean eIDCrossSectorShare,
- boolean eIDCrossBorderShare,
- String spSector,
- String spInstitution,
- String spApplication,
- String spCountry) {
-
- STORKExtensions extensions = buildSTORKExtensions();
- authnRequest.setRequestedAttributes(requestedAttributeList);
-
- QualityAuthenticationAssuranceLevel qaaLevelObj = buildQualityAuthenticationAssuranceLevel(qaaLevel);
- RequestedAttributes requestedAttributesObj = buildRequestedAttributes(requestedAttributeList);
- AuthenticationAttributes authenticationAttributesObj = buildAuthenticationAttributes(ccc, spID, sigCert, encCert, spAuthRequest);
-
- EIDSectorShare eidSectorShareObj = buildXMLObject(EIDSectorShare.DEFAULT_ELEMENT_NAME);
- eidSectorShareObj.setValue(eIDSectorShare);
-
- EIDCrossSectorShare eidCrossSectorShareObj = buildXMLObject(EIDCrossSectorShare.DEFAULT_ELEMENT_NAME);
- eidCrossSectorShareObj.setValue(eIDCrossSectorShare);
-
- EIDCrossBorderShare eidCrossBorderShareObj = buildXMLObject(EIDCrossBorderShare.DEFAULT_ELEMENT_NAME);
- eidCrossBorderShareObj.setValue(eIDCrossBorderShare);
-
- SpSector spSectorObj = buildSpSector(spSector);
- SpApplication spApplicationObj = buildSpApplication(spApplication);
- SpCountry spCountryObj = buildSpCountry(spCountry);
-
- extensions.setQAALevel(qaaLevelObj);
- extensions.setRequestedAttributes(requestedAttributesObj);
- extensions.setAuthenticationAttributes(authenticationAttributesObj);
-
- extensions.getUnknownXMLObjects().add(qaaLevelObj);
- extensions.getUnknownXMLObjects().add(spSectorObj);
- extensions.getUnknownXMLObjects().add(spApplicationObj);
- extensions.getUnknownXMLObjects().add(spCountryObj);
- extensions.getUnknownXMLObjects().add(eidSectorShareObj);
- extensions.getUnknownXMLObjects().add(eidCrossSectorShareObj);
- extensions.getUnknownXMLObjects().add(eidCrossBorderShareObj);
- extensions.getUnknownXMLObjects().add(requestedAttributesObj);
- extensions.getUnknownXMLObjects().add(authenticationAttributesObj);
-
- authnRequest.setExtensions(extensions);
-
- }
-
-
- /**
- * Builds STORKExtensions object
- * @return STORKExtensions
- */
- public static STORKExtensions buildSTORKExtensions() {
- QName samlProtocolExtensions = new QName(SAMLConstants.SAML20P_NS, STORKExtensions.LOCAL_NAME, SAMLConstants.SAML20P_PREFIX);
- return buildXMLObject(samlProtocolExtensions);
- }
-
- /**
- * Builds STORKResponse
- * @param destination Endpoint where the STORKResponse should be sent to
- * @param inResponseTo ID of the corresponding AuthnRequest
- * @param issuer Issuer value of the response
- * @param status Status of the response (success, error, etc.)
- * @param assertion SAML assertion to be included
- * @return STORKResponse
- */
- public static STORKResponse buildSTORKResponse(
- String destination,
- String inResponseTo,
- Issuer issuer,
- Status status,
- Assertion assertion) {
-
- STORKResponse response = buildXMLObject(STORKResponse.DEFAULT_ELEMENT_NAME);
-
- response.setDestination(destination);
- response.setInResponseTo(inResponseTo);
- response.setConsent(STORKResponse.OBTAINED_CONSENT);
- response.setID(generateID());
- response.setIssueInstant(new DateTime());
- response.setVersion(SAMLVersion.VERSION_20);
-
- response.setIssuer(issuer);
- response.setStatus(status);
- response.getAssertions().add(assertion);
-
- return response;
- }
-
- /**
- * Build STORKResponse
- * @param destination Endpoint where the STORKResponse should be sent to
- * @param inResponseTo ID of the corresponding AuthnRequest
- * @param issuer Issuer value of the response
- * @param status Status of the response (success, error, etc.)
- * @param statusMessage Status message for the response
- * @param assertion SAML assertion to be included
- * @return STORKResponse
- */
- public static STORKResponse buildSTORKResponse(
- String destination,
- String inResponseTo,
- String issuerString,
- String statusCode,
- String statusMessage,
- Assertion assertion) {
-
- Status status = buildStatus(statusCode, statusMessage);
- Issuer issuer = buildIssuer(issuerString);
-
- return buildSTORKResponse(destination, inResponseTo, issuer, status, assertion);
- }
-
-
- /**
- * Builds a STORKResponse containing no assertion
- * @param destination Endpoint where the STORKResponse should be sent to
- * @param inResponseTo ID of the corresponding AuthnRequest
- * @param issuer Issuer value of the response
- * @param status Status of the response (success, error, etc.)
- * @param statusMessage Status message for the response
- * @return STORKResponse
- */
- public static STORKResponse buildSTORKErrorResponse(
- String destination,
- String inResponseTo,
- String issuerString,
- String statusCode,
- String statusMessage) {
-
- return buildSTORKResponse(destination, inResponseTo, issuerString, statusCode, statusMessage, null);
- }
-
- /**
- * Builds Status object
- * @param statusCodeValue StatusCode
- * @param statusMessageValue StatusMessage
- * @return Status
- */
- public static Status buildStatus(String statusCodeValue, String statusMessageValue) {
- return buildStatus(statusCodeValue, statusMessageValue, null);
- }
-
- /**
- * Builds Status object
- * @param statusCodeValue StatusCode
- * @param statusMessageValue StatusMessage
- * @param detail Detail Message
- * @return Status
- */
- public static Status buildStatus(String statusCodeValue, String statusMessageValue, XMLObject detail) {
- StatusCode statusCode = buildXMLObject(StatusCode.DEFAULT_ELEMENT_NAME);
- statusCode.setValue(statusCodeValue);
-
- StatusMessage statusMessage = buildXMLObject(StatusMessage.DEFAULT_ELEMENT_NAME);
- statusMessage.setMessage(statusMessageValue);
-
- StatusDetail statusDetail = buildXMLObject(StatusDetail.DEFAULT_ELEMENT_NAME);
- statusDetail.getUnknownXMLObjects().add(detail);
-
- Status status = buildXMLObject(Status.DEFAULT_ELEMENT_NAME);
- status.setStatusCode(statusCode);
- status.setStatusMessage(statusMessage);
-
- return status;
-
- }
-
- /**
- * Builds Assertion
- * @param issuer Issuer value for assertion
- * @param subject Subject of assertion
- * @param conditions Conditions of assertion
- * @param authnStatement AuthnStatement
- * @param attributeStatement AttributeAtatement
- * @return Assertion
- */
- public static Assertion buildAssertion(Issuer issuer,
- Subject subject,
- Conditions conditions,
- AuthnStatement authnStatement,
- AttributeStatement attributeStatement) {
- Assertion assertion = buildXMLObject(Assertion.DEFAULT_ELEMENT_NAME);
-
- assertion.setID(generateID());
- assertion.setVersion(SAMLVersion.VERSION_20);
- assertion.setIssueInstant(new DateTime());
-
- assertion.setIssuer(issuer);
- assertion.setSubject(subject);
- assertion.setConditions(conditions);
- assertion.getAuthnStatements().add(authnStatement);
- assertion.getAttributeStatements().add(attributeStatement);
-
- return assertion;
- }
-
- /**
- * Builds Assertion object
- * @param issuerValue Value of the issuer
- * @param nameQualifier nameQualifier
- * @param spNameQualifier spNameQualifier
- * @param spProviderID spProviderID
- * @param ipAddress IP address of the client
- * @param inResponseTo ID of the corresponding AuthnRequest
- * @param notBefore Time before assertion is not valid
- * @param notOnOrAfter Time after assertion is not valid
- * @param recipient Recipient of the assertion
- * @param attributeList Attributes to be included in the assertion
- * @return Assertion
- */
- public static Assertion buildAssertion(
- String issuerValue,
- String nameQualifier,
- String spNameQualifier,
- String spProviderID,
- String ipAddress,
- String inResponseTo,
- DateTime notBefore,
- DateTime notOnOrAfter,
- String recipient,
- List<Attribute> attributeList) {
-
- Issuer issuer = buildIssuer(issuerValue);
- NameID nameID = buildNameID(NameID.UNSPECIFIED, nameQualifier, spNameQualifier, spProviderID, NameID.UNSPECIFIED);
- SubjectConfirmationData scData = buildSubjectConfirmationData(ipAddress, inResponseTo, notOnOrAfter, recipient);
- SubjectConfirmation subjectConfirmation = buildSubjectConfirmation(SubjectConfirmation.METHOD_BEARER, scData);
- Subject subject = buildSubject(nameID, subjectConfirmation);
-
- List<Audience> audienceList = buildAudienceList(recipient);
- Conditions conditions = buildConditions(notBefore, notOnOrAfter, audienceList);
- AuthnStatement authnStatement = buildAuthnStatement(ipAddress);
- AttributeStatement attributeStatement = buildAttributeStatement(attributeList);
-
- return buildAssertion(issuer, subject, conditions, authnStatement, attributeStatement);
- }
-
- /**
- * Builds List of Audience objects
- * @param audiences Audience strings
- * @return List of Audience
- */
- public static List<Audience> buildAudienceList(String... audiences) {
- List<Audience> audienceList = new ArrayList<Audience>();
-
- for (String audienceString : audiences) {
- Audience audience = buildXMLObject(Audience.DEFAULT_ELEMENT_NAME);
- audience.setAudienceURI(audienceString);
- audienceList.add(audience);
- }
-
- return audienceList;
- }
-
- /**
- * Builds NameID object
- * @param format Format of the NameID
- * @param nameQualifier nameQualifier
- * @param spNameQualifier spNameQualifier
- * @param spProviderID spProviderID
- * @param value Value of the NameID
- * @return NameID
- */
- public static NameID buildNameID(String format,
- String nameQualifier,
- String spNameQualifier,
- String spProviderID,
- String value) {
-
- NameID nameID = buildXMLObject(NameID.DEFAULT_ELEMENT_NAME);
-
- nameID.setFormat(format);
- nameID.setNameQualifier(nameQualifier);
- nameID.setSPNameQualifier(spNameQualifier);
- nameID.setSPProvidedID(spProviderID);
- nameID.setValue(value);
-
- return nameID;
-
- }
-
- /**
- * Builds SubjectConfirmation object
- * @param method Method of SubjectConfirmation
- * @param scData SubjectConfirmationData
- * @return SubjectConfirmation
- */
- public static SubjectConfirmation buildSubjectConfirmation(String method, SubjectConfirmationData scData) {
-
- SubjectConfirmation subjectConfirmation = buildXMLObject(SubjectConfirmation.DEFAULT_ELEMENT_NAME);
-
- subjectConfirmation.setMethod(method);
- subjectConfirmation.setSubjectConfirmationData(scData);
-
- return subjectConfirmation;
- }
-
- /**
- * Builds SubjectConfirmationData object
- * @param ipAddress IP address of the client
- * @param inResponseTo ID of the corresponding AuthnRequest
- * @param notOnOrAfter Time after subject is not valid
- * @param recipient recipient of the assertion
- * @return SubjectConfirmationData
- */
- public static SubjectConfirmationData buildSubjectConfirmationData(String ipAddress,
- String inResponseTo,
- DateTime notOnOrAfter,
- String recipient) {
-
- SubjectConfirmationData scData = buildXMLObject(SubjectConfirmationData.DEFAULT_ELEMENT_NAME);
-
- scData.setAddress(ipAddress);
- scData.setInResponseTo(inResponseTo);
- scData.setNotOnOrAfter(notOnOrAfter);
- scData.setRecipient(recipient);
-
- return scData;
-
- }
-
- /**
- * Builds Subject object
- * @param nameID NameID object
- * @param subjectConfirmation SubjectConfirmation
- * @return Subject
- */
- public static Subject buildSubject(NameID nameID, SubjectConfirmation subjectConfirmation) {
-
- Subject subject = buildXMLObject(Subject.DEFAULT_ELEMENT_NAME);
- subject.setNameID(nameID);
- subject.getSubjectConfirmations().add(subjectConfirmation);
-
- return subject;
- }
-
- /**
- * Build Conditions object
- * @param notBefore Time before assertion is not valid
- * @param notOnOrAfter Time after assertion is not valid
- * @param audienceList List of audience
- * @return Conditions
- */
- public static Conditions buildConditions(DateTime notBefore, DateTime notOnOrAfter, List<Audience> audienceList) {
- Conditions conditions = buildXMLObject(Conditions.DEFAULT_ELEMENT_NAME);
-
- conditions.setNotBefore(notBefore);
- conditions.setNotOnOrAfter(notOnOrAfter);
-
- AudienceRestriction audienceRestriction = buildXMLObject(AudienceRestriction.DEFAULT_ELEMENT_NAME);
- audienceRestriction.getAudiences().addAll(audienceList);
- conditions.getAudienceRestrictions().add(audienceRestriction);
-
- OneTimeUse oneTimeUse = buildXMLObject(OneTimeUse.DEFAULT_ELEMENT_NAME);
- conditions.getConditions().add(oneTimeUse);
-
- return conditions;
-
- }
-
- /**
- * Build AuthnStatement object
- * @param authInstant Time instant of authentication
- * @param subjectLocality subjectLocality
- * @param authnContext AuthnContext used
- * @return AuthnStatement
- */
- public static AuthnStatement buildAuthnStatement(DateTime authInstant, SubjectLocality subjectLocality, AuthnContext authnContext) {
- AuthnStatement authnStatement = buildXMLObject(AuthnStatement.DEFAULT_ELEMENT_NAME);
-
- authnStatement.setAuthnInstant(authInstant);
- authnStatement.setSubjectLocality(subjectLocality);
- authnStatement.setAuthnContext(authnContext);
-
- return authnStatement;
- }
-
- /**
- * Build AuthnStatement object
- * @param ipAddress IP address of the client
- * @return AuthnStatement
- */
- public static AuthnStatement buildAuthnStatement(String ipAddress) {
- AuthnStatement authnStatement = buildXMLObject(AuthnStatement.DEFAULT_ELEMENT_NAME);
-
- authnStatement.setAuthnInstant(new DateTime());
-
- SubjectLocality subjectLocality = buildXMLObject(SubjectLocality.DEFAULT_ELEMENT_NAME);
- subjectLocality.setAddress(ipAddress);
- authnStatement.setSubjectLocality(subjectLocality);
-
- AuthnContext authnContext = buildXMLObject(AuthnContext.DEFAULT_ELEMENT_NAME);
- authnStatement.setAuthnContext(authnContext);
-
- return authnStatement;
- }
-
- /**
- * Builds AttributeStatement object
- * @return AttributeStatement
- */
- public static AttributeStatement buildAttributeStatement() {
- return buildXMLObject(AttributeStatement.DEFAULT_ELEMENT_NAME);
- }
-
- /**
- * Builds AttributeStatement object
- * @param attributeList List of attributes
- * @return AttributeStatement
- */
- public static AttributeStatement buildAttributeStatement(List<Attribute> attributeList) {
- AttributeStatement attributeStatement = buildXMLObject(AttributeStatement.DEFAULT_ELEMENT_NAME);
- attributeStatement.getAttributes().addAll(attributeList);
-
- return attributeStatement;
- }
-
- /**
- * Builds STORK String Attribute
- * @param name Attribute Name
- * @param friendlyName friendlyName of Attribute
- * @param value Value of Attribute
- * @param status STORK status of attribute
- * @return STORK String Attribute
- */
- public static Attribute buildSTORKStringAttribute(String name, String friendlyName, String value, String status) {
- XSString xsString = buildXSString(AttributeValue.DEFAULT_ELEMENT_NAME);
- xsString.setValue(value);
-
- return buildAttribute(name, friendlyName, status, xsString);
- }
-
- /**
- * Builds STORK XML Any Attribute
- * @param name Attribute Name
- * @param friendlyName friendlyName of Attribute
- * @param value Value of Attribute
- * @param status STORK status of attribute
- * @return STORK XML Any Attribute
- */
- public static Attribute buildSTORKXMLAttribute(String name, String friendlyName, XMLObject value, String status) {
- XSAny xsAny = buildXMLObject(AttributeValue.DEFAULT_ELEMENT_NAME);
- xsAny.getUnknownXMLObjects().add(value);
-
- return buildAttribute(name, friendlyName, status, xsAny);
- }
-
- /**
- * Builds STORK Attribute
- * @param name Attribute Name
- * @param friendlyName friendlyName of Attribute
- * @param status STORK status of Attribute
- * @param attributeValue Value of the Attribute
- * @return Attribute
- */
- public static Attribute buildAttribute(String name, String friendlyName, String status, XMLObject attributeValue) {
- Attribute attribute = buildXMLObject(STORKAttribute.DEFAULT_ELEMENT_NAME);
-
- attribute.setNameFormat(STORKAttribute.URI_REFERENCE);
- attribute.setFriendlyName(friendlyName);
- attribute.setName(name);
- attribute.getUnknownAttributes().put(STORKAttribute.DEFAULT_STORK_ATTRIBUTE_QNAME, status);
- attribute.getAttributeValues().add(attributeValue);
-
- return attribute;
- }
-
- /**
- * Builds STORK String Attribute
- * @param name Attribute Name
- * @param friendlyName friendlyName of Attribute
- * @param status STORK status of Attribute
- * @param attributeValue Value of the Attribute
- * @return String Attribute
- */
- public static Attribute buildStringAttribute(String name, String friendlyName, String status, String attributeValue) {
- Attribute attribute = buildXMLObject(STORKAttribute.DEFAULT_ELEMENT_NAME);
-
- attribute.setNameFormat(STORKAttribute.URI_REFERENCE);
- attribute.setFriendlyName(friendlyName);
- attribute.setName(name);
- attribute.getUnknownAttributes().put(STORKAttribute.DEFAULT_STORK_ATTRIBUTE_QNAME, status);
-
- XSString xsString = buildXSString(AttributeValue.DEFAULT_ELEMENT_NAME);
- xsString.setValue(attributeValue);
- attribute.getAttributeValues().add(xsString);
-
- return attribute;
- }
-
- /**
- * Builds DSS signature request
- * @param textToBeSigned Text to be included in the DSS request
- * @param mimeType MimeType of the contents
- * @return DSS signature request as String
- */
- public static String buildSignatureRequestString(String textToBeSigned, String mimeType) {
- //MimeType=\"text/plain\"
- //MimeType=\"application/xhtml+xml\"
- String sigRequestString =
- "<dss:SignRequest xmlns:dss=\"urn:oasis:names:tc:dss:1.0:core:schema\" " +
- "RequestID=\"" + generateID() + "\">" +
- "<dss:InputDocuments>" +
- "<dss:Document>" +
- "<dss:Base64Data MimeType=\"" + mimeType + "\">" + Base64.encodeBytes(textToBeSigned.getBytes()) + "</dss:Base64Data>" +
- "</dss:Document>" +
- "</dss:InputDocuments>" +
- "</dss:SignRequest>";
-
- return sigRequestString;
-
- }
-
- /**
- * Builds STORK signedDoc RequestedAttribute
- * @param textToBeSigned Text to be included in the DSS request
- * @param mimeType MimeType of the contents
- * @param isRequired true or false if signedDoc RequestedAttribute is required
- * @return STORK signedDoc RequestedAttribute
- */
- public static RequestedAttribute buildSignatureRequestRequestedAttribute(String textToBeSigned, String mimeType, boolean isRequired) {
- return buildRequestedAttribute(STORKConstants.STORK_ATTRIBUTE_SIGNEDDOC, isRequired, buildSignatureRequestString(textToBeSigned, mimeType));
- }
-
- /**
- * Adds RequestedAttribute to STORKAuthnRequest
- * @param authnRequest STORKAuthnRequest
- * @param reqAttr RequestedAttribute
- */
- public static void addRequestedAttribute(STORKAuthnRequest authnRequest, RequestedAttribute reqAttr) {
- if (authnRequest != null) {
- RequestedAttributes requestedAttributes = (RequestedAttributes) authnRequest.getExtensions().getUnknownXMLObjects(RequestedAttributes.DEFAULT_ELEMENT_NAME).get(0);
- requestedAttributes.getRequestedAttributes().add(reqAttr);
- }
- }
-
- /**
- * Adds several RequestedAttribute to STORKAuthnRequest
- * @param authnRequest STORKAuthnRequest
- * @param reqAttr RequestedAttribute
- */
- public static void addRequestedAttributes(STORKAuthnRequest authnRequest, RequestedAttribute... reqAttrs) {
- for (RequestedAttribute reqAttr : reqAttrs) {
- addRequestedAttribute(authnRequest, reqAttr);
- }
- }
-
- /**
- * Builds STORK signed doc attribute and adds it to STORKAuthnRequest
- * @param authnRequest STORKAuthnRequest
- * @param textToBeSigned Text to be included in the DSS request
- * @param mimeType MimeType of the contents
- * @param isRequired true or false if signedDoc RequestedAttribute is required
- */
- public static void buildAndAddSignatureRequestToAuthnRequest(STORKAuthnRequest authnRequest, String textToBeSigned, String mimeType, boolean isRequired) {
- if (authnRequest != null && !StringUtils.isEmpty(textToBeSigned)) {
- addRequestedAttribute(authnRequest, buildSignatureRequestRequestedAttribute(textToBeSigned, mimeType, isRequired));
- }
-
- }
-
- /**
- * Adds DSS siganture request as String to STORKAuthnRequest
- * @param authnRequest STORKAuthnRequest
- * @param dssSignatureRequest DSS signature request as String
- * @param isRequired true or false if signedDoc RequestedAttribute is required
- */
- public static void addSignatureRequestToAuthnRequest(STORKAuthnRequest authnRequest, String dssSignatureRequest, boolean isRequired) {
- if (authnRequest != null && !StringUtils.isEmpty(dssSignatureRequest)) {
- addRequestedAttribute(authnRequest, buildRequestedAttribute(STORKConstants.STORK_ATTRIBUTE_SIGNEDDOC, isRequired, dssSignatureRequest));
- }
-
- }
-
- /**
- * Adds Attribute to an assertion
- * @param assertion Assertion
- * @param attr Attribute
- */
- public static void addAttribute(Assertion assertion, Attribute attr) {
- if (assertion != null) {
- if (!assertion.getAttributeStatements().isEmpty()) {
- assertion.getAttributeStatements().get(0).getAttributes().add(attr);
- }
- }
- }
-
- /**
- * Adds several Attribute to an assertion
- * @param assertion Assertion
- * @param attr Attribute
- */
- public static void addAttributes(Assertion assertion, Attribute... attrs) {
- for (Attribute attr : attrs) {
- addAttribute(assertion, attr);
- }
- }
-
- /**
- * Adds several Attribute to first assertion in STORK response
- * @param response STORK response
- * @param attrs Attribute
- */
- public static void addAttribute(STORKResponse response, Attribute... attrs) {
- if (response != null) {
- if (!response.getAssertions().isEmpty()) {
- addAttributes(response.getAssertions().get(0), attrs);
- }
- }
- }
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/common/STORKBootstrap.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/common/STORKBootstrap.java
deleted file mode 100644
index 953affdf8..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/common/STORKBootstrap.java
+++ /dev/null
@@ -1,75 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.common;
-
-import java.io.InputStream;
-
-import org.opensaml.DefaultBootstrap;
-import org.opensaml.common.xml.SAMLSchemaBuilder;
-import org.opensaml.xml.ConfigurationException;
-import org.opensaml.xml.XMLConfigurator;
-
-/**
- * Class extending the default bootstrap mechanism of OpenSAML
- * @author bzwattendorfer
- *
- */
-public class STORKBootstrap extends DefaultBootstrap {
-
- /**
- * Extends the default bootstrap mechanism of OpenSAML
- * Adds STORK schemata and extension elements
- * @throws ConfigurationException
- */
- public static synchronized void bootstrap() throws ConfigurationException {
-
- DefaultBootstrap.bootstrap();
-
- SAMLSchemaBuilder.addExtensionSchema("stork-schema-assertion-1.0.xsd");
- SAMLSchemaBuilder.addExtensionSchema("stork-schema-protocol-1.0.xsd");
-
-
-
- initStorkConfig("saml2-stork-config.xml");
-
- }
-
- /**
- * Initializes OpenSAML with config
- * @param xmlConfig XML Config for STORK and SAML2
- * @throws ConfigurationException
- */
- private static void initStorkConfig(String xmlConfig) throws ConfigurationException {
-
- XMLConfigurator configurator = new XMLConfigurator();
-
- InputStream is = STORKBootstrap.class.getClassLoader().getResourceAsStream(xmlConfig);
-
- configurator.load(is);
- }
-
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/common/STORKConstants.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/common/STORKConstants.java
deleted file mode 100644
index 5a63e2dcd..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/common/STORKConstants.java
+++ /dev/null
@@ -1,176 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.common;
-
-import java.util.Arrays;
-import java.util.HashSet;
-import java.util.Set;
-
-/**
- * Interface encapuslating relevant STORK constants such as namespace, attribute names, etc.
- * @author bzwattendorfer
- *
- */
-public interface STORKConstants {
-
- /**
- * STORK namespace
- */
- public static final String STORK10_NS = "urn:eu:stork:names:tc:STORK:1.0:assertion";
-
- /**
- * STORK namespace prefix
- */
- public static final String STORK10_PREFIX = "stork";
-
- /**
- * STORK protocol namespace
- */
- public static final String STORKP10_NS = "urn:eu:stork:names:tc:STORK:1.0:protocol";
-
- /**
- * STORK protocol namespace prefix
- */
- public static final String STORKP10_PREFIX = "storkp";
-
- /**
- * STORK attribute name prefix
- */
- final static String STORK_ATTRIBUTE_NAME_PREFIX = "http://www.stork.gov.eu/1.0/";
-
- final static String STORK_ATTRIBUTE_NAME_SUFFIX_EIDENTIFIER = "eIdentifier";
- final static String STORK_ATTRIBUTE_EIDENTIFIER = STORK_ATTRIBUTE_NAME_PREFIX + STORK_ATTRIBUTE_NAME_SUFFIX_EIDENTIFIER;
-
- final static String STORK_ATTRIBUTE_NAME_SUFFIX_GIVENAME = "givenName";
- final static String STORK_ATTRIBUTE_GIVENNAME = STORK_ATTRIBUTE_NAME_PREFIX + STORK_ATTRIBUTE_NAME_SUFFIX_GIVENAME;
-
- final static String STORK_ATTRIBUTE_NAME_SUFFIX_SURNAME = "surname";
- final static String STORK_ATTRIBUTE_SURNAME = STORK_ATTRIBUTE_NAME_PREFIX + STORK_ATTRIBUTE_NAME_SUFFIX_SURNAME;
-
- final static String STORK_ATTRIBUTE_NAME_SUFFIX_INHERITED_FAMILYNAME = "inheritedFamilyName";
- final static String STORK_ATTRIBUTE_INHERITED_FAMILYNAME = STORK_ATTRIBUTE_NAME_PREFIX + STORK_ATTRIBUTE_NAME_SUFFIX_INHERITED_FAMILYNAME;
-
- final static String STORK_ATTRIBUTE_NAME_SUFFIX_ADOPTED_FAMILYNAME = "adoptedFamilyName";
- final static String STORK_ATTRIBUTE_ADOPTED_FAMILYNAME = STORK_ATTRIBUTE_NAME_PREFIX + STORK_ATTRIBUTE_NAME_SUFFIX_ADOPTED_FAMILYNAME;
-
- final static String STORK_ATTRIBUTE_NAME_SUFFIX_GENDER = "gender";
- final static String STORK_ATTRIBUTE_GENDER = STORK_ATTRIBUTE_NAME_PREFIX + STORK_ATTRIBUTE_NAME_SUFFIX_GENDER;
-
- final static String STORK_ATTRIBUTE_NAME_SUFFIX_DATEOFBIRTH = "dateOfBirth";
- final static String STORK_ATTRIBUTE_DATEOFBIRTH = STORK_ATTRIBUTE_NAME_PREFIX + STORK_ATTRIBUTE_NAME_SUFFIX_DATEOFBIRTH;
-
- final static String STORK_ATTRIBUTE_NAME_SUFFIX_COUNTRYOFBIRTH = "countryCodeOfBirth";
- final static String STORK_ATTRIBUTE_COUNTRYCODEOFBIRTH = STORK_ATTRIBUTE_NAME_PREFIX + STORK_ATTRIBUTE_NAME_SUFFIX_COUNTRYOFBIRTH;
-
- final static String STORK_ATTRIBUTE_NAME_SUFFIX_NATIONALITYCODE = "nationalityCode";
- final static String STORK_ATTRIBUTE_NATIONALITYCODE = STORK_ATTRIBUTE_NAME_PREFIX + STORK_ATTRIBUTE_NAME_SUFFIX_NATIONALITYCODE;
-
- final static String STORK_ATTRIBUTE_NAME_SUFFIX_MARTIALSTATUS = "maritalStatus";
- final static String STORK_ATTRIBUTE_MARTIALSTATUS = STORK_ATTRIBUTE_NAME_PREFIX + STORK_ATTRIBUTE_NAME_SUFFIX_MARTIALSTATUS;
-
- final static String STORK_ATTRIBUTE_NAME_SUFFIX_TEXT_RESIDENCE_ADDRESS = "textResidenceAddress";
- final static String STORK_ATTRIBUTE_TEXT_RESIDENCE_ADDRESS = STORK_ATTRIBUTE_NAME_PREFIX + STORK_ATTRIBUTE_NAME_SUFFIX_TEXT_RESIDENCE_ADDRESS;
-
- final static String STORK_ATTRIBUTE_NAME_SUFFIX_CANONICAL_RESIDENCE_ADDRESS = "canonicalResidenceAddress";
- final static String STORK_ATTRIBUTE_TEXT_CANONICAL_ADDRESS = STORK_ATTRIBUTE_NAME_PREFIX + STORK_ATTRIBUTE_NAME_SUFFIX_CANONICAL_RESIDENCE_ADDRESS;
-
- final static String STORK_ATTRIBUTE_NAME_SUFFIX_EMAIL = "eMail";
- final static String STORK_ATTRIBUTE_EMAIL = STORK_ATTRIBUTE_NAME_PREFIX + STORK_ATTRIBUTE_NAME_SUFFIX_EMAIL;
-
- final static String STORK_ATTRIBUTE_NAME_SUFFIX_TITLE = "title";
- final static String STORK_ATTRIBUTE_TITLE = STORK_ATTRIBUTE_NAME_PREFIX + STORK_ATTRIBUTE_NAME_SUFFIX_TITLE;
-
- final static String STORK_ATTRIBUTE_NAME_SUFFIX_RESIDENCE_PERMIT = "residencePermit";
- final static String STORK_ATTRIBUTE_RESIDENCE_PERMIT = STORK_ATTRIBUTE_NAME_PREFIX + STORK_ATTRIBUTE_NAME_SUFFIX_RESIDENCE_PERMIT;
-
- final static String STORK_ATTRIBUTE_NAME_SUFFIX_PSEUDONYM = "pseudonym";
- final static String STORK_ATTRIBUTE_PSEUDONYM = STORK_ATTRIBUTE_NAME_PREFIX + STORK_ATTRIBUTE_NAME_SUFFIX_PSEUDONYM;
-
- final static String STORK_ATTRIBUTE_NAME_SUFFIX_AGE = "age";
- final static String STORK_ATTRIBUTE_AGE = STORK_ATTRIBUTE_NAME_PREFIX + STORK_ATTRIBUTE_NAME_SUFFIX_AGE;
-
- final static String STORK_ATTRIBUTE_NAME_SUFFIX_ISAGEOVER = "isAgeOver";
- final static String STORK_ATTRIBUTE_ISAGEOVER = STORK_ATTRIBUTE_NAME_PREFIX + STORK_ATTRIBUTE_NAME_SUFFIX_ISAGEOVER;
-
- final static String STORK_ATTRIBUTE_NAME_SUFFIX_SIGNED_DOC = "signedDoc";
- final static String STORK_ATTRIBUTE_SIGNEDDOC = STORK_ATTRIBUTE_NAME_PREFIX + STORK_ATTRIBUTE_NAME_SUFFIX_SIGNED_DOC;
-
- final static String STORK_ATTRIBUTE_NAME_SUFFIX_FISCALNUMBER = "fiscalNumber";
- final static String STORK_ATTRIBUTE_FISCALNUMBER = STORK_ATTRIBUTE_NAME_PREFIX + STORK_ATTRIBUTE_NAME_SUFFIX_FISCALNUMBER;
-
- final static String STORK_ATTRIBUTE_NAME_SUFFIX_CITIZENQAALEVEL_OLD = "citizenQAAlevel";
- final static String STORK_ATTRIBUTE_CITIZENQAALEVEL_OLD = STORK_ATTRIBUTE_NAME_PREFIX + STORK_ATTRIBUTE_NAME_SUFFIX_CITIZENQAALEVEL_OLD;
-
- final static String STORK_ATTRIBUTE_NAME_SUFFIX_CITIZENQAALEVEL = "citizenQAALevel";
- final static String STORK_ATTRIBUTE_CITIZENQAALEVEL = STORK_ATTRIBUTE_NAME_PREFIX + STORK_ATTRIBUTE_NAME_SUFFIX_CITIZENQAALEVEL;
-
- /**
- * Full Set of accepted STORK attributes
- */
- public final Set<String> FULL_STORK_ATTRIBUTE_SET = new HashSet<String>(Arrays.asList(new String[] {STORK_ATTRIBUTE_EIDENTIFIER,
- STORK_ATTRIBUTE_GIVENNAME,
- STORK_ATTRIBUTE_SURNAME,
- STORK_ATTRIBUTE_INHERITED_FAMILYNAME,
- STORK_ATTRIBUTE_ADOPTED_FAMILYNAME,
- STORK_ATTRIBUTE_GENDER,
- STORK_ATTRIBUTE_DATEOFBIRTH,
- STORK_ATTRIBUTE_COUNTRYCODEOFBIRTH,
- STORK_ATTRIBUTE_NATIONALITYCODE,
- STORK_ATTRIBUTE_MARTIALSTATUS,
- STORK_ATTRIBUTE_TEXT_RESIDENCE_ADDRESS,
- STORK_ATTRIBUTE_TEXT_CANONICAL_ADDRESS,
- STORK_ATTRIBUTE_TEXT_CANONICAL_ADDRESS,
- STORK_ATTRIBUTE_EMAIL,
- STORK_ATTRIBUTE_TITLE,
- STORK_ATTRIBUTE_RESIDENCE_PERMIT,
- STORK_ATTRIBUTE_PSEUDONYM,
- STORK_ATTRIBUTE_AGE,
- STORK_ATTRIBUTE_ISAGEOVER,
- STORK_ATTRIBUTE_SIGNEDDOC,
- STORK_ATTRIBUTE_FISCALNUMBER,
- STORK_ATTRIBUTE_CITIZENQAALEVEL_OLD,
- STORK_ATTRIBUTE_CITIZENQAALEVEL}));
-
- /**
- * Default set of STORK attributes to be requested (without signedDoc)
- */
- Set<String> DEFAULT_STORK_REQUESTED_ATTRIBUTE_SET = new HashSet<String>(Arrays.asList(new String[] {
- STORK_ATTRIBUTE_EIDENTIFIER,
- STORK_ATTRIBUTE_GIVENNAME,
- STORK_ATTRIBUTE_SURNAME,
- STORK_ATTRIBUTE_DATEOFBIRTH,}));
-
- /**
- * Default required set of returned STORK attributes
- */
- Set<String> DEFAULT_STORK_RETURNED_ATTRIBUTE_SET = new HashSet<String>(Arrays.asList(new String[] {
- STORK_ATTRIBUTE_EIDENTIFIER,
- STORK_ATTRIBUTE_GIVENNAME,
- STORK_ATTRIBUTE_SURNAME,
- STORK_ATTRIBUTE_DATEOFBIRTH,
- STORK_ATTRIBUTE_SIGNEDDOC}));
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/exception/SAMLException.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/exception/SAMLException.java
deleted file mode 100644
index 33ee67313..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/exception/SAMLException.java
+++ /dev/null
@@ -1,60 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-/**
- *
- */
-package eu.stork.vidp.messages.exception;
-
-/**
- * Exception thrown if exception occurs in SAML message processing
- * @author bzwattendorfer
- *
- */
-public class SAMLException extends Exception {
-
- /** {@inheritDoc} */
- public SAMLException() {
- super();
- }
-
- /** {@inheritDoc} */
- public SAMLException(String message, Throwable cause) {
- super(message, cause);
- }
-
- /** {@inheritDoc} */
- public SAMLException(String message) {
- super(message);
- }
-
- /** {@inheritDoc} */
- public SAMLException(Throwable cause) {
- super(cause);
- }
-
-
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/exception/SAMLValidationException.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/exception/SAMLValidationException.java
deleted file mode 100644
index 51520d968..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/exception/SAMLValidationException.java
+++ /dev/null
@@ -1,60 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.exception;
-
-/**
- * Exception thrown if error occurs in SAML message validation
- * @author bzwattendorfer
- *
- */
-public class SAMLValidationException extends Exception {
-
- private static final long serialVersionUID = 1L;
-
- /** {@inheritDoc} */
- public SAMLValidationException() {
-
- super();
- }
-
- /** {@inheritDoc} */
- public SAMLValidationException(String s) {
-
- super(s);
- }
-
- /** {@inheritDoc} */
- public SAMLValidationException(Exception e) {
-
- super(e);
- }
-
- /** {@inheritDoc} */
- public SAMLValidationException(String m, Exception e) {
-
- super(m, e);
- }
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/STORKAttribute.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/STORKAttribute.java
deleted file mode 100644
index ec8232704..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/STORKAttribute.java
+++ /dev/null
@@ -1,65 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-/**
- *
- */
-package eu.stork.vidp.messages.saml;
-
-import javax.xml.namespace.QName;
-
-import org.opensaml.saml2.core.Attribute;
-
-import eu.stork.vidp.messages.common.STORKConstants;
-
-/**
- * Interface extending original SAML Attribute for STORK with the XML attributeStatus attribute
- * {@inheritDoc}
- * @author bzwattendorfer
- *
- */
-public interface STORKAttribute extends Attribute {
-
- public static final String STORK_ATTRIBUTE_STATUS_ATTTRIB_NAME = "AttributeStatus";
-
- public static final QName DEFAULT_STORK_ATTRIBUTE_QNAME = new QName(STORKConstants.STORK10_NS, STORK_ATTRIBUTE_STATUS_ATTTRIB_NAME, STORKConstants.STORK10_PREFIX);
-
- public static final String ALLOWED_ATTRIBUTE_STATUS_AVAIL = "Available";
- public static final String ALLOWED_ATTRIBUTE_STATUS_NOT_AVAIL = "NotAvailable";
- public static final String ALLOWED_ATTRIBUTE_STATUS_WITHHELD = "Withheld";
-
- /**
- * Sets the STORK attributeStatus
- * @param attributeStatus
- */
- public void setAttributeStatus(String attributeStatus);
-
- /**
- * Gets the STORK attributeStatus
- * @return
- */
- public String getAttributeStatus();
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/STORKAttributeValue.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/STORKAttributeValue.java
deleted file mode 100644
index 2d511d62a..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/STORKAttributeValue.java
+++ /dev/null
@@ -1,51 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-/**
- *
- */
-package eu.stork.vidp.messages.saml;
-
-import javax.xml.namespace.QName;
-
-import org.opensaml.saml2.core.AttributeValue;
-
-import eu.stork.vidp.messages.common.STORKConstants;
-
-/**
- * {@inheritDoc}
- * @author bzwattendorfer
- *
- */
-public interface STORKAttributeValue extends AttributeValue {
-
- /** Element name, no namespace. */
- public static final String DEFAULT_ELEMENT_LOCAL_NAME = "AttributeValue";
-
- /** Default element name. */
- public static final QName DEFAULT_ELEMENT_NAME = new QName(STORKConstants.STORK10_NS, DEFAULT_ELEMENT_LOCAL_NAME,
- STORKConstants.STORK10_PREFIX);
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/STORKExtensions.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/STORKExtensions.java
deleted file mode 100644
index b5e12ea75..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/STORKExtensions.java
+++ /dev/null
@@ -1,78 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.saml;
-
-import org.opensaml.saml2.common.Extensions;
-
-import eu.stork.vidp.messages.stork.AuthenticationAttributes;
-import eu.stork.vidp.messages.stork.QualityAuthenticationAssuranceLevel;
-import eu.stork.vidp.messages.stork.RequestedAttributes;
-
-/**
- * Extends the SAML Extension element with STORK related functionality
- * {@inheritDoc}
- * @author bzwattendorfer
- *
- */
-public interface STORKExtensions extends Extensions {
-
- /**
- * Sets the QAALevel object
- * @param authLevel QAALevel object
- */
- public void setQAALevel(QualityAuthenticationAssuranceLevel authLevel);
-
- /**
- * Gets the QAALevel object
- * @return QAALevel object
- */
- public QualityAuthenticationAssuranceLevel getQAALevel();
-
- /**
- * Gets the RequestedAttributes object
- * @return RequestedAttributes object
- */
- public RequestedAttributes getRequestedAttributes();
-
- /**
- * Sets RequestedAttributes
- * @param requestedAttributes RequestedAttributes object
- */
- public void setRequestedAttributes(RequestedAttributes requestedAttributes);
-
- /**
- * Gets AuthenticationAttributes
- * @return AuthenticationAttributes
- */
- public AuthenticationAttributes getAuthenticationAttributes();
-
- /**
- * Sets AuthenticationAttributes
- * @param authenticationAttributes AuthenticationAttributes object
- */
- public void setAuthenticationAttributes(AuthenticationAttributes authenticationAttributes);
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/STORKRequestedAttribute.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/STORKRequestedAttribute.java
deleted file mode 100644
index 38149bea5..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/STORKRequestedAttribute.java
+++ /dev/null
@@ -1,53 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-/**
- *
- */
-package eu.stork.vidp.messages.saml;
-
-import javax.xml.namespace.QName;
-
-import org.opensaml.saml2.metadata.RequestedAttribute;
-
-import eu.stork.vidp.messages.common.STORKConstants;
-
-/**
- * {@inheritDoc}
- * @author bzwattendorfer
- *
- */
-public interface STORKRequestedAttribute extends RequestedAttribute {
-
-
- /** Default element name */
- public final static QName DEFAULT_ELEMENT_NAME = new QName(STORKConstants.STORK10_NS, DEFAULT_ELEMENT_LOCAL_NAME,
- STORKConstants.STORK10_PREFIX);
-
- /** QName of the XSI type */
- public final static QName TYPE_NAME = new QName(STORKConstants.STORK10_NS, TYPE_LOCAL_NAME,
- STORKConstants.STORK10_PREFIX);
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/impl/STORKAttributeBuilder.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/impl/STORKAttributeBuilder.java
deleted file mode 100644
index 413b5f6d7..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/impl/STORKAttributeBuilder.java
+++ /dev/null
@@ -1,60 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-/**
- *
- */
-package eu.stork.vidp.messages.saml.impl;
-
-import org.opensaml.common.xml.SAMLConstants;
-import org.opensaml.saml2.core.Attribute;
-import org.opensaml.saml2.core.impl.AttributeBuilder;
-
-import eu.stork.vidp.messages.saml.STORKAttribute;
-
-/**
- * @author bzwattendorfer
- *
- */
-public class STORKAttributeBuilder extends AttributeBuilder {
-
- /**
- * Constructor.
- */
- public STORKAttributeBuilder() {
-
- }
-
- /** {@inheritDoc} */
- public STORKAttribute buildObject() {
- return buildObject(SAMLConstants.SAML20_NS, Attribute.DEFAULT_ELEMENT_LOCAL_NAME, SAMLConstants.SAML20_PREFIX);
- }
-
- /** {@inheritDoc} */
- public STORKAttribute buildObject(String namespaceURI, String localName, String namespacePrefix) {
- return new STORKAttributeImpl(namespaceURI, localName, namespacePrefix);
- }
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/impl/STORKAttributeImpl.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/impl/STORKAttributeImpl.java
deleted file mode 100644
index 89ad90eae..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/impl/STORKAttributeImpl.java
+++ /dev/null
@@ -1,63 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-/**
- *
- */
-package eu.stork.vidp.messages.saml.impl;
-
-import org.opensaml.saml2.core.impl.AttributeImpl;
-
-import eu.stork.vidp.messages.saml.STORKAttribute;
-
-/**
- * @author bzwattendorfer
- *
- */
-public class STORKAttributeImpl extends AttributeImpl implements STORKAttribute {
-
- private String attributeStatus;
-
- protected STORKAttributeImpl(String namespaceURI, String elementLocalName,
- String namespacePrefix) {
- super(namespaceURI, elementLocalName, namespacePrefix);
- }
-
- /* (non-Javadoc)
- * @see eu.stork.mw.common.messages.saml.STORKAttribute#getAttributeStatus()
- */
- public String getAttributeStatus() {
- return attributeStatus;
- }
-
- /* (non-Javadoc)
- * @see eu.stork.mw.common.messages.saml.STORKAttribute#setAttributeStatus(java.lang.String)
- */
- public void setAttributeStatus(String attributeStatus) {
- this.attributeStatus = attributeStatus;
-
- }
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/impl/STORKAttributeMarshaller.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/impl/STORKAttributeMarshaller.java
deleted file mode 100644
index ba8c2f1a3..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/impl/STORKAttributeMarshaller.java
+++ /dev/null
@@ -1,56 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-/**
- *
- */
-package eu.stork.vidp.messages.saml.impl;
-
-import org.opensaml.saml2.core.impl.AttributeMarshaller;
-import org.opensaml.xml.XMLObject;
-import org.opensaml.xml.io.MarshallingException;
-import org.w3c.dom.Element;
-
-import eu.stork.vidp.messages.common.STORKConstants;
-import eu.stork.vidp.messages.saml.STORKAttribute;
-
-/**
- * @author bzwattendorfer
- *
- */
-public class STORKAttributeMarshaller extends AttributeMarshaller {
-
- protected void marshallAttributes(XMLObject samlElement, Element domElement) throws MarshallingException {
- STORKAttribute attribute = (STORKAttribute) samlElement;
-
- if (attribute.getAttributeStatus() != null) {
- domElement.setAttributeNS(STORKConstants.STORK10_NS, STORKAttribute.STORK_ATTRIBUTE_STATUS_ATTTRIB_NAME, attribute.getName());
- }
-
- super.marshallAttributes(samlElement, domElement);
-
- }
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/impl/STORKAttributeUnmarshaller.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/impl/STORKAttributeUnmarshaller.java
deleted file mode 100644
index 5a74dab7d..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/impl/STORKAttributeUnmarshaller.java
+++ /dev/null
@@ -1,58 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-
-package eu.stork.vidp.messages.saml.impl;
-
-import javax.xml.namespace.QName;
-
-import org.opensaml.saml2.core.Attribute;
-import org.opensaml.saml2.core.impl.AttributeUnmarshaller;
-import org.opensaml.xml.XMLObject;
-import org.opensaml.xml.io.UnmarshallingException;
-import org.w3c.dom.Attr;
-
-import eu.stork.vidp.messages.saml.STORKAttribute;
-
-/**
- * A thread-safe Unmarshaller for {@link org.opensaml.saml2.core.Attribute} objects.
- */
-public class STORKAttributeUnmarshaller extends AttributeUnmarshaller {
-
-
- protected void processAttribute(XMLObject samlObject, Attr attribute) throws UnmarshallingException {
-
- if (samlObject instanceof STORKAttribute) {
- STORKAttribute attrib = (STORKAttribute) samlObject;
-
- if (attribute.getLocalName().equals(STORKAttribute.STORK_ATTRIBUTE_STATUS_ATTTRIB_NAME)) {
- attrib.setAttributeStatus(attribute.getValue());
- }
- }
-
- super.processAttribute(samlObject, attribute);
- }
-
-} \ No newline at end of file
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/impl/STORKAuthnRequestBuilder.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/impl/STORKAuthnRequestBuilder.java
deleted file mode 100644
index 8836b6c8e..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/impl/STORKAuthnRequestBuilder.java
+++ /dev/null
@@ -1,48 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.saml.impl;
-
-import org.opensaml.common.xml.SAMLConstants;
-import org.opensaml.saml2.core.AuthnRequest;
-import org.opensaml.saml2.core.impl.AuthnRequestBuilder;
-
-import eu.stork.mw.messages.saml.STORKAuthnRequest;
-
-public class STORKAuthnRequestBuilder extends AuthnRequestBuilder {
-
- /** {@inheritDoc} */
-
-
- public STORKAuthnRequest buildObject() {
- return buildObject(SAMLConstants.SAML20P_NS, AuthnRequest.DEFAULT_ELEMENT_LOCAL_NAME, SAMLConstants.SAML20P_PREFIX);
- }
-
- /** {@inheritDoc} */
- public STORKAuthnRequest buildObject(String namespaceURI, String localName, String namespacePrefix) {
- return new STORKAuthnRequestImpl(namespaceURI, localName, namespacePrefix);
- }
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/impl/STORKAuthnRequestImpl.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/impl/STORKAuthnRequestImpl.java
deleted file mode 100644
index c9375ceb9..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/impl/STORKAuthnRequestImpl.java
+++ /dev/null
@@ -1,170 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.saml.impl;
-
-import java.security.cert.X509Certificate;
-import java.util.List;
-
-import org.opensaml.common.xml.SAMLConstants;
-import org.opensaml.saml2.core.impl.AuthnRequestImpl;
-import org.opensaml.saml2.metadata.RequestedAttribute;
-import org.opensaml.xml.XMLObject;
-
-import eu.stork.mw.messages.saml.STORKAuthnRequest;
-
-public class STORKAuthnRequestImpl extends AuthnRequestImpl implements STORKAuthnRequest {
-
- private int qaaLevel;
-
- private String ccc;
-
- private String finalRedirectURL;
-
- private String spID;
-
- private XMLObject originalSPAuthRequest;
-
- private X509Certificate spCertSig;
-
- private X509Certificate spCertEnc;
-
- //private XMLObjectChildrenList<RequestedAttribute> requestedAttributes;
- private List<RequestedAttribute> requestedAttributes;
-
- protected STORKAuthnRequestImpl(String namespaceURI, String elementLocalName,
- String namespacePrefix) {
- super(namespaceURI, elementLocalName, namespacePrefix);
- //requestedAttributes = new IndexedXMLObjectChildrenList<RequestedAttribute>(this);
- }
-
- public STORKAuthnRequestImpl() {
- super(SAMLConstants.SAML20P_NS, STORKAuthnRequest.DEFAULT_ELEMENT_LOCAL_NAME, SAMLConstants.SAML20P_PREFIX);
- }
-
-
-
- public int getQAALevel() {
- return this.qaaLevel;
- }
-
- public void setQAALevel(int authLevel) {
- this.qaaLevel = authLevel;
-
- }
-
- public String getCitizenCountryCode() {
- return ccc;
- }
-
- public String getFinalRedirectURL() {
- return finalRedirectURL;
- }
-
- public XMLObject getOriginalSPAuthRequest() {
- return originalSPAuthRequest;
- }
-
- public X509Certificate getSPCertEnc() {
- return spCertEnc;
- }
-
- public X509Certificate getSPCertSig() {
- return spCertSig;
- }
-
- public String getSPID() {
- return spID;
- }
-
- public void setCitizenCountryCode(String citizenCountryCode) {
- this.ccc = citizenCountryCode;
- }
-
- public void setFinalRedirectURL(String finalRedirectURL) {
- this.finalRedirectURL = finalRedirectURL;
- }
-
- public void setOriginalSPAuthRequest(XMLObject spAuthRequest) {
- this.originalSPAuthRequest = spAuthRequest;
- }
-
- public void setSPCertEnc(X509Certificate encryptionCertificate) {
- this.spCertEnc = encryptionCertificate;
- }
-
- public void setSPCertSig(X509Certificate signingCertificate) {
- this.spCertSig = signingCertificate;
- }
-
- public void setSPID(String spID) {
- this.spID = spID;
- }
-
- public List<RequestedAttribute> getRequestedAttributes() {
-// return (List<RequestedAttribute>) requestedAttributes.subList(new QName(STORKMessagesConstants.STORK10_NS, DEFAULT_ELEMENT_LOCAL_NAME, STORKMessagesConstants.STORK10_PREFIX));
- return requestedAttributes;
- }
-
- public void setRequestedAttributes(List<RequestedAttribute> requestedAttributesList) {
- // this.requestedAttributes = (XMLObjectChildrenList<RequestedAttribute>) requestedAttributesList;
- this.requestedAttributes = requestedAttributesList;
- }
-
-// public List<XMLObject> getOrderedChildren() {
-// ArrayList<XMLObject> children = new ArrayList<XMLObject>();
-//
-// if (super.getOrderedChildren() != null) {
-// children.addAll(super.getOrderedChildren());
-// }
-//
-// if (qaaLevel != 0 ) {
-// children.add(subject);
-// }
-//
-// if (nameIDPolicy != null) {
-// children.add(nameIDPolicy);
-// }
-//
-// if (conditions != null) {
-// children.add(conditions);
-// }
-//
-// if (requestedAuthnContext != null) {
-// children.add(requestedAuthnContext);
-// }
-//
-// if (scoping != null) {
-// children.add(scoping);
-// }
-//
-// if (children.size() == 0) {
-// return null;
-// }
-//
-// return Collections.unmodifiableList(children);
-// }
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/impl/STORKAuthnRequestMarshaller.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/impl/STORKAuthnRequestMarshaller.java
deleted file mode 100644
index faad3a835..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/impl/STORKAuthnRequestMarshaller.java
+++ /dev/null
@@ -1,44 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.saml.impl;
-
-import org.opensaml.saml2.core.impl.AuthnRequestMarshaller;
-import org.opensaml.xml.XMLObject;
-import org.opensaml.xml.io.MarshallingException;
-import org.w3c.dom.Element;
-
-import eu.stork.mw.messages.saml.STORKAuthnRequest;
-
-public class STORKAuthnRequestMarshaller extends AuthnRequestMarshaller {
-
- protected void marshallElementContent(XMLObject samlObject, Element domElement) throws MarshallingException {
- STORKAuthnRequest req = (STORKAuthnRequest) samlObject;
-
-// if (sr.getQAA() != -1) {
-// //domElement.setAttributeNS(null, StatusResponseType.VERSION_ATTRIB_NAME, sr.getVersion().toString());
-// }
- }
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/impl/STORKAuthnRequestUnmarshaller.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/impl/STORKAuthnRequestUnmarshaller.java
deleted file mode 100644
index 7924400fa..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/impl/STORKAuthnRequestUnmarshaller.java
+++ /dev/null
@@ -1,137 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.saml.impl;
-
-import java.io.ByteArrayInputStream;
-import java.io.InputStream;
-import java.security.cert.CertificateException;
-import java.security.cert.CertificateFactory;
-import java.security.cert.X509Certificate;
-
-import org.opensaml.saml2.core.impl.AuthnRequestUnmarshaller;
-import org.opensaml.xml.XMLObject;
-import org.opensaml.xml.io.UnmarshallingException;
-import org.opensaml.xml.signature.X509Data;
-import org.opensaml.xml.util.Base64;
-
-import eu.stork.mw.messages.saml.STORKAuthnRequest;
-import eu.stork.vidp.messages.saml.STORKExtensions;
-import eu.stork.vidp.messages.stork.SPCertEnc;
-import eu.stork.vidp.messages.stork.SPCertSig;
-import eu.stork.vidp.messages.stork.SPCertType;
-import eu.stork.vidp.messages.stork.SPInformation;
-import eu.stork.vidp.messages.stork.VIDPAuthenticationAttributes;
-
-public class STORKAuthnRequestUnmarshaller extends AuthnRequestUnmarshaller {
-
- protected void processChildElement(XMLObject parentSAMLObject, XMLObject childSAMLObject)
- throws UnmarshallingException {
- STORKAuthnRequest req = (STORKAuthnRequest) parentSAMLObject;
-
- if (childSAMLObject instanceof STORKExtensions) {
- STORKExtensions ext = (STORKExtensions) childSAMLObject;
- req.setExtensions(ext);
-
- if (ext.getQAALevel() != null)
- req.setQAALevel(ext.getQAALevel().getValue());
-
- if (ext.getRequestedAttributes() != null) {
- //List<RequestedAttribute> reqAttrList = new ArrayList<RequestedAttribute>();
-// for (RequestedAttribute reqAtt : ext.getRequestedAttributes().getRequestedAttributes()) {
-// req.getRequestedAttributes().add(reqAtt);
-// }
- req.setRequestedAttributes(ext.getRequestedAttributes().getRequestedAttributes());
-
- }
-
- if (ext.getAuthenticationAttributes() != null) {
- VIDPAuthenticationAttributes vidpAuthAttributes = ext.getAuthenticationAttributes().getVIDPAuthenticationAttributes();
- if (vidpAuthAttributes != null) {
- if (vidpAuthAttributes.getCitizenCountryCode() != null)
- req.setCitizenCountryCode(vidpAuthAttributes.getCitizenCountryCode().getValue());
-
- SPInformation spInformation = vidpAuthAttributes.getSPInformation();
- if (spInformation != null) {
- if (spInformation.getSPID() != null)
- req.setSPID(spInformation.getSPID().getValue());
-
- if (spInformation.getSPCertSig() != null) {
- SPCertSig spCertSig = spInformation.getSPCertSig();
- try {
- req.setSPCertSig(getCertificateFromX509Data(spCertSig));
- } catch (Exception e) {
- throw new UnmarshallingException("Error reading SP signing certificate");
- }
- }
-
- if (spInformation.getSPCertEnc() != null) {
- SPCertEnc spCertEnc = spInformation.getSPCertEnc();
- try {
- req.setSPCertEnc(getCertificateFromX509Data(spCertEnc));
- } catch (Exception e) {
- throw new UnmarshallingException("Error reading SP encryption certificate");
- }
- }
-
- if (spInformation.getSPAuthRequest() != null) {
- req.setOriginalSPAuthRequest(spInformation.getSPAuthRequest());
- }
-
- }
- }
- }
-
- } else {
- super.processChildElement(parentSAMLObject, childSAMLObject);
- }
- }
-
- private X509Certificate getCertificateFromX509Data(SPCertType spCert) throws CertificateException {
- if (spCert.getKeyInfo() != null)
- if (!spCert.getKeyInfo().getX509Datas().isEmpty()) {
- X509Data samlX509Data = spCert.getKeyInfo().getX509Datas().get(0);
-
- if (samlX509Data != null) {
- if (!samlX509Data.getX509Certificates().isEmpty()) {
- org.opensaml.xml.signature.X509Certificate samlX509Cert = samlX509Data.getX509Certificates().get(0);
- if (samlX509Cert != null) {
- if (samlX509Cert.getValue() != null && samlX509Cert.getValue().length() != 0) {
- InputStream inStream = new ByteArrayInputStream( Base64.decode(samlX509Cert.getValue()));
- CertificateFactory cf = CertificateFactory.getInstance("X.509");
- X509Certificate cert = (X509Certificate)cf.generateCertificate(inStream);
- return cert;
- }
-
- }
-
- }
- }
- }
-
- return null;
- }
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/impl/STORKExtensionsBuilder.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/impl/STORKExtensionsBuilder.java
deleted file mode 100644
index 96004871c..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/impl/STORKExtensionsBuilder.java
+++ /dev/null
@@ -1,45 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.saml.impl;
-
-import org.opensaml.common.xml.SAMLConstants;
-import org.opensaml.saml2.common.impl.ExtensionsBuilder;
-import org.opensaml.saml2.core.Response;
-
-import eu.stork.vidp.messages.saml.STORKExtensions;
-
-public class STORKExtensionsBuilder extends ExtensionsBuilder {
-
- public STORKExtensions buildObject() {
- return buildObject(SAMLConstants.SAML20P_NS, Response.DEFAULT_ELEMENT_LOCAL_NAME, SAMLConstants.SAML20P_PREFIX);
- }
-
- /** {@inheritDoc} */
- public STORKExtensions buildObject(String namespaceURI, String localName, String namespacePrefix) {
- return new STORKExtensionsImpl(namespaceURI, localName, namespacePrefix);
- }
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/impl/STORKExtensionsImpl.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/impl/STORKExtensionsImpl.java
deleted file mode 100644
index 5417481c7..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/impl/STORKExtensionsImpl.java
+++ /dev/null
@@ -1,74 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.saml.impl;
-
-import org.opensaml.saml2.common.impl.ExtensionsImpl;
-
-import eu.stork.vidp.messages.saml.STORKExtensions;
-import eu.stork.vidp.messages.stork.AuthenticationAttributes;
-import eu.stork.vidp.messages.stork.QualityAuthenticationAssuranceLevel;
-import eu.stork.vidp.messages.stork.RequestedAttributes;
-
-public class STORKExtensionsImpl extends ExtensionsImpl implements STORKExtensions {
-
- private QualityAuthenticationAssuranceLevel qaaLevel;
-
- private RequestedAttributes requestedAttributes;
-
- private AuthenticationAttributes authenticationAttributes;
-
- protected STORKExtensionsImpl(String namespaceURI, String elementLocalName,
- String namespacePrefix) {
- super(namespaceURI, elementLocalName, namespacePrefix);
- }
-
- public AuthenticationAttributes getAuthenticationAttributes() {
- return authenticationAttributes;
- }
-
- public QualityAuthenticationAssuranceLevel getQAALevel() {
- return qaaLevel;
- }
-
- public RequestedAttributes getRequestedAttributes() {
- return requestedAttributes;
- }
-
- public void setAuthenticationAttributes(
- AuthenticationAttributes authenticationAttributes) {
- this.authenticationAttributes = authenticationAttributes;
- }
-
- public void setQAALevel(QualityAuthenticationAssuranceLevel authLevel) {
- this.qaaLevel = authLevel;
- }
-
- public void setRequestedAttributes(RequestedAttributes requestedAttributes) {
- this.requestedAttributes = requestedAttributes;
- }
-
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/impl/STORKExtensionsMarshaller.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/impl/STORKExtensionsMarshaller.java
deleted file mode 100644
index 7aa86c2ed..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/impl/STORKExtensionsMarshaller.java
+++ /dev/null
@@ -1,32 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.saml.impl;
-
-import org.opensaml.saml2.common.impl.ExtensionsMarshaller;
-
-public class STORKExtensionsMarshaller extends ExtensionsMarshaller {
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/impl/STORKExtensionsUnmarshaller.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/impl/STORKExtensionsUnmarshaller.java
deleted file mode 100644
index a701c9e6f..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/impl/STORKExtensionsUnmarshaller.java
+++ /dev/null
@@ -1,58 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.saml.impl;
-
-import org.opensaml.saml2.common.impl.ExtensionsUnmarshaller;
-import org.opensaml.xml.XMLObject;
-import org.opensaml.xml.io.UnmarshallingException;
-
-import eu.stork.vidp.messages.saml.STORKExtensions;
-import eu.stork.vidp.messages.stork.AuthenticationAttributes;
-import eu.stork.vidp.messages.stork.QualityAuthenticationAssuranceLevel;
-import eu.stork.vidp.messages.stork.RequestedAttributes;
-
-public class STORKExtensionsUnmarshaller extends ExtensionsUnmarshaller {
-
- protected void processChildElement(XMLObject parentXMLObject, XMLObject childXMLObject)
- throws UnmarshallingException {
- STORKExtensions extensions = (STORKExtensions) parentXMLObject;
-
- if (childXMLObject instanceof QualityAuthenticationAssuranceLevel) {
- QualityAuthenticationAssuranceLevel qaa = (QualityAuthenticationAssuranceLevel) childXMLObject;
- extensions.setQAALevel(qaa);
- } if (childXMLObject instanceof RequestedAttributes) {
- RequestedAttributes requestedAttributes = (RequestedAttributes) childXMLObject;
- extensions.setRequestedAttributes(requestedAttributes);
- } if (childXMLObject instanceof AuthenticationAttributes) {
- AuthenticationAttributes authenticationAttributes = (AuthenticationAttributes) childXMLObject;
- extensions.setAuthenticationAttributes(authenticationAttributes);
- } else {
- super.processChildElement(parentXMLObject, childXMLObject);
- }
-
-}
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/impl/STORKRequestedAttributeBuilder.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/impl/STORKRequestedAttributeBuilder.java
deleted file mode 100644
index 1e23a9f2b..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/impl/STORKRequestedAttributeBuilder.java
+++ /dev/null
@@ -1,57 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-/**
- *
- */
-
-package eu.stork.vidp.messages.saml.impl;
-
-import org.opensaml.common.impl.AbstractSAMLObjectBuilder;
-import org.opensaml.saml2.metadata.RequestedAttribute;
-
-import eu.stork.vidp.messages.common.STORKConstants;
-import eu.stork.vidp.messages.saml.STORKRequestedAttribute;
-
-/**
- * Builder for {@link org.opensaml.saml2.metadata.impl.RequestedAttributeImpl}.
- */
-public class STORKRequestedAttributeBuilder extends AbstractSAMLObjectBuilder<RequestedAttribute> {
-
- /** Constructor */
- public STORKRequestedAttributeBuilder() {
-
- }
-
- /** {@inheritDoc} */
- public STORKRequestedAttribute buildObject() {
- return buildObject(STORKConstants.STORK10_NS, STORKRequestedAttribute.DEFAULT_ELEMENT_LOCAL_NAME, STORKConstants.STORK10_PREFIX);
- }
-
- /** {@inheritDoc} */
- public STORKRequestedAttribute buildObject(String namespaceURI, String localName, String namespacePrefix) {
- return new STORKRequestedAttributeImpl(namespaceURI, localName, namespacePrefix);
- }
-} \ No newline at end of file
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/impl/STORKRequestedAttributeImpl.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/impl/STORKRequestedAttributeImpl.java
deleted file mode 100644
index e3921919a..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/impl/STORKRequestedAttributeImpl.java
+++ /dev/null
@@ -1,66 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-
-/**
- *
- */
-
-package eu.stork.vidp.messages.saml.impl;
-
-import java.util.ArrayList;
-import java.util.Collections;
-import java.util.List;
-
-import org.opensaml.saml2.metadata.impl.RequestedAttributeImpl;
-import org.opensaml.xml.XMLObject;
-
-import eu.stork.vidp.messages.saml.STORKRequestedAttribute;
-
-/**
- * Concrete implementation of {@link org.opensaml.saml2.metadata.RequestedAttribute}
- */
-public class STORKRequestedAttributeImpl extends RequestedAttributeImpl implements STORKRequestedAttribute {
-
- /**
- * Constructor
- *
- * @param namespaceURI
- * @param elementLocalName
- * @param namespacePrefix
- */
- protected STORKRequestedAttributeImpl(String namespaceURI, String elementLocalName, String namespacePrefix) {
- super(namespaceURI, elementLocalName, namespacePrefix);
- }
-
- /** {@inheritDoc} */
- public List<XMLObject> getOrderedChildren() {
- ArrayList<XMLObject> children = new ArrayList<XMLObject>();
-
- children.addAll(getAttributeValues());
-
- return Collections.unmodifiableList(children);
- }
-} \ No newline at end of file
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/impl/STORKRequestedAttributeUnmarshaller.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/impl/STORKRequestedAttributeUnmarshaller.java
deleted file mode 100644
index 6b7771c72..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/impl/STORKRequestedAttributeUnmarshaller.java
+++ /dev/null
@@ -1,64 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-
-/**
- *
- */
-
-package eu.stork.vidp.messages.saml.impl;
-
-import javax.xml.namespace.QName;
-
-import org.opensaml.common.xml.SAMLConstants;
-import org.opensaml.saml2.core.Attribute;
-import org.opensaml.saml2.metadata.impl.RequestedAttributeUnmarshaller;
-import org.opensaml.xml.XMLObject;
-import org.opensaml.xml.io.UnmarshallingException;
-
-import eu.stork.vidp.messages.common.STORKConstants;
-
-
-/**
- * A thread-safe Unmarshaller for {@link org.opensaml.saml2.metadata.RequestedAttribute} objects.
- */
-public class STORKRequestedAttributeUnmarshaller extends RequestedAttributeUnmarshaller {
-
- protected void processChildElement(XMLObject parentSAMLObject, XMLObject childSAMLObject)
- throws UnmarshallingException {
-
- Attribute attribute = (Attribute) parentSAMLObject;
-
- QName childQName = childSAMLObject.getElementQName();
- if (childQName.getLocalPart().equals("AttributeValue")
- && childQName.getNamespaceURI().equals(STORKConstants.STORK10_NS)) {
- attribute.getAttributeValues().add(childSAMLObject);
- } else {
- super.processChildElement(parentSAMLObject, childSAMLObject);
- }
-}
-
-
-} \ No newline at end of file
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/impl/STORKResponseBuilder.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/impl/STORKResponseBuilder.java
deleted file mode 100644
index 24cebaef7..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/impl/STORKResponseBuilder.java
+++ /dev/null
@@ -1,48 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.saml.impl;
-
-import org.opensaml.common.xml.SAMLConstants;
-import org.opensaml.saml2.core.Response;
-import org.opensaml.saml2.core.impl.ResponseBuilder;
-
-import eu.stork.mw.messages.saml.STORKResponse;
-
-public class STORKResponseBuilder extends ResponseBuilder {
-
- /** {@inheritDoc} */
-
-
- public STORKResponse buildObject() {
- return buildObject(SAMLConstants.SAML20P_NS, Response.DEFAULT_ELEMENT_LOCAL_NAME, SAMLConstants.SAML20P_PREFIX);
- }
-
- /** {@inheritDoc} */
- public STORKResponse buildObject(String namespaceURI, String localName, String namespacePrefix) {
- return new STORKResponseImpl(namespaceURI, localName, namespacePrefix);
- }
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/impl/STORKResponseImpl.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/impl/STORKResponseImpl.java
deleted file mode 100644
index 08b5dc9bc..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/impl/STORKResponseImpl.java
+++ /dev/null
@@ -1,59 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.saml.impl;
-
-import org.opensaml.common.xml.SAMLConstants;
-import org.opensaml.saml2.core.impl.ResponseImpl;
-
-import eu.stork.mw.messages.saml.STORKAuthnRequest;
-import eu.stork.mw.messages.saml.STORKResponse;
-
-public class STORKResponseImpl extends ResponseImpl implements STORKResponse {
-
- private int qaaLevel;
-
- protected STORKResponseImpl(String namespaceURI, String elementLocalName,
- String namespacePrefix) {
- super(namespaceURI, elementLocalName, namespacePrefix);
- }
-
-
-
- public STORKResponseImpl() {
- super(SAMLConstants.SAML20P_NS, STORKResponse.DEFAULT_ELEMENT_LOCAL_NAME, SAMLConstants.SAML20P_PREFIX);
- }
-
-
- public int getQAALevel() {
- return this.qaaLevel;
- }
-
- public void setQAALevel(int authLevel) {
- this.qaaLevel = authLevel;
-
- }
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/impl/STORKResponseMarshaller.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/impl/STORKResponseMarshaller.java
deleted file mode 100644
index 1a4654d01..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/impl/STORKResponseMarshaller.java
+++ /dev/null
@@ -1,44 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.saml.impl;
-
-import org.opensaml.saml2.core.impl.ResponseMarshaller;
-import org.opensaml.xml.XMLObject;
-import org.opensaml.xml.io.MarshallingException;
-import org.w3c.dom.Element;
-
-import eu.stork.mw.messages.saml.STORKResponse;
-
-public class STORKResponseMarshaller extends ResponseMarshaller {
-
- protected void marshallElementContent(XMLObject samlObject, Element domElement) throws MarshallingException {
- STORKResponse sr = (STORKResponse) samlObject;
-
-// if (sr.getQAA() != -1) {
-// //domElement.setAttributeNS(null, StatusResponseType.VERSION_ATTRIB_NAME, sr.getVersion().toString());
-// }
- }
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/impl/STORKResponseUnmarshaller.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/impl/STORKResponseUnmarshaller.java
deleted file mode 100644
index c2a7bcef9..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/saml/impl/STORKResponseUnmarshaller.java
+++ /dev/null
@@ -1,51 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.saml.impl;
-
-import org.opensaml.saml2.core.impl.ResponseUnmarshaller;
-import org.opensaml.xml.XMLObject;
-import org.opensaml.xml.io.UnmarshallingException;
-
-import eu.stork.mw.messages.saml.STORKResponse;
-import eu.stork.vidp.messages.saml.STORKExtensions;
-
-public class STORKResponseUnmarshaller extends ResponseUnmarshaller {
-
- protected void processChildElement(XMLObject parentSAMLObject, XMLObject childSAMLObject)
- throws UnmarshallingException {
- STORKResponse resp = (STORKResponse) parentSAMLObject;
-
- if (childSAMLObject instanceof STORKExtensions) {
- STORKExtensions ext = (STORKExtensions) childSAMLObject;
-
- if (ext.getQAALevel() != null)
- resp.setQAALevel(ext.getQAALevel().getValue());
- } else {
- super.processChildElement(parentSAMLObject, childSAMLObject);
- }
- }
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/AuthenticationAttributes.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/AuthenticationAttributes.java
deleted file mode 100644
index 73f9cd503..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/AuthenticationAttributes.java
+++ /dev/null
@@ -1,55 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.stork;
-
-import javax.xml.namespace.QName;
-
-import org.opensaml.xml.validation.ValidatingXMLObject;
-
-import eu.stork.vidp.messages.common.STORKConstants;
-
-public interface AuthenticationAttributes extends
- ValidatingXMLObject {
-
- /** Element local name. */
- public static final String DEFAULT_ELEMENT_LOCAL_NAME = "AuthenticationAttributes";
-
- /** Default element name. */
- public static final QName DEFAULT_ELEMENT_NAME = new QName(STORKConstants.STORKP10_NS, DEFAULT_ELEMENT_LOCAL_NAME,
- STORKConstants.STORKP10_PREFIX);
-
- /** Local name of the XSI type. */
- public static final String TYPE_LOCAL_NAME = "AuthenticationAttributesType";
-
- /** QName of the XSI type. */
- public static final QName TYPE_NAME = new QName(STORKConstants.STORKP10_NS, TYPE_LOCAL_NAME,
- STORKConstants.STORKP10_PREFIX);
-
- public void setVIDPAuthenticationAttributes(VIDPAuthenticationAttributes authenticationAttributes);
-
- public VIDPAuthenticationAttributes getVIDPAuthenticationAttributes();
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/CitizenCountryCode.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/CitizenCountryCode.java
deleted file mode 100644
index 8c7847dd7..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/CitizenCountryCode.java
+++ /dev/null
@@ -1,48 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.stork;
-
-import javax.xml.namespace.QName;
-
-import org.opensaml.xml.validation.ValidatingXMLObject;
-
-import eu.stork.vidp.messages.common.STORKConstants;
-
-public interface CitizenCountryCode extends
- ValidatingXMLObject {
-
- /** Element local name. */
- public static final String DEFAULT_ELEMENT_LOCAL_NAME = "CitizenCountryCode";
-
- /** Default element name. */
- public static final QName DEFAULT_ELEMENT_NAME = new QName(STORKConstants.STORKP10_NS, DEFAULT_ELEMENT_LOCAL_NAME,
- STORKConstants.STORKP10_PREFIX);
-
- public void setValue(String citizenCountryCode);
-
- public String getValue();
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/EIDCrossBorderShare.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/EIDCrossBorderShare.java
deleted file mode 100644
index c0f7cb291..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/EIDCrossBorderShare.java
+++ /dev/null
@@ -1,54 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-/**
- *
- */
-package eu.stork.vidp.messages.stork;
-
-import javax.xml.namespace.QName;
-
-import org.opensaml.xml.validation.ValidatingXMLObject;
-
-import eu.stork.vidp.messages.common.STORKConstants;
-
-/**
- * @author bzwattendorfer
- *
- */
-public interface EIDCrossBorderShare extends ValidatingXMLObject {
-
- /** Element local name. */
- public static final String DEFAULT_ELEMENT_LOCAL_NAME = "eIDCrossBorderShare";
-
- /** Default element name. */
- public static final QName DEFAULT_ELEMENT_NAME = new QName(STORKConstants.STORKP10_NS, DEFAULT_ELEMENT_LOCAL_NAME,
- STORKConstants.STORKP10_PREFIX);
-
- public void setValue(boolean value);
-
- public boolean getValue();
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/EIDCrossSectorShare.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/EIDCrossSectorShare.java
deleted file mode 100644
index a04376fb2..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/EIDCrossSectorShare.java
+++ /dev/null
@@ -1,54 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-/**
- *
- */
-package eu.stork.vidp.messages.stork;
-
-import javax.xml.namespace.QName;
-
-import org.opensaml.xml.validation.ValidatingXMLObject;
-
-import eu.stork.vidp.messages.common.STORKConstants;
-
-/**
- * @author bzwattendorfer
- *
- */
-public interface EIDCrossSectorShare extends ValidatingXMLObject {
-
- /** Element local name. */
- public static final String DEFAULT_ELEMENT_LOCAL_NAME = "eIDCrossSectorShare";
-
- /** Default element name. */
- public static final QName DEFAULT_ELEMENT_NAME = new QName(STORKConstants.STORKP10_NS, DEFAULT_ELEMENT_LOCAL_NAME,
- STORKConstants.STORKP10_PREFIX);
-
- public void setValue(boolean value);
-
- public boolean getValue();
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/EIDSectorShare.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/EIDSectorShare.java
deleted file mode 100644
index 4fbd4a2d9..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/EIDSectorShare.java
+++ /dev/null
@@ -1,54 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-/**
- *
- */
-package eu.stork.vidp.messages.stork;
-
-import javax.xml.namespace.QName;
-
-import org.opensaml.xml.validation.ValidatingXMLObject;
-
-import eu.stork.vidp.messages.common.STORKConstants;
-
-/**
- * @author bzwattendorfer
- *
- */
-public interface EIDSectorShare extends ValidatingXMLObject {
-
- /** Element local name. */
- public static final String DEFAULT_ELEMENT_LOCAL_NAME = "eIDSectorShare";
-
- /** Default element name. */
- public static final QName DEFAULT_ELEMENT_NAME = new QName(STORKConstants.STORKP10_NS, DEFAULT_ELEMENT_LOCAL_NAME,
- STORKConstants.STORKP10_PREFIX);
-
- public void setValue(boolean value);
-
- public boolean getValue();
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/QualityAuthenticationAssuranceLevel.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/QualityAuthenticationAssuranceLevel.java
deleted file mode 100644
index 2869177b2..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/QualityAuthenticationAssuranceLevel.java
+++ /dev/null
@@ -1,48 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.stork;
-
-import javax.xml.namespace.QName;
-
-import org.opensaml.xml.validation.ValidatingXMLObject;
-
-import eu.stork.vidp.messages.common.STORKConstants;
-
-public interface QualityAuthenticationAssuranceLevel extends
- ValidatingXMLObject {
-
- /** Element local name. */
- public static final String DEFAULT_ELEMENT_LOCAL_NAME = "QualityAuthenticationAssuranceLevel";
-
- /** Default element name. */
- public static final QName DEFAULT_ELEMENT_NAME = new QName(STORKConstants.STORK10_NS, DEFAULT_ELEMENT_LOCAL_NAME,
- STORKConstants.STORK10_PREFIX);
-
- public void setValue(int level);
-
- public int getValue();
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/RequestedAttributes.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/RequestedAttributes.java
deleted file mode 100644
index 0dcb1964c..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/RequestedAttributes.java
+++ /dev/null
@@ -1,58 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.stork;
-
-import java.util.List;
-
-import javax.xml.namespace.QName;
-
-import org.opensaml.saml2.metadata.RequestedAttribute;
-import org.opensaml.xml.validation.ValidatingXMLObject;
-
-import eu.stork.vidp.messages.common.STORKConstants;
-
-public interface RequestedAttributes extends
- ValidatingXMLObject {
-
- /** Element local name. */
- public static final String DEFAULT_ELEMENT_LOCAL_NAME = "RequestedAttributes";
-
- /** Default element name. */
- public static final QName DEFAULT_ELEMENT_NAME = new QName(STORKConstants.STORKP10_NS, DEFAULT_ELEMENT_LOCAL_NAME,
- STORKConstants.STORKP10_PREFIX);
-
- /** Local name of the XSI type. */
- public static final String TYPE_LOCAL_NAME = "RequestedAttributesType";
-
- /** QName of the XSI type. */
- public static final QName TYPE_NAME = new QName(STORKConstants.STORKP10_NS, TYPE_LOCAL_NAME,
- STORKConstants.STORKP10_PREFIX);
-
- public void setRequestedAttributes(List<RequestedAttribute> requestedAttributes);
-
- public List<RequestedAttribute> getRequestedAttributes();
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/SPAuthRequest.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/SPAuthRequest.java
deleted file mode 100644
index 8a5fd8644..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/SPAuthRequest.java
+++ /dev/null
@@ -1,46 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-package eu.stork.vidp.messages.stork;
-
-import javax.xml.namespace.QName;
-
-import org.opensaml.xml.ElementExtensibleXMLObject;
-import org.opensaml.xml.validation.ValidatingXMLObject;
-
-import eu.stork.vidp.messages.common.STORKConstants;
-
-/**
- * SAML 2.0 Extensions
- */
-public interface SPAuthRequest extends ValidatingXMLObject, ElementExtensibleXMLObject {
-
- /** Local name, no namespace */
- public final static String LOCAL_NAME = "SPAuthRequest";
-
- /** Default element name. */
- public static final QName DEFAULT_ELEMENT_NAME = new QName(STORKConstants.STORKP10_NS, LOCAL_NAME,
- STORKConstants.STORKP10_PREFIX);
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/SPCertEnc.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/SPCertEnc.java
deleted file mode 100644
index fd0ff31ae..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/SPCertEnc.java
+++ /dev/null
@@ -1,44 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.stork;
-
-import javax.xml.namespace.QName;
-
-import eu.stork.vidp.messages.common.STORKConstants;
-
-public interface SPCertEnc extends
- SPCertType {
-
- /** Element local name. */
- public static final String DEFAULT_ELEMENT_LOCAL_NAME = "SPCertEnc";
-
- /** Default element name. */
- public static final QName DEFAULT_ELEMENT_NAME = new QName(STORKConstants.STORKP10_NS, DEFAULT_ELEMENT_LOCAL_NAME,
- STORKConstants.STORKP10_PREFIX);
-
-
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/SPCertSig.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/SPCertSig.java
deleted file mode 100644
index c54d23505..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/SPCertSig.java
+++ /dev/null
@@ -1,44 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.stork;
-
-import javax.xml.namespace.QName;
-
-import eu.stork.vidp.messages.common.STORKConstants;
-
-public interface SPCertSig extends
- SPCertType {
-
- /** Element local name. */
- public static final String DEFAULT_ELEMENT_LOCAL_NAME = "SPCertSig";
-
- /** Default element name. */
- public static final QName DEFAULT_ELEMENT_NAME = new QName(STORKConstants.STORKP10_NS, DEFAULT_ELEMENT_LOCAL_NAME,
- STORKConstants.STORKP10_PREFIX);
-
-
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/SPCertType.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/SPCertType.java
deleted file mode 100644
index e24db06a7..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/SPCertType.java
+++ /dev/null
@@ -1,49 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.stork;
-
-import javax.xml.namespace.QName;
-
-import org.opensaml.xml.signature.KeyInfo;
-import org.opensaml.xml.validation.ValidatingXMLObject;
-
-import eu.stork.vidp.messages.common.STORKConstants;
-
-public interface SPCertType extends
- ValidatingXMLObject {
-
- /** Local name of the XSI type. */
- public static final String TYPE_LOCAL_NAME = "SPCertType";
-
- /** QName of the XSI type. */
- public static final QName TYPE_NAME = new QName(STORKConstants.STORKP10_NS, TYPE_LOCAL_NAME,
- STORKConstants.STORKP10_PREFIX);
-
- public void setKeyInfo(KeyInfo keyInfo);
-
- public KeyInfo getKeyInfo();
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/SPID.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/SPID.java
deleted file mode 100644
index 6c8122b88..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/SPID.java
+++ /dev/null
@@ -1,48 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.stork;
-
-import javax.xml.namespace.QName;
-
-import org.opensaml.xml.validation.ValidatingXMLObject;
-
-import eu.stork.vidp.messages.common.STORKConstants;
-
-public interface SPID extends
- ValidatingXMLObject {
-
- /** Element local name. */
- public static final String DEFAULT_ELEMENT_LOCAL_NAME = "SPID";
-
- /** Default element name. */
- public static final QName DEFAULT_ELEMENT_NAME = new QName(STORKConstants.STORKP10_NS, DEFAULT_ELEMENT_LOCAL_NAME,
- STORKConstants.STORKP10_PREFIX);
-
- public void setValue(String spID);
-
- public String getValue();
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/SPInformation.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/SPInformation.java
deleted file mode 100644
index e0926cd65..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/SPInformation.java
+++ /dev/null
@@ -1,67 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.stork;
-
-import javax.xml.namespace.QName;
-
-import org.opensaml.xml.validation.ValidatingXMLObject;
-
-import eu.stork.vidp.messages.common.STORKConstants;
-
-public interface SPInformation extends
- ValidatingXMLObject {
-
- /** Element local name. */
- public static final String DEFAULT_ELEMENT_LOCAL_NAME = "SPInformation";
-
- /** Default element name. */
- public static final QName DEFAULT_ELEMENT_NAME = new QName(STORKConstants.STORKP10_NS, DEFAULT_ELEMENT_LOCAL_NAME,
- STORKConstants.STORKP10_PREFIX);
-
- /** Local name of the XSI type. */
- public static final String TYPE_LOCAL_NAME = "SPInformationType";
-
- /** QName of the XSI type. */
- public static final QName TYPE_NAME = new QName(STORKConstants.STORKP10_NS, TYPE_LOCAL_NAME,
- STORKConstants.STORKP10_PREFIX);
-
- public void setSPID(SPID spID);
-
- public SPID getSPID();
-
- public void setSPCertSig(SPCertSig spCertSig);
-
- public SPCertSig getSPCertSig();
-
- public void setSPCertEnc(SPCertEnc spCertEnc);
-
- public SPCertEnc getSPCertEnc();
-
- public void setSPAuthRequest(SPAuthRequest spAuthRequest);
-
- public SPAuthRequest getSPAuthRequest();
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/SpApplication.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/SpApplication.java
deleted file mode 100644
index c68a29297..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/SpApplication.java
+++ /dev/null
@@ -1,48 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.stork;
-
-import javax.xml.namespace.QName;
-
-import org.opensaml.xml.validation.ValidatingXMLObject;
-
-import eu.stork.vidp.messages.common.STORKConstants;
-
-public interface SpApplication extends
- ValidatingXMLObject {
-
- /** Element local name. */
- public static final String DEFAULT_ELEMENT_LOCAL_NAME = "spApplication";
-
- /** Default element name. */
- public static final QName DEFAULT_ELEMENT_NAME = new QName(STORKConstants.STORK10_NS, DEFAULT_ELEMENT_LOCAL_NAME,
- STORKConstants.STORK10_PREFIX);
-
- public void setValue(String spApplication);
-
- public String getValue();
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/SpCountry.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/SpCountry.java
deleted file mode 100644
index d7708cb62..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/SpCountry.java
+++ /dev/null
@@ -1,48 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.stork;
-
-import javax.xml.namespace.QName;
-
-import org.opensaml.xml.validation.ValidatingXMLObject;
-
-import eu.stork.vidp.messages.common.STORKConstants;
-
-public interface SpCountry extends
- ValidatingXMLObject {
-
- /** Element local name. */
- public static final String DEFAULT_ELEMENT_LOCAL_NAME = "spCountry";
-
- /** Default element name. */
- public static final QName DEFAULT_ELEMENT_NAME = new QName(STORKConstants.STORK10_NS, DEFAULT_ELEMENT_LOCAL_NAME,
- STORKConstants.STORK10_PREFIX);
-
- public void setValue(String spCountry);
-
- public String getValue();
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/SpInstitution.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/SpInstitution.java
deleted file mode 100644
index dddd9e599..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/SpInstitution.java
+++ /dev/null
@@ -1,48 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.stork;
-
-import javax.xml.namespace.QName;
-
-import org.opensaml.xml.validation.ValidatingXMLObject;
-
-import eu.stork.vidp.messages.common.STORKConstants;
-
-public interface SpInstitution extends
- ValidatingXMLObject {
-
- /** Element local name. */
- public static final String DEFAULT_ELEMENT_LOCAL_NAME = "spInstitution";
-
- /** Default element name. */
- public static final QName DEFAULT_ELEMENT_NAME = new QName(STORKConstants.STORK10_NS, DEFAULT_ELEMENT_LOCAL_NAME,
- STORKConstants.STORK10_PREFIX);
-
- public void setValue(String spInstitution);
-
- public String getValue();
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/SpSector.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/SpSector.java
deleted file mode 100644
index f29bf02c8..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/SpSector.java
+++ /dev/null
@@ -1,48 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.stork;
-
-import javax.xml.namespace.QName;
-
-import org.opensaml.xml.validation.ValidatingXMLObject;
-
-import eu.stork.vidp.messages.common.STORKConstants;
-
-public interface SpSector extends
- ValidatingXMLObject {
-
- /** Element local name. */
- public static final String DEFAULT_ELEMENT_LOCAL_NAME = "spSector";
-
- /** Default element name. */
- public static final QName DEFAULT_ELEMENT_NAME = new QName(STORKConstants.STORK10_NS, DEFAULT_ELEMENT_LOCAL_NAME,
- STORKConstants.STORK10_PREFIX);
-
- public void setValue(String spSector);
-
- public String getValue();
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/VIDPAuthenticationAttributes.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/VIDPAuthenticationAttributes.java
deleted file mode 100644
index 89c4bec61..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/VIDPAuthenticationAttributes.java
+++ /dev/null
@@ -1,60 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.stork;
-
-import javax.xml.namespace.QName;
-
-import org.opensaml.xml.validation.ValidatingXMLObject;
-
-import eu.stork.vidp.messages.common.STORKConstants;
-
-public interface VIDPAuthenticationAttributes extends
- ValidatingXMLObject {
-
- /** Element local name. */
- public static final String DEFAULT_ELEMENT_LOCAL_NAME = "VIDPAuthenticationAttributes";
-
- /** Default element name. */
- public static final QName DEFAULT_ELEMENT_NAME = new QName(STORKConstants.STORKP10_NS, DEFAULT_ELEMENT_LOCAL_NAME,
- STORKConstants.STORKP10_PREFIX);
-
- /** Local name of the XSI type. */
- public static final String TYPE_LOCAL_NAME = "VIDPAuthenticationAttributesType";
-
- /** QName of the XSI type. */
- public static final QName TYPE_NAME = new QName(STORKConstants.STORKP10_NS, TYPE_LOCAL_NAME,
- STORKConstants.STORKP10_PREFIX);
-
- public void setCitizenCountryCode(CitizenCountryCode citizenCountryCode);
-
- public CitizenCountryCode getCitizenCountryCode();
-
- public void setSPInformation(SPInformation spInformation);
-
- public SPInformation getSPInformation();
-
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/AuthenticationAttributesBuilder.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/AuthenticationAttributesBuilder.java
deleted file mode 100644
index 7fb418f74..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/AuthenticationAttributesBuilder.java
+++ /dev/null
@@ -1,46 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.stork.impl;
-
-import org.opensaml.xml.AbstractXMLObjectBuilder;
-
-import eu.stork.vidp.messages.common.STORKConstants;
-import eu.stork.vidp.messages.stork.AuthenticationAttributes;
-
-public class AuthenticationAttributesBuilder extends
- AbstractXMLObjectBuilder<AuthenticationAttributes> {
-
- @Override
- public AuthenticationAttributes buildObject(String namespaceURI, String localName,
- String namespacePrefix) {
- return new AuthenticationAttributesImpl(namespaceURI, localName, namespacePrefix);
- }
-
- public AuthenticationAttributes buildObject() {
- return buildObject(STORKConstants.STORK10_NS, AuthenticationAttributes.DEFAULT_ELEMENT_LOCAL_NAME, STORKConstants.STORK10_PREFIX);
- }
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/AuthenticationAttributesImpl.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/AuthenticationAttributesImpl.java
deleted file mode 100644
index 68e751fdc..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/AuthenticationAttributesImpl.java
+++ /dev/null
@@ -1,74 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.stork.impl;
-
-import java.util.ArrayList;
-import java.util.Collections;
-import java.util.List;
-
-import org.opensaml.xml.XMLObject;
-import org.opensaml.xml.validation.AbstractValidatingXMLObject;
-
-import eu.stork.vidp.messages.stork.AuthenticationAttributes;
-import eu.stork.vidp.messages.stork.VIDPAuthenticationAttributes;
-
-public class AuthenticationAttributesImpl extends
- AbstractValidatingXMLObject implements
- AuthenticationAttributes {
-
- private VIDPAuthenticationAttributes authenticationAttributes;
-
-
- protected AuthenticationAttributesImpl(String namespaceURI,
- String elementLocalName, String namespacePrefix) {
- super(namespaceURI, elementLocalName, namespacePrefix);
- }
-
- public VIDPAuthenticationAttributes getVIDPAuthenticationAttributes() {
- return authenticationAttributes;
- }
-
- public void setVIDPAuthenticationAttributes(
- VIDPAuthenticationAttributes authenticationAttributes) {
- this.authenticationAttributes = authenticationAttributes;
- }
-
-
- public List<XMLObject> getOrderedChildren() {
- ArrayList<XMLObject> children = new ArrayList<XMLObject>();
-
- if (authenticationAttributes != null) {
- children.add(authenticationAttributes);
- }
-
- if (children.size() == 0) {
- return null;
- }
-
- return Collections.unmodifiableList(children);
- }
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/AuthenticationAttributesMarshaller.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/AuthenticationAttributesMarshaller.java
deleted file mode 100644
index 05f1f9aec..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/AuthenticationAttributesMarshaller.java
+++ /dev/null
@@ -1,35 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.stork.impl;
-
-import org.opensaml.xml.io.BaseXMLObjectMarshaller;
-
-public class AuthenticationAttributesMarshaller extends
- BaseXMLObjectMarshaller {
-
-
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/AuthenticationAttributesUnmarshaller.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/AuthenticationAttributesUnmarshaller.java
deleted file mode 100644
index 564d62383..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/AuthenticationAttributesUnmarshaller.java
+++ /dev/null
@@ -1,52 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.stork.impl;
-
-import org.opensaml.xml.XMLObject;
-import org.opensaml.xml.io.BaseXMLObjectUnmarshaller;
-import org.opensaml.xml.io.UnmarshallingException;
-
-import eu.stork.vidp.messages.stork.AuthenticationAttributes;
-import eu.stork.vidp.messages.stork.VIDPAuthenticationAttributes;
-
-public class AuthenticationAttributesUnmarshaller extends
- BaseXMLObjectUnmarshaller {
-
- @Override
- protected void processChildElement(XMLObject parentXMLObject,
- XMLObject childXMLObject) throws UnmarshallingException {
- AuthenticationAttributes attributes = (AuthenticationAttributes) parentXMLObject;
-
- if (childXMLObject instanceof VIDPAuthenticationAttributes) {
- attributes.setVIDPAuthenticationAttributes((VIDPAuthenticationAttributes) childXMLObject);
- } else {
- super.processChildElement(parentXMLObject, childXMLObject);
- }
- }
-
-
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/CitizenCountryCodeBuilder.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/CitizenCountryCodeBuilder.java
deleted file mode 100644
index de380d780..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/CitizenCountryCodeBuilder.java
+++ /dev/null
@@ -1,46 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.stork.impl;
-
-import org.opensaml.xml.AbstractXMLObjectBuilder;
-
-import eu.stork.vidp.messages.common.STORKConstants;
-import eu.stork.vidp.messages.stork.CitizenCountryCode;
-
-public class CitizenCountryCodeBuilder extends
- AbstractXMLObjectBuilder<CitizenCountryCode> {
-
- @Override
- public CitizenCountryCode buildObject(String namespaceURI, String localName,
- String namespacePrefix) {
- return new CitizenCountryCodeImpl(namespaceURI, localName, namespacePrefix);
- }
-
- public CitizenCountryCode buildObject() {
- return buildObject(STORKConstants.STORK10_NS, CitizenCountryCode.DEFAULT_ELEMENT_LOCAL_NAME, STORKConstants.STORK10_PREFIX);
- }
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/CitizenCountryCodeImpl.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/CitizenCountryCodeImpl.java
deleted file mode 100644
index 3de591116..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/CitizenCountryCodeImpl.java
+++ /dev/null
@@ -1,60 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.stork.impl;
-
-import java.util.Collections;
-import java.util.List;
-
-import org.opensaml.xml.XMLObject;
-import org.opensaml.xml.validation.AbstractValidatingXMLObject;
-
-import eu.stork.vidp.messages.stork.CitizenCountryCode;
-
-public class CitizenCountryCodeImpl extends
- AbstractValidatingXMLObject implements
- CitizenCountryCode {
-
- private String citizenCountryCode;
-
- protected CitizenCountryCodeImpl(String namespaceURI,
- String elementLocalName, String namespacePrefix) {
- super(namespaceURI, elementLocalName, namespacePrefix);
- }
-
- public String getValue() {
- return citizenCountryCode;
- }
-
- public void setValue(String citizenCountryCode) {
- this.citizenCountryCode = citizenCountryCode;
- }
-
- public List<XMLObject> getOrderedChildren() {
- return Collections.emptyList();
- }
-
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/CitizenCountryCodeMarshaller.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/CitizenCountryCodeMarshaller.java
deleted file mode 100644
index 8d47d6117..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/CitizenCountryCodeMarshaller.java
+++ /dev/null
@@ -1,45 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.stork.impl;
-
-import org.opensaml.xml.XMLObject;
-import org.opensaml.xml.io.BaseXMLObjectMarshaller;
-import org.opensaml.xml.io.MarshallingException;
-import org.opensaml.xml.util.XMLHelper;
-import org.w3c.dom.Element;
-
-import eu.stork.vidp.messages.stork.CitizenCountryCode;
-
-public class CitizenCountryCodeMarshaller extends
- BaseXMLObjectMarshaller {
-
- /** {@inheritDoc} */
- protected void marshallElementContent(XMLObject xmlObject, Element domElement) throws MarshallingException {
- CitizenCountryCode ccc = (CitizenCountryCode) xmlObject;
- XMLHelper.appendTextContent(domElement, ccc.getValue());
- }
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/CitizenCountryCodeUnmarshaller.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/CitizenCountryCodeUnmarshaller.java
deleted file mode 100644
index 69bd4cdb1..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/CitizenCountryCodeUnmarshaller.java
+++ /dev/null
@@ -1,45 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.stork.impl;
-
-import org.opensaml.xml.XMLObject;
-import org.opensaml.xml.io.BaseXMLObjectUnmarshaller;
-
-import eu.stork.vidp.messages.stork.CitizenCountryCode;
-
-public class CitizenCountryCodeUnmarshaller extends
- BaseXMLObjectUnmarshaller {
-
- @Override
- protected void processElementContent(XMLObject xmlObject,
- String elementContent) {
- CitizenCountryCode ccc = (CitizenCountryCode) xmlObject;
- ccc.setValue(elementContent);
- }
-
-
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/EIDCrossBorderShareBuilder.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/EIDCrossBorderShareBuilder.java
deleted file mode 100644
index d2b1bba08..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/EIDCrossBorderShareBuilder.java
+++ /dev/null
@@ -1,46 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.stork.impl;
-
-import org.opensaml.xml.AbstractXMLObjectBuilder;
-
-import eu.stork.vidp.messages.common.STORKConstants;
-import eu.stork.vidp.messages.stork.EIDCrossBorderShare;
-
-public class EIDCrossBorderShareBuilder extends
- AbstractXMLObjectBuilder<EIDCrossBorderShare> {
-
- @Override
- public EIDCrossBorderShare buildObject(String namespaceURI, String localName,
- String namespacePrefix) {
- return new EIDCrossBorderShareImpl(namespaceURI, localName, namespacePrefix);
- }
-
- public EIDCrossBorderShare buildObject() {
- return buildObject(STORKConstants.STORKP10_NS, EIDCrossBorderShare.DEFAULT_ELEMENT_LOCAL_NAME, STORKConstants.STORKP10_PREFIX);
- }
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/EIDCrossBorderShareImpl.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/EIDCrossBorderShareImpl.java
deleted file mode 100644
index e5182aff1..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/EIDCrossBorderShareImpl.java
+++ /dev/null
@@ -1,80 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-/**
- *
- */
-package eu.stork.vidp.messages.stork.impl;
-
-import java.util.Collections;
-import java.util.List;
-
-import org.opensaml.xml.XMLObject;
-import org.opensaml.xml.validation.AbstractValidatingXMLObject;
-
-import eu.stork.vidp.messages.stork.EIDCrossBorderShare;
-
-/**
- * @author bzwattendorfer
- *
- */
-public class EIDCrossBorderShareImpl extends AbstractValidatingXMLObject implements
- EIDCrossBorderShare {
-
- private boolean value;
-
- /**
- * @param namespaceURI
- * @param elementLocalName
- * @param namespacePrefix
- */
- public EIDCrossBorderShareImpl(String namespaceURI, String elementLocalName,
- String namespacePrefix) {
- super(namespaceURI, elementLocalName, namespacePrefix);
- }
-
- /* (non-Javadoc)
- * @see eu.stork.mw.common.messages.stork.EIDSectorShare#getValue()
- */
- public boolean getValue() {
- return this.value;
- }
-
- /* (non-Javadoc)
- * @see eu.stork.mw.common.messages.stork.EIDSectorShare#setValue(boolean)
- */
- public void setValue(boolean value) {
- this.value = value;
-
- }
-
- /* (non-Javadoc)
- * @see org.opensaml.xml.XMLObject#getOrderedChildren()
- */
- public List<XMLObject> getOrderedChildren() {
- return Collections.emptyList();
- }
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/EIDCrossBorderShareMarshaller.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/EIDCrossBorderShareMarshaller.java
deleted file mode 100644
index 1b98e8a2b..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/EIDCrossBorderShareMarshaller.java
+++ /dev/null
@@ -1,45 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.stork.impl;
-
-import org.opensaml.xml.XMLObject;
-import org.opensaml.xml.io.BaseXMLObjectMarshaller;
-import org.opensaml.xml.io.MarshallingException;
-import org.opensaml.xml.util.XMLHelper;
-import org.w3c.dom.Element;
-
-import eu.stork.vidp.messages.stork.EIDCrossBorderShare;
-
-public class EIDCrossBorderShareMarshaller extends
- BaseXMLObjectMarshaller {
-
- /** {@inheritDoc} */
- protected void marshallElementContent(XMLObject samlObject, Element domElement) throws MarshallingException {
- EIDCrossBorderShare cbs = (EIDCrossBorderShare) samlObject;
- XMLHelper.appendTextContent(domElement, String.valueOf(cbs.getValue()));
- }
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/EIDCrossBorderShareUnmarshaller.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/EIDCrossBorderShareUnmarshaller.java
deleted file mode 100644
index bb7b9d762..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/EIDCrossBorderShareUnmarshaller.java
+++ /dev/null
@@ -1,45 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.stork.impl;
-
-import org.opensaml.xml.XMLObject;
-import org.opensaml.xml.io.BaseXMLObjectUnmarshaller;
-
-import eu.stork.vidp.messages.stork.EIDCrossBorderShare;
-
-public class EIDCrossBorderShareUnmarshaller extends
- BaseXMLObjectUnmarshaller {
-
- @Override
- protected void processElementContent(XMLObject xmlObject,
- String elementContent) {
- EIDCrossBorderShare cbs = (EIDCrossBorderShare) xmlObject;
- cbs.setValue(Boolean.parseBoolean(elementContent));
- }
-
-
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/EIDCrossSectorShareBuilder.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/EIDCrossSectorShareBuilder.java
deleted file mode 100644
index c02b11a7f..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/EIDCrossSectorShareBuilder.java
+++ /dev/null
@@ -1,46 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.stork.impl;
-
-import org.opensaml.xml.AbstractXMLObjectBuilder;
-
-import eu.stork.vidp.messages.common.STORKConstants;
-import eu.stork.vidp.messages.stork.EIDCrossSectorShare;
-
-public class EIDCrossSectorShareBuilder extends
- AbstractXMLObjectBuilder<EIDCrossSectorShare> {
-
- @Override
- public EIDCrossSectorShare buildObject(String namespaceURI, String localName,
- String namespacePrefix) {
- return new EIDCrossSectorShareImpl(namespaceURI, localName, namespacePrefix);
- }
-
- public EIDCrossSectorShare buildObject() {
- return buildObject(STORKConstants.STORKP10_NS, EIDCrossSectorShare.DEFAULT_ELEMENT_LOCAL_NAME, STORKConstants.STORKP10_PREFIX);
- }
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/EIDCrossSectorShareImpl.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/EIDCrossSectorShareImpl.java
deleted file mode 100644
index b58ee4c4b..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/EIDCrossSectorShareImpl.java
+++ /dev/null
@@ -1,80 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-/**
- *
- */
-package eu.stork.vidp.messages.stork.impl;
-
-import java.util.Collections;
-import java.util.List;
-
-import org.opensaml.xml.XMLObject;
-import org.opensaml.xml.validation.AbstractValidatingXMLObject;
-
-import eu.stork.vidp.messages.stork.EIDCrossSectorShare;
-
-/**
- * @author bzwattendorfer
- *
- */
-public class EIDCrossSectorShareImpl extends AbstractValidatingXMLObject implements
- EIDCrossSectorShare {
-
- private boolean value;
-
- /**
- * @param namespaceURI
- * @param elementLocalName
- * @param namespacePrefix
- */
- public EIDCrossSectorShareImpl(String namespaceURI, String elementLocalName,
- String namespacePrefix) {
- super(namespaceURI, elementLocalName, namespacePrefix);
- }
-
- /* (non-Javadoc)
- * @see eu.stork.mw.common.messages.stork.EIDSectorShare#getValue()
- */
- public boolean getValue() {
- return this.value;
- }
-
- /* (non-Javadoc)
- * @see eu.stork.mw.common.messages.stork.EIDSectorShare#setValue(boolean)
- */
- public void setValue(boolean value) {
- this.value = value;
-
- }
-
- /* (non-Javadoc)
- * @see org.opensaml.xml.XMLObject#getOrderedChildren()
- */
- public List<XMLObject> getOrderedChildren() {
- return Collections.emptyList();
- }
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/EIDCrossSectorShareMarshaller.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/EIDCrossSectorShareMarshaller.java
deleted file mode 100644
index bcffdad4a..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/EIDCrossSectorShareMarshaller.java
+++ /dev/null
@@ -1,45 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.stork.impl;
-
-import org.opensaml.xml.XMLObject;
-import org.opensaml.xml.io.BaseXMLObjectMarshaller;
-import org.opensaml.xml.io.MarshallingException;
-import org.opensaml.xml.util.XMLHelper;
-import org.w3c.dom.Element;
-
-import eu.stork.vidp.messages.stork.EIDCrossSectorShare;
-
-public class EIDCrossSectorShareMarshaller extends
- BaseXMLObjectMarshaller {
-
- /** {@inheritDoc} */
- protected void marshallElementContent(XMLObject samlObject, Element domElement) throws MarshallingException {
- EIDCrossSectorShare css = (EIDCrossSectorShare) samlObject;
- XMLHelper.appendTextContent(domElement, String.valueOf(css.getValue()));
- }
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/EIDCrossSectorShareUnmarshaller.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/EIDCrossSectorShareUnmarshaller.java
deleted file mode 100644
index a249c4628..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/EIDCrossSectorShareUnmarshaller.java
+++ /dev/null
@@ -1,45 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.stork.impl;
-
-import org.opensaml.xml.XMLObject;
-import org.opensaml.xml.io.BaseXMLObjectUnmarshaller;
-
-import eu.stork.vidp.messages.stork.EIDCrossSectorShare;
-
-public class EIDCrossSectorShareUnmarshaller extends
- BaseXMLObjectUnmarshaller {
-
- @Override
- protected void processElementContent(XMLObject xmlObject,
- String elementContent) {
- EIDCrossSectorShare css = (EIDCrossSectorShare) xmlObject;
- css.setValue(Boolean.parseBoolean(elementContent));
- }
-
-
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/EIDSectorShareBuilder.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/EIDSectorShareBuilder.java
deleted file mode 100644
index 79e0d1122..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/EIDSectorShareBuilder.java
+++ /dev/null
@@ -1,46 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.stork.impl;
-
-import org.opensaml.xml.AbstractXMLObjectBuilder;
-
-import eu.stork.vidp.messages.common.STORKConstants;
-import eu.stork.vidp.messages.stork.EIDSectorShare;
-
-public class EIDSectorShareBuilder extends
- AbstractXMLObjectBuilder<EIDSectorShare> {
-
- @Override
- public EIDSectorShare buildObject(String namespaceURI, String localName,
- String namespacePrefix) {
- return new EIDSectorShareImpl(namespaceURI, localName, namespacePrefix);
- }
-
- public EIDSectorShare buildObject() {
- return buildObject(STORKConstants.STORKP10_NS, EIDSectorShare.DEFAULT_ELEMENT_LOCAL_NAME, STORKConstants.STORKP10_PREFIX);
- }
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/EIDSectorShareImpl.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/EIDSectorShareImpl.java
deleted file mode 100644
index ae65ad36c..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/EIDSectorShareImpl.java
+++ /dev/null
@@ -1,80 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-/**
- *
- */
-package eu.stork.vidp.messages.stork.impl;
-
-import java.util.Collections;
-import java.util.List;
-
-import org.opensaml.xml.XMLObject;
-import org.opensaml.xml.validation.AbstractValidatingXMLObject;
-
-import eu.stork.vidp.messages.stork.EIDSectorShare;
-
-/**
- * @author bzwattendorfer
- *
- */
-public class EIDSectorShareImpl extends AbstractValidatingXMLObject implements
- EIDSectorShare {
-
- private boolean value;
-
- /**
- * @param namespaceURI
- * @param elementLocalName
- * @param namespacePrefix
- */
- public EIDSectorShareImpl(String namespaceURI, String elementLocalName,
- String namespacePrefix) {
- super(namespaceURI, elementLocalName, namespacePrefix);
- }
-
- /* (non-Javadoc)
- * @see eu.stork.mw.common.messages.stork.EIDSectorShare#getValue()
- */
- public boolean getValue() {
- return this.value;
- }
-
- /* (non-Javadoc)
- * @see eu.stork.mw.common.messages.stork.EIDSectorShare#setValue(boolean)
- */
- public void setValue(boolean value) {
- this.value = value;
-
- }
-
- /* (non-Javadoc)
- * @see org.opensaml.xml.XMLObject#getOrderedChildren()
- */
- public List<XMLObject> getOrderedChildren() {
- return Collections.emptyList();
- }
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/EIDSectorShareMarshaller.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/EIDSectorShareMarshaller.java
deleted file mode 100644
index ed18cfbd4..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/EIDSectorShareMarshaller.java
+++ /dev/null
@@ -1,45 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.stork.impl;
-
-import org.opensaml.xml.XMLObject;
-import org.opensaml.xml.io.BaseXMLObjectMarshaller;
-import org.opensaml.xml.io.MarshallingException;
-import org.opensaml.xml.util.XMLHelper;
-import org.w3c.dom.Element;
-
-import eu.stork.vidp.messages.stork.EIDSectorShare;
-
-public class EIDSectorShareMarshaller extends
- BaseXMLObjectMarshaller {
-
- /** {@inheritDoc} */
- protected void marshallElementContent(XMLObject samlObject, Element domElement) throws MarshallingException {
- EIDSectorShare ss = (EIDSectorShare) samlObject;
- XMLHelper.appendTextContent(domElement, String.valueOf(ss.getValue()));
- }
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/EIDSectorShareUnmarshaller.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/EIDSectorShareUnmarshaller.java
deleted file mode 100644
index 6631e1ac2..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/EIDSectorShareUnmarshaller.java
+++ /dev/null
@@ -1,45 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.stork.impl;
-
-import org.opensaml.xml.XMLObject;
-import org.opensaml.xml.io.BaseXMLObjectUnmarshaller;
-
-import eu.stork.vidp.messages.stork.EIDSectorShare;
-
-public class EIDSectorShareUnmarshaller extends
- BaseXMLObjectUnmarshaller {
-
- @Override
- protected void processElementContent(XMLObject xmlObject,
- String elementContent) {
- EIDSectorShare ss = (EIDSectorShare) xmlObject;
- ss.setValue(Boolean.parseBoolean(elementContent));
- }
-
-
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/QualityAuthenticationAssuranceLevelBuilder.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/QualityAuthenticationAssuranceLevelBuilder.java
deleted file mode 100644
index d536372e8..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/QualityAuthenticationAssuranceLevelBuilder.java
+++ /dev/null
@@ -1,46 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.stork.impl;
-
-import org.opensaml.xml.AbstractXMLObjectBuilder;
-
-import eu.stork.vidp.messages.common.STORKConstants;
-import eu.stork.vidp.messages.stork.QualityAuthenticationAssuranceLevel;
-
-public class QualityAuthenticationAssuranceLevelBuilder extends
- AbstractXMLObjectBuilder<QualityAuthenticationAssuranceLevel> {
-
- @Override
- public QualityAuthenticationAssuranceLevel buildObject(String namespaceURI, String localName,
- String namespacePrefix) {
- return new QualityAuthenticationAssuranceLevelImpl(namespaceURI, localName, namespacePrefix);
- }
-
- public QualityAuthenticationAssuranceLevel buildObject() {
- return buildObject(STORKConstants.STORKP10_NS, QualityAuthenticationAssuranceLevel.DEFAULT_ELEMENT_LOCAL_NAME, STORKConstants.STORKP10_PREFIX);
- }
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/QualityAuthenticationAssuranceLevelImpl.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/QualityAuthenticationAssuranceLevelImpl.java
deleted file mode 100644
index 69548c149..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/QualityAuthenticationAssuranceLevelImpl.java
+++ /dev/null
@@ -1,60 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.stork.impl;
-
-import java.util.Collections;
-import java.util.List;
-
-import org.opensaml.xml.XMLObject;
-import org.opensaml.xml.validation.AbstractValidatingXMLObject;
-
-import eu.stork.vidp.messages.stork.QualityAuthenticationAssuranceLevel;
-
-public class QualityAuthenticationAssuranceLevelImpl extends
- AbstractValidatingXMLObject implements
- QualityAuthenticationAssuranceLevel {
-
- private int qaaLevel;
-
- protected QualityAuthenticationAssuranceLevelImpl(String namespaceURI,
- String elementLocalName, String namespacePrefix) {
- super(namespaceURI, elementLocalName, namespacePrefix);
- }
-
- public int getValue() {
- return this.qaaLevel;
- }
-
- public void setValue(int level) {
- this.qaaLevel = level;
-
- }
-
- public List<XMLObject> getOrderedChildren() {
- return Collections.emptyList();
- }
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/QualityAuthenticationAssuranceLevelMarshaller.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/QualityAuthenticationAssuranceLevelMarshaller.java
deleted file mode 100644
index 7f0d28895..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/QualityAuthenticationAssuranceLevelMarshaller.java
+++ /dev/null
@@ -1,45 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.stork.impl;
-
-import org.opensaml.xml.XMLObject;
-import org.opensaml.xml.io.BaseXMLObjectMarshaller;
-import org.opensaml.xml.io.MarshallingException;
-import org.opensaml.xml.util.XMLHelper;
-import org.w3c.dom.Element;
-
-import eu.stork.vidp.messages.stork.QualityAuthenticationAssuranceLevel;
-
-public class QualityAuthenticationAssuranceLevelMarshaller extends
- BaseXMLObjectMarshaller {
-
- /** {@inheritDoc} */
- protected void marshallElementContent(XMLObject samlObject, Element domElement) throws MarshallingException {
- QualityAuthenticationAssuranceLevel qaa = (QualityAuthenticationAssuranceLevel) samlObject;
- XMLHelper.appendTextContent(domElement, String.valueOf(qaa.getValue()));
- }
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/QualityAuthenticationAssuranceLevelUnmarshaller.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/QualityAuthenticationAssuranceLevelUnmarshaller.java
deleted file mode 100644
index f024261f8..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/QualityAuthenticationAssuranceLevelUnmarshaller.java
+++ /dev/null
@@ -1,45 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.stork.impl;
-
-import org.opensaml.xml.XMLObject;
-import org.opensaml.xml.io.BaseXMLObjectUnmarshaller;
-
-import eu.stork.vidp.messages.stork.QualityAuthenticationAssuranceLevel;
-
-public class QualityAuthenticationAssuranceLevelUnmarshaller extends
- BaseXMLObjectUnmarshaller {
-
- @Override
- protected void processElementContent(XMLObject xmlObject,
- String elementContent) {
- QualityAuthenticationAssuranceLevel qaa = (QualityAuthenticationAssuranceLevel) xmlObject;
- qaa.setValue(Integer.parseInt(elementContent));
- }
-
-
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/RequestedAttributesBuilder.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/RequestedAttributesBuilder.java
deleted file mode 100644
index d1e80abbb..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/RequestedAttributesBuilder.java
+++ /dev/null
@@ -1,58 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-
-/**
- *
- */
-
-package eu.stork.vidp.messages.stork.impl;
-
-import org.opensaml.xml.AbstractXMLObjectBuilder;
-
-import eu.stork.vidp.messages.common.STORKConstants;
-import eu.stork.vidp.messages.stork.RequestedAttributes;
-
-/**
- * Builder for {@link org.opensaml.saml2.core.impl.AudienceRestrictionImpl} objects.
- */
-public class RequestedAttributesBuilder extends AbstractXMLObjectBuilder<RequestedAttributes> {
-
- /** Constructor. */
- public RequestedAttributesBuilder() {
-
- }
-
- /** {@inheritDoc} */
- public RequestedAttributes buildObject() {
- return buildObject(STORKConstants.STORK10_NS, RequestedAttributes.DEFAULT_ELEMENT_LOCAL_NAME,
- STORKConstants.STORK10_PREFIX);
- }
-
- /** {@inheritDoc} */
- public RequestedAttributes buildObject(String namespaceURI, String localName, String namespacePrefix) {
- return new RequestedAttributesImpl(namespaceURI, localName, namespacePrefix);
- }
-} \ No newline at end of file
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/RequestedAttributesImpl.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/RequestedAttributesImpl.java
deleted file mode 100644
index cd2b4a490..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/RequestedAttributesImpl.java
+++ /dev/null
@@ -1,88 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-
-/**
- *
- */
-
-package eu.stork.vidp.messages.stork.impl;
-
-import java.util.ArrayList;
-import java.util.Collections;
-import java.util.List;
-
-import org.opensaml.saml2.metadata.RequestedAttribute;
-import org.opensaml.xml.XMLObject;
-import org.opensaml.xml.util.XMLObjectChildrenList;
-import org.opensaml.xml.validation.AbstractValidatingXMLObject;
-
-import eu.stork.vidp.messages.stork.RequestedAttributes;
-
-/**
- * Concrete implementation of {@link org.opensaml.saml2.core.AudienceRestriction}.
- */
-public class RequestedAttributesImpl extends AbstractValidatingXMLObject implements RequestedAttributes {
-
- /** List of the audiences. */
- private XMLObjectChildrenList<RequestedAttribute> requestedAttributes;
-
- /**
- * Constructor.
- *
- * @param namespaceURI the namespace the element is in
- * @param elementLocalName the local name of the XML element this Object represents
- * @param namespacePrefix the prefix for the given namespace
- */
- protected RequestedAttributesImpl(String namespaceURI, String elementLocalName, String namespacePrefix) {
- super(namespaceURI, elementLocalName, namespacePrefix);
- requestedAttributes = new XMLObjectChildrenList<RequestedAttribute>(this);
- }
-
- /** {@inheritDoc} */
- public List<RequestedAttribute> getRequestedAttributes() {
- return requestedAttributes;
- }
-
-
- /** {@inheritDoc} */
- public List<XMLObject> getOrderedChildren() {
- ArrayList<XMLObject> children = new ArrayList<XMLObject>();
-
- children.addAll(requestedAttributes);
-
- return Collections.unmodifiableList(children);
- }
-
- public void setRequestedAttributes(
- List<RequestedAttribute> requestedAttributes) {
- this.requestedAttributes = (XMLObjectChildrenList<RequestedAttribute>) requestedAttributes;
-
- }
-
-
-
-
-} \ No newline at end of file
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/RequestedAttributesMarshaller.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/RequestedAttributesMarshaller.java
deleted file mode 100644
index 8716c45a5..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/RequestedAttributesMarshaller.java
+++ /dev/null
@@ -1,40 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-
-/**
- *
- */
-
-package eu.stork.vidp.messages.stork.impl;
-
-import org.opensaml.xml.io.BaseXMLObjectMarshaller;
-
-/**
- * A thread safe Marshaller for {@link org.opensaml.saml2.core.AudienceRestriction} objects.
- */
-public class RequestedAttributesMarshaller extends BaseXMLObjectMarshaller {
-
-} \ No newline at end of file
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/RequestedAttributesUnmarshaller.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/RequestedAttributesUnmarshaller.java
deleted file mode 100644
index 94e603bd9..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/RequestedAttributesUnmarshaller.java
+++ /dev/null
@@ -1,55 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-
-/**
- *
- */
-
-package eu.stork.vidp.messages.stork.impl;
-
-import org.opensaml.saml2.metadata.RequestedAttribute;
-import org.opensaml.xml.XMLObject;
-import org.opensaml.xml.io.BaseXMLObjectUnmarshaller;
-import org.opensaml.xml.io.UnmarshallingException;
-
-import eu.stork.vidp.messages.stork.RequestedAttributes;
-
-/**
- * A thread-safe Unmarshaller for {@link org.opensaml.saml2.core.AudienceRestriction} objects.
- */
-public class RequestedAttributesUnmarshaller extends BaseXMLObjectUnmarshaller {
-
- /** {@inheritDoc} */
- protected void processChildElement(XMLObject parentObject, XMLObject childObject) throws UnmarshallingException {
- RequestedAttributes requestedAttributes = (RequestedAttributes) parentObject;
-
- if (childObject instanceof RequestedAttribute) {
- requestedAttributes.getRequestedAttributes().add((RequestedAttribute) childObject);
- } else {
- super.processChildElement(parentObject, childObject);
- }
- }
-} \ No newline at end of file
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPAuthRequestBuilder.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPAuthRequestBuilder.java
deleted file mode 100644
index 1febbf399..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPAuthRequestBuilder.java
+++ /dev/null
@@ -1,50 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-package eu.stork.vidp.messages.stork.impl;
-
-import org.opensaml.xml.AbstractXMLObjectBuilder;
-
-import eu.stork.vidp.messages.common.STORKConstants;
-import eu.stork.vidp.messages.stork.SPAuthRequest;
-
-/**
- * Builder of {@link org.opensaml.saml2.common.impl.ExtensionsImpl} objects.
- */
-public class SPAuthRequestBuilder extends AbstractXMLObjectBuilder<SPAuthRequest> {
-
- /**
- * {@inheritDoc}
- */
- public SPAuthRequest buildObject() {
- return buildObject(STORKConstants.STORK10_NS, SPAuthRequest.LOCAL_NAME, STORKConstants.STORK10_PREFIX);
- }
-
- /**
- * {@inheritDoc}
- */
- public SPAuthRequest buildObject(String namespaceURI, String localName, String namespacePrefix) {
- return new SPAuthRequestImpl(namespaceURI, localName, namespacePrefix);
- }
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPAuthRequestImpl.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPAuthRequestImpl.java
deleted file mode 100644
index 9ea20b9cc..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPAuthRequestImpl.java
+++ /dev/null
@@ -1,76 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.stork.impl;
-
-import java.util.Collections;
-import java.util.List;
-
-import javax.xml.namespace.QName;
-
-import org.opensaml.xml.XMLObject;
-import org.opensaml.xml.util.IndexedXMLObjectChildrenList;
-import org.opensaml.xml.validation.AbstractValidatingXMLObject;
-
-import eu.stork.vidp.messages.stork.SPAuthRequest;
-
-/**
- *
- */
-public class SPAuthRequestImpl extends AbstractValidatingXMLObject implements SPAuthRequest {
-
- /** "any" children */
- private final IndexedXMLObjectChildrenList<XMLObject> unknownChildren;
-
- /**
- * Constructor
- *
- * @param namespaceURI
- * @param elementLocalName
- * @param namespacePrefix
- */
- protected SPAuthRequestImpl(String namespaceURI, String elementLocalName, String namespacePrefix) {
- super(namespaceURI, elementLocalName, namespacePrefix);
- unknownChildren = new IndexedXMLObjectChildrenList<XMLObject>(this);
- }
-
- /**
- * {@inheritDoc}
- */
- public List<XMLObject> getUnknownXMLObjects() {
- return unknownChildren;
- }
-
- /** {@inheritDoc} */
- @SuppressWarnings("unchecked")
- public List<XMLObject> getUnknownXMLObjects(QName typeOrName) {
- return (List<XMLObject>) unknownChildren.subList(typeOrName);
- }
-
- /** {@inheritDoc} */
- public List<XMLObject> getOrderedChildren() {
- return Collections.unmodifiableList(unknownChildren);
- }
-} \ No newline at end of file
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPAuthRequestMarshaller.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPAuthRequestMarshaller.java
deleted file mode 100644
index feb730935..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPAuthRequestMarshaller.java
+++ /dev/null
@@ -1,57 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-package eu.stork.vidp.messages.stork.impl;
-
-import org.opensaml.xml.XMLObject;
-import org.opensaml.xml.io.AbstractXMLObjectMarshaller;
-import org.opensaml.xml.io.MarshallingException;
-import org.w3c.dom.Element;
-
-/**
- * A thread-safe Marshaller for {@link org.opensaml.saml2.common.Extensions} objects.
- */
-public class SPAuthRequestMarshaller extends AbstractXMLObjectMarshaller {
-
- /**
- * Constructor
- */
- public SPAuthRequestMarshaller() {
- super();
- }
-
- /**
- * {@inheritDoc}
- */
- protected void marshallAttributes(XMLObject xmlObject, Element domElement) throws MarshallingException {
- // no attributes
- }
-
- /**
- * {@inheritDoc}
- */
- protected void marshallElementContent(XMLObject xmlObject, Element domElement) throws MarshallingException {
- // no content
- }
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPAuthRequestUnmarshaller.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPAuthRequestUnmarshaller.java
deleted file mode 100644
index 7d5be220d..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPAuthRequestUnmarshaller.java
+++ /dev/null
@@ -1,70 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-package eu.stork.vidp.messages.stork.impl;
-
-import org.opensaml.common.impl.AbstractSAMLObjectUnmarshaller;
-import org.opensaml.xml.XMLObject;
-import org.opensaml.xml.io.AbstractXMLObjectUnmarshaller;
-import org.opensaml.xml.io.UnmarshallingException;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.w3c.dom.Attr;
-
-import eu.stork.vidp.messages.stork.SPAuthRequest;
-
-public class SPAuthRequestUnmarshaller extends AbstractXMLObjectUnmarshaller {
-
- /** Logger. */
- private final Logger log = LoggerFactory.getLogger(AbstractSAMLObjectUnmarshaller.class);
-
- /** Constructor. */
- public SPAuthRequestUnmarshaller() {
- super();
- }
-
- /**
- * {@inheritDoc}
- */
- protected void processChildElement(XMLObject parentXMLObject, XMLObject childXMLObject)
- throws UnmarshallingException {
- SPAuthRequest spAuthRequest = (SPAuthRequest) parentXMLObject;
-
- spAuthRequest.getUnknownXMLObjects().add(childXMLObject);
- }
-
- /**
- * {@inheritDoc}
- */
- protected void processAttribute(XMLObject xmlObject, Attr attribute) throws UnmarshallingException {
- log.debug("Ignorning unknown attribute {}", attribute.getLocalName());
- }
-
- /**
- * {@inheritDoc}
- */
- protected void processElementContent(XMLObject xmlObject, String elementContent) {
- log.debug("Ignoring element content {}", elementContent);
- }
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPCertEncBuilder.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPCertEncBuilder.java
deleted file mode 100644
index eb13ddf73..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPCertEncBuilder.java
+++ /dev/null
@@ -1,46 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.stork.impl;
-
-import org.opensaml.xml.AbstractXMLObjectBuilder;
-
-import eu.stork.vidp.messages.common.STORKConstants;
-import eu.stork.vidp.messages.stork.SPCertEnc;
-
-public class SPCertEncBuilder extends
- AbstractXMLObjectBuilder<SPCertEnc> {
-
- @Override
- public SPCertEnc buildObject(String namespaceURI, String localName,
- String namespacePrefix) {
- return new SPCertEncImpl(namespaceURI, localName, namespacePrefix);
- }
-
- public SPCertEnc buildObject() {
- return buildObject(STORKConstants.STORK10_NS, SPCertEnc.DEFAULT_ELEMENT_LOCAL_NAME, STORKConstants.STORK10_PREFIX);
- }
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPCertEncImpl.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPCertEncImpl.java
deleted file mode 100644
index 2ee08e1ec..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPCertEncImpl.java
+++ /dev/null
@@ -1,39 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.stork.impl;
-
-import eu.stork.vidp.messages.stork.SPCertEnc;
-
-public class SPCertEncImpl extends
- SPCertTypeImpl implements
- SPCertEnc {
-
- protected SPCertEncImpl(String namespaceURI,
- String elementLocalName, String namespacePrefix) {
- super(namespaceURI, elementLocalName, namespacePrefix);
- }
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPCertEncMarshaller.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPCertEncMarshaller.java
deleted file mode 100644
index 091676959..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPCertEncMarshaller.java
+++ /dev/null
@@ -1,34 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.stork.impl;
-
-
-public class SPCertEncMarshaller extends
- SPCertTypeMarshaller {
-
-
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPCertEncUnmarshaller.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPCertEncUnmarshaller.java
deleted file mode 100644
index 3b6339609..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPCertEncUnmarshaller.java
+++ /dev/null
@@ -1,33 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.stork.impl;
-
-
-public class SPCertEncUnmarshaller extends
- SPCertTypeUnmarshaller {
-
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPCertSigBuilder.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPCertSigBuilder.java
deleted file mode 100644
index 5e75a0e2c..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPCertSigBuilder.java
+++ /dev/null
@@ -1,46 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.stork.impl;
-
-import org.opensaml.xml.AbstractXMLObjectBuilder;
-
-import eu.stork.vidp.messages.common.STORKConstants;
-import eu.stork.vidp.messages.stork.SPCertSig;
-
-public class SPCertSigBuilder extends
- AbstractXMLObjectBuilder<SPCertSig> {
-
- @Override
- public SPCertSig buildObject(String namespaceURI, String localName,
- String namespacePrefix) {
- return new SPCertSigImpl(namespaceURI, localName, namespacePrefix);
- }
-
- public SPCertSig buildObject() {
- return buildObject(STORKConstants.STORK10_NS, SPCertSig.DEFAULT_ELEMENT_LOCAL_NAME, STORKConstants.STORK10_PREFIX);
- }
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPCertSigImpl.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPCertSigImpl.java
deleted file mode 100644
index f98e3ede3..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPCertSigImpl.java
+++ /dev/null
@@ -1,39 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.stork.impl;
-
-import eu.stork.vidp.messages.stork.SPCertSig;
-
-public class SPCertSigImpl extends
- SPCertTypeImpl implements
- SPCertSig {
-
- protected SPCertSigImpl(String namespaceURI,
- String elementLocalName, String namespacePrefix) {
- super(namespaceURI, elementLocalName, namespacePrefix);
- }
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPCertSigMarshaller.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPCertSigMarshaller.java
deleted file mode 100644
index e9f3d14da..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPCertSigMarshaller.java
+++ /dev/null
@@ -1,34 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.stork.impl;
-
-
-public class SPCertSigMarshaller extends
- SPCertTypeMarshaller {
-
-
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPCertSigUnmarshaller.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPCertSigUnmarshaller.java
deleted file mode 100644
index d706223cb..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPCertSigUnmarshaller.java
+++ /dev/null
@@ -1,33 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.stork.impl;
-
-
-public class SPCertSigUnmarshaller extends
- SPCertTypeUnmarshaller {
-
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPCertTypeImpl.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPCertTypeImpl.java
deleted file mode 100644
index a9a30dada..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPCertTypeImpl.java
+++ /dev/null
@@ -1,72 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.stork.impl;
-
-import java.util.ArrayList;
-import java.util.Collections;
-import java.util.List;
-
-import org.opensaml.xml.XMLObject;
-import org.opensaml.xml.signature.KeyInfo;
-import org.opensaml.xml.validation.AbstractValidatingXMLObject;
-
-import eu.stork.vidp.messages.stork.SPCertType;
-
-public class SPCertTypeImpl extends
- AbstractValidatingXMLObject implements
- SPCertType {
-
- private KeyInfo keyInfo;
-
- protected SPCertTypeImpl(String namespaceURI,
- String elementLocalName, String namespacePrefix) {
- super(namespaceURI, elementLocalName, namespacePrefix);
- }
-
- public KeyInfo getKeyInfo() {
- return keyInfo;
- }
-
- public void setKeyInfo(KeyInfo keyInfo) {
- this.keyInfo = keyInfo;
- }
-
- public List<XMLObject> getOrderedChildren() {
- ArrayList<XMLObject> children = new ArrayList<XMLObject>();
-
- if (keyInfo != null) {
- children.add(keyInfo);
- }
-
- if (children.size() == 0) {
- return null;
- }
-
- return Collections.unmodifiableList(children);
- }
-
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPCertTypeMarshaller.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPCertTypeMarshaller.java
deleted file mode 100644
index 0443a721a..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPCertTypeMarshaller.java
+++ /dev/null
@@ -1,34 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.stork.impl;
-
-import org.opensaml.xml.io.BaseXMLObjectMarshaller;
-
-public class SPCertTypeMarshaller extends
- BaseXMLObjectMarshaller {
-
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPCertTypeUnmarshaller.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPCertTypeUnmarshaller.java
deleted file mode 100644
index e23ff6b54..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPCertTypeUnmarshaller.java
+++ /dev/null
@@ -1,53 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.stork.impl;
-
-import org.opensaml.xml.XMLObject;
-import org.opensaml.xml.io.BaseXMLObjectUnmarshaller;
-import org.opensaml.xml.io.UnmarshallingException;
-import org.opensaml.xml.signature.KeyInfo;
-
-import eu.stork.vidp.messages.stork.SPCertType;
-
-public class SPCertTypeUnmarshaller extends
- BaseXMLObjectUnmarshaller {
-
-
- @Override
- protected void processChildElement(XMLObject parentXMLObject,
- XMLObject childXMLObject) throws UnmarshallingException {
- SPCertType spCertType = (SPCertType) parentXMLObject;
-
- if (childXMLObject instanceof KeyInfo) {
- spCertType.setKeyInfo((KeyInfo) childXMLObject);
- } else {
- super.processChildElement(parentXMLObject, childXMLObject);
- }
- }
-
-
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPIDBuilder.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPIDBuilder.java
deleted file mode 100644
index f892c88c3..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPIDBuilder.java
+++ /dev/null
@@ -1,46 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.stork.impl;
-
-import org.opensaml.xml.AbstractXMLObjectBuilder;
-
-import eu.stork.vidp.messages.common.STORKConstants;
-import eu.stork.vidp.messages.stork.SPID;
-
-public class SPIDBuilder extends
- AbstractXMLObjectBuilder<SPID> {
-
- @Override
- public SPID buildObject(String namespaceURI, String localName,
- String namespacePrefix) {
- return new SPIDImpl(namespaceURI, localName, namespacePrefix);
- }
-
- public SPID buildObject() {
- return buildObject(STORKConstants.STORK10_NS, SPID.DEFAULT_ELEMENT_LOCAL_NAME, STORKConstants.STORK10_PREFIX);
- }
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPIDImpl.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPIDImpl.java
deleted file mode 100644
index 34bde4caa..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPIDImpl.java
+++ /dev/null
@@ -1,60 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.stork.impl;
-
-import java.util.Collections;
-import java.util.List;
-
-import org.opensaml.xml.XMLObject;
-import org.opensaml.xml.validation.AbstractValidatingXMLObject;
-
-import eu.stork.vidp.messages.stork.SPID;
-
-public class SPIDImpl extends
- AbstractValidatingXMLObject implements
- SPID {
-
- private String spID;
-
- protected SPIDImpl(String namespaceURI,
- String elementLocalName, String namespacePrefix) {
- super(namespaceURI, elementLocalName, namespacePrefix);
- }
-
- public String getValue() {
- return spID;
- }
-
- public void setValue(String spID) {
- this.spID = spID;
- }
-
- public List<XMLObject> getOrderedChildren() {
- return Collections.emptyList();
- }
-
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPIDMarshaller.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPIDMarshaller.java
deleted file mode 100644
index 8455d5033..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPIDMarshaller.java
+++ /dev/null
@@ -1,45 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.stork.impl;
-
-import org.opensaml.xml.XMLObject;
-import org.opensaml.xml.io.BaseXMLObjectMarshaller;
-import org.opensaml.xml.io.MarshallingException;
-import org.opensaml.xml.util.XMLHelper;
-import org.w3c.dom.Element;
-
-import eu.stork.vidp.messages.stork.SPID;
-
-public class SPIDMarshaller extends
- BaseXMLObjectMarshaller {
-
- /** {@inheritDoc} */
- protected void marshallElementContent(XMLObject xmlObject, Element domElement) throws MarshallingException {
- SPID spID = (SPID) xmlObject;
- XMLHelper.appendTextContent(domElement, spID.getValue());
- }
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPIDUnmarshaller.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPIDUnmarshaller.java
deleted file mode 100644
index f2eb1eb00..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPIDUnmarshaller.java
+++ /dev/null
@@ -1,45 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.stork.impl;
-
-import org.opensaml.xml.XMLObject;
-import org.opensaml.xml.io.BaseXMLObjectUnmarshaller;
-
-import eu.stork.vidp.messages.stork.SPID;
-
-public class SPIDUnmarshaller extends
- BaseXMLObjectUnmarshaller {
-
- @Override
- protected void processElementContent(XMLObject xmlObject,
- String elementContent) {
- SPID spID = (SPID) xmlObject;
- spID.setValue(elementContent);
- }
-
-
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPInformationBuilder.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPInformationBuilder.java
deleted file mode 100644
index 1bc9c6ae8..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPInformationBuilder.java
+++ /dev/null
@@ -1,46 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.stork.impl;
-
-import org.opensaml.xml.AbstractXMLObjectBuilder;
-
-import eu.stork.vidp.messages.common.STORKConstants;
-import eu.stork.vidp.messages.stork.SPInformation;
-
-public class SPInformationBuilder extends
- AbstractXMLObjectBuilder<SPInformation> {
-
- @Override
- public SPInformation buildObject(String namespaceURI, String localName,
- String namespacePrefix) {
- return new SPInformationImpl(namespaceURI, localName, namespacePrefix);
- }
-
- public SPInformation buildObject() {
- return buildObject(STORKConstants.STORK10_NS, SPInformation.DEFAULT_ELEMENT_LOCAL_NAME, STORKConstants.STORK10_PREFIX);
- }
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPInformationImpl.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPInformationImpl.java
deleted file mode 100644
index e42c1cff5..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPInformationImpl.java
+++ /dev/null
@@ -1,121 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.stork.impl;
-
-import java.util.ArrayList;
-import java.util.Collections;
-import java.util.List;
-
-import org.opensaml.xml.XMLObject;
-import org.opensaml.xml.validation.AbstractValidatingXMLObject;
-
-import eu.stork.vidp.messages.stork.SPAuthRequest;
-import eu.stork.vidp.messages.stork.SPCertEnc;
-import eu.stork.vidp.messages.stork.SPCertSig;
-import eu.stork.vidp.messages.stork.SPID;
-import eu.stork.vidp.messages.stork.SPInformation;
-
-public class SPInformationImpl extends
- AbstractValidatingXMLObject implements
- SPInformation {
-
- private SPID spID;
-
- private SPCertSig spCertSig;
-
- private SPCertEnc spCertEnc;
-
- private SPAuthRequest spAuthRequest;
-
- protected SPInformationImpl(String namespaceURI,
- String elementLocalName, String namespacePrefix) {
- super(namespaceURI, elementLocalName, namespacePrefix);
- }
-
- public SPAuthRequest getSPAuthRequest() {
- return spAuthRequest;
- }
-
- public SPCertEnc getSPCertEnc() {
- return spCertEnc;
- }
-
- public SPCertSig getSPCertSig() {
- return spCertSig;
- }
-
- public SPID getSPID() {
- return spID;
- }
-
- public void setSPAuthRequest(SPAuthRequest spAuthRequest) {
- this.spAuthRequest = spAuthRequest;
- }
-
- public void setSPCertEnc(SPCertEnc spCertEnc) {
- this.spCertEnc = spCertEnc;
- }
-
- public void setSPCertSig(SPCertSig spCertSig) {
- this.spCertSig = spCertSig;
- }
-
- public void setSPID(SPID spID) {
- this.spID = spID;
- }
-
- public List<XMLObject> getOrderedChildren() {
- ArrayList<XMLObject> children = new ArrayList<XMLObject>();
-
- if (spID != null) {
- children.add(spID);
- }
-
- if (spCertSig != null) {
- children.add(spCertSig);
- }
-
- if (spCertEnc != null) {
- children.add(spCertEnc);
- }
-
- if (spAuthRequest != null) {
- children.add(spAuthRequest);
- }
-
- if (children.size() == 0) {
- return null;
- }
-
- return Collections.unmodifiableList(children);
- }
-
-
-
-
-
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPInformationMarshaller.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPInformationMarshaller.java
deleted file mode 100644
index aea91af92..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPInformationMarshaller.java
+++ /dev/null
@@ -1,35 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.stork.impl;
-
-import org.opensaml.xml.io.BaseXMLObjectMarshaller;
-
-public class SPInformationMarshaller extends
- BaseXMLObjectMarshaller {
-
-
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPInformationUnmarshaller.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPInformationUnmarshaller.java
deleted file mode 100644
index e7f9bd98e..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SPInformationUnmarshaller.java
+++ /dev/null
@@ -1,61 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.stork.impl;
-
-import org.opensaml.xml.XMLObject;
-import org.opensaml.xml.io.BaseXMLObjectUnmarshaller;
-import org.opensaml.xml.io.UnmarshallingException;
-
-import eu.stork.vidp.messages.stork.SPAuthRequest;
-import eu.stork.vidp.messages.stork.SPCertEnc;
-import eu.stork.vidp.messages.stork.SPCertSig;
-import eu.stork.vidp.messages.stork.SPID;
-import eu.stork.vidp.messages.stork.SPInformation;
-
-public class SPInformationUnmarshaller extends
- BaseXMLObjectUnmarshaller {
-
- @Override
- protected void processChildElement(XMLObject parentXMLObject,
- XMLObject childXMLObject) throws UnmarshallingException {
- SPInformation spInformation = (SPInformation) parentXMLObject;
-
- if (childXMLObject instanceof SPID) {
- spInformation.setSPID((SPID) childXMLObject);
- } else if (childXMLObject instanceof SPCertSig) {
- spInformation.setSPCertSig((SPCertSig) childXMLObject);
- } if (childXMLObject instanceof SPCertEnc) {
- spInformation.setSPCertEnc((SPCertEnc) childXMLObject);
- } if (childXMLObject instanceof SPAuthRequest) {
- spInformation.setSPAuthRequest((SPAuthRequest) childXMLObject);
- } else {
- super.processChildElement(parentXMLObject, childXMLObject);
- }
- }
-
-
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SpApplicationBuilder.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SpApplicationBuilder.java
deleted file mode 100644
index 596d77908..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SpApplicationBuilder.java
+++ /dev/null
@@ -1,46 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.stork.impl;
-
-import org.opensaml.xml.AbstractXMLObjectBuilder;
-
-import eu.stork.vidp.messages.common.STORKConstants;
-import eu.stork.vidp.messages.stork.SpApplication;
-
-public class SpApplicationBuilder extends
- AbstractXMLObjectBuilder<SpApplication> {
-
- @Override
- public SpApplication buildObject(String namespaceURI, String localName,
- String namespacePrefix) {
- return new SpApplicationImpl(namespaceURI, localName, namespacePrefix);
- }
-
- public SpApplication buildObject() {
- return buildObject(STORKConstants.STORK10_NS, SpApplication.DEFAULT_ELEMENT_LOCAL_NAME, STORKConstants.STORK10_PREFIX);
- }
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SpApplicationImpl.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SpApplicationImpl.java
deleted file mode 100644
index d9c3b3ad2..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SpApplicationImpl.java
+++ /dev/null
@@ -1,60 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.stork.impl;
-
-import java.util.Collections;
-import java.util.List;
-
-import org.opensaml.xml.XMLObject;
-import org.opensaml.xml.validation.AbstractValidatingXMLObject;
-
-import eu.stork.vidp.messages.stork.SpApplication;
-
-public class SpApplicationImpl extends
- AbstractValidatingXMLObject implements
- SpApplication {
-
- private String spApplication;
-
- protected SpApplicationImpl(String namespaceURI,
- String elementLocalName, String namespacePrefix) {
- super(namespaceURI, elementLocalName, namespacePrefix);
- }
-
- public String getValue() {
- return spApplication;
- }
-
- public void setValue(String spApplication) {
- this.spApplication = spApplication;
- }
-
- public List<XMLObject> getOrderedChildren() {
- return Collections.emptyList();
- }
-
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SpApplicationMarshaller.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SpApplicationMarshaller.java
deleted file mode 100644
index 1b484e338..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SpApplicationMarshaller.java
+++ /dev/null
@@ -1,45 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.stork.impl;
-
-import org.opensaml.xml.XMLObject;
-import org.opensaml.xml.io.BaseXMLObjectMarshaller;
-import org.opensaml.xml.io.MarshallingException;
-import org.opensaml.xml.util.XMLHelper;
-import org.w3c.dom.Element;
-
-import eu.stork.vidp.messages.stork.SpApplication;
-
-public class SpApplicationMarshaller extends
- BaseXMLObjectMarshaller {
-
- /** {@inheritDoc} */
- protected void marshallElementContent(XMLObject xmlObject, Element domElement) throws MarshallingException {
- SpApplication spApplication = (SpApplication) xmlObject;
- XMLHelper.appendTextContent(domElement, spApplication.getValue());
- }
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SpApplicationUnmarshaller.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SpApplicationUnmarshaller.java
deleted file mode 100644
index 70aef824a..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SpApplicationUnmarshaller.java
+++ /dev/null
@@ -1,45 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.stork.impl;
-
-import org.opensaml.xml.XMLObject;
-import org.opensaml.xml.io.BaseXMLObjectUnmarshaller;
-
-import eu.stork.vidp.messages.stork.SpApplication;
-
-public class SpApplicationUnmarshaller extends
- BaseXMLObjectUnmarshaller {
-
- @Override
- protected void processElementContent(XMLObject xmlObject,
- String elementContent) {
- SpApplication spSector = (SpApplication) xmlObject;
- spSector.setValue(elementContent);
- }
-
-
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SpCountryBuilder.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SpCountryBuilder.java
deleted file mode 100644
index 29c765128..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SpCountryBuilder.java
+++ /dev/null
@@ -1,46 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.stork.impl;
-
-import org.opensaml.xml.AbstractXMLObjectBuilder;
-
-import eu.stork.vidp.messages.common.STORKConstants;
-import eu.stork.vidp.messages.stork.SpCountry;
-
-public class SpCountryBuilder extends
- AbstractXMLObjectBuilder<SpCountry> {
-
- @Override
- public SpCountry buildObject(String namespaceURI, String localName,
- String namespacePrefix) {
- return new SpCountryImpl(namespaceURI, localName, namespacePrefix);
- }
-
- public SpCountry buildObject() {
- return buildObject(STORKConstants.STORK10_NS, SpCountry.DEFAULT_ELEMENT_LOCAL_NAME, STORKConstants.STORK10_PREFIX);
- }
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SpCountryImpl.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SpCountryImpl.java
deleted file mode 100644
index 66e2e81a6..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SpCountryImpl.java
+++ /dev/null
@@ -1,60 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.stork.impl;
-
-import java.util.Collections;
-import java.util.List;
-
-import org.opensaml.xml.XMLObject;
-import org.opensaml.xml.validation.AbstractValidatingXMLObject;
-
-import eu.stork.vidp.messages.stork.SpCountry;
-
-public class SpCountryImpl extends
- AbstractValidatingXMLObject implements
- SpCountry {
-
- private String spCountry;
-
- protected SpCountryImpl(String namespaceURI,
- String elementLocalName, String namespacePrefix) {
- super(namespaceURI, elementLocalName, namespacePrefix);
- }
-
- public String getValue() {
- return spCountry;
- }
-
- public void setValue(String spCountry) {
- this.spCountry = spCountry;
- }
-
- public List<XMLObject> getOrderedChildren() {
- return Collections.emptyList();
- }
-
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SpCountryMarshaller.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SpCountryMarshaller.java
deleted file mode 100644
index 60a1f7838..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SpCountryMarshaller.java
+++ /dev/null
@@ -1,45 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.stork.impl;
-
-import org.opensaml.xml.XMLObject;
-import org.opensaml.xml.io.BaseXMLObjectMarshaller;
-import org.opensaml.xml.io.MarshallingException;
-import org.opensaml.xml.util.XMLHelper;
-import org.w3c.dom.Element;
-
-import eu.stork.vidp.messages.stork.SpCountry;
-
-public class SpCountryMarshaller extends
- BaseXMLObjectMarshaller {
-
- /** {@inheritDoc} */
- protected void marshallElementContent(XMLObject xmlObject, Element domElement) throws MarshallingException {
- SpCountry spCountry = (SpCountry) xmlObject;
- XMLHelper.appendTextContent(domElement, spCountry.getValue());
- }
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SpCountryUnmarshaller.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SpCountryUnmarshaller.java
deleted file mode 100644
index 66558248b..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SpCountryUnmarshaller.java
+++ /dev/null
@@ -1,45 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.stork.impl;
-
-import org.opensaml.xml.XMLObject;
-import org.opensaml.xml.io.BaseXMLObjectUnmarshaller;
-
-import eu.stork.vidp.messages.stork.SpCountry;
-
-public class SpCountryUnmarshaller extends
- BaseXMLObjectUnmarshaller {
-
- @Override
- protected void processElementContent(XMLObject xmlObject,
- String elementContent) {
- SpCountry spCountry = (SpCountry) xmlObject;
- spCountry.setValue(elementContent);
- }
-
-
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SpInstitutionBuilder.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SpInstitutionBuilder.java
deleted file mode 100644
index 4ddc48d53..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SpInstitutionBuilder.java
+++ /dev/null
@@ -1,46 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.stork.impl;
-
-import org.opensaml.xml.AbstractXMLObjectBuilder;
-
-import eu.stork.vidp.messages.common.STORKConstants;
-import eu.stork.vidp.messages.stork.SpInstitution;
-
-public class SpInstitutionBuilder extends
- AbstractXMLObjectBuilder<SpInstitution> {
-
- @Override
- public SpInstitution buildObject(String namespaceURI, String localName,
- String namespacePrefix) {
- return new SpInstitutionImpl(namespaceURI, localName, namespacePrefix);
- }
-
- public SpInstitution buildObject() {
- return buildObject(STORKConstants.STORK10_NS, SpInstitution.DEFAULT_ELEMENT_LOCAL_NAME, STORKConstants.STORK10_PREFIX);
- }
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SpInstitutionImpl.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SpInstitutionImpl.java
deleted file mode 100644
index 8d9753328..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SpInstitutionImpl.java
+++ /dev/null
@@ -1,60 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.stork.impl;
-
-import java.util.Collections;
-import java.util.List;
-
-import org.opensaml.xml.XMLObject;
-import org.opensaml.xml.validation.AbstractValidatingXMLObject;
-
-import eu.stork.vidp.messages.stork.SpInstitution;
-
-public class SpInstitutionImpl extends
- AbstractValidatingXMLObject implements
- SpInstitution {
-
- private String spInstitution;
-
- protected SpInstitutionImpl(String namespaceURI,
- String elementLocalName, String namespacePrefix) {
- super(namespaceURI, elementLocalName, namespacePrefix);
- }
-
- public String getValue() {
- return spInstitution;
- }
-
- public void setValue(String spInstitution) {
- this.spInstitution = spInstitution;
- }
-
- public List<XMLObject> getOrderedChildren() {
- return Collections.emptyList();
- }
-
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SpInstitutionMarshaller.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SpInstitutionMarshaller.java
deleted file mode 100644
index ec150523d..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SpInstitutionMarshaller.java
+++ /dev/null
@@ -1,45 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.stork.impl;
-
-import org.opensaml.xml.XMLObject;
-import org.opensaml.xml.io.BaseXMLObjectMarshaller;
-import org.opensaml.xml.io.MarshallingException;
-import org.opensaml.xml.util.XMLHelper;
-import org.w3c.dom.Element;
-
-import eu.stork.vidp.messages.stork.SpInstitution;
-
-public class SpInstitutionMarshaller extends
- BaseXMLObjectMarshaller {
-
- /** {@inheritDoc} */
- protected void marshallElementContent(XMLObject xmlObject, Element domElement) throws MarshallingException {
- SpInstitution spInstitution = (SpInstitution) xmlObject;
- XMLHelper.appendTextContent(domElement, spInstitution.getValue());
- }
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SpInstitutionUnmarshaller.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SpInstitutionUnmarshaller.java
deleted file mode 100644
index 34fa89281..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SpInstitutionUnmarshaller.java
+++ /dev/null
@@ -1,45 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.stork.impl;
-
-import org.opensaml.xml.XMLObject;
-import org.opensaml.xml.io.BaseXMLObjectUnmarshaller;
-
-import eu.stork.vidp.messages.stork.SpInstitution;
-
-public class SpInstitutionUnmarshaller extends
- BaseXMLObjectUnmarshaller {
-
- @Override
- protected void processElementContent(XMLObject xmlObject,
- String elementContent) {
- SpInstitution spInstitution = (SpInstitution) xmlObject;
- spInstitution.setValue(elementContent);
- }
-
-
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SpSectorBuilder.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SpSectorBuilder.java
deleted file mode 100644
index 08daa3c7b..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SpSectorBuilder.java
+++ /dev/null
@@ -1,47 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.stork.impl;
-
-import org.opensaml.xml.AbstractXMLObjectBuilder;
-
-import eu.stork.vidp.messages.common.STORKConstants;
-import eu.stork.vidp.messages.stork.CitizenCountryCode;
-import eu.stork.vidp.messages.stork.SpSector;
-
-public class SpSectorBuilder extends
- AbstractXMLObjectBuilder<SpSector> {
-
- @Override
- public SpSector buildObject(String namespaceURI, String localName,
- String namespacePrefix) {
- return new SpSectorImpl(namespaceURI, localName, namespacePrefix);
- }
-
- public SpSector buildObject() {
- return buildObject(STORKConstants.STORK10_NS, SpSector.DEFAULT_ELEMENT_LOCAL_NAME, STORKConstants.STORK10_PREFIX);
- }
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SpSectorImpl.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SpSectorImpl.java
deleted file mode 100644
index f52d2c83d..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SpSectorImpl.java
+++ /dev/null
@@ -1,60 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.stork.impl;
-
-import java.util.Collections;
-import java.util.List;
-
-import org.opensaml.xml.XMLObject;
-import org.opensaml.xml.validation.AbstractValidatingXMLObject;
-
-import eu.stork.vidp.messages.stork.SpSector;
-
-public class SpSectorImpl extends
- AbstractValidatingXMLObject implements
- SpSector {
-
- private String spSector;
-
- protected SpSectorImpl(String namespaceURI,
- String elementLocalName, String namespacePrefix) {
- super(namespaceURI, elementLocalName, namespacePrefix);
- }
-
- public String getValue() {
- return spSector;
- }
-
- public void setValue(String spSector) {
- this.spSector = spSector;
- }
-
- public List<XMLObject> getOrderedChildren() {
- return Collections.emptyList();
- }
-
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SpSectorMarshaller.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SpSectorMarshaller.java
deleted file mode 100644
index 78772c956..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SpSectorMarshaller.java
+++ /dev/null
@@ -1,45 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.stork.impl;
-
-import org.opensaml.xml.XMLObject;
-import org.opensaml.xml.io.BaseXMLObjectMarshaller;
-import org.opensaml.xml.io.MarshallingException;
-import org.opensaml.xml.util.XMLHelper;
-import org.w3c.dom.Element;
-
-import eu.stork.vidp.messages.stork.SpSector;
-
-public class SpSectorMarshaller extends
- BaseXMLObjectMarshaller {
-
- /** {@inheritDoc} */
- protected void marshallElementContent(XMLObject xmlObject, Element domElement) throws MarshallingException {
- SpSector spSector = (SpSector) xmlObject;
- XMLHelper.appendTextContent(domElement, spSector.getValue());
- }
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SpSectorUnmarshaller.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SpSectorUnmarshaller.java
deleted file mode 100644
index ea65413a2..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/SpSectorUnmarshaller.java
+++ /dev/null
@@ -1,45 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.stork.impl;
-
-import org.opensaml.xml.XMLObject;
-import org.opensaml.xml.io.BaseXMLObjectUnmarshaller;
-
-import eu.stork.vidp.messages.stork.SpSector;
-
-public class SpSectorUnmarshaller extends
- BaseXMLObjectUnmarshaller {
-
- @Override
- protected void processElementContent(XMLObject xmlObject,
- String elementContent) {
- SpSector spSector = (SpSector) xmlObject;
- spSector.setValue(elementContent);
- }
-
-
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/VIDPAuthenticationAttributesBuilder.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/VIDPAuthenticationAttributesBuilder.java
deleted file mode 100644
index a7827f652..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/VIDPAuthenticationAttributesBuilder.java
+++ /dev/null
@@ -1,46 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.stork.impl;
-
-import org.opensaml.xml.AbstractXMLObjectBuilder;
-
-import eu.stork.vidp.messages.common.STORKConstants;
-import eu.stork.vidp.messages.stork.VIDPAuthenticationAttributes;
-
-public class VIDPAuthenticationAttributesBuilder extends
- AbstractXMLObjectBuilder<VIDPAuthenticationAttributes> {
-
- @Override
- public VIDPAuthenticationAttributes buildObject(String namespaceURI, String localName,
- String namespacePrefix) {
- return new VIDPAuthenticationAttributesImpl(namespaceURI, localName, namespacePrefix);
- }
-
- public VIDPAuthenticationAttributes buildObject() {
- return buildObject(STORKConstants.STORK10_NS, VIDPAuthenticationAttributes.DEFAULT_ELEMENT_LOCAL_NAME, STORKConstants.STORK10_PREFIX);
- }
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/VIDPAuthenticationAttributesImpl.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/VIDPAuthenticationAttributesImpl.java
deleted file mode 100644
index 3c8d960db..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/VIDPAuthenticationAttributesImpl.java
+++ /dev/null
@@ -1,91 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.stork.impl;
-
-import java.util.ArrayList;
-import java.util.Collections;
-import java.util.List;
-
-import org.opensaml.xml.XMLObject;
-import org.opensaml.xml.validation.AbstractValidatingXMLObject;
-
-import eu.stork.vidp.messages.stork.CitizenCountryCode;
-import eu.stork.vidp.messages.stork.SPInformation;
-import eu.stork.vidp.messages.stork.VIDPAuthenticationAttributes;
-
-public class VIDPAuthenticationAttributesImpl extends
- AbstractValidatingXMLObject implements
- VIDPAuthenticationAttributes {
-
- private CitizenCountryCode citizenCountryCode;
-
- private SPInformation spInformation;
-
- protected VIDPAuthenticationAttributesImpl(String namespaceURI,
- String elementLocalName, String namespacePrefix) {
- super(namespaceURI, elementLocalName, namespacePrefix);
- }
-
- public CitizenCountryCode getCitizenCountryCode() {
- return citizenCountryCode;
- }
-
-
- public SPInformation getSPInformation() {
- return spInformation;
- }
-
- public void setCitizenCountryCode(CitizenCountryCode citizenCountryCode) {
- this.citizenCountryCode = citizenCountryCode;
- }
-
-
- public void setSPInformation(SPInformation spInformation) {
- this.spInformation = spInformation;
- }
-
- public List<XMLObject> getOrderedChildren() {
- ArrayList<XMLObject> children = new ArrayList<XMLObject>();
-
- if (citizenCountryCode != null) {
- children.add(citizenCountryCode);
- }
-
-
- if (spInformation != null) {
- children.add(spInformation);
- }
-
- if (children.size() == 0) {
- return null;
- }
-
- return Collections.unmodifiableList(children);
- }
-
-
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/VIDPAuthenticationAttributesMarshaller.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/VIDPAuthenticationAttributesMarshaller.java
deleted file mode 100644
index f21b492a9..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/VIDPAuthenticationAttributesMarshaller.java
+++ /dev/null
@@ -1,35 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.stork.impl;
-
-import org.opensaml.xml.io.BaseXMLObjectMarshaller;
-
-public class VIDPAuthenticationAttributesMarshaller extends
- BaseXMLObjectMarshaller {
-
-
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/VIDPAuthenticationAttributesUnmarshaller.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/VIDPAuthenticationAttributesUnmarshaller.java
deleted file mode 100644
index 3b7a1b20e..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/stork/impl/VIDPAuthenticationAttributesUnmarshaller.java
+++ /dev/null
@@ -1,55 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.stork.impl;
-
-import org.opensaml.xml.XMLObject;
-import org.opensaml.xml.io.BaseXMLObjectUnmarshaller;
-import org.opensaml.xml.io.UnmarshallingException;
-
-import eu.stork.vidp.messages.stork.CitizenCountryCode;
-import eu.stork.vidp.messages.stork.SPInformation;
-import eu.stork.vidp.messages.stork.VIDPAuthenticationAttributes;
-
-public class VIDPAuthenticationAttributesUnmarshaller extends
- BaseXMLObjectUnmarshaller {
-
- @Override
- protected void processChildElement(XMLObject parentXMLObject,
- XMLObject childXMLObject) throws UnmarshallingException {
- VIDPAuthenticationAttributes attributes = (VIDPAuthenticationAttributes) parentXMLObject;
-
- if (childXMLObject instanceof CitizenCountryCode) {
- attributes.setCitizenCountryCode((CitizenCountryCode) childXMLObject);
- } else if (childXMLObject instanceof SPInformation) {
- attributes.setSPInformation((SPInformation) childXMLObject);
- } else {
- super.processChildElement(parentXMLObject, childXMLObject);
- }
- }
-
-
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/util/SAMLUtil.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/util/SAMLUtil.java
deleted file mode 100644
index faff5e7bd..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/util/SAMLUtil.java
+++ /dev/null
@@ -1,414 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-/**
- *
- */
-package eu.stork.vidp.messages.util;
-
-import java.util.ArrayList;
-import java.util.Iterator;
-import java.util.List;
-
-import org.opensaml.Configuration;
-import org.opensaml.common.SignableSAMLObject;
-import org.opensaml.saml2.core.Assertion;
-import org.opensaml.saml2.core.Attribute;
-import org.opensaml.saml2.core.AttributeStatement;
-import org.opensaml.saml2.metadata.RequestedAttribute;
-import org.opensaml.security.SAMLSignatureProfileValidator;
-import org.opensaml.ws.message.encoder.MessageEncodingException;
-import org.opensaml.xml.XMLObject;
-import org.opensaml.xml.io.Marshaller;
-import org.opensaml.xml.io.MarshallingException;
-import org.opensaml.xml.io.Unmarshaller;
-import org.opensaml.xml.io.UnmarshallingException;
-import org.opensaml.xml.schema.XSAny;
-import org.opensaml.xml.schema.XSString;
-import org.opensaml.xml.security.SecurityException;
-import org.opensaml.xml.security.SecurityHelper;
-import org.opensaml.xml.security.credential.Credential;
-import org.opensaml.xml.signature.Signature;
-import org.opensaml.xml.signature.SignatureConstants;
-import org.opensaml.xml.signature.SignatureException;
-import org.opensaml.xml.signature.Signer;
-import org.opensaml.xml.validation.ValidationException;
-import org.opensaml.xml.validation.ValidatorSuite;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.w3c.dom.Element;
-
-import eu.stork.vidp.messages.builder.STORKMessagesBuilder;
-import eu.stork.vidp.messages.exception.SAMLException;
-import eu.stork.vidp.messages.exception.SAMLValidationException;
-import eu.stork.vidp.messages.saml.STORKAttribute;
-
-/**
- *
- * Helper class for SAML message processing
- * @author bzwattendorfer
- *
- */
-public class SAMLUtil {
-
- private final static Logger log = LoggerFactory.getLogger(SAMLUtil.class);
-
- /**
- * Signs a SAML object
- * @param samlObject SAML object to sign
- * @param signingCredential Credentials to be used for signing
- * @throws SAMLException
- */
- public static void signSAMLObject(SignableSAMLObject samlObject, Credential signingCredential) throws SAMLException {
-
- log.trace("Signing " + samlObject.getElementQName());
-
- Signature signature = STORKMessagesBuilder.buildXMLObject(Signature.DEFAULT_ELEMENT_NAME);
-
- signature.setSigningCredential(signingCredential);
-
- //TODO: Make signing algorithm configurable
- signature.setSignatureAlgorithm(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA1);
- signature.setCanonicalizationAlgorithm(SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS);
-
- try {
- //TODO SecurityConfiguration, default signature credentials
- SecurityHelper.prepareSignatureParams(signature, signingCredential, null, null);
- } catch (SecurityException e) {
- throw new SAMLException("Error preparing signature for signing", e);
- }
-
- samlObject.setSignature(signature);
-
- Marshaller assertionMarshaller = Configuration.getMarshallerFactory().getMarshaller(samlObject);
- try {
- assertionMarshaller.marshall(samlObject);
- Signer.signObject(signature);
- } catch (MarshallingException e) {
- throw new SAMLException("Unable to marshall " + samlObject.getElementQName() + " for signing", e);
- } catch (SignatureException e) {
- throw new SAMLException("Unable to sign " + samlObject.getElementQName(), e);
- }
-
- }
-
- /**
- * Validated SAML object according the given validation config
- * @param samlObject SAML object to validaate
- * @param validatorSuiteConfig Validation config
- * @throws SAMLValidationException
- */
- public static void verifySAMLObjectStandardValidation(SignableSAMLObject samlObject, String validatorSuiteConfig) throws SAMLValidationException {
-
- ValidatorSuite validatorSuite = Configuration.getValidatorSuite(validatorSuiteConfig);
- try {
- validatorSuite.validate(samlObject);
- } catch (ValidationException e) {
- log.error(e.getMessage(), e);
- throw new SAMLValidationException("Could not validate " + samlObject.getElementQName(), e);
- }
-
- }
-
- /**
- * Gets the STORK attribute status from a SAML attribute
- * @param attribute SAML attribute
- * @return STORK attribute status
- */
- public static String getStatusFromAttribute(Attribute attribute) {
- return attribute.getUnknownAttributes().get(STORKAttribute.DEFAULT_STORK_ATTRIBUTE_QNAME);
- }
-
- /**
- * Gets the XML value of an XML object as String
- * @param xmlObj XML object
- * @return XML value as String
- */
- public static String getStringValueFromXMLObject(XMLObject xmlObj) {
- if (xmlObj instanceof XSString) {
- return ((XSString) xmlObj).getValue();
- } else if (xmlObj instanceof XSAny) {
- return ((XSAny) xmlObj).getTextContent();
- }
- return null;
- }
-
- /**
- * Gets the attribute value as String of an attribute whereas the attribute is in a given list
- * @param attrList List of attributes
- * @param name Name of the attribute where the value should be extracted
- * @return attribute value as String
- */
- public static String getAttributeStringValue(List<? extends Attribute> attrList, String name) {
- XMLObject xmlObj = getAttributeValue(attrList, name);
- return getStringValueFromXMLObject(xmlObj);
- }
-
- /**
- * Gets the attribute value as String of an attribute
- * @param attribute Attribute
- * @return attribute value as String
- */
- public static String getAttributeStringValue(Attribute attribute) {
- return ((XSString) attribute.getAttributeValues().get(0)).getValue();
- }
-
- /**
- * Gets the attribute value as anyType of an attribute
- * @param attribute Attribute
- * @return value as anyType
- */
- public static XSAny getAttributeXSAnyValue(Attribute attribute) {
- return (XSAny) attribute.getAttributeValues().get(0);
- }
-
- /**
- * Gets the attribute value as anyType of an attribute whereas the attribute is in a given list
- * @param attrList List of attributes
- * @param name Name of the attribute where the value should be extracted
- * @return attribute value as anyType
- */
- public static XSAny getXSAnyAttributeValue(List<Attribute> attrList, String name) {
- //XMLObject xmlObj = getAttributeValue(attrList, name);
- return (XSAny) getAttributeValue(attrList, name);
- }
-
- /**
- * Gets the attribute value as XMLObject of an attribute whereas the attribute is in a given list
- * @param attrList List of attributes
- * @param name Name of the attribute where the value should be extracted
- * @return attribute value as XMLObject
- */
- public static XMLObject getAttributeValue(List<? extends Attribute> attrList, String name) {
- Attribute attribute = getAttribute(attrList, name);
- return (attribute != null && !attribute.getAttributeValues().isEmpty()) ? attribute.getAttributeValues().get(0) : null;
- }
-
- /**
- * Gets the attribute specified by name out of a list
- * @param attrList List of attributes
- * @param name attribute name of the attribute to extract
- * @return attribute
- */
- public static Attribute getAttribute(List<? extends Attribute> attrList, String name) {
- for (Attribute attribute : attrList) {
- if (attribute.getName().equals(name)) {
- return attribute;
- }
- }
-
- return null;
- }
-
- /**
- * Gets the attribute specified by name out of a list and immediately removes it from the list
- * @param attrList List of attributes
- * @param name attribute name of the attribute to extract and remove
- * @return attribute
- */
- public static String getAttributeStringValueAndRemove(List<? extends Attribute> attrList, String name) {
-
- Attribute attribute = getAttribute(attrList, name);
- String value = getAttributeStringValue(attrList, name);
- attrList.remove(attribute);
-
- return value;
- }
-
- /**
- * Checks if an attribute with a given name is present in a SAML assertion
- * @param storkAssertion STORK SAML assertion
- * @param attributeName attribute name
- * @return true if attribute is present
- */
- public static boolean containsAttribute(Assertion storkAssertion, String attributeName) {
- AttributeStatement attrStatement = storkAssertion.getAttributeStatements().get(0);
-
- for (Attribute attribute : attrStatement.getAttributes()) {
- if (attribute.getName().equals(attributeName) && (SAMLUtil.getStatusFromAttribute(attribute) == null || SAMLUtil.getStatusFromAttribute(attribute).equals(STORKAttribute.ALLOWED_ATTRIBUTE_STATUS_AVAIL))) {
- return true;
- }
- }
-
- return false;
- }
-
- /**
- * Checks if an attribute with a given name is present in a List of attributes
- * @param attributeList List of attributes
- * @param attributeName attribute name
- * @return true if attribute is present
- */
- public static boolean containsAttribute(List<? extends Attribute> attributeList, String attributeName) {
- for (Attribute attr : attributeList) {
- if (attr.getName().equals(attributeName))
- return true;
- }
- return false;
- }
-
- /**
- * Remeoves attribute with a given name from an attribute list
- * @param attributeList List of attributes
- * @param attributeName name of the attribute to be removed from list
- */
- public static void removeAttribute(List<? extends Attribute> attributeList, String attributeName) {
- if (containsAttribute(attributeList, attributeName)) {
- attributeList.remove(getAttribute(attributeList, attributeName));
- }
- }
-
- /**
- * Gets the String value of an XML object (Only if XMLObject contains String)
- * @param xmlObj XMLObject
- * @return String value of XMLObject
- */
- public static String getXSStringValueFromXMLObject(XMLObject xmlObj) {
- if (xmlObj instanceof XSString)
- return ((XSString) xmlObj).getValue();
-
- return null;
- }
-
-
- /**
- * Marshalls an XMLObject to an XML element (DOM)
- * @param message XMLObject
- * @return DOM representation of XMLObject
- */
- public static Element marshallMessage(XMLObject message) {
-
- try {
- Marshaller marshaller = Configuration.getMarshallerFactory().getMarshaller(message);
- if (marshaller == null) {
- log.error("Unable to marshall message, no marshaller registered for message object: "
- + message.getElementQName());
- }
- Element messageElem = marshaller.marshall(message);
- return messageElem;
- } catch (MarshallingException e) {
- log.error("Encountered error marshalling message to its DOM representation", e);
- throw new RuntimeException("Encountered error marshalling message into its DOM representation", e);
- }
- }
-
- /**
- * Unmarshalls a DOM XML element into an OpenSAML XMLObject
- * @param element DOM element
- * @return OpenSAML XMLObject
- * @throws MessageEncodingException
- */
- public static XMLObject unmarshallMessage(Element element) throws MessageEncodingException {
-
- try {
- Unmarshaller unmarshaller = Configuration.getUnmarshallerFactory().getUnmarshaller(element);
- if (unmarshaller == null) {
- log.error("Unable to unmarshall element, no unmarshaller registered for message element: "
- + element.getNodeName());
- }
-
- return unmarshaller.unmarshall(element);
- } catch (UnmarshallingException e) {
- log.error("Encountered error unmarshalling element to its XMLObject representation", e);
- throw new MessageEncodingException("Encountered error unmarshalling element to its XMLObject representation", e);
- }
- }
-
- /**
- * Releases the DOM element from an XML document
- * @param xmlObjList List of XMLObjects to release
- * @return List of released XMLObjects
- */
- public static List<? extends XMLObject> releaseDOM(List<? extends XMLObject> xmlObjList) {
-
- List<XMLObject> newXMLObjList = new ArrayList<XMLObject>();
- Iterator<? extends XMLObject> it = xmlObjList.iterator();
-
- while (it.hasNext()) {
- XMLObject xmlObj = it.next();
- xmlObj.detach();
- newXMLObjList.add(xmlObj);
- }
-
- return newXMLObjList;
-
- }
-
- /**
- * Makes a union of two RequestedAttribute lists (first list has priority and overrides attributes in the second list if equal)
- * @param priorityList Priority list if attributes might be equal
- * @param list low priority list
- * @return Union of both lists
- */
- public static List<RequestedAttribute> buildRequestedAttributesUnion(List<RequestedAttribute> priorityList, List<RequestedAttribute> list) {
- List<RequestedAttribute> reqAttrList = new ArrayList<RequestedAttribute>();
-
- if (priorityList == null || list == null)
- return reqAttrList;
-
- if (priorityList == null || priorityList.isEmpty()) {
- if (list == null || list.isEmpty()) {
- return reqAttrList;
- } else {
- reqAttrList.addAll((List<RequestedAttribute>) releaseDOM(list));
- return reqAttrList;
- }
- } else {
- if (list == null || list.isEmpty()) {
- reqAttrList.addAll((List<RequestedAttribute>) releaseDOM(priorityList));
- return reqAttrList;
- } else {
- reqAttrList.addAll((List<RequestedAttribute>) releaseDOM(priorityList));
- for (RequestedAttribute reqAttr : list) {
- boolean found = false;
- for (RequestedAttribute prioReqAttr : priorityList) {
- if (!prioReqAttr.getName().equals(reqAttr.getName())) {
- found = true;
- }
- }
- if (!found) {
- reqAttr.detach();
- reqAttrList.add(reqAttr);
- log.debug("Adding additional requested attribute: {} , isRequired: {}", reqAttr.getName(), reqAttr.isRequired());
- }
- }
- }
- }
-
- return reqAttrList;
- }
-
- /**
- * Validates the signature references using OpenSAML
- * @param signableObject Signable SAML Object
- * @throws ValidationException thrown if references are not correct
- */
- public static void validateSignatureReferences(SignableSAMLObject signableObject) throws ValidationException {
- SAMLSignatureProfileValidator sigValidator = new SAMLSignatureProfileValidator();
- sigValidator.validate(signableObject.getSignature());
- }
-
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkAssertionValidator.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkAssertionValidator.java
deleted file mode 100644
index c412ba6a0..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkAssertionValidator.java
+++ /dev/null
@@ -1,91 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.validation;
-
-import org.opensaml.common.SAMLVersion;
-import org.opensaml.saml2.core.Assertion;
-import org.opensaml.saml2.core.validator.AssertionSchemaValidator;
-import org.opensaml.xml.validation.ValidationException;
-
-public class StorkAssertionValidator extends AssertionSchemaValidator {
-
- /**
- * Constructor
- *
- */
- public StorkAssertionValidator() {
-
- super();
- }
-
- @Override
- public void validate(Assertion assertion) throws ValidationException {
-
- super.validate(assertion);
-
- if(assertion.getID() == null) {
-
- throw new ValidationException("ID is required.");
- }
-
- if(assertion.getVersion() == null || !assertion.getVersion().equals(SAMLVersion.VERSION_20)) {
-
- throw new ValidationException("Version of assertion not present or invalid.");
- }
-
- if(assertion.getIssueInstant() == null) {
-
- throw new ValidationException("IssueInstant is required.");
- }
-
- if(assertion.getSubject() == null) {
-
- throw new ValidationException("Subject is required.");
- }
-
- if(assertion.getConditions() == null) {
-
- throw new ValidationException("Conditions is required.");
- }
-
- if(assertion.getAuthnStatements() == null ||
- assertion.getAuthnStatements().size() != 1) {
-
- throw new ValidationException("Incorrect number of AuthnStatements.");
- }
-
- if(assertion.getAttributeStatements() != null) {
-
- if(assertion.getAttributeStatements().size() != 0 &&
- assertion.getAttributeStatements().size() != 1) {
-
- throw new ValidationException("Incorrect number of AttributeStatements.");
- }
- }
-
- }
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkAttributeValidator.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkAttributeValidator.java
deleted file mode 100644
index 6e37725d1..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkAttributeValidator.java
+++ /dev/null
@@ -1,204 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.validation;
-
-import java.util.regex.Pattern;
-
-import org.joda.time.format.DateTimeFormat;
-import org.joda.time.format.DateTimeFormatter;
-import org.opensaml.saml2.core.Attribute;
-import org.opensaml.saml2.core.validator.AttributeSchemaValidator;
-import org.opensaml.xml.XMLObject;
-import org.opensaml.xml.schema.XSString;
-import org.opensaml.xml.util.AttributeMap;
-import org.opensaml.xml.validation.ValidationException;
-
-import eu.stork.vidp.messages.common.STORKConstants;
-import eu.stork.vidp.messages.saml.STORKAttribute;
-
-public class StorkAttributeValidator extends AttributeSchemaValidator {
-
- private static final String PATTERN_EIDENTIFIER = "^[A-Z]{2}/[A-Z]{2}/[A-Za-z0-9+/=\r\n]+$";
- private static final String PATTERN_GENDER = "^[MF]{1}$";
- private static final String PATTERN_COUNTRYCODEOFBIRTH = "^[A-Z]{2}|[A-Z]{4}$";
- private static final String PATTERN_COUNTRYCODE = "^[A-Z]{2}$";
- private static final String PATTERN_MARTIALSTATUS = "^[SMPDW]{1}$";
- private static final String PATTERN_EMAIL = "^[-+.\\w]{1,64}@[-.\\w]{1,64}\\.[-.\\w]{2,6}$";
- private static final String PATTERN_AGE = "^[0-9]{1,3}$";
- private static final int MAX_AGE = 120;
- private static final String PATTERN_ISAGEOVER = PATTERN_AGE;
- private static final String PATTERN_CITIZENQAALEVEL = "^[1-4]{1}$";
-
-
- /**
- * Constructor
- *
- */
- public StorkAttributeValidator() {
-
- super();
- }
-
- @Override
- public void validate(Attribute attr) throws ValidationException {
-
- super.validate(attr);
-
- if(attr.getName() == null) {
-
- throw new ValidationException("Name is required.");
- }
-
- if(attr.getNameFormat() == null) {
-
- throw new ValidationException("NameFormat is required.");
- }
-
-
- if(attr.getUnknownAttributes() != null) {
-
- AttributeMap map = attr.getUnknownAttributes();
-
- String value = map.get(STORKAttribute.DEFAULT_STORK_ATTRIBUTE_QNAME);
-
- if (value == null || value.equals(STORKAttribute.ALLOWED_ATTRIBUTE_STATUS_AVAIL)) {
- //if AttributeStatus not present, default is "Available" thus AttributeValue must be present
- if (attr.getAttributeValues().isEmpty()) {
- //isAgeOver can have no value
- if (!attr.getName().equals(STORKConstants.STORK_ATTRIBUTE_ISAGEOVER)) {
- throw new ValidationException("AttributeStatus indicates that attribute is available but no AttributeValue is present.");
- }
- }
-
- //throw new ValidationException("AttributeStatus not present.");
-
- } else if(!value.equals(STORKAttribute.ALLOWED_ATTRIBUTE_STATUS_AVAIL) &&
- !value.equals(STORKAttribute.ALLOWED_ATTRIBUTE_STATUS_NOT_AVAIL) &&
- !value.equals(STORKAttribute.ALLOWED_ATTRIBUTE_STATUS_WITHHELD)) {
-
- throw new ValidationException("AttributeStatus is invalid.");
- }
-
- }
-
- if (!attr.getAttributeValues().isEmpty()) {
- //validate individual attributes if present
- XMLObject attrValueObject = attr.getAttributeValues().get(0);
-
- if (!(attrValueObject instanceof XSString)) {
- //Only validate String attributes
- return;
- }
-
- String value = ((XSString) attr.getAttributeValues().get(0)).getValue();
- String attrName = attr.getName();
-
- //only isAgeOver can be empty if provided
- if (value == null) {
- //only isAgeOver can be empty if provided
- if (attrName.equals(STORKConstants.STORK_ATTRIBUTE_ISAGEOVER)) {
- return;
- } else {
- throw new ValidationException("Provided AttributeValue is empty");
- }
- }
-
- //validate eIdentifier
- validateAttributeValueFormat(value, attrName, STORKConstants.STORK_ATTRIBUTE_EIDENTIFIER, PATTERN_EIDENTIFIER);
-
- //validate gender
- validateAttributeValueFormat(value, attrName, STORKConstants.STORK_ATTRIBUTE_GENDER, PATTERN_GENDER);
-
- //validate dateOfBirth
- if (attrName.equals(STORKConstants.STORK_ATTRIBUTE_DATEOFBIRTH)) {
- verifyDate(value);
- }
-
- //validate countryCode of birth
- validateAttributeValueFormat(value, attrName, STORKConstants.STORK_ATTRIBUTE_COUNTRYCODEOFBIRTH, PATTERN_COUNTRYCODEOFBIRTH);
-
- //validate countryCode
- validateAttributeValueFormat(value, attrName, STORKConstants.STORK_ATTRIBUTE_NATIONALITYCODE, PATTERN_COUNTRYCODE);
-
- //validate martialStatus
- validateAttributeValueFormat(value, attrName, STORKConstants.STORK_ATTRIBUTE_MARTIALSTATUS, PATTERN_MARTIALSTATUS);
-
- //validate email
- validateAttributeValueFormat(value, attrName, STORKConstants.STORK_ATTRIBUTE_EMAIL, PATTERN_EMAIL);
-
- //validate age and isAgeOver
- validateAttributeValueFormat(value, attrName, STORKConstants.STORK_ATTRIBUTE_AGE, PATTERN_AGE);
- validateAttributeValueFormat(value, attrName, STORKConstants.STORK_ATTRIBUTE_ISAGEOVER, PATTERN_ISAGEOVER);
- if (attr.getName().equals(STORKConstants.STORK_ATTRIBUTE_AGE) || attr.getName().equals(STORKConstants.STORK_ATTRIBUTE_ISAGEOVER)) {
- if (Integer.valueOf(((XSString) attr.getAttributeValues().get(0)).getValue()) > MAX_AGE) {
- throw new ValidationException("Maximum age reached");
- }
- }
-
- validateAttributeValueFormat(value, attrName, STORKConstants.STORK_ATTRIBUTE_CITIZENQAALEVEL, PATTERN_CITIZENQAALEVEL);
- }
-
- }
-
- private void validateAttributeValueFormat(String value, String currentAttrName, String attrNameToTest, String pattern) throws ValidationException {
- if (currentAttrName.equals(attrNameToTest)) {
- if (!Pattern.matches(pattern, value)) {
- throw new ValidationException(attrNameToTest + " has incorrect format.");
- }
- }
-
- }
-
- private static void verifyDate(String pepsDate) throws ValidationException {
- DateTimeFormatter fmt = null;
-
- switch (pepsDate.length()) {
- case 4:
- fmt = DateTimeFormat.forPattern("yyyy");
- break;
- case 6:
- fmt = DateTimeFormat.forPattern("yyyyMM");
- break;
- case 8:
- fmt = DateTimeFormat.forPattern("yyyyMMdd");
- break;
- default:
- throw new ValidationException("Date has wrong format");
- }
-
- try {
- fmt.parseDateTime(pepsDate);
- } catch (IllegalArgumentException e) {
- throw new ValidationException("Date has wrong format");
- }
-
-
- }
-
-
-
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkAudienceRestrictionValidator.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkAudienceRestrictionValidator.java
deleted file mode 100644
index a561d4c33..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkAudienceRestrictionValidator.java
+++ /dev/null
@@ -1,56 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.validation;
-
-import org.opensaml.saml2.core.AudienceRestriction;
-import org.opensaml.saml2.core.validator.AudienceRestrictionSchemaValidator;
-import org.opensaml.xml.validation.ValidationException;
-
-public class StorkAudienceRestrictionValidator extends
- AudienceRestrictionSchemaValidator {
-
- /**
- * Constructor
- *
- */
- public StorkAudienceRestrictionValidator() {
-
- super();
- }
-
- @Override
- public void validate(AudienceRestriction res) throws ValidationException {
-
- super.validate(res);
-
- if(res.getAudiences() == null || res.getAudiences().size() < 1) {
-
- throw new ValidationException("Audience is required.");
- }
-
- }
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkAuthenticationAttributesValidator.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkAuthenticationAttributesValidator.java
deleted file mode 100644
index 1997da7b6..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkAuthenticationAttributesValidator.java
+++ /dev/null
@@ -1,57 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.validation;
-
-import java.util.List;
-
-import org.opensaml.xml.XMLObject;
-import org.opensaml.xml.validation.ValidationException;
-import org.opensaml.xml.validation.Validator;
-
-import eu.stork.vidp.messages.stork.AuthenticationAttributes;
-import eu.stork.vidp.messages.stork.VIDPAuthenticationAttributes;
-
-public class StorkAuthenticationAttributesValidator implements Validator<AuthenticationAttributes> {
-
-
- public StorkAuthenticationAttributesValidator() {
-
- }
-
- public void validate(AuthenticationAttributes authenticationAttributes) throws ValidationException {
-
- //check AuthenticationAttributes for VIDPs
- VIDPAuthenticationAttributes vidpAuthenticationAttributes = authenticationAttributes.getVIDPAuthenticationAttributes();
-
- if(vidpAuthenticationAttributes == null) {
-
- throw new ValidationException("VIDPAuthenticationAttributes is required for sending requests to VIDPs.");
- }
-
-
- }
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkAuthnRequestValidator.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkAuthnRequestValidator.java
deleted file mode 100644
index 0e8722d55..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkAuthnRequestValidator.java
+++ /dev/null
@@ -1,137 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.validation;
-
-import org.opensaml.common.SAMLVersion;
-import org.opensaml.saml2.core.AuthnRequest;
-import org.opensaml.saml2.core.validator.AuthnRequestSchemaValidator;
-import org.opensaml.xml.util.XMLHelper;
-import org.opensaml.xml.validation.ValidationException;
-
-import eu.stork.mw.messages.saml.STORKAuthnRequest;
-
-public class StorkAuthnRequestValidator extends AuthnRequestSchemaValidator {
-
- private static final String ALLOWED_CONSENT = "urn:oasis:names:tc:SAML:2.0:consent:unspecified";
- private static final String ALLOWED_PROTOCOL_BINDING_1 = "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST";
- private static final String ALLOWED_PROTOCOL_BINDING_2 = "urn:oasis:names:tc:SAML:2.0:bindings:SOAP";
-
- private static final int MAX_SIZE = 131072;
-
- /**
- * Constructor
- *
- */
- public StorkAuthnRequestValidator() {
-
- super();
- }
-
- @Override
- public void validate(AuthnRequest req) throws ValidationException {
-
- if (XMLHelper.prettyPrintXML(req.getDOM()).getBytes().length > MAX_SIZE) {
- throw new ValidationException("SAML AuthnRequest exceeds max size.");
- }
-
- super.validate(req);
-
- STORKAuthnRequest request = (STORKAuthnRequest) req;
-
- if (request.getID() == null) {
-
- throw new ValidationException("ID is required.");
- }
-
- if (request.getVersion() == null) {
-
- throw new ValidationException("Version is required.");
- } else {
-
- if (!request.getVersion().equals(SAMLVersion.VERSION_20)) {
-
- throw new ValidationException("Version is invalid.");
- }
- }
-
- if (request.getIssueInstant() == null) {
-
- throw new ValidationException("IssueInstant is required.");
- }
-
- if (request.getConsent() != null) {
-
- if (!request.getConsent().equals(ALLOWED_CONSENT)) {
-
- throw new ValidationException("Consent is invalid.");
- }
- }
-
- if (request.isForceAuthn() == null) {
-
- throw new ValidationException("ForceAuthn is required.");
- } else if (!request.isForceAuthn()) {
-
- throw new ValidationException("ForceAuthn is invalid.");
- }
-
- if (request.isPassive() == null) {
-
- throw new ValidationException("IsPassive is required.");
- } else if (request.isPassive()) {
-
- throw new ValidationException("IsPassive is invalid.");
- }
-
- if (request.getProtocolBinding() == null) {
-
- throw new ValidationException("ProtocolBinding is required.");
- } else {
- if (!request.getProtocolBinding()
- .equals(ALLOWED_PROTOCOL_BINDING_1)
- && !request.getProtocolBinding().equals(
- ALLOWED_PROTOCOL_BINDING_2)) {
-
- throw new ValidationException("ProtocolBinding is invalid.");
- }
-
- }
-
- if(request.getAssertionConsumerServiceURL() == null) {
-
- throw new ValidationException("AssertionConsumerServiceURL is required.");
- }
-
- if(request.getProviderName() == null) {
-
- throw new ValidationException("ProviderName is required.");
- }
-
-
-
- }
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkAuthnStatementValidator.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkAuthnStatementValidator.java
deleted file mode 100644
index b25b5621f..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkAuthnStatementValidator.java
+++ /dev/null
@@ -1,62 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.validation;
-
-import org.opensaml.saml2.core.AuthnStatement;
-import org.opensaml.saml2.core.validator.AuthnStatementSchemaValidator;
-import org.opensaml.xml.validation.ValidationException;
-
-public class StorkAuthnStatementValidator extends
- AuthnStatementSchemaValidator {
-
- /**
- * Constructor
- *
- */
- public StorkAuthnStatementValidator() {
-
- super();
- }
-
- @Override
- public void validate(AuthnStatement stmnt) throws ValidationException {
-
- super.validate(stmnt);
-
- if(stmnt.getAuthnInstant() == null) {
-
- throw new ValidationException("AuthnInstant is required.");
- }
-
- if(stmnt.getSubjectLocality() == null) {
-
- throw new ValidationException("SubjectLocality is required.");
- }
-
- }
-
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkCitizenCountryCodeValidator.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkCitizenCountryCodeValidator.java
deleted file mode 100644
index 15f8e2dd1..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkCitizenCountryCodeValidator.java
+++ /dev/null
@@ -1,63 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.validation;
-
-import java.util.regex.Pattern;
-
-import org.opensaml.xml.validation.ValidationException;
-import org.opensaml.xml.validation.Validator;
-
-import eu.stork.vidp.messages.stork.CitizenCountryCode;
-
-public class StorkCitizenCountryCodeValidator implements
- Validator<CitizenCountryCode> {
-
- public static final String REGEX_PATTERN = "^[A-Za-z]{2}$";
-
- public StorkCitizenCountryCodeValidator() {
-
- }
-
- public void validate(CitizenCountryCode ccc) throws ValidationException {
-
- if(ccc == null) {
-
- throw new ValidationException("CitizenCountryCode is required.");
- }
-
- if (ccc.getValue() == null) {
- throw new ValidationException("CitizenCountryCode has no value");
- }
-
-
- if (!Pattern.matches(REGEX_PATTERN, ccc.getValue())) {
- throw new ValidationException("CitizenCountryCode not valid: " + ccc.getValue());
- }
-
-
- }
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkConditionsValidator.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkConditionsValidator.java
deleted file mode 100644
index 81b7957fd..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkConditionsValidator.java
+++ /dev/null
@@ -1,70 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.validation;
-
-import org.opensaml.saml2.core.Conditions;
-import org.opensaml.saml2.core.validator.ConditionsSpecValidator;
-import org.opensaml.xml.validation.ValidationException;
-
-public class StorkConditionsValidator extends ConditionsSpecValidator {
-
- /**
- * Constructor
- *
- */
- public StorkConditionsValidator() {
-
- super();
- }
-
- @Override
- public void validate(Conditions conditions) throws ValidationException {
-
- super.validate(conditions);
-
- if(conditions.getNotBefore() == null) {
-
- throw new ValidationException("NotBefore is required.");
- }
-
- if(conditions.getNotOnOrAfter() == null) {
-
- throw new ValidationException("NotOnOrAfter is required.");
- }
-
- if(conditions.getAudienceRestrictions() == null || conditions.getAudienceRestrictions().size() < 1) {
-
- throw new ValidationException("AudienceRestriction is required.");
- }
-
- if(conditions.getOneTimeUse() == null) {
-
- throw new ValidationException("OneTimeUse is required.");
- }
-
- }
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkEIDSectorShareValidator.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkEIDSectorShareValidator.java
deleted file mode 100644
index 96555e660..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkEIDSectorShareValidator.java
+++ /dev/null
@@ -1,51 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-/**
- *
- */
-package eu.stork.vidp.messages.validation;
-
-import org.opensaml.xml.validation.ValidationException;
-import org.opensaml.xml.validation.Validator;
-
-import eu.stork.vidp.messages.stork.EIDSectorShare;
-
-/**
- * @author bzwattendorfer
- *
- */
-public class StorkEIDSectorShareValidator implements Validator<EIDSectorShare> {
-
- public StorkEIDSectorShareValidator() {
-
- }
-
- public void validate(EIDSectorShare eidSectorShare) throws ValidationException {
-
-
- }
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkEncryptedAttributeValidator.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkEncryptedAttributeValidator.java
deleted file mode 100644
index 48464b6ec..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkEncryptedAttributeValidator.java
+++ /dev/null
@@ -1,50 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.validation;
-
-import org.opensaml.saml2.core.EncryptedAttribute;
-import org.opensaml.xml.validation.ValidationException;
-import org.opensaml.xml.validation.Validator;
-
-public class StorkEncryptedAttributeValidator implements
- Validator<EncryptedAttribute> {
-
- public StorkEncryptedAttributeValidator() {
-
- }
-
- public void validate(EncryptedAttribute encAttr) throws ValidationException {
-
- if(encAttr.getEncryptedData() == null) {
-
- throw new ValidationException("EncryptedData is required.");
- }
-
-
- }
-
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkEncryptedIdValidator.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkEncryptedIdValidator.java
deleted file mode 100644
index 79450b1dc..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkEncryptedIdValidator.java
+++ /dev/null
@@ -1,51 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.validation;
-
-import org.opensaml.saml2.core.EncryptedID;
-import org.opensaml.xml.validation.ValidationException;
-import org.opensaml.xml.validation.Validator;
-
-public class StorkEncryptedIdValidator implements Validator<EncryptedID> {
-
- /**
- * Constructor
- *
- */
- public StorkEncryptedIdValidator() {
-
- }
-
- public void validate(EncryptedID encId) throws ValidationException {
-
- if(encId.getEncryptedData() == null) {
-
- throw new ValidationException("EncryptedData is required.");
- }
-
- }
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkExtensionsValidator.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkExtensionsValidator.java
deleted file mode 100644
index 21b247071..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkExtensionsValidator.java
+++ /dev/null
@@ -1,66 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.validation;
-
-import java.util.List;
-
-import org.opensaml.xml.XMLObject;
-import org.opensaml.xml.validation.ValidationException;
-import org.opensaml.xml.validation.Validator;
-
-import eu.stork.vidp.messages.saml.STORKExtensions;
-import eu.stork.vidp.messages.stork.AuthenticationAttributes;
-import eu.stork.vidp.messages.stork.QualityAuthenticationAssuranceLevel;
-
-public class StorkExtensionsValidator implements Validator<STORKExtensions> {
-
-
- public StorkExtensionsValidator() {
-
- }
-
- public void validate(STORKExtensions ext) throws ValidationException {
-
- // check QAALevel
- List<XMLObject> qaaList = ext.getUnknownXMLObjects(QualityAuthenticationAssuranceLevel.DEFAULT_ELEMENT_NAME);
-
- if(qaaList == null || qaaList.size() != 1) {
-
- throw new ValidationException("QAALevel is required.");
- }
-
- //check AuthenticationAttributes for VIDPs
-// AuthenticationAttributes authenticationAttributes = ext.getAuthenticationAttributes();
-//
-// if(authenticationAttributes == null) {
-//
-// throw new ValidationException("AuthenticationAttributes is required for sending requests to VIDPs.");
-// }
-
-
- }
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkIssuerValidator.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkIssuerValidator.java
deleted file mode 100644
index df32ee6ad..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkIssuerValidator.java
+++ /dev/null
@@ -1,61 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.validation;
-
-import org.opensaml.saml2.core.Issuer;
-import org.opensaml.saml2.core.validator.IssuerSchemaValidator;
-import org.opensaml.xml.validation.ValidationException;
-
-public class StorkIssuerValidator extends IssuerSchemaValidator {
-
- private static final String FORMAT_ALLOWED_VALUE = "urn:oasis:names:tc:SAML:2.0:nameid-format:entity";
-
- /**
- * Constructor
- *
- */
- public StorkIssuerValidator() {
-
- super();
- }
-
- @Override
- public void validate(Issuer issuer) throws ValidationException {
-
- super.validate(issuer);
-
- // format is optional
- if(issuer.getFormat() != null) {
-
- if(!issuer.getFormat().equals(FORMAT_ALLOWED_VALUE)) {
-
- throw new ValidationException("Format has an invalid value.");
- }
- }
-
- }
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkNameIDValidator.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkNameIDValidator.java
deleted file mode 100644
index 85fbeff17..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkNameIDValidator.java
+++ /dev/null
@@ -1,67 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.validation;
-
-import org.opensaml.saml2.core.NameID;
-import org.opensaml.saml2.core.validator.NameIDSchemaValidator;
-import org.opensaml.xml.validation.ValidationException;
-
-public class StorkNameIDValidator extends NameIDSchemaValidator {
-
- private static final String FORMAT_ALLOWED_VALUE = "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified";
- private static final String FORMAT_ALLOWED_VALUE_OLD = "urn:oasis:names:tc:SAML:2.0:nameid-format:unspecified";
-
- /**
- * Constructor
- *
- */
- public StorkNameIDValidator() {
-
- super();
- }
-
- @Override
- public void validate(NameID nameID) throws ValidationException {
-
- super.validate(nameID);
-
- if (nameID.getNameQualifier() == null) {
-
- throw new ValidationException("NameQualifier is required.");
- }
-
- if (nameID.getFormat() == null) {
-
- throw new ValidationException("Format is required.");
-
- } else if(!(nameID.getFormat().equals(FORMAT_ALLOWED_VALUE) || nameID.getFormat().equals(FORMAT_ALLOWED_VALUE_OLD))) {
-
- throw new ValidationException("Format is invalid.");
- }
-
- }
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkNameIdPolicyValidator.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkNameIdPolicyValidator.java
deleted file mode 100644
index 7d98b5e60..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkNameIdPolicyValidator.java
+++ /dev/null
@@ -1,52 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.validation;
-
-import org.opensaml.saml2.core.NameIDPolicy;
-import org.opensaml.xml.validation.ValidationException;
-import org.opensaml.xml.validation.Validator;
-
-public class StorkNameIdPolicyValidator implements Validator<NameIDPolicy> {
-
- public StorkNameIdPolicyValidator() {
-
- }
-
- public void validate(NameIDPolicy nameIDPolicy) throws ValidationException {
-
-
- if(nameIDPolicy.getAllowCreate() != null) {
-
- if(!nameIDPolicy.getAllowCreate()) {
-
- throw new ValidationException("AllowCreate is invalid.");
- }
- }
-
- }
-
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkQualityAuthenticationAssuranceLevelValidator.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkQualityAuthenticationAssuranceLevelValidator.java
deleted file mode 100644
index 5c23fe04b..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkQualityAuthenticationAssuranceLevelValidator.java
+++ /dev/null
@@ -1,54 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.validation;
-
-import org.opensaml.xml.validation.ValidationException;
-import org.opensaml.xml.validation.Validator;
-
-import eu.stork.vidp.messages.stork.QualityAuthenticationAssuranceLevel;
-
-public class StorkQualityAuthenticationAssuranceLevelValidator implements
- Validator<QualityAuthenticationAssuranceLevel> {
-
-
- private static final int MIN_VAL = 1;
- private static final int MAX_VAL = 4;
-
- public StorkQualityAuthenticationAssuranceLevelValidator() {
-
- }
-
- public void validate(QualityAuthenticationAssuranceLevel qaaLevel)
- throws ValidationException {
-
- if(qaaLevel.getValue() < MIN_VAL || qaaLevel.getValue() > MAX_VAL) {
-
- throw new ValidationException("QAALevel is invalid.");
- }
-
- }
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkRequestedAttributeValidator.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkRequestedAttributeValidator.java
deleted file mode 100644
index b9b26a38a..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkRequestedAttributeValidator.java
+++ /dev/null
@@ -1,92 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.validation;
-
-import java.util.regex.Pattern;
-
-import org.opensaml.saml2.metadata.RequestedAttribute;
-import org.opensaml.saml2.metadata.validator.RequestedAttributeSchemaValidator;
-import org.opensaml.xml.XMLObject;
-import org.opensaml.xml.schema.XSAny;
-import org.opensaml.xml.schema.XSString;
-import org.opensaml.xml.validation.ValidationException;
-
-import eu.stork.vidp.messages.common.STORKConstants;
-
-public class StorkRequestedAttributeValidator extends
- RequestedAttributeSchemaValidator {
-
- private static final String PATTERN_ISAGEOVER = "^[0-9]{1,3}$";
-
- public StorkRequestedAttributeValidator() {
-
- super();
- }
-
- @Override
- public void validate(RequestedAttribute attr) throws ValidationException {
-
- super.validate(attr);
-
- if (attr.getName() == null) {
-
- throw new ValidationException("Name is required.");
- }
-
- if (attr.getNameFormat() == null) {
-
- throw new ValidationException("NameFormat is required.");
- }
-
- if (!STORKConstants.FULL_STORK_ATTRIBUTE_SET.contains(attr.getName()) && attr.isRequired()) {
- throw new ValidationException("Unknown attribute " + attr.getName() + " requested mandatory.");
- }
-
- if (attr.getName().equals(STORKConstants.STORK_ATTRIBUTE_ISAGEOVER)) {
- if (attr.getAttributeValues().isEmpty()) {
- throw new ValidationException("isAgeOver requires attribute value");
- }
-
- XMLObject attrValueObject = attr.getAttributeValues().get(0);
-
- if (attrValueObject instanceof XSString) {
- if (!Pattern.matches(PATTERN_ISAGEOVER, ((XSString) attr.getAttributeValues().get(0)).getValue())) {
- throw new ValidationException("Value for isAgeOver has incorrect format.");
- }
- } else if (attrValueObject instanceof XSAny) {
- if (!Pattern.matches(PATTERN_ISAGEOVER, ((XSAny) attrValueObject).getTextContent())) {
- throw new ValidationException("Value for isAgeOver has incorrect format.");
- }
-
- } else {
- throw new ValidationException("Value for isAgeOver has incorrect format.");
- }
-
- }
-
- }
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkRequestedAttributesValidator.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkRequestedAttributesValidator.java
deleted file mode 100644
index 0324079f3..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkRequestedAttributesValidator.java
+++ /dev/null
@@ -1,45 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.validation;
-
-import org.opensaml.xml.validation.ValidationException;
-import org.opensaml.xml.validation.Validator;
-
-import eu.stork.vidp.messages.stork.RequestedAttributes;
-
-public class StorkRequestedAttributesValidator implements
- Validator<RequestedAttributes> {
-
- public StorkRequestedAttributesValidator() {
-
- }
-
- public void validate(RequestedAttributes attrs) throws ValidationException {
-
- // empty so far
- }
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkResponseValidator.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkResponseValidator.java
deleted file mode 100644
index 8028173fa..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkResponseValidator.java
+++ /dev/null
@@ -1,137 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.validation;
-
-import org.opensaml.common.SAMLVersion;
-import org.opensaml.saml1.core.StatusCode;
-import org.opensaml.saml2.core.Response;
-import org.opensaml.saml2.core.validator.ResponseSchemaValidator;
-import org.opensaml.xml.util.XMLHelper;
-import org.opensaml.xml.validation.ValidationException;
-
-import eu.stork.mw.messages.saml.STORKResponse;
-
-public class StorkResponseValidator extends ResponseSchemaValidator {
-
- private static final String CONSENT_ALLOWED_VALUE_1 = "urn:oasis:names:tc:SAML:2.0:consent:obtained";
- private static final String CONSENT_ALLOWED_VALUE_2 = "urn:oasis:names:tc:SAML:2.0:consent:prior";
- private static final String CONSENT_ALLOWED_VALUE_3 = "urn:oasis:names:tc:SAML:2.0:consent:curent-implicit";
- private static final String CONSENT_ALLOWED_VALUE_4 = "urn:oasis:names:tc:SAML:2.0:consent:curent-explicit";
- private static final String CONSENT_ALLOWED_VALUE_5 = "urn:oasis:names:tc:SAML:2.0:consent:unspecified";
-
- private static final int MAX_SIZE = 131072;
-
- /**
- * Constructor
- *
- */
- public StorkResponseValidator() {
-
- super();
- }
-
- /** {@inheritDoc} */
- public void validate(Response response) throws ValidationException {
-
- if (XMLHelper.prettyPrintXML(response.getDOM()).getBytes().length > MAX_SIZE) {
- throw new ValidationException("SAML Response exceeds max size.");
- }
-
- super.validate(response);
-
- STORKResponse resp = (STORKResponse) response;
-
- if (resp.getID() == null) {
-
- throw new ValidationException("ID is required");
- }
-
- if (resp.getInResponseTo() == null) {
-
- throw new ValidationException("InResponseTo is required");
- }
-
- if (resp.getVersion() == null) {
-
- throw new ValidationException("Version is required.");
- } else if(!resp.getVersion().equals(SAMLVersion.VERSION_20)) {
-
- throw new ValidationException("Version is invalid.");
- }
-
- if (resp.getIssueInstant() == null) {
-
- throw new ValidationException("IssueInstant is required");
- }
-
- if (resp.getDestination() == null) {
-
- throw new ValidationException("Destination is required");
- }
-
- // Consent is optional
- if (resp.getConsent() != null) {
-
- String consent = resp.getConsent();
-
- if (!consent.equals(CONSENT_ALLOWED_VALUE_1)
- && !consent.equals(CONSENT_ALLOWED_VALUE_2)
- && !consent.equals(CONSENT_ALLOWED_VALUE_3)
- && !consent.equals(CONSENT_ALLOWED_VALUE_4)
- && !consent.equals(CONSENT_ALLOWED_VALUE_5)) {
-
- throw new ValidationException("Consent is invalid.");
- }
- }
-
-
- if (resp.getIssuer() == null) {
-
- throw new ValidationException("Issuer is required.");
- }
-
- if (resp.getStatus() == null) {
-
- throw new ValidationException("Status is required.");
- }
-
-
- if(resp.getSignature() == null) {
-
- throw new ValidationException("Signature is required.");
- }
-
-
- if (resp.getStatus().getStatusCode().getValue().equals(StatusCode.SUCCESS)) {
- if (resp.getAssertions() == null || resp.getAssertions().size() == 0) {
-
- throw new ValidationException("Assertion is required");
- }
- }
-
- }
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkSPIDValidator.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkSPIDValidator.java
deleted file mode 100644
index a42d7a453..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkSPIDValidator.java
+++ /dev/null
@@ -1,64 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.validation;
-
-import org.opensaml.xml.validation.ValidationException;
-import org.opensaml.xml.validation.Validator;
-
-import eu.stork.vidp.messages.stork.SPID;
-
-public class StorkSPIDValidator implements Validator<SPID> {
-
- public static final int MIN_SIZE = 1;
- public static final int MAX_SIZE = 40;
-
- public StorkSPIDValidator() {
-
- }
-
- public void validate(SPID spid) throws ValidationException {
-
-
- if(spid == null) {
-
- throw new ValidationException("SPID value is required.");
- }
-
- if(spid != null) {
-
- if (spid.getValue() == null) {
- throw new ValidationException("SPID has no value");
- }
-
- if (spid.getValue().length() <= MIN_SIZE || spid.getValue().length() > MAX_SIZE) {
- throw new ValidationException("SPID has wrong size: " + spid.getValue().length());
- }
- }
-
-
- }
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkSPInformationValidator.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkSPInformationValidator.java
deleted file mode 100644
index 9c54fd620..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkSPInformationValidator.java
+++ /dev/null
@@ -1,49 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.validation;
-
-import org.opensaml.xml.validation.ValidationException;
-import org.opensaml.xml.validation.Validator;
-
-import eu.stork.vidp.messages.stork.SPInformation;
-
-public class StorkSPInformationValidator implements Validator<SPInformation> {
-
- public StorkSPInformationValidator() {
-
- }
-
- public void validate(SPInformation spi) throws ValidationException {
-
- if(spi.getSPID() == null) {
-
- throw new ValidationException("SPID is required.");
- }
- }
-
-
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkSpApplicationValidator.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkSpApplicationValidator.java
deleted file mode 100644
index 08551e03e..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkSpApplicationValidator.java
+++ /dev/null
@@ -1,63 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.validation;
-
-import org.opensaml.xml.validation.ValidationException;
-import org.opensaml.xml.validation.Validator;
-
-import eu.stork.vidp.messages.stork.SpApplication;
-
-public class StorkSpApplicationValidator implements
- Validator<SpApplication> {
-
- public static final int MIN_SIZE = 1;
- public static final int MAX_SIZE = 100;
- //public static final String REGEX_PATTERN = "^[a-zA-Z0-9]{1,30}$";
-
- public StorkSpApplicationValidator() {
-
- }
-
- public void validate(SpApplication spApplication) throws ValidationException {
-
- if(spApplication != null) {
-
- if (spApplication.getValue() == null) {
- throw new ValidationException("spApplication has no value");
- }
-
-// if (!Pattern.matches(REGEX_PATTERN, spApplication.getValue())) {
-// throw new ValidationException("spApplication has wrong format: " + spApplication.getValue());
-// }
-
- if (spApplication.getValue().length() < MIN_SIZE || spApplication.getValue().length() > MAX_SIZE) {
- throw new ValidationException("spApplication has wrong size: " + spApplication.getValue().length());
- }
-
- }
- }
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkSpCountryValidator.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkSpCountryValidator.java
deleted file mode 100644
index e6ae0f1b7..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkSpCountryValidator.java
+++ /dev/null
@@ -1,58 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.validation;
-
-import java.util.regex.Pattern;
-
-import org.opensaml.xml.validation.ValidationException;
-import org.opensaml.xml.validation.Validator;
-
-import eu.stork.vidp.messages.stork.SpCountry;
-
-public class StorkSpCountryValidator implements
- Validator<SpCountry> {
-
- public static final String REGEX_PATTERN = "^[A-Z]{2}$";
-
- public StorkSpCountryValidator() {
-
- }
-
- public void validate(SpCountry spCountry) throws ValidationException {
-
- if(spCountry != null) {
-
- if (spCountry.getValue() == null) {
- throw new ValidationException("spCountry has no value");
- }
-
- if (!Pattern.matches(REGEX_PATTERN, spCountry.getValue())) {
- throw new ValidationException("spCountry not valid: " + spCountry.getValue());
- }
- }
- }
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkSpInstitutionValidator.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkSpInstitutionValidator.java
deleted file mode 100644
index 9d50d9122..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkSpInstitutionValidator.java
+++ /dev/null
@@ -1,62 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.validation;
-
-import org.opensaml.xml.validation.ValidationException;
-import org.opensaml.xml.validation.Validator;
-
-import eu.stork.vidp.messages.stork.SpInstitution;
-
-public class StorkSpInstitutionValidator implements
- Validator<SpInstitution> {
-
- public static final int MIN_SIZE = 1;
- public static final int MAX_SIZE = 50;
- //public static final String REGEX_PATTERN = "^[a-zA-Z0-9]{1,50}$";
-
- public StorkSpInstitutionValidator() {
-
- }
-
- public void validate(SpInstitution spInstitution) throws ValidationException {
-
- if(spInstitution != null) {
-
- if (spInstitution.getValue() == null) {
- throw new ValidationException("spInstitution has no value");
- }
-
-// if (!Pattern.matches(REGEX_PATTERN, spApplication.getValue())) {
-// throw new ValidationException("spApplication has wrong format: " + spApplication.getValue());
-// }
-
- if (spInstitution.getValue().length() < MIN_SIZE || spInstitution.getValue().length() > MAX_SIZE) {
- throw new ValidationException("spInstitution has wrong size: " + spInstitution.getValue().length());
- }
- }
- }
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkSpSectorValidator.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkSpSectorValidator.java
deleted file mode 100644
index 2cfaa7a4c..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkSpSectorValidator.java
+++ /dev/null
@@ -1,65 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.validation;
-
-import java.util.regex.Pattern;
-
-import org.opensaml.xml.validation.ValidationException;
-import org.opensaml.xml.validation.Validator;
-
-import eu.stork.vidp.messages.stork.SpSector;
-
-public class StorkSpSectorValidator implements
- Validator<SpSector> {
-
- public static final int MIN_SIZE = 1;
- public static final int MAX_SIZE = 20;
- //public static final String REGEX_PATTERN = "^[a-zA-Z0-9]{1,30}$";
-
- public StorkSpSectorValidator() {
-
- }
-
- public void validate(SpSector spSector) throws ValidationException {
-
- if(spSector != null) {
-
- if (spSector.getValue() == null) {
- throw new ValidationException("spSector has no value");
- }
-
-// if (!Pattern.matches(REGEX_PATTERN, spSector.getValue())) {
-// throw new ValidationException("spSector has wrong format: " + spSector.getValue());
-// }
-
- if (spSector.getValue().length() < MIN_SIZE || spSector.getValue().length() > MAX_SIZE) {
- throw new ValidationException("spApplication has wrong size: " + spSector.getValue().length());
- }
-
- }
- }
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkStatusCodeValidator.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkStatusCodeValidator.java
deleted file mode 100644
index 3ee214c46..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkStatusCodeValidator.java
+++ /dev/null
@@ -1,139 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.validation;
-
-import org.opensaml.saml2.core.Status;
-import org.opensaml.saml2.core.StatusCode;
-import org.opensaml.saml2.core.validator.StatusCodeSchemaValidator;
-import org.opensaml.xml.validation.ValidationException;
-
-public class StorkStatusCodeValidator extends StatusCodeSchemaValidator {
-
- // supported values according to SAML v2.0 specification
- private static String[] ALLOWED_FIRST_LEVEL_STATUS_CODE_VALUES = new String[] {
- "urn:oasis:names:tc:SAML:2.0:status:Success",
- "urn:oasis:names:tc:SAML:2.0:status:Requester",
- "urn:oasis:names:tc:SAML:2.0:status:Responder",
- "urn:oasis:names:tc:SAML:2.0:status:VersionMismatch"};
-
- private static String[] ALLOWED_SECOND_LEVEL_STATUS_CODE_VALUES = new String[] {
- "urn:oasis:names:tc:SAML:2.0:status:AuthnFailed",
- "urn:oasis:names:tc:SAML:2.0:status:InvalidAttrNameOrValue",
- "urn:oasis:names:tc:SAML:2.0:status:InvalidNameIDPolicy",
- "urn:oasis:names:tc:SAML:2.0:status:NoAuthnContext",
- "urn:oasis:names:tc:SAML:2.0:status:NoAvailableIDP",
- "urn:oasis:names:tc:SAML:2.0:status:NoPassive",
- "urn:oasis:names:tc:SAML:2.0:status:NoSupportedIDP",
- "urn:oasis:names:tc:SAML:2.0:status:PartialLogout",
- "urn:oasis:names:tc:SAML:2.0:status:ProxyCountExceeded",
- "urn:oasis:names:tc:SAML:2.0:status:RequestDenied",
- "urn:oasis:names:tc:SAML:2.0:status:RequestUnsupported",
- "urn:oasis:names:tc:SAML:2.0:status:RequestVersionDeprecated",
- "urn:oasis:names:tc:SAML:2.0:status:RequestVersionTooHigh",
- "urn:oasis:names:tc:SAML:2.0:status:RequestVersionTooLow",
- "urn:oasis:names:tc:SAML:2.0:status:ResourceNotRecognized",
- "urn:oasis:names:tc:SAML:2.0:status:TooManyResponses",
- "urn:oasis:names:tc:SAML:2.0:status:UnknownAttrProfile",
- "urn:oasis:names:tc:SAML:2.0:status:UnknownPrincipal",
- "urn:oasis:names:tc:SAML:2.0:status:UnsupportedBinding",
- "http://www.stork.gov.eu/saml20/statusCodes/QAANotSupported"
- };
-
- /**
- * Constructor
- *
- */
- public StorkStatusCodeValidator() {
-
- super();
- }
-
- @Override
- public void validate(StatusCode statusCode) throws ValidationException {
-
- super.validate(statusCode);
-
-
- if(statusCode.getValue() == null) {
-
- throw new ValidationException("StatusCode is required");
- }
-
- boolean valid = false;
-
- if (statusCode.getParent() instanceof Status) {
- //first level Status Codes
-
- String value = statusCode.getValue();
-
-
-
-
- for(String allowedVal : ALLOWED_FIRST_LEVEL_STATUS_CODE_VALUES) {
-
- if(value.equals(allowedVal)) {
-
- valid = true;
- break;
- }
- }
-
- if(!valid) {
-
- throw new ValidationException("First Level StatusCode has an invalid value.");
- }
- } else {
- //parent is status code
- //second level Status Codes
-
- if(statusCode != null) {
-
- valid = false;
-
- String subVal = statusCode.getValue();
-
- for(String allowedVal : ALLOWED_SECOND_LEVEL_STATUS_CODE_VALUES) {
-
- if(subVal.equals(allowedVal)) {
-
- valid = true;
- break;
- }
- }
-
- if(!valid) {
-
- throw new ValidationException("Second Level StatusCode has an invalid value.");
- }
-
- }
-
- }
- }
-
-
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkStatusValidator.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkStatusValidator.java
deleted file mode 100644
index 36d7ffab5..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkStatusValidator.java
+++ /dev/null
@@ -1,55 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.validation;
-
-import org.opensaml.saml2.core.Status;
-import org.opensaml.saml2.core.validator.StatusSchemaValidator;
-import org.opensaml.xml.validation.ValidationException;
-
-public class StorkStatusValidator extends StatusSchemaValidator {
-
- /**
- * Constructor
- *
- */
- public StorkStatusValidator() {
-
- super();
- }
-
- @Override
- public void validate(Status status) throws ValidationException {
-
- super.validate(status);
-
- if(status.getStatusCode() == null) {
-
- throw new ValidationException("StatusCode is required.");
- }
-
- }
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkSubjectConfirmationValidator.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkSubjectConfirmationValidator.java
deleted file mode 100644
index 0f1fad295..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkSubjectConfirmationValidator.java
+++ /dev/null
@@ -1,128 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.validation;
-
-import java.util.List;
-
-import javax.xml.namespace.QName;
-
-import org.opensaml.saml2.core.SubjectConfirmation;
-import org.opensaml.saml2.core.SubjectConfirmationData;
-import org.opensaml.saml2.core.validator.SubjectConfirmationSchemaValidator;
-import org.opensaml.xml.XMLObject;
-import org.opensaml.xml.signature.X509Data;
-import org.opensaml.xml.validation.ValidationException;
-
-public class StorkSubjectConfirmationValidator extends
- SubjectConfirmationSchemaValidator {
-
- private static final String ALLOWED_METHOD_1 = "urn:oasis:names:tc:SAML:2.0:cm:bearer";
- private static final String ALLOWED_METHOD_2 = "oasis:names:tc:SAML:2.0:cm:holder-of-key";
-
- /**
- * Constructor
- *
- */
- public StorkSubjectConfirmationValidator() {
-
- super();
- }
-
- @Override
- public void validate(SubjectConfirmation subjectConfirmation)
- throws ValidationException {
-
- super.validate(subjectConfirmation);
-
- String method = subjectConfirmation.getMethod();
-
- if (!(method.equals(ALLOWED_METHOD_1) || method.equals(ALLOWED_METHOD_2))) {
- throw new ValidationException("Method is invalid.");
- }
-
- if (subjectConfirmation.getSubjectConfirmationData() == null) {
- throw new ValidationException("SubjectConfirmationData required.");
-
- }
-
- SubjectConfirmationData confData = subjectConfirmation.getSubjectConfirmationData();
-
-
- if (method.equals(ALLOWED_METHOD_1)) {
- if (confData.getNotBefore() != null) {
- throw new ValidationException("NotBefore in SubjectConfirmationData not allowed if confirmation method is \"bearer\".");
- }
-
- }
-
- if (confData.getNotOnOrAfter() == null) {
-
- throw new ValidationException("NotOnOrAfter is required.");
- }
-
- if (confData.getRecipient() == null) {
-
- throw new ValidationException("Recipient is required.");
- }
-
- if (confData.getInResponseTo() == null) {
-
- throw new ValidationException("InResponseTo is required.");
- }
-
- if(method.equals(ALLOWED_METHOD_2)) {
-
- List<XMLObject> childrenKeyInfo = confData.getUnknownXMLObjects(new QName("KeyInfo"));
-
- if(childrenKeyInfo.size() < 1) {
-
- throw new ValidationException("KeyInfo is required.");
- }
-
- List<XMLObject> childrenKeyData = confData.getUnknownXMLObjects(new QName("X509Data"));
-
- if(childrenKeyData.size() != 1) {
-
- throw new ValidationException("Invalid number of X509Data elements.");
- } else {
-
- X509Data data = (X509Data)childrenKeyData.get(0);
-
- if(data.getX509Certificates() == null || data.getX509Certificates().size() < 1 ) {
-
- throw new ValidationException("X509Certificate is required.");
- }
-
- }
-
- }
-
-
-
- }
-
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkSubjectLocalityValidator.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkSubjectLocalityValidator.java
deleted file mode 100644
index 33c7b4478..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkSubjectLocalityValidator.java
+++ /dev/null
@@ -1,47 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.validation;
-
-import org.opensaml.saml2.core.SubjectLocality;
-import org.opensaml.xml.validation.ValidationException;
-import org.opensaml.xml.validation.Validator;
-
-public class StorkSubjectLocalityValidator implements
- Validator<SubjectLocality> {
-
- public StorkSubjectLocalityValidator() {
-
- }
-
- public void validate(SubjectLocality sloc) throws ValidationException {
-
- if (sloc.getAddress() == null) {
-
- throw new ValidationException("Address is required.");
- }
- }
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkSubjectValidator.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkSubjectValidator.java
deleted file mode 100644
index 077b6294a..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkSubjectValidator.java
+++ /dev/null
@@ -1,60 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.validation;
-
-import org.opensaml.saml2.core.Subject;
-import org.opensaml.saml2.core.validator.SubjectSchemaValidator;
-import org.opensaml.xml.validation.ValidationException;
-
-public class StorkSubjectValidator extends SubjectSchemaValidator {
-
- /**
- * Constructor
- *
- */
- public StorkSubjectValidator() {
-
- super();
- }
-
- @Override
- public void validate(Subject subject) throws ValidationException {
-
- super.validate(subject);
-
- if(subject.getNameID() == null && subject.getEncryptedID() == null) {
-
- throw new ValidationException("Neither NameID nor EncryptedID is provided.");
- }
-
- if(subject.getSubjectConfirmations() == null || subject.getSubjectConfirmations().size() < 1) {
-
- throw new ValidationException("SubjectConfirmation is required.");
- }
-
- }
-
-}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkVIDPAuthenticationAttributesValidator.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkVIDPAuthenticationAttributesValidator.java
deleted file mode 100644
index 88ff7bed4..000000000
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkVIDPAuthenticationAttributesValidator.java
+++ /dev/null
@@ -1,57 +0,0 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package eu.stork.vidp.messages.validation;
-
-import org.opensaml.xml.validation.ValidationException;
-import org.opensaml.xml.validation.Validator;
-
-import eu.stork.vidp.messages.stork.VIDPAuthenticationAttributes;
-
-public class StorkVIDPAuthenticationAttributesValidator implements
- Validator<VIDPAuthenticationAttributes> {
-
- public StorkVIDPAuthenticationAttributesValidator() {
-
- }
-
- public void validate(VIDPAuthenticationAttributes attr)
- throws ValidationException {
-
-
- if(attr.getCitizenCountryCode() == null) {
-
- throw new ValidationException("CitizenCountryCode is required.");
- }
-
-
- if(attr.getSPInformation() == null) {
-
- throw new ValidationException("SPInformation is required.");
- }
-
- }
-
-}
diff --git a/id/server/stork-saml-engine/src/main/resources/saml2-stork-config.xml b/id/server/stork-saml-engine/src/main/resources/saml2-stork-config.xml
deleted file mode 100644
index 988480f55..000000000
--- a/id/server/stork-saml-engine/src/main/resources/saml2-stork-config.xml
+++ /dev/null
@@ -1,242 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<XMLTooling xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://www.opensaml.org/xmltooling-config ../../src/schema/xmltooling-config.xsd"
- xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol"
- xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"
- xmlns:stork="urn:eu:stork:names:tc:STORK:1.0:assertion"
- xmlns:storkp="urn:eu:stork:names:tc:STORK:1.0:protocol"
- xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
- xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#"
- xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion"
- xmlns="http://www.opensaml.org/xmltooling-config">
-
- <!-- SAML 2.0 Protocol Object providers -->
- <ObjectProviders>
-
-
- <!-- AuthnRequest provider -->
- <ObjectProvider qualifiedName="saml2p:AuthnRequest">
- <BuilderClass className="eu.stork.vidp.messages.saml.impl.STORKAuthnRequestBuilder" />
- <MarshallingClass className="eu.stork.vidp.messages.saml.impl.STORKAuthnRequestMarshaller" />
- <UnmarshallingClass className="eu.stork.vidp.messages.saml.impl.STORKAuthnRequestUnmarshaller" />
- </ObjectProvider>
-
- <!-- Response provider -->
- <ObjectProvider qualifiedName="saml2p:Response">
- <BuilderClass className="eu.stork.vidp.messages.saml.impl.STORKResponseBuilder" />
- <MarshallingClass className="eu.stork.vidp.messages.saml.impl.STORKResponseMarshaller" />
- <UnmarshallingClass className="eu.stork.vidp.messages.saml.impl.STORKResponseUnmarshaller" />
- </ObjectProvider>
-
- <ObjectProvider qualifiedName="saml2p:Extensions">
- <BuilderClass className="eu.stork.vidp.messages.saml.impl.STORKExtensionsBuilder" />
- <MarshallingClass className="eu.stork.vidp.messages.saml.impl.STORKExtensionsMarshaller" />
- <UnmarshallingClass className="eu.stork.vidp.messages.saml.impl.STORKExtensionsUnmarshaller" />
- </ObjectProvider>
-
- <ObjectProvider qualifiedName="storkp:AuthenticationAttributes">
- <BuilderClass className="eu.stork.vidp.messages.stork.impl.AuthenticationAttributesBuilder" />
- <MarshallingClass className="eu.stork.vidp.messages.stork.impl.AuthenticationAttributesMarshaller" />
- <UnmarshallingClass className="eu.stork.vidp.messages.stork.impl.AuthenticationAttributesUnmarshaller" />
- </ObjectProvider>
-
- <ObjectProvider qualifiedName="storkp:CitizenCountryCode">
- <BuilderClass className="eu.stork.vidp.messages.stork.impl.CitizenCountryCodeBuilder" />
- <MarshallingClass className="eu.stork.vidp.messages.stork.impl.CitizenCountryCodeMarshaller" />
- <UnmarshallingClass className="eu.stork.vidp.messages.stork.impl.CitizenCountryCodeUnmarshaller" />
- </ObjectProvider>
-
- <ObjectProvider qualifiedName="storkp:SPAuthRequest">
- <BuilderClass className="eu.stork.vidp.messages.stork.impl.SPAuthRequestBuilder" />
- <MarshallingClass className="eu.stork.vidp.messages.stork.impl.SPAuthRequestMarshaller" />
- <UnmarshallingClass className="eu.stork.vidp.messages.stork.impl.SPAuthRequestUnmarshaller" />
- </ObjectProvider>
-
- <ObjectProvider qualifiedName="storkp:SPCertEnc">
- <BuilderClass className="eu.stork.vidp.messages.stork.impl.SPCertEncBuilder" />
- <MarshallingClass className="eu.stork.vidp.messages.stork.impl.SPCertEncMarshaller" />
- <UnmarshallingClass className="eu.stork.vidp.messages.stork.impl.SPCertEncUnmarshaller" />
- </ObjectProvider>
-
- <ObjectProvider qualifiedName="storkp:SPCertSig">
- <BuilderClass className="eu.stork.vidp.messages.stork.impl.SPCertSigBuilder" />
- <MarshallingClass className="eu.stork.vidp.messages.stork.impl.SPCertSigMarshaller" />
- <UnmarshallingClass className="eu.stork.vidp.messages.stork.impl.SPCertSigUnmarshaller" />
- </ObjectProvider>
-
- <ObjectProvider qualifiedName="storkp:SPID">
- <BuilderClass className="eu.stork.vidp.messages.stork.impl.SPIDBuilder" />
- <MarshallingClass className="eu.stork.vidp.messages.stork.impl.SPIDMarshaller" />
- <UnmarshallingClass className="eu.stork.vidp.messages.stork.impl.SPIDUnmarshaller" />
- </ObjectProvider>
-
- <ObjectProvider qualifiedName="storkp:SPInformation">
- <BuilderClass className="eu.stork.vidp.messages.stork.impl.SPInformationBuilder" />
- <MarshallingClass className="eu.stork.vidp.messages.stork.impl.SPInformationMarshaller" />
- <UnmarshallingClass className="eu.stork.vidp.messages.stork.impl.SPInformationUnmarshaller" />
- </ObjectProvider>
-
- <ObjectProvider qualifiedName="storkp:VIDPAuthenticationAttributes">
- <BuilderClass className="eu.stork.vidp.messages.stork.impl.VIDPAuthenticationAttributesBuilder" />
- <MarshallingClass className="eu.stork.vidp.messages.stork.impl.VIDPAuthenticationAttributesMarshaller" />
- <UnmarshallingClass className="eu.stork.vidp.messages.stork.impl.VIDPAuthenticationAttributesUnmarshaller" />
- </ObjectProvider>
-
- <ObjectProvider qualifiedName="stork:QualityAuthenticationAssuranceLevel">
- <BuilderClass className="eu.stork.vidp.messages.stork.impl.QualityAuthenticationAssuranceLevelBuilder" />
- <MarshallingClass className="eu.stork.vidp.messages.stork.impl.QualityAuthenticationAssuranceLevelMarshaller" />
- <UnmarshallingClass className="eu.stork.vidp.messages.stork.impl.QualityAuthenticationAssuranceLevelUnmarshaller" />
- </ObjectProvider>
-
- <ObjectProvider qualifiedName="storkp:RequestedAttributes">
- <BuilderClass className="eu.stork.vidp.messages.stork.impl.RequestedAttributesBuilder" />
- <MarshallingClass className="eu.stork.vidp.messages.stork.impl.RequestedAttributesMarshaller" />
- <UnmarshallingClass className="eu.stork.vidp.messages.stork.impl.RequestedAttributesUnmarshaller" />
- </ObjectProvider>
-
- <ObjectProvider qualifiedName="stork:RequestedAttribute">
- <BuilderClass className="eu.stork.vidp.messages.saml.impl.STORKRequestedAttributeBuilder" />
- <MarshallingClass className="org.opensaml.saml2.metadata.impl.RequestedAttributeMarshaller" />
- <UnmarshallingClass className="eu.stork.vidp.messages.saml.impl.STORKRequestedAttributeUnmarshaller" />
- </ObjectProvider>
-
- <ObjectProvider qualifiedName="storkp:eIDSectorShare">
- <BuilderClass className="eu.stork.vidp.messages.stork.impl.EIDSectorShareBuilder" />
- <MarshallingClass className="eu.stork.vidp.messages.stork.impl.EIDSectorShareMarshaller" />
- <UnmarshallingClass className="eu.stork.vidp.messages.stork.impl.EIDSectorShareUnmarshaller" />
- </ObjectProvider>
-
- <ObjectProvider qualifiedName="storkp:eIDCrossSectorShare">
- <BuilderClass className="eu.stork.vidp.messages.stork.impl.EIDCrossSectorShareBuilder" />
- <MarshallingClass className="eu.stork.vidp.messages.stork.impl.EIDCrossSectorShareMarshaller" />
- <UnmarshallingClass className="eu.stork.vidp.messages.stork.impl.EIDCrossSectorShareUnmarshaller" />
- </ObjectProvider>
-
- <ObjectProvider qualifiedName="storkp:eIDCrossBorderShare">
- <BuilderClass className="eu.stork.vidp.messages.stork.impl.EIDCrossBorderShareBuilder" />
- <MarshallingClass className="eu.stork.vidp.messages.stork.impl.EIDCrossBorderShareMarshaller" />
- <UnmarshallingClass className="eu.stork.vidp.messages.stork.impl.EIDCrossBorderShareUnmarshaller" />
- </ObjectProvider>
-
- <ObjectProvider qualifiedName="stork:spSector">
- <BuilderClass className="eu.stork.vidp.messages.stork.impl.SpSectorBuilder" />
- <MarshallingClass className="eu.stork.vidp.messages.stork.impl.SpSectorMarshaller" />
- <UnmarshallingClass className="eu.stork.vidp.messages.stork.impl.SpSectorUnmarshaller" />
- </ObjectProvider>
-
- <ObjectProvider qualifiedName="stork:spApplication">
- <BuilderClass className="eu.stork.vidp.messages.stork.impl.SpApplicationBuilder" />
- <MarshallingClass className="eu.stork.vidp.messages.stork.impl.SpApplicationMarshaller" />
- <UnmarshallingClass className="eu.stork.vidp.messages.stork.impl.SpApplicationUnmarshaller" />
- </ObjectProvider>
-
- <ObjectProvider qualifiedName="stork:spCountry">
- <BuilderClass className="eu.stork.vidp.messages.stork.impl.SpCountryBuilder" />
- <MarshallingClass className="eu.stork.vidp.messages.stork.impl.SpCountryMarshaller" />
- <UnmarshallingClass className="eu.stork.vidp.messages.stork.impl.SpCountryUnmarshaller" />
- </ObjectProvider>
-
- <ObjectProvider qualifiedName="stork:spInstitution">
- <BuilderClass className="eu.stork.vidp.messages.stork.impl.SpInstitutionBuilder" />
- <MarshallingClass className="eu.stork.vidp.messages.stork.impl.SpInstitutionMarshaller" />
- <UnmarshallingClass className="eu.stork.vidp.messages.stork.impl.SpInstitutionUnmarshaller" />
- </ObjectProvider>
-
- </ObjectProviders>
-
- <!-- Validation rules for SAML 2.0 SAMLObjects -->
- <ValidatorSuites>
-
- <!-- SAML 2.0 Schema Validation Rules -->
- <ValidatorSuite id="saml2-core-schema-and-stork-validator">
- <Validator qualifiedName="saml2:Action" className="org.opensaml.saml2.core.validator.ActionSchemaValidator" />
- <Validator qualifiedName="saml2p:Artifact" className="org.opensaml.saml2.core.validator.ArtifactSchemaValidator" />
- <Validator qualifiedName="saml2p:ArtifactResolve" className="org.opensaml.saml2.core.validator.ArtifactResolveSchemaValidator" />
- <Validator qualifiedName="saml2p:ArtifactResponse" className="org.opensaml.saml2.core.validator.ArtifactResponseSchemaValidator" />
- <!-- Validator qualifiedName="saml2:Assertion" className="org.opensaml.saml2.core.validator.AssertionSchemaValidator" /-->
- <Validator qualifiedName="saml2:AssertionIDRef" className="org.opensaml.saml2.core.validator.AssertionIDRefSchemaValidator" />
- <Validator qualifiedName="saml2:AssertionIDRequest" className="org.opensaml.saml2.core.validator.AssertionIDRequestSchemaValidator" />
- <Validator qualifiedName="saml2:AssertionURIRef" className="org.opensaml.saml2.core.validator.AssertionURIRefSchemaValidator" />
- <!-- Validator qualifiedName="saml2:Attribute" className="org.opensaml.saml2.core.validator.AttributeSchemaValidator" /-->
- <Validator qualifiedName="saml2p:AttributeQuery" className="org.opensaml.saml2.core.validator.AttributeQuerySchemaValidator" />
- <Validator qualifiedName="saml2:AttributeStatement" className="org.opensaml.saml2.core.validator.AttributeStatementSchemaValidator" />
- <Validator qualifiedName="saml2:Audience" className="org.opensaml.saml2.core.validator.AudienceSchemaValidator" />
- <!-- Validator qualifiedName="saml2:AudienceRestriction" className="org.opensaml.saml2.core.validator.AudienceRestrictionSchemaValidator" /-->
- <Validator qualifiedName="saml2:AuthenticatingAuthority" className="org.opensaml.saml2.core.validator.AuthenticatingAuthoritySchemaValidator" />
- <Validator qualifiedName="saml2:AuthnContextClassRef" className="org.opensaml.saml2.core.validator.AuthnContextClassRefSchemaValidator" />
- <Validator qualifiedName="saml2:AuthnContextDeclRef" className="org.opensaml.saml2.core.validator.AuthnContextDeclRefSchemaValidator" />
- <Validator qualifiedName="saml2:AuthnContextDecl" className="org.opensaml.saml2.core.validator.AuthnContextDeclSchemaValidator" />
- <Validator qualifiedName="saml2p:AuthnQuery" className="org.opensaml.saml2.core.validator.AuthnQuerySchemaValidator" />
- <!-- Validator qualifiedName="saml2p:AuthnRequest" className="org.opensaml.saml2.core.validator.AuthnRequestSchemaValidator" /-->
- <!-- Validator qualifiedName="saml2:AuthnStatement" className="org.opensaml.saml2.core.validator.AuthnStatementSchemaValidator" /-->
- <Validator qualifiedName="saml2p:AuthzDecisionQuery" className="org.opensaml.saml2.core.validator.AuthzDecisionQuerySchemaValidator" />
- <Validator qualifiedName="saml2:AuthzDecisionStatement" className="org.opensaml.saml2.core.validator.AuthzDecisionStatementSchemaValidator" />
- <Validator qualifiedName="saml2:AuthnContextClassRef" className="org.opensaml.saml2.core.validator.AuthnContextClassRefSchemaValidator" />
- <Validator qualifiedName="saml2:Evidence" className="org.opensaml.saml2.core.validator.EvidenceSchemaValidator" />
- <Validator qualifiedName="saml2p:GetComplete" className="org.opensaml.saml2.core.validator.GetCompleteSchemaValidator" />
- <Validator qualifiedName="saml2p:IDPEntry" className="org.opensaml.saml2.core.validator.IDPEntrySchemaValidator" />
- <Validator qualifiedName="saml2p:IDPList" className="org.opensaml.saml2.core.validator.IDPListSchemaValidator" />
- <!-- Validator qualifiedName="saml2:Issuer" className="org.opensaml.saml2.core.validator.IssuerSchemaValidator" /-->
- <Validator qualifiedName="saml2p:LogoutRequest" className="org.opensaml.saml2.core.validator.LogoutRequestSchemaValidator" />
- <Validator qualifiedName="saml2p:LogoutResponse" className="org.opensaml.saml2.core.validator.LogoutResponseSchemaValidator" />
- <Validator qualifiedName="saml2p:ManageNameIDRequest" className="org.opensaml.saml2.core.validator.ManageNameIDRequestSchemaValidator" />
- <Validator qualifiedName="saml2p:ManageNameIDResponse" className="org.opensaml.saml2.core.validator.ManageNameIDResponseSchemaValidator" />
- <!-- Validator qualifiedName="saml2:NameID" className="org.opensaml.saml2.core.validator.NameIDSchemaValidator" /-->
- <Validator qualifiedName="saml2p:NameIDMappingRequest" className="org.opensaml.saml2.core.validator.NameIDMappingRequestSchemaValidator" />
- <Validator qualifiedName="saml2p:NameIDMappingResponse" className="org.opensaml.saml2.core.validator.NameIDMappingResponseSchemaValidator" />
- <Validator qualifiedName="saml2p:NewID" className="org.opensaml.saml2.core.validator.NewIDSchemaValidator" />
- <Validator qualifiedName="saml2p:RequestedAuthnContext" className="org.opensaml.saml2.core.validator.RequestedAuthnContextSchemaValidator" />
- <Validator qualifiedName="saml2p:RequesterID" className="org.opensaml.saml2.core.validator.RequesterIDSchemaValidator" />
- <!-- Validator qualifiedName="saml2p:Response" className="org.opensaml.saml2.core.validator.ResponseSchemaValidator" /-->
- <Validator qualifiedName="saml2:SessionIndex" className="org.opensaml.saml2.core.validator.SessionIndexSchemaValidator" />
- <!-- Validator qualifiedName="saml2p:Status" className="org.opensaml.saml2.core.validator.StatusSchemaValidator" /-->
- <!-- Validator qualifiedName="saml2p:StatusCode" className="org.opensaml.saml2.core.validator.StatusCodeSchemaValidator" /-->
- <Validator qualifiedName="saml2p:StatusMessage" className="org.opensaml.saml2.core.validator.StatusMessageSchemaValidator" />
- <!-- Validator qualifiedName="saml2:Subject" className="org.opensaml.saml2.core.validator.SubjectSchemaValidator" /-->
- <!-- Validator qualifiedName="saml2:SubjectConfirmation" className="org.opensaml.saml2.core.validator.SubjectConfirmationSchemaValidator" /-->
- <Validator qualifiedName="saml2p:Response" className="eu.stork.vidp.messages.validation.StorkResponseValidator" />
- <Validator qualifiedName="saml2:Issuer" className="eu.stork.vidp.messages.validation.StorkIssuerValidator" />
- <Validator qualifiedName="saml2p:Status" className="eu.stork.vidp.messages.validation.StorkStatusValidator" />
- <Validator qualifiedName="saml2p:StatusCode" className="eu.stork.vidp.messages.validation.StorkStatusCodeValidator" />
- <Validator qualifiedName="saml2:Assertion" className="eu.stork.vidp.messages.validation.StorkAssertionValidator" />
- <Validator qualifiedName="saml2:Subject" className="eu.stork.vidp.messages.validation.StorkSubjectValidator" />
- <Validator qualifiedName="saml2:NameID" className="eu.stork.vidp.messages.validation.StorkNameIDValidator" />
- <Validator qualifiedName="saml2:EncryptedID" className="eu.stork.vidp.messages.validation.StorkEncryptedIdValidator" />
- <Validator qualifiedName="saml2:SubjectConfirmation" className="eu.stork.vidp.messages.validation.StorkSubjectConfirmationValidator" />
- <Validator qualifiedName="saml2:AudienceRestriction" className="eu.stork.vidp.messages.validation.StorkAudienceRestrictionValidator" />
- <Validator qualifiedName="saml2:Conditions" className="eu.stork.vidp.messages.validation.StorkConditionsValidator" />
- <Validator qualifiedName="saml2:AuthnStatement" className="eu.stork.vidp.messages.validation.StorkAuthnStatementValidator" />
- <Validator qualifiedName="saml2:SubjectLocality" className="eu.stork.vidp.messages.validation.StorkSubjectLocalityValidator" />
- <Validator qualifiedName="saml2:Attribute" className="eu.stork.vidp.messages.validation.StorkAttributeValidator" />
- <Validator qualifiedName="saml2:EncryptedAttribute" className="eu.stork.vidp.messages.validation.StorkEncryptedAttributeValidator" />
- <Validator qualifiedName="saml2p:AuthnRequest" className="eu.stork.vidp.messages.validation.StorkAuthnRequestValidator" />
- <Validator qualifiedName="storkp:AuthenticationAttributes" className="eu.stork.vidp.messages.validation.StorkAuthenticationAttributesValidator" />
- <Validator qualifiedName="storkp:SPID" className="eu.stork.vidp.messages.validation.StorkSPIDValidator" />
- <Validator qualifiedName="storkp:SPInformation" className="eu.stork.vidp.messages.validation.StorkSPInformationValidator" />
- <!-- Validator qualifiedName="stork:FinalRedirectURL" className="eu.stork.vidp.messages.validation.StorkFinalRedirectURLValidator" /-->
- <Validator qualifiedName="storkp:CitizenCountryCode" className="eu.stork.vidp.messages.validation.StorkCitizenCountryCodeValidator" />
- <Validator qualifiedName="storkp:VIDPAuthenticationAttributes" className="eu.stork.vidp.messages.validation.StorkVIDPAuthenticationAttributesValidator" />
- <Validator qualifiedName="stork:RequestedAttribute" className="eu.stork.vidp.messages.validation.StorkRequestedAttributeValidator" />
- <Validator qualifiedName="storkp:RequestedAttributes" className="eu.stork.vidp.messages.validation.StorkRequestedAttributesValidator" />
- <Validator qualifiedName="stork:QualityAuthenticationAssuranceLevel" className="eu.stork.vidp.messages.validation.StorkQualityAuthenticationAssuranceLevelValidator" />
- <Validator qualifiedName="saml2p:Extensions" className="eu.stork.vidp.messages.validation.StorkExtensionsValidator" />
- <Validator qualifiedName="saml2:NameIdPolicy" className="eu.stork.vidp.messages.validation.StorkNameIdPolicyValidator" />
- <Validator qualifiedName="ds:Signature" className="org.opensaml.xml.signature.validator.SignatureSchemaValidator" />
- <Validator qualifiedName="stork:spSector" className="eu.stork.vidp.messages.validation.StorkSpSectorValidator" />
- <Validator qualifiedName="stork:spApplication" className="eu.stork.vidp.messages.validation.StorkSpApplicationValidator" />
- <Validator qualifiedName="stork:spCountry" className="eu.stork.vidp.messages.validation.StorkSpCountryValidator" />
- <Validator qualifiedName="stork:Institution" className="eu.stork.vidp.messages.validation.StorkSpInstitutionValidator" />
-
-
- </ValidatorSuite>
-
- <!-- SAML 2.0 Specification Validation Rules -->
- <ValidatorSuite id="saml2-core-spec-validator">
- <Validator qualifiedName="saml2:Assertion" className="org.opensaml.saml2.core.validator.AssertionSpecValidator" />
- <Validator qualifiedName="saml2:Conditions" className="org.opensaml.saml2.core.validator.ConditionsSpecValidator" />
- </ValidatorSuite>
-
- </ValidatorSuites>
-
-
- </XMLTooling> \ No newline at end of file
diff --git a/id/server/stork2-commons/Releases b/id/server/stork2-commons/Releases
new file mode 100644
index 000000000..54aeb9313
--- /dev/null
+++ b/id/server/stork2-commons/Releases
@@ -0,0 +1,62 @@
+Created 06-04-2011
+
+Branch : STORKCommons_0_5_UPDATE_06042011
+Date : 06-04-2011
+Changes: No changes.
+
+Branch : STORKCommons_0_5_UPDATE_07072011
+Date : 07-07-2011
+Changes: Inserted constants to HttpOnly HTTP Header.
+
+Branch : STORKCommons_0_6
+Date : 07-11-2011
+Changes: Improved error exception handling (few changes on the exception classes).
+ Improved Constansts (unused removed, others added).
+ Unit Tests include (almost all the code is cover).
+ Fix some minor bugs found on unit tests.
+ New Copyright License added.
+ PEPUtils refactored.
+ Improved error code message (three kind of messages: to citizen, admin and saml token).
+
+Branch : STORKCommons_0_6_1
+Date : 28-11-2011
+Changes: Removed unnecessary javadoc package file.
+ Updated pepsUtils.properties file (check attribute value had old error message)
+
+Branch : STORKCommons_0_9
+Date : 02-12-2011
+Changes: Updated Version to 0.9
+
+Branch : STORKCommons_1_0
+Date : 02-12-2011
+Changes: Updated Version to 1.0
+
+Branch : STORKCommons_1_1_0
+Date : 01-11-2013
+Changes: Updated Version to 1.1.0
+ Dependencies updated
+ Business Logic Part I changes
+ SAML Engine Changes merged (from SamlEngine/1.1.0/Commons branch to be easier to merge this branch with trunk)
+ Fixed some errors on Test Case
+
+Branch : STORKCommons_1_1_1
+Date : 02-12-2013
+Changes: Updated Version to 1.1.1
+ Added mandate error code
+ PMD quality code changes (some final identifier missing)
+ Added new methods to personal attribute list to get Mandatory/Optional and/or Simple/Complex attributes
+ Added new unit tests
+
+Branch : Commons (Trunk)
+Date : 15-01-2014
+Version: 1.2.0
+Release: 2
+Changes: Updated Version to 1.2.0
+ dded request flow of PV (incomplete)
+ Added AP mandatory attribute to get data for business attributes
+ *) based on configuration file it adds the missing attributes (eIdentifier, givenName, surname and dateOfBirth) or change isRequired to true.
+ changes original isRequired state in response
+ Added new Interface (IAttributeListProcessor) to make some operations on attribute lists
+ Power Validation is complete now
+ Business Logic I and II integration (Request Complete!)
+ Added new method to Personal attribute List to check if there is at least one attribute with no value.
diff --git a/id/server/stork2-commons/pom.xml b/id/server/stork2-commons/pom.xml
new file mode 100644
index 000000000..a71ee1628
--- /dev/null
+++ b/id/server/stork2-commons/pom.xml
@@ -0,0 +1,213 @@
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+ <groupId>eu.stork</groupId>
+ <artifactId>Commons</artifactId>
+ <packaging>jar</packaging>
+ <name>Stork Commons</name>
+ <properties>
+ <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
+ <stork.version>1.2.0</stork.version>
+ <opensaml.version>2.6.0</opensaml.version>
+ </properties>
+ <version>${stork.version}</version>
+ <description>
+ The STORKCommons library provides beans, Java Interfaces and utility classes to integrate PEPS and SAML Engine.
+ </description>
+
+ <dependencies>
+
+ <!-- Joda -->
+ <dependency>
+ <groupId>joda-time</groupId>
+ <artifactId>joda-time</artifactId>
+ <version>2.3</version>
+ </dependency>
+
+ <!-- Log4J -->
+ <dependency>
+ <groupId>log4j</groupId>
+ <artifactId>log4j</artifactId>
+ <version>1.2.17</version>
+ <exclusions>
+ <exclusion>
+ <groupId>javax.jms</groupId>
+ <artifactId>jms</artifactId>
+ </exclusion>
+ <exclusion>
+ <groupId>com.sun.jdmk</groupId>
+ <artifactId>jmxtools</artifactId>
+ </exclusion>
+ <exclusion>
+ <groupId>com.sun.jmx</groupId>
+ <artifactId>jmxri</artifactId>
+ </exclusion>
+ <exclusion>
+ <artifactId>mail</artifactId>
+ <groupId>javax.mail</groupId>
+ </exclusion>
+ </exclusions>
+ </dependency>
+
+ <dependency>
+ <groupId>org.opensaml</groupId>
+ <artifactId>opensaml</artifactId>
+ <version>${opensaml.version}</version>
+ <exclusions>
+ <exclusion>
+ <groupId>org.slf4j</groupId>
+ <artifactId>slf4j-api</artifactId>
+ </exclusion>
+ <exclusion>
+ <groupId>org.slf4j</groupId>
+ <artifactId>slf4j-simple</artifactId>
+ </exclusion>
+ <exclusion>
+ <groupId>org.slf4j</groupId>
+ <artifactId>jcl-over-slf4j</artifactId>
+ </exclusion>
+ <exclusion>
+ <groupId>org.slf4j</groupId>
+ <artifactId>log4j-over-slf4j</artifactId>
+ </exclusion>
+ <exclusion>
+ <groupId>org.slf4j</groupId>
+ <artifactId>jul-to-slf4j</artifactId>
+ </exclusion>
+ </exclusions>
+ </dependency>
+
+ <!-- Bouncy Castle -->
+ <dependency>
+ <groupId>org.bouncycastle</groupId>
+ <artifactId>bcprov-jdk16</artifactId>
+ <version>1.46</version>
+ </dependency>
+
+ <!-- Servlet API -->
+ <!-- provided by Application Server -->
+ <dependency>
+ <groupId>javax.servlet</groupId>
+ <artifactId>servlet-api</artifactId>
+ <version>2.5</version>
+ <scope>provided</scope>
+ </dependency>
+
+ <dependency>
+ <groupId>commons-lang</groupId>
+ <artifactId>commons-lang</artifactId>
+ <version>2.6</version>
+ <type>jar</type>
+ <scope>compile</scope>
+ </dependency>
+ <dependency>
+ <groupId>junit</groupId>
+ <artifactId>junit</artifactId>
+ <version>4.11</version>
+ <scope>test</scope>
+ </dependency>
+ </dependencies>
+
+ <build>
+ <finalName>commons</finalName>
+ <pluginManagement>
+ <plugins>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-compiler-plugin</artifactId>
+ <version>3.1</version>
+ <configuration>
+ <source>1.6</source>
+ <target>1.6</target>
+ </configuration>
+ </plugin>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-surefire-plugin</artifactId>
+ <configuration>
+ <runOrder>reversealphabetical</runOrder>
+ <skip>false</skip>
+ <includes>
+ <runOrder>reversealphabetical</runOrder>
+ <include>**/PEPSUtilTest.java</include>
+ <include>**/PersonalAttributeTestCase.java</include>
+ <include>**/PersonalAttributeListTestCase.java</include>
+ <include>**/DateUtilTestCase.java</include>
+ <include>**/AttributeUtilTest.java</include>
+ </includes>
+ </configuration>
+ </plugin>
+ </plugins>
+ </pluginManagement>
+ <plugins>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-javadoc-plugin</artifactId>
+ <version>2.9.1</version>
+ <configuration>
+ <links>
+ <link>http://commons.apache.org/lang/api/</link>
+ <link>http://java.sun.com/j2se/1.6.0/docs/api/</link>
+ <link>http://www.bouncycastle.org/docs/docs1.6/</link>
+ <link>http://docs.oracle.com/javase/6/docs/api/</link>
+ </links>
+ </configuration>
+ </plugin>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-source-plugin</artifactId>
+ <version>2.2.1</version>
+ <executions>
+ <execution>
+ <id>attach-sources</id>
+ <phase>verify</phase>
+ <goals>
+ <goal>jar-no-fork</goal>
+ </goals>
+ </execution>
+ </executions>
+ </plugin>
+ </plugins>
+ <testResources>
+ <testResource>
+ <directory>src/test/resources</directory>
+ <includes>
+ <include>log4j.xml</include>
+ </includes>
+ </testResource>
+ </testResources>
+ </build>
+ <profiles>
+ <profile>
+ <id>embedded</id>
+ <build>
+ <resources>
+ <resource>
+ <directory> ${project.basedir}/src/main/resources</directory>
+ </resource>
+ <resource>
+ <directory> ${project.basedir}/src/main/config/embedded</directory>
+ </resource>
+ </resources>
+ </build>
+ </profile>
+ <profile>
+ <id>metrics</id>
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>org.codehaus.mojo</groupId>
+ <artifactId>cobertura-maven-plugin</artifactId>
+ <version>2.5.1</version>
+ <configuration>
+ <formats>
+ <format>html</format>
+ <format>xml</format>
+ </formats>
+ </configuration>
+ </plugin>
+ </plugins>
+ </build>
+ </profile>
+ </profiles>
+</project>
diff --git a/id/server/stork2-commons/src/main/config/embedded/pepsUtil.properties b/id/server/stork2-commons/src/main/config/embedded/pepsUtil.properties
new file mode 100644
index 000000000..1e92f390d
--- /dev/null
+++ b/id/server/stork2-commons/src/main/config/embedded/pepsUtil.properties
@@ -0,0 +1,267 @@
+#Max allowed params size
+validation.active=true
+max.spUrl.size=150
+max.attrList.size=20000
+max.invalidAttributeList.size=20000
+max.attrName.size=100
+max.callback.size=300
+max.idp.url.size=300
+max.atp.url.size=300
+max.cpepsURL.size=300
+max.attrValue.size=20000
+max.attrType.size=25
+max.spId.size=40
+max.providerName.size=128
+max.spName.size=25
+max.country.size=150
+max.qaaLevel.size=1
+max.spQaaLevel.size=1
+max.errorCode.size=5
+max.errorMessage.size=300
+max.username.size=30
+max.spepsRedirectUrl.size=300
+max.speps.redirectUrl.size=300
+max.cpeps.redirectUrl.size=300
+max.cpepsRedirectUrl.size=300
+max.spepsAssertionUrl.size=300
+max.SAMLRequest.size=131072
+max.SAMLResponse.size=131072
+max.RelayState.size=80
+max.remoteAddr.size=300
+max.remoteHost.size=300
+max.localAddr.size=300
+max.localName.size=300
+max.apepsUrl.size=300
+max.apeps.callbackUrl.size=300
+
+#ERROR codes/messages (accordingly to specification)
+
+#CountrySelector Interface errors
+spCountrySelector.invalidSPQAA.code=0000001
+spCountrySelector.invalidSPQAA.message=invalid.spQAA.parameter
+
+spCountrySelector.invalidQaaSPid.code=0000001
+spCountrySelector.invalidQaaSPid.message=invalid.spQAAId.parameter
+
+spCountrySelector.invalidSpId.code=000002
+spCountrySelector.invalidSpId.message=invalid.spId.parameter
+
+spCountrySelector.invalidSpURL.code=000003
+spCountrySelector.invalidSpURL.message=invalid.spUrl.parameter
+
+domain.CountrySelectorAction.code=000003
+domain.CountrySelectorAction.message=invalid.cs.domain
+
+requests.CountrySelectorAction.code=000004
+requests.CountrySelectorAction.message=reached.max.requests.cs
+
+spCountrySelector.spNotAllowed.code=000006
+spCountrySelector.spNotAllowed.message=attr.access.deny
+
+spCountrySelector.invalidAttr.code=000007
+spCountrySelector.invalidAttr.message=invalid.spAttr.parameter
+
+spCountrySelector.invalidProviderName.code=000008
+spCountrySelector.invalidProviderName.message=invalid.spProvidername.parameter
+
+spCountrySelector.errorCreatingSAML.code=203001
+spCountrySelector.errorCreatingSAML.message=error.create.sp.saml
+
+spepsSAMLRequest.code=203001
+spepsSAMLRequest.message=error.create.saml.speps
+
+#ServiceProvider Interface errors
+sProviderAction.invalidSPQAA.code=200001
+sProviderAction.invalidSPQAA.message=invalid.sp.qaa
+
+sProviderAction.invalidSPQAAId.code=200001
+sProviderAction.invalidSPQAAId.message=invalid.sp.qaaid
+
+sProviderAction.invalidSPId.code=200002
+sProviderAction.invalidSPId.message=invalid.sp.id
+
+domain.ServiceProviderAction.code=200003
+domain.ServiceProviderAction.message=invalid.sp.domain
+
+sProviderAction.invalidSPDomain.code=200003
+sProviderAction.invalidSPDomain.message=invalid.sp.domain
+
+sProviderAction.invalidCountry.code=200004
+sProviderAction.invalidCountry.message=invalid.sp.country
+
+sProviderAction.spNotAllowed.code=200005
+sProviderAction.spNotAllowed.message=sp.not.allowed
+
+sProviderAction.invalidSaml.code=200006
+sProviderAction.invalidSaml.message=invalid.sp.samlrequest
+
+sProviderAction.invalidSPProviderName.code=200007
+sProviderAction.invalidSPProviderName.message=sp.not.identified
+
+sProviderAction.invalidSPRedirect.code=200008
+sProviderAction.invalidSPRedirect.message=invalid.sp.redirectUrl
+
+sProviderAction.invalidRelayState.code=200009
+sProviderAction.invalidRelayState.message=invalid.sp.relaystate
+
+sProviderAction.invalidAttr.code=200011
+sProviderAction.invalidAttr.message=invalid.sp.attr
+
+requests.ServiceProviderAction.code=200012
+requests.ServiceProviderAction.message=reached.max.requests.sp
+
+sPPowerValidationAction.invalidSPPVAttrList.code=200013
+sPPowerValidationAction.invalidSPPVAttrList.message=invalid.sp.pv.attrlist
+
+invalid.sp.pv.attrlist.code=200013
+invalid.sp.pv.attrlist.message=invalid.sp.pv.attrlist
+
+sProviderAction.invalidSPAlias.code=203003
+sProviderAction.invalidSPAlias.message=invalid.sp.alias
+
+sProviderAction.errorCreatingSAML.code=203001
+sProviderAction.errorCreatingSAML.message=error.create.saml.speps
+
+#Internal Error
+internalError.code=203001
+internalError.message=internalError
+
+attrList.code=202005
+attrList.message=invalid.attrList.parameter
+
+missing.sessionId.code=203010
+missing.sessionId.message=missing.session.id
+
+sessionError.code=203011
+sessionError.message=invalid.session.id
+
+invalid.sessionId.code=203011
+invalid.sessionId.message=invalid.session.id
+
+missing.mandate.code=203013
+missing.mandate.message=missing.mandate
+
+invalid.session.code=203012
+invalid.session.message=invalid.session
+
+callback.code=203006
+callback.message=invalid.callback.url
+
+idp.url.code=203006
+idp.url.message=invalid.idp.url
+
+IdPSAMLResponse.code=002001
+IdPSAMLResponse.message=invalid.idp.response
+
+authenticationFailed.code=003002
+authenticationFailed.message=authentication.failed
+
+username.code=003002
+username.message=authentication.failed
+
+invalidAttributeList.code=203001
+invalidAttributeList.message=invalid.attrlist
+
+invalidAttributeValue.code=203001
+invalidAttributeValue.message=invalid.attr.value
+
+attVerification.mandatory.code=202010
+attVerification.mandatory.message=missing.mandatory.attr
+
+attrValue.verification.code=203008
+attrValue.verification.message=invalid.stork.attrValue
+
+cpepsSAMLResponse.code=202012
+cpepsSAMLResponse.message=error.gen.cpeps.saml
+
+AtPSAMLResponse.code=202009
+AtPSAMLResponse.message=error.gen.atp.saml
+
+atp.url.code=203006
+atp.url.message=invalid.atp.url
+
+hash.error.code=203001
+hash.error.message=error.hash
+
+qaaLevel.code=203006
+qaaLevel.message=invalid.cpeps.qaalevel
+
+SAMLRequest.code=203001
+SAMLRequest.message=invalid.SAMLRequest
+
+atp.response.error.code=202011
+atp.response.error.message=atp.response.error
+
+#Colleague Request Interface errors
+
+colleagueRequest.invalidSAML.code=201002
+colleagueRequest.invalidSAML.message=invalid.speps.samlrequest
+
+colleagueRequest.invalidCountryCode.code=002001
+colleagueRequest.invalidCountryCode.message=country.cpeps.nomatch
+
+colleagueRequest.errorCreatingSAML.code=203001
+colleagueRequest.errorCreatingSAML.message=error.create.saml.cpeps
+
+colleagueRequest.invalidQaa.code=202004
+colleagueRequest.invalidQaa.message=invalid.requested.cpeps.qaalevel
+
+colleagueRequest.attrNull.code=202005
+colleagueRequest.attrNull.message=invalid.requested.attrlist.cpeps
+
+colleaguePVRequest.invalidPVAttrList.code=202013
+colleaguePVRequest.invalidPVAttrList.message=invalid.speps.pv.attrlist
+
+colleagueRequest.invalidRedirect.code=202001
+colleagueRequest.invalidRedirect.message=invalid.redirecturl.cpeps
+
+colleagueRequest.invalidDestUrl.code=203006
+colleagueRequest.invalidDestUrl.message=invalid.cpeps.destUrl
+
+cpepsRedirectUrl.code=203006
+cpepsRedirectUrl.message=invalid.cpeps.redirectUrl
+
+#Citizen Consent Interfaces errors
+
+citizenResponse.mandatory.code=202007
+citizenResponse.mandatory.message=no.consent.mand.attr
+
+cPeps.attrNull.code=202005
+cPeps.attrNull.message=invalid.attrList.cpeps
+
+citizenNoConsent.mandatory.code=202012
+citizenNoConsent.mandatory.message=no.consent.val.mand.attr
+
+#Colleague Response Interface errors
+
+colleagueResponse.invalidSAML.code=202002
+colleagueResponse.invalidSAML.message=invalid.cpeps.samlresp
+
+auRequestIdError.code=201005
+auRequestIdError.message=invalid.speps.saml.id
+
+audienceRestrictionError.code=201004
+audienceRestrictionError.message=speps.saml.condition.notmet
+
+spepsSAMLResponse.code=200010
+spepsSAMLResponse.message=error.gen.speps.saml
+
+
+invalid.apepsRedirectUrl.code=001001
+invalid.apepsRedirectUrl.message=invalid.apeps.redirectUrl
+
+apepsSAMLRequest.code=001002
+apepsSAMLRequest.message=invalid.apeps.saml.request
+
+apepsSAMLResponse.code=001003
+apepsSAMLResponse.message=invalid.apeps.saml.response
+
+invalid.apepsCallbackUrl.code=001004
+invalid.apepsCallbackUrl.message=invalid.apeps.callback.url
+
+colleagueAttributeRequest.invalidSAML.code=001005
+colleagueAttributeRequest.invalidSAML.message=invalid.attr.request.saml
+
+
+#Hash Digests
+hashDigest.className=org.bouncycastle.crypto.digests.SHA512Digest
diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/AttributeConstants.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/AttributeConstants.java
new file mode 100644
index 000000000..09769641c
--- /dev/null
+++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/AttributeConstants.java
@@ -0,0 +1,72 @@
+/*
+ * This work is Open Source and licensed by the European Commission under the
+ * conditions of the European Public License v1.1
+ *
+ * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1);
+ *
+ * any use of this file implies acceptance of the conditions of this license.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations
+ * under the License.
+ */
+package eu.stork.peps.auth.commons;
+
+/**
+ * This enum class contains all the STORK PEPS, Commons and Specific errors
+ * constant identifiers.
+ *
+ * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com,
+ * luis.felix@multicert.com, hugo.magalhaes@multicert.com,
+ * paulo.ribeiro@multicert.com
+ * @version $Revision: 1.2 $, $Date: 2010-11-17 05:15:28 $
+ */
+public enum AttributeConstants {
+
+ /**
+ * Represents the attribute's name index.
+ */
+ ATTR_NAME_INDEX(0),
+ /**
+ * Represents the attribute's type index.
+ */
+ ATTR_TYPE_INDEX(1),
+ /**
+ * Represents the attribute's value index.
+ */
+ ATTR_VALUE_INDEX(2),
+ /**
+ * Represents the attribute's status index.
+ */
+ ATTR_STATUS_INDEX(3),
+ /**
+ * Represents the number of allowed tuples.
+ */
+ NUMBER_TUPLES(4);
+
+ /**
+ * Represents the constant's value.
+ */
+ private int attribute;
+
+ /**
+ * Solo Constructor.
+ *
+ * @param attr The Attribute Constant value.
+ */
+ AttributeConstants(final int attr) {
+
+ this.attribute = attr;
+ }
+
+ /**
+ * Return the Constant Value.
+ *
+ * @return The constant value.
+ */
+ public int intValue() {
+
+ return attribute;
+ }
+}
diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/AttributeName.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/AttributeName.java
new file mode 100644
index 000000000..a44768c7e
--- /dev/null
+++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/AttributeName.java
@@ -0,0 +1,74 @@
+package eu.stork.peps.auth.commons;
+
+/**
+ * This class is a bean used to store information relative to Attribute Names.
+ *
+ * @author Stelios Lelis (stelios.lelis@aegean.gr), Elias Pastos (ilias@aegean.gr)
+ *
+ * @version $Revision: 1.00 $, $Date: 2013-11-26 $
+ */
+public final class AttributeName {
+
+ /**
+ * Attribute Id.
+ */
+ private String attributeId;
+
+ /**
+ * Attribute Name.
+ */
+ private String attributeName;
+
+ /**
+ * Attribute Name Constructor.
+ *
+ * @param aId Id of the Attribute Name.
+ * @param aName Name of the Attribute Name.
+ */
+ public AttributeName(final String aId, final String aName) {
+
+ this.attributeId = aId;
+ this.attributeName = aName;
+ }
+
+ /**
+ * Getter for the attributeId value.
+ *
+ * @return The attributeId value.
+ */
+ public String getAttributeId() {
+
+ return attributeId;
+ }
+
+ /**
+ * Setter for the attributeId value.
+ *
+ * @param aId Id of the Attribute Name.
+ */
+ public void setAttributeId(final String aId) {
+
+ this.attributeId = aId;
+ }
+
+ /**
+ * Getter for the attributeName value.
+ *
+ * @return The attributeName value.
+ */
+ public String getAttributeName() {
+
+ return attributeName;
+ }
+
+ /**
+ * Setter for the attributeName value.
+ *
+ * @param name Name of the Attribute Name.
+ */
+ public void setAttributeName(final String name) {
+
+ this.attributeName = name;
+ }
+
+} \ No newline at end of file
diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/AttributeProvider.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/AttributeProvider.java
new file mode 100644
index 000000000..fc776db81
--- /dev/null
+++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/AttributeProvider.java
@@ -0,0 +1,80 @@
+package eu.stork.peps.auth.commons;
+
+import java.io.Serializable;
+
+/**
+ * This class is a bean used to store the information relative to the Attribute Provider.
+ *
+ * @author Stelios Lelis (stelios.lelis@aegean.gr), Elias Pastos (ilias@aegean.gr)
+ *
+ * @version $Revision: 1.01 $, $Date: 2013-11-28 $
+ */
+public final class AttributeProvider implements Serializable {
+ /**
+ * Unique identifier.
+ */
+ private static final long serialVersionUID = 7210186241917444559L;
+
+ /**
+ * Provider Id.
+ */
+ private String providerId;
+
+ /**
+ * Provider Name.
+ */
+ private String providerName;
+
+ /**
+ * Attribute Provider Constructor.
+ *
+ * @param pId Id of the Attribute Provider.
+ * @param pName Name of the Attribute Provider.
+ */
+ public AttributeProvider(final String pId, final String pName) {
+
+ this.providerId = pId;
+ this.providerName = pName;
+ }
+
+ /**
+ * Getter for the providerId value.
+ *
+ * @return The providerId value.
+ */
+ public String getProviderId() {
+
+ return providerId;
+ }
+
+ /**
+ * Setter for the providerId value.
+ *
+ * @param pId Id of the Attribute Provider.
+ */
+ public void setProviderId(final String pId) {
+
+ this.providerId = pId;
+ }
+
+ /**
+ * Getter for the providerName value.
+ *
+ * @return The providerName value.
+ */
+ public String getProviderName() {
+
+ return providerName;
+ }
+
+ /**
+ * Setter for the providerName value.
+ *
+ * @param name Name of the Attribute Provider.
+ */
+ public void setProviderName(final String name) {
+
+ this.providerName = name;
+ }
+
+}
diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/AttributeProvidersMap.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/AttributeProvidersMap.java
new file mode 100644
index 000000000..85aec2625
--- /dev/null
+++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/AttributeProvidersMap.java
@@ -0,0 +1,96 @@
+package eu.stork.peps.auth.commons;
+
+import java.util.Iterator;
+import java.util.LinkedHashMap;
+
+import org.apache.log4j.Logger;
+
+/**
+ * Implementation of the AttributeProviderMap using a LinkedHashMap.
+ *
+ * @author Stelios Lelis (stelios.lelis@aegean.gr), Elias Pastos (ilias@aegean.gr)
+ *
+ * @version $Revision: 1.01 $, $Date: 2013-09-20 $
+ *
+ * @see LinkedHashMap
+ */
+public class AttributeProvidersMap extends LinkedHashMap<AttributeSource, IPersonalAttributeList>
+ implements IAttributeProvidersMap {
+ /**
+ * Logger object.
+ */
+ private static final Logger LOG = Logger.getLogger(AttributeProvidersMap.class.getName());
+
+ /**
+ * Unique identifier.
+ */
+ private static final long serialVersionUID = 8949081185106296122L;
+
+ /**
+ * {@inheritDoc}
+ */
+ @Override
+ public IPersonalAttributeList get(final AttributeSource key) {
+ return this.get((Object) key);
+ }
+
+ /**
+ * {@inheritDoc}
+ */
+ @Override
+ public IPersonalAttributeList remove(final AttributeSource key) {
+ return this.remove((Object) key);
+ }
+
+ /**
+ * {@inheritDoc}
+ */
+ @Override
+ public boolean containsKey(final AttributeSource key) {
+ return this.containsKey((Object) key);
+ }
+
+ /**
+ * {@inheritDoc}
+ */
+ @Override
+ public Iterator<AttributeSource> keyIterator() {
+ return this.keySet().iterator();
+ }
+
+ public void trace() {
+ Iterator<AttributeSource> iterator;
+ Iterator<PersonalAttribute> iterator2;
+ AttributeSource source;
+ IPersonalAttributeList pal;
+ PersonalAttribute pa;
+
+ iterator = this.keyIterator();
+ LOG.trace("Start dumping of AttributeProvidersMap\n=======================");
+ while (iterator.hasNext()) {
+ source = iterator.next();
+
+ LOG.trace("Source details: type [" + source.getSourceType() + "], URL [" + source.getProviderURL() + "]");
+
+ if(source.getSourceType() == AttributeSource.SOURCE_LOCAL_APROVIDER) {
+ LOG.trace("-> Attribute Provider: ID [" + source.getProvider().getProviderId() + "], name [" + source.getProvider().getProviderName() + "]");
+ }
+ else {
+ LOG.trace("-> Country: ID [" + source.getCountry().getCountryId() + "], name [" + source.getCountry().getCountryName() + "]");
+ }
+
+ pal = this.get(source);
+ LOG.trace("++++++++=>");
+ iterator2 = pal.iterator();
+ while (iterator2.hasNext()) {
+ pa = iterator2.next();
+
+ LOG.trace("-> Citizen Attribute: name [" + pa.getName() + "], required [" + pa.isRequired() + "]");
+ }
+ LOG.trace("<=++++++++");
+
+ LOG.trace("-----------------------");
+ }
+ LOG.trace("END\n=======================");
+ }
+}
diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/AttributeSource.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/AttributeSource.java
new file mode 100644
index 000000000..846f54f67
--- /dev/null
+++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/AttributeSource.java
@@ -0,0 +1,188 @@
+package eu.stork.peps.auth.commons;
+
+import java.io.Serializable;
+
+import org.apache.log4j.Logger;
+
+/**
+ * This class is a bean used to store the information relative to the Attribute Source (either AttributeProvider or Country).
+ *
+ * @author Stelios Lelis (stelios.lelis@aegean.gr), Elias Pastos (ilias@aegean.gr)
+ *
+ * @version $Revision: 1.10 $, $Date: 2013-11-29 $
+ */
+public final class AttributeSource implements Serializable {
+ /**
+ * Unique identifier.
+ */
+ private static final long serialVersionUID = 432243595968469014L;
+
+ public static final int SOURCE_LOCAL_APROVIDER = 1;
+ public static final int SOURCE_REMOTE_COUNTRY = 2;
+
+ /**
+ * Logger object.
+ */
+ private static final Logger LOG = Logger.getLogger(AttributeSource.class.getName());
+
+ /**
+ * Provider source.
+ */
+ private int sourceType;
+
+ /**
+ * Provider URL.
+ */
+ private String providerURL;
+
+ /**
+ * The local Attribute Provider.
+ */
+ private AttributeProvider provider;
+
+ /**
+ * The remote Country.
+ */
+ private Country country;
+
+ /**
+ * Attribute Source Constructor.
+ *
+ * @param provider The local Attribute Provider.
+ * @param pURL URL of the Attribute Provider.
+ */
+ public AttributeSource(final AttributeProvider provider, final String pURL) {
+ this.setSourceType(SOURCE_LOCAL_APROVIDER);
+
+ this.setProvider(provider);
+ this.setProviderURL(pURL);
+ }
+
+ /**
+ * Attribute Source Constructor.
+ *
+ * @param country The remote Country.
+ * @param pURL URL of the Country.
+ */
+ public AttributeSource(final Country country, final String pURL) {
+ this.setSourceType(SOURCE_REMOTE_COUNTRY);
+
+ this.setCountry(country);
+ this.setProviderURL(pURL);
+ }
+
+ /**
+ * @param sourceType the sourceType to set
+ */
+ public void setSourceType(final int sourceType) {
+ this.sourceType = sourceType;
+ }
+
+ /**
+ * @return the sourceType
+ */
+ public int getSourceType() {
+ return sourceType;
+ }
+
+ /**
+ * @param providerURL the providerURL to set
+ */
+ public void setProviderURL(final String providerURL) {
+ this.providerURL = providerURL;
+ }
+
+ /**
+ * @return the providerURL
+ */
+ public String getProviderURL() {
+ return providerURL;
+ }
+
+ /**
+ * @param provider the provider to set
+ */
+ public void setProvider(final AttributeProvider provider) {
+ this.setSourceType(SOURCE_LOCAL_APROVIDER);
+
+ this.provider = provider;
+ }
+
+ /**
+ * @return the provider
+ */
+ public AttributeProvider getProvider() {
+ return provider;
+ }
+
+ /**
+ * @param country the country to set
+ */
+ public void setCountry(final Country country) {
+ this.setSourceType(SOURCE_REMOTE_COUNTRY);
+
+ this.country = country;
+ }
+
+ /**
+ * @return the country
+ */
+ public Country getCountry() {
+ return country;
+ }
+
+ /**
+ * {@inheritDoc}
+ */
+ public boolean equals(Object obj) {
+ boolean outcome = false;
+
+ LOG.debug("Calling equals with Object.");
+ if ( obj instanceof AttributeSource ) {
+ LOG.debug("Calling equals with AttributeSource.");
+ outcome = this.equals((AttributeSource)obj);
+ }
+
+ LOG.debug("Object equals outcome: " + outcome);
+ return outcome;
+ }
+
+ /**
+ * Compare the given AttributeSource with the current object in order to determinine
+ * if they are equal.
+ *
+ * @param obj The AttributeSource to compare to
+ *
+ * @return true if the two objects are equal
+ */
+ public boolean equals(AttributeSource obj) {
+ boolean outcome = false;
+
+ if ( this.sourceType==obj.getSourceType() ) {
+ if ( this.sourceType==AttributeSource.SOURCE_LOCAL_APROVIDER ) {
+ if ( this.provider.getProviderId().equals(obj.getProvider().getProviderId()) )
+ outcome = true;
+ }
+ else if ( this.sourceType==AttributeSource.SOURCE_REMOTE_COUNTRY ) {
+ if ( this.country.getCountryId().equals(obj.getCountry().getCountryId()) )
+ outcome = true;
+ }
+ }
+
+ LOG.debug("AttributeSource equals outcome: " + outcome);
+ return outcome;
+ }
+
+ /**
+ * {@inheritDoc}
+ */
+ public int hashCode() {
+ int hash = 1;
+ hash = hash * 17 + this.sourceType;
+ if ( this.sourceType==AttributeSource.SOURCE_LOCAL_APROVIDER )
+ hash = hash * 31 + this.provider.getProviderName().hashCode();
+ else
+ hash = hash * 31 + this.country.getCountryName().hashCode();
+ return hash;
+ }
+}
diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/AttributeUtil.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/AttributeUtil.java
new file mode 100644
index 000000000..af7ab6cf3
--- /dev/null
+++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/AttributeUtil.java
@@ -0,0 +1,231 @@
+/*
+ * This work is Open Source and licensed by the European Commission under the
+ * conditions of the European Public License v1.1
+ *
+ * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1);
+ *
+ * any use of this file implies acceptance of the conditions of this license.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations
+ * under the License.
+ */
+package eu.stork.peps.auth.commons;
+
+import java.util.Iterator;
+import java.util.List;
+import java.util.Map;
+import java.util.Map.Entry;
+
+import org.apache.commons.lang.StringUtils;
+
+/**
+ * This class holds static helper methods.
+ *
+ * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com,
+ * luis.felix@multicert.com, hugo.magalhaes@multicert.com,
+ * paulo.ribeiro@multicert.com
+ * @version $Revision: 1.5 $, $Date: 2010-12-15 23:19:59 $
+ */
+public final class AttributeUtil {
+
+ /**
+ * Private constructor. Prevents the class from being instantiated.
+ */
+ private AttributeUtil() {
+ // empty constructor
+ }
+
+ /**
+ * Safe escape any given string.
+ *
+ * @param value The HTTP Value to escaped.
+ *
+ * @return The value escaped value.
+ */
+ public static String escape(final String value) {
+
+ final String attrSep = PEPSValues.ATTRIBUTE_SEP.toString();
+ final String attrTupleSep = PEPSValues.ATTRIBUTE_TUPLE_SEP.toString();
+ final String attrValueSep = PEPSValues.ATTRIBUTE_VALUE_SEP.toString();
+
+ final String escAttrSep = "%" + (int) attrSep.charAt(0);
+ final String escAttrTupleSep = "%" + (int) attrTupleSep.charAt(0);
+ final String escAttrValueSep = "%" + (int) attrValueSep.charAt(0);
+
+ return value.replace(attrSep, escAttrSep)
+ .replace(attrTupleSep, escAttrTupleSep)
+ .replace(attrValueSep, escAttrValueSep);
+ }
+
+ /**
+ * Unescape any given string.
+ *
+ * @param value The HTTP Value to be unescaped.
+ *
+ * @return The value unescaped value.
+ */
+ public static String unescape(final String value) {
+ final String attrSep = PEPSValues.ATTRIBUTE_SEP.toString();
+ final String attrTupleSep = PEPSValues.ATTRIBUTE_TUPLE_SEP.toString();
+ final String attrValueSep = PEPSValues.ATTRIBUTE_VALUE_SEP.toString();
+
+ final String escAttrSep = "%" + (int) attrSep.charAt(0);
+ final String escAttrTupleSep = "%" + (int) attrTupleSep.charAt(0);
+ final String escAttrValueSep = "%" + (int) attrValueSep.charAt(0);
+
+ return value.replace(escAttrSep, attrSep)
+ .replace(escAttrTupleSep, attrTupleSep)
+ .replace(escAttrValueSep, attrValueSep);
+ }
+
+ /**
+ * Appends the string representation of an object to a StringBuilder.
+ *
+ * @param strBuilder The StringBuilder to append to.
+ * @param val The string representation of an object.
+ */
+ public static void appendIfNotNull(final StringBuilder strBuilder,
+ final Object val) {
+
+ if (val != null) {
+ strBuilder.append(val);
+ }
+ }
+
+ /**
+ * Given a separator and a list of strings, joins the list, as a string,
+ * separated by the separator string.
+ *
+ * @param list The list of strings to join.
+ * @param separator The separator string.
+ * @return the list, as a string, separated by the separator string.
+ */
+ public static String listToString(final List<String> list,
+ final String separator) {
+
+ final StringBuilder strBuilder = new StringBuilder();
+ for (final String s : list) {
+ if (!StringUtils.isEmpty(s)) {
+ strBuilder.append(AttributeUtil.escape(s) + separator);
+ }
+ }
+ return strBuilder.toString();
+ }
+
+ /**
+ * Given a separator and a map of strings to strings, joins the map, as a
+ * string, separated by the separator string with the pair key/value
+ * concatenated with a '='.
+ *
+ * @param map The map of strings to join.
+ * @param separator The separator string.
+ *
+ * @return the map of strings, as a string, separated by the separator string
+ * with the pair key/value concatenated with a '='.
+ */
+ public static String mapToString(final Map<String, String> map,
+ final String separator) {
+
+ final StringBuilder strBuilder = new StringBuilder();
+ final Iterator<Entry<String, String>> valuesIt = map.entrySet().iterator();
+ while (valuesIt.hasNext()) {
+ final Entry<String, String> entry = valuesIt.next();
+ strBuilder.append(entry.getKey());
+ strBuilder.append('=');
+ strBuilder.append(AttributeUtil.escape(entry.getValue()));
+ strBuilder.append(separator);
+ }
+ return strBuilder.toString();
+ }
+
+ /**
+ * Validates the attribute value format.
+ *
+ * @param value The attribute value to validate.
+ *
+ * @return true if value has a valid format.
+ */
+ public static boolean isValidValue(final String value) {
+ boolean retVal = false;
+ if (value != null && value.charAt(0) == '[' && value.endsWith("]")) {
+ final String tmpAttrValue = value.substring(1, value.length() - 1);
+ final String[] vals =
+ tmpAttrValue.split(PEPSValues.ATTRIBUTE_VALUE_SEP.toString());
+
+ if (tmpAttrValue.length() >= 0
+ || (vals.length > 0 && vals[0].length() > 0)) {
+ retVal = true;
+ }
+ }
+ return retVal;
+ }
+
+ /**
+ * Validates the attribute type value. It's case insensitive. E.g. return true
+ * value to: a) "true", "TRUE", "True", ... b) "false", "FALSE", "False", ...
+ *
+ * @param type The attribute type value.
+ *
+ * @return true if type has a true or false (case insensitive) value.
+ */
+ public static boolean isValidType(final String type) {
+ return StringUtils.isNotEmpty(type) && (PEPSValues.TRUE.toString().equalsIgnoreCase(type) || PEPSValues.FALSE.toString().equalsIgnoreCase(type)) ;
+ }
+
+ /**
+ * Validates the Personal attribute tuple. E.g. name:type:[value]:status
+ *
+ * @param tuples The Personal attribute's tuple.
+ *
+ * @return true if the tuples' format is valid.
+ *
+ * @see PEPSUtil#validateParameter(String, String, String)
+ * @see String#equalsIgnoreCase(String)
+ */
+ public static boolean hasValidTuples(final String[] tuples) {
+ boolean retVal = false;
+
+ final int numberTuples = AttributeConstants.NUMBER_TUPLES.intValue();
+ if (tuples != null && tuples.length == numberTuples) {
+ // validate attrName
+ final int attrNameIndex = AttributeConstants.ATTR_NAME_INDEX.intValue();
+ final int attrTypeIndex = AttributeConstants.ATTR_TYPE_INDEX.intValue();
+ final int attrValueIndex = AttributeConstants.ATTR_VALUE_INDEX.intValue();
+
+ retVal =
+ StringUtils.isNotEmpty(tuples[attrNameIndex])
+ && StringUtils.isNotEmpty(tuples[attrTypeIndex])
+ && StringUtils.isNotEmpty(tuples[attrValueIndex])
+ && AttributeUtil.isValidType(tuples[attrTypeIndex])
+ && AttributeUtil.isValidValue(tuples[attrValueIndex]);
+ }
+ return retVal;
+ }
+
+ /**
+ * Check if all mandatory attributes have values.
+ *
+ * @param personalAttrList The Personal Attributes List.
+ *
+ * @return true if all mandatory attributes have values, false if at least one
+ * attribute doesn't have value.
+ */
+ public static boolean checkMandatoryAttributes(
+ final IPersonalAttributeList personalAttrList) {
+
+ final Iterator<PersonalAttribute> itAttributes =
+ personalAttrList.values().iterator();
+ boolean retVal = true;
+ while (itAttributes.hasNext() && retVal) {
+ final PersonalAttribute attr = itAttributes.next();
+ if (attr.isRequired()
+ && !STORKStatusCode.STATUS_AVAILABLE.toString()
+ .equals(attr.getStatus())) {
+ retVal = false;
+ }
+ }
+ return retVal;
+ }
+}
diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/CitizenConsent.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/CitizenConsent.java
new file mode 100644
index 000000000..9ebcfbd5a
--- /dev/null
+++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/CitizenConsent.java
@@ -0,0 +1,123 @@
+/*
+ * This work is Open Source and licensed by the European Commission under the
+ * conditions of the European Public License v1.1
+ *
+ * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1);
+ *
+ * any use of this file implies acceptance of the conditions of this license.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations
+ * under the License.
+ */
+package eu.stork.peps.auth.commons;
+
+import java.util.ArrayList;
+import java.util.List;
+
+/**
+ * This class is a bean used to store the information relative to the Citizen
+ * Consent.
+ *
+ * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com,
+ * luis.felix@multicert.com, hugo.magalhaes@multicert.com,
+ * paulo.ribeiro@multicert.com
+ * @version $Revision: 1.15 $, $Date: 2010-11-17 05:15:28 $
+ */
+public final class CitizenConsent {
+
+ /**
+ * Mandatory attributes list.
+ */
+ private List<String> mandatoryList;
+
+ /**
+ * Optional attributes list.
+ */
+ private List<String> optionalList;
+
+ /**
+ * Citizen Consent default Constructor.
+ */
+ public CitizenConsent() {
+ this.mandatoryList = new ArrayList<String>();
+ this.optionalList = new ArrayList<String>();
+ }
+
+ /**
+ * Getter for the mandatoryList value.
+ *
+ * @return The mandatoryList value.
+ */
+ public List<String> getMandatoryList() {
+ return this.mandatoryList;
+ }
+
+ /**
+ * Setter for the mandatoryList value.
+ *
+ * @param mandatoryAttrList Mandatory parameters list.
+ */
+ public void setMandatoryList(final List<String> mandatoryAttrList) {
+ this.mandatoryList = mandatoryAttrList;
+ }
+
+ /**
+ * Setter for some mandatoryAttribute. Adds the input parameter to the
+ * mandatoryList.
+ *
+ * @param mandatoryAttr Attribute to add to the mandatoryList.
+ */
+ public void setMandatoryAttribute(final String mandatoryAttr) {
+ this.mandatoryList.add(mandatoryAttr);
+ }
+
+ /**
+ * Getter for the optionalList value.
+ *
+ * @return The optionalList value.
+ */
+ public List<String> getOptionalList() {
+ return optionalList;
+ }
+
+ /**
+ * Setter for the optionalList value.
+ *
+ * @param optAttrList Optional parameters list.
+ */
+ public void setOptionalList(final List<String> optAttrList) {
+ this.optionalList = optAttrList;
+ }
+
+ /**
+ * Setter for some optionalAttr. Adds the input parameter to the optionalList.
+ *
+ * @param optionalAttr Attribute to add to the optionalList.
+ */
+ public void setOptionalAttribute(final String optionalAttr) {
+ this.optionalList.add(optionalAttr);
+ }
+
+ /**
+ * Returns a string in the following format. "Mandatory attributes:
+ * mandatoryAttr1;mandatoryAttr2;mandatoryAttrN Optional attributes:
+ * optionalAttr1;optionalAttr2;optionalAttrN"
+ *
+ * @return {@inheritDoc}
+ */
+ public String toString() {
+ final StringBuilder strbldr = new StringBuilder(46);
+ strbldr.append("Mandatory attributes: ");
+ for (final String str : mandatoryList) {
+ strbldr.append(str).append(';');
+ }
+ strbldr.append(" Optional attributes: ");
+ for (final String str : optionalList) {
+ strbldr.append(str).append(';');
+ }
+ return strbldr.toString();
+ }
+
+}
diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/Country.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/Country.java
new file mode 100644
index 000000000..001f9317a
--- /dev/null
+++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/Country.java
@@ -0,0 +1,95 @@
+/*
+ * This work is Open Source and licensed by the European Commission under the
+ * conditions of the European Public License v1.1
+ *
+ * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1);
+ *
+ * any use of this file implies acceptance of the conditions of this license.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations
+ * under the License.
+ */
+package eu.stork.peps.auth.commons;
+
+import java.io.Serializable;
+
+/**
+ * This class is a bean used to store the information relative to the Country.
+ *
+ * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com,
+ * luis.felix@multicert.com, hugo.magalhaes@multicert.com,
+ * paulo.ribeiro@multicert.com
+ * @version $Revision: 1.10 $, $Date: 2010-11-17 05:15:28 $
+ */
+public final class Country implements Serializable {
+
+ /**
+ *
+ */
+ private static final long serialVersionUID = 1135994036496370993L;
+
+/**
+ * Country Id.
+ */
+ private String countryId;
+
+ /**
+ * Country Name.
+ */
+ private String countryName;
+
+ /**
+ * Country Constructor.
+ *
+ * @param cId Id of the Country.
+ * @param cName Name of the Country.
+ */
+ public Country(final String cId, final String cName) {
+
+ this.countryId = cId;
+ this.countryName = cName;
+ }
+
+ /**
+ * Getter for the countryId value.
+ *
+ * @return The countryId value.
+ */
+ public String getCountryId() {
+
+ return countryId;
+ }
+
+ /**
+ * Setter for the countryId value.
+ *
+ * @param cId Id of the Country.
+ */
+ public void setCountryId(final String cId) {
+
+ this.countryId = cId;
+ }
+
+ /**
+ * Getter for the countryName value.
+ *
+ * @return The countryName value.
+ */
+ public String getCountryName() {
+
+ return countryName;
+ }
+
+ /**
+ * Setter for the countryName value.
+ *
+ * @param name Name of the Country.
+ */
+ public void setCountryName(final String name) {
+
+ this.countryName = name;
+ }
+
+}
diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/CountryCodes.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/CountryCodes.java
new file mode 100644
index 000000000..54345f3ea
--- /dev/null
+++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/CountryCodes.java
@@ -0,0 +1,79 @@
+/*
+ * This work is Open Source and licensed by the European Commission under the
+ * conditions of the European Public License v1.1
+ *
+ * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1);
+ *
+ * any use of this file implies acceptance of the conditions of this license.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations
+ * under the License.
+ */
+package eu.stork.peps.auth.commons;
+
+import java.util.Arrays;
+import java.util.List;
+
+/**
+ * This class contains all the ISO 3166-1 Alpha 3 Country Codes.
+ *
+ * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com,
+ * luis.felix@multicert.com, hugo.magalhaes@multicert.com,
+ * paulo.ribeiro@multicert.com
+ * @version $Revision: 1.2 $, $Date: 2011-04-14 00:24:56 $
+ */
+public final class CountryCodes {
+
+ /**
+ * Private Constructor.
+ */
+ private CountryCodes() {
+
+ }
+
+ /**
+ * ISO 3166-1 Alpha 3 Country Codes.
+ */
+ private static List<String> countrysAlpha3 = Arrays.asList("ABW", "AFG",
+ "AGO", "AIA", "ALA", "ALB", "AND", "ANT", "ARE", "ARG", "ARM", "ASM",
+ "ATA", "ATF", "ATG", "AUS", "AUT", "AZE", "BDI", "BEL", "BEN", "BES",
+ "BFA", "BGD", "BGR", "BHR", "BHS", "BIH", "BLM", "BLR", "BLZ", "BMU",
+ "BOL", "BRA", "BRB", "BRN", "BTN", "BUR", "BVT", "BWA", "BYS", "CAF",
+ "CAN", "CCK", "CHE", "CHL", "CHN", "CIV", "CMR", "COD", "COG", "COK",
+ "COL", "COM", "CPV", "CRI", "CSK", "CUB", "CUW", "CXR", "CYM", "CYP",
+ "CZE", "DEU", "DJI", "DMA", "DNK", "DOM", "DZA", "ECU", "EGY", "ERI",
+ "ESH", "ESP", "EST", "ETH", "FIN", "FJI", "FLK", "FRA", "FRO", "FSM",
+ "GAB", "GBR", "GEO", "GGY", "GHA", "GIB", "GIN", "GLP", "GMB", "GNB",
+ "GNQ", "GRC", "GRD", "GRL", "GTM", "GUF", "GUM", "GUY", "HKG", "HMD",
+ "HND", "HRV", "HTI", "HUN", "IDN", "IMN", "IND", "IOT", "IRL", "IRN",
+ "IRQ", "ISL", "ISR", "ITA", "JAM", "JEY", "JOR", "JPN", "KAZ", "KEN",
+ "KGZ", "KHM", "KIR", "KNA", "KOR", "KWT", "LAO", "LBN", "LBR", "LBY",
+ "LCA", "LIE", "LKA", "LSO", "LTU", "LUX", "LVA", "MAC", "MAF", "MAR",
+ "MCO", "MDA", "MDG", "MDV", "MEX", "MHL", "MKD", "MLI", "MLT", "MMR",
+ "MNE", "MNG", "MNP", "MOZ", "MRT", "MSR", "MTQ", "MUS", "MWI", "MYS",
+ "MYT", "NAM", "NCL", "NER", "NFK", "NGA", "NIC", "NIU", "NLD", "NOR",
+ "NPL", "NRU", "NZL", "OMN", "PAK", "PAN", "PCN", "PER", "PHL", "PLW",
+ "PNG", "POL", "PRI", "PRK", "PRT", "PRY", "PSE", "PYF", "QAT", "REU",
+ "ROM", "ROU", "RUS", "RWA", "SAU", "SCG", "SDN", "SEN", "SGP", "SGS",
+ "SHN", "SJM", "SLB", "SLE", "SLV", "SMR", "SOM", "SPM", "SRB", "STP",
+ "SUR", "SVK", "SVN", "SXW", "SWE", "SWZ", "SYC", "SYR", "TCA", "TCD",
+ "TGO", "THA", "TJK", "TKL", "TKM", "TLS", "TMP", "TON", "TTO", "TUN",
+ "TUR", "TUV", "TWN", "TZA", "UGA", "UKR", "UMI", "URY", "USA", "UZB",
+ "VAT", "VCT", "VEN", "VGB", "VIR", "VNM", "VUT", "WLF", "WSM", "YEM",
+ "YUG", "ZAF", "ZAR", "ZMB", "ZWE");
+
+ /**
+ * Searches the CountryCode (3166-1 alpha3 format) an return true if it
+ * exists.
+ *
+ * @param countryCode The Country code to search.
+ *
+ * @return true if the CountryCode exists, false otherwise.
+ */
+ public static boolean hasCountryCodeAlpha3(final String countryCode) {
+
+ return CountryCodes.countrysAlpha3.contains(countryCode);
+ }
+}
diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/DateUtil.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/DateUtil.java
new file mode 100644
index 000000000..9c0bd6775
--- /dev/null
+++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/DateUtil.java
@@ -0,0 +1,169 @@
+/*
+ * This work is Open Source and licensed by the European Commission under the
+ * conditions of the European Public License v1.1
+ *
+ * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1);
+ *
+ * any use of this file implies acceptance of the conditions of this license.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations
+ * under the License.
+ */
+package eu.stork.peps.auth.commons;
+
+import java.sql.Timestamp;
+import java.util.GregorianCalendar;
+
+import org.apache.log4j.Logger;
+import org.joda.time.DateTime;
+import org.joda.time.Years;
+import org.joda.time.format.DateTimeFormat;
+import org.joda.time.format.DateTimeFormatter;
+
+import eu.stork.peps.auth.commons.exceptions.SecurityPEPSException;
+
+/**
+ * This class holds static helper methods for Date Operations.
+ *
+ * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com,
+ * luis.felix@multicert.com, hugo.magalhaes@multicert.com,
+ * paulo.ribeiro@multicert.com
+ * @version $Revision: 1.4 $, $Date: 2010-11-17 05:15:28 $
+ */
+public final class DateUtil {
+
+ /**
+ * Logger object.
+ */
+ private static final Logger LOG = Logger.getLogger(DateUtil.class.getName());
+
+ /**
+ * yyyy Date format size.
+ */
+ private static final int YEAR_DATE_SIZE = 4;
+
+ /**
+ * yyyyMM Date format size.
+ */
+ private static final int MONTH_DATE_SIZE = 6;
+
+ /**
+ * Private constructor. Prevents the class from being instantiated.
+ */
+ private DateUtil() {
+ // empty constructor
+ }
+
+ /**
+ * Fulfils dateValue with a valid date. The following roles are applied: a) If
+ * the dateValue only contains the year then fulfils with last year's day.
+ * e.g. this method returns 19951231 to the 1995 dateValue. b) If the
+ * dateValue contains the year and the month then fulfils with last month's
+ * day. e.g. this method returns 19950630 to the 199505 dateValue.
+ *
+ * @param dateValue The date to be fulfilled.
+ *
+ * @return The dateValue fulfilled.
+ */
+ private static String fulfilDate(final String dateValue) {
+
+ final StringBuffer strBuf = new StringBuffer();
+ strBuf.append(dateValue);
+ // if the IdP just provides the year then we must fullfil the date.
+ if (dateValue.length() == YEAR_DATE_SIZE) {
+ strBuf.append(PEPSValues.LAST_MONTH.toString());
+ }
+ // if the IdP provides the year and the month then we must fullfil the
+ // date.
+ if (dateValue.length() == MONTH_DATE_SIZE
+ || strBuf.length() == MONTH_DATE_SIZE) {
+ // IdP doesn't provide the day, so we will use DateTime to
+ // calculate it.
+ final String noDayCons = PEPSValues.NO_DAY_DATE_FORMAT.toString();
+ final DateTimeFormatter fmt = DateTimeFormat.forPattern(noDayCons);
+ final DateTime dateTime = fmt.parseDateTime(strBuf.toString());
+ // Append the last month's day.
+ strBuf.append(dateTime.dayOfMonth().withMaximumValue().getDayOfMonth());
+ }
+
+ return strBuf.toString();
+ }
+
+ /**
+ * Validates the dateValue format: a) if has a valid size; b) if has a numeric
+ * value; Note: dateValue must have the format yyyyMMdd.
+ *
+ * @param dateValueTmp The date to be validated.
+ * @param pattern The accepted date format.
+ *
+ * @return true if the date has a valid format.
+ */
+ public static boolean isValidFormatDate(final String dateValueTmp,
+ final String pattern) {
+
+ boolean retVal = true;
+ try {
+ final String dateValue = DateUtil.fulfilDate(dateValueTmp);
+
+ final DateTimeFormatter fmt = DateTimeFormat.forPattern(pattern);
+ fmt.parseDateTime(dateValue);
+ } catch (final Exception e) {
+ // We catch Exception because we only have to return false
+ // value!
+ retVal = false;
+ }
+ return retVal;
+ }
+
+ /**
+ * Calculates the age for a given date string.
+ *
+ * @param dateVal The date to be validated.
+ * @param now The current date.
+ * @param pattern The date pattern.
+ *
+ * @return The age value.
+ */
+ public static int calculateAge(final String dateVal, final DateTime now,
+ final String pattern) {
+
+ if (DateUtil.isValidFormatDate(dateVal, pattern)) {
+ try {
+ final String dateValueTemp = DateUtil.fulfilDate(dateVal);
+ final DateTimeFormatter fmt = DateTimeFormat.forPattern(pattern);
+ final DateTime dateTime = fmt.parseDateTime(dateValueTemp);
+ // Calculating age
+ final Years age = Years.yearsBetween(dateTime, now);
+
+ return age.getYears();
+ } catch (final IllegalArgumentException e) {
+ LOG.warn("Invalid date format (" + pattern
+ + ") or an invalid dateValue.");
+ throw new SecurityPEPSException(
+ PEPSUtil.getConfig(PEPSErrors.INVALID_ATTRIBUTE_VALUE.errorCode()),
+ PEPSUtil.getConfig(PEPSErrors.INVALID_ATTRIBUTE_VALUE.errorMessage()),
+ e);
+ }
+ } else {
+ LOG.warn("Couldn't calculate Age, invalid date!");
+ throw new SecurityPEPSException(
+ PEPSUtil.getConfig(PEPSErrors.INVALID_ATTRIBUTE_VALUE.errorCode()),
+ PEPSUtil.getConfig(PEPSErrors.INVALID_ATTRIBUTE_VALUE.errorMessage()));
+ }
+
+ }
+
+ /**
+ * Generates the current timestamp.
+ *
+ * @return timestamp The current timestamp
+ */
+ public static Timestamp currentTimeStamp() {
+ final GregorianCalendar cal = new GregorianCalendar();
+ final long millis = cal.getTimeInMillis();
+ return new Timestamp(millis);
+ }
+
+}
diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/IAttributeListProcessor.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/IAttributeListProcessor.java
new file mode 100644
index 000000000..b13c70f04
--- /dev/null
+++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/IAttributeListProcessor.java
@@ -0,0 +1,148 @@
+package eu.stork.peps.auth.commons;
+
+import java.util.List;
+import java.util.Map;
+
+/**
+ * Interface for {@link AttributeListProcessor}.
+ *
+ * @author ricardo.ferreira@multicert.com
+ *
+ * @version $Revision: $, $Date: $
+ *
+ * @see IPersonalAttributeList
+ */
+public interface IAttributeListProcessor {
+
+ /**
+ * Checks if attribute list only contains allowed attributes.
+ *
+ * @param attrList the requested attribute list
+ * @param attributes the allowed attributes
+ *
+ * @return true is all the attributes are allowed.
+ *
+ * @see IPersonalAttributeList
+ */
+ boolean hasAllowedAttributes(final IPersonalAttributeList attrList, final List<String> attributes);
+
+ /**
+ * Lookup for business attribute.
+ *
+ * @param attrList the requested attribute list
+ * @param normalAttributes the normal attributes
+ *
+ * @return true is at least one business attribute was requested.
+ *
+ * @see IPersonalAttributeList
+ */
+ boolean hasBusinessAttributes(final IPersonalAttributeList attrList, final List<String> normalAttributes);
+
+ /**
+ * Lookup for business attribute in normal attribute list (loaded by
+ * implementation).
+ *
+ * @param attrList the requested attribute list
+ *
+ * @return true is at least one business attribute was requested.
+ *
+ * @see IPersonalAttributeList
+ */
+ boolean hasBusinessAttributes(final IPersonalAttributeList attrList);
+
+ /**
+ * Adds eIdentifier, name, surname, and DateOfBirth attributes to get business
+ * attributes from some AP.
+ *
+ * @param attrList the requested attribute list
+ * @param attributes the list of attributes to add (eIdentifier, name,
+ * surname, and DateOfBirth).
+ *
+ * @return the requested attribute list and the new attributes added
+ * (eIdentifier, name, surname, and DateOfBirth).
+ *
+ * @see IPersonalAttributeList
+ */
+ IPersonalAttributeList addAPMandatoryAttributes(final IPersonalAttributeList attrList, final List<String> attributes);
+
+ /**
+ * Adds eIdentifier, name, surname, and DateOfBirth attributes, loaded by
+ * implementation, to get business attributes from some AP.
+ *
+ * @param attrList the requested attribute list
+ *
+ * @return the requested attribute list and the new attributes added
+ * (eIdentifier, name, surname, and DateOfBirth).
+ *
+ * @see IPersonalAttributeList
+ */
+ IPersonalAttributeList addAPMandatoryAttributes(final IPersonalAttributeList attrList);
+
+ /**
+ * Removes from attribute list the given list of attributes.
+ *
+ * @param attrList the requested attribute list
+ * @param attributes the list of attributes to remove.
+ *
+ * @return the requested attribute list and the attributes removed.
+ *
+ * @see IPersonalAttributeList
+ */
+ IPersonalAttributeList removeAPMandatoryAttributes(final IPersonalAttributeList attrList, final List<String> attributes);
+
+ /**
+ * Removes from attribute list the given list of attributes and change
+ * attributes status if attribute was optional in the request.
+ *
+ * @param attrList the requested attribute list
+ * @param attributes the map of attributes (attribute name, mandatory/optional) to remove.
+ *
+ * @return the requested attribute list and the attributes removed
+ *
+ * @see IPersonalAttributeList
+ */
+ IPersonalAttributeList removeAPMandatoryAttributes(IPersonalAttributeList attrList, Map<String, Boolean> attributes);
+
+ /**
+ * Checks if mandate attribute exist in the requested Attribute List. Power
+ * attribute name to lookup is loaded by implementation.
+ *
+ * @param attrList the requested attribute list.
+ *
+ * @return true if mandate attribute exists or false otherwise.
+ *
+ * @see IPersonalAttributeList
+ */
+ boolean hasPowerAttribute(final IPersonalAttributeList attrList);
+
+ /**
+ * Checks if attribute name was requested and has value.
+ *
+ * @param attrList the requested attribute list.
+ * @param attrName the attribute name to lookup for .
+ *
+ * @return true if attribute was requested and has value or false otherwise.
+ *
+ * @see IPersonalAttributeList
+ */
+ boolean hasAttributeValue(final IPersonalAttributeList attrList, final String attrName);
+
+ /**
+ * Checks if attribute has value.
+ *
+ * @param attr the attribute to check.
+ *
+ * @return true if has value;
+ *
+ * @see PersonalAttribute
+ */
+ boolean hasAttributeValue(final PersonalAttribute attr);
+
+ /**
+ * Gets a map (attribute name, attribute isRequired) of attributes added to attribute list.
+ *
+ * @return the Map of attributes added and if is required to attribute list.
+ */
+ Map<String, Boolean> getNormalAttributesAdded();
+
+} \ No newline at end of file
diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/IAttributeProvidersMap.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/IAttributeProvidersMap.java
new file mode 100644
index 000000000..733399ca3
--- /dev/null
+++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/IAttributeProvidersMap.java
@@ -0,0 +1,82 @@
+package eu.stork.peps.auth.commons;
+
+import java.util.Iterator;
+
+/**
+ * Interface for Attributes Providers map.
+ *
+ * @author Stelios Lelis (stelios.lelis@aegean.gr), Elias Pastos (ilias@aegean.gr)
+ *
+ * @version $Revision: 1.00 $, $Date: 2013-09-20 $
+ */
+public interface IAttributeProvidersMap {
+
+ /**
+ * Returns the object associated the the given key.
+ *
+ * @param key with which the specified value is to be associated.
+ *
+ * @return The object associated the the given key.
+ */
+ IPersonalAttributeList get(AttributeSource key);
+
+ /**
+ * Associates a key to a value, and inserts them in the session object.
+ *
+ * @param key with which the specified value is to be associated.
+ * @param value to be associated with the specified key.
+ *
+ * @return previous value associated with specified key, or null if there was
+ * no mapping for key. A null return can also indicate that the map
+ * previously associated null with the specified key.
+ */
+ Object put(AttributeSource key, IPersonalAttributeList value);
+
+ /**
+ * Removes the mapping for this key.
+ *
+ * @param key with which the specified value is to be associated.
+ *
+ * @return previous value associated with specified key, or null if there was
+ * no mapping for key. A null return can also indicate that the map
+ * previously associated null with the specified key.
+ */
+ IPersonalAttributeList remove(AttributeSource key);
+
+ /**
+ * Returns the number of key-value mappings in this map.
+ *
+ * @return the number of key-value mappings in this map.
+ */
+ int size();
+
+ /**
+ * Returns true if this map contains a mapping for the specified key.
+ *
+ * @param key with which the specified value is to be associated.
+ *
+ * @return true if this map contains a mapping for the specified key.
+ */
+ boolean containsKey(AttributeSource key);
+
+ /**
+ * Removes all mappings from this map.
+ */
+ void clear();
+
+ /**
+ * Returns true if this map contains no key-value mappings.
+ *
+ * @return true if this map contains no key-value mappings.
+ */
+ boolean isEmpty();
+
+ /**
+ * Returns an Iterator of the keys contained in this map. The implementation must
+ * take care in order for the Iterator to have predictable order of the returned
+ * keys.
+ *
+ * @return an iterator of the keys contained in this map
+ */
+ Iterator<AttributeSource> keyIterator();
+}
diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/IPersonalAttributeList.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/IPersonalAttributeList.java
new file mode 100644
index 000000000..b24c915c0
--- /dev/null
+++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/IPersonalAttributeList.java
@@ -0,0 +1,194 @@
+/*
+ * This work is Open Source and licensed by the European Commission under the
+ * conditions of the European Public License v1.1
+ *
+ * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1);
+ *
+ * any use of this file implies acceptance of the conditions of this license.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations
+ * under the License.
+ */
+package eu.stork.peps.auth.commons;
+
+import java.util.Collection;
+import java.util.Iterator;
+import java.util.Set;
+
+/**
+ * Interface for {@link PersonalAttributeList}.
+ *
+ * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com,
+ * luis.felix@multicert.com, hugo.magalhaes@multicert.com,
+ * paulo.ribeiro@multicert.com
+ * @version $Revision: 1.16 $, $Date: 2010-11-17 05:15:28 $
+ *
+ * @see PersonalAttribute
+ */
+@SuppressWarnings("PMD.CloneMethodMustImplementCloneable")
+public interface IPersonalAttributeList extends Iterable<PersonalAttribute>,
+ Cloneable {
+
+ /**
+ * Associates the specified value with the specified key in this Personal
+ * Attribute List.
+ *
+ * @param key with which the specified value is to be associated.
+ * @param value to be associated with the specified key.
+ *
+ * @return the previous value associated with key, or null if there was no
+ * mapping for key.
+ *
+ * @see PersonalAttribute
+ */
+ PersonalAttribute put(String key, PersonalAttribute value);
+
+ /**
+ * Returns the value to which the specified key is mapped, or null if this map
+ * contains no mapping for the key.
+ *
+ * @param key whose associated value is to be returned.
+ *
+ * @return The value to which the specified key is mapped, or null if this map
+ * contains no mapping for the key.
+ *
+ * @see PersonalAttribute
+ */
+ PersonalAttribute get(Object key);
+
+ /**
+ * Adds to the PersonalAttributeList the given PersonalAttribute. It sets the
+ * attribute name as the key to the attribute value.
+ *
+ * @param value PersonalAttribute to add to the PersonalAttributeList
+ */
+ void add(PersonalAttribute value);
+
+ /**
+ * Get the size of the Personal Attribute List.
+ *
+ * @return size of the Personal Attribute List.
+ */
+ int size();
+
+ /**
+ * Checks if the Personal Attribute List contains the given key.
+ *
+ * @param key with which the specified value is to be associated.
+ *
+ * @return true if the Personal Attribute List contains the given key, false
+ * otherwise.
+ */
+ boolean containsKey(Object key);
+
+ /**
+ * Getter for the iterator of the Personal Attribute List values.
+ *
+ * @return The iterator for the Personal Attribute List values.
+ *
+ * @see PersonalAttribute
+ */
+ Iterator<PersonalAttribute> iterator();
+
+ /**
+ * Creates a Personal Attribute List from a String representing an Attribute
+ * List.
+ *
+ * @param attrList String Object representing the attribute list.
+ */
+ void populate(String attrList);
+
+ /**
+ * Removes the mapping for this key from this map if present.
+ *
+ * @param key key whose mapping is to be removed from the map.
+ * @return previous value associated with specified key, or <tt>null</tt> if
+ * there was no mapping for key. A <tt>null</tt> return can also
+ * indicate that the map previously associated <tt>null</tt> with the
+ * specified key.
+ */
+ PersonalAttribute remove(Object key);
+
+ /**
+ * Returns a collection view of the values contained in this map. The
+ * collection is backed by the map, so changes to the map are reflected in the
+ * collection, and vice-versa. The collection supports element removal, which
+ * removes the corresponding mapping from this map, via the
+ * <tt>Iterator.remove</tt>, <tt>Collection.remove</tt>, <tt>removeAll</tt>,
+ * <tt>retainAll</tt>, and <tt>clear</tt> operations. It does not support the
+ * <tt>add</tt> or <tt>addAll</tt> operations.
+ *
+ * @return a collection view of the values contained in this map.
+ */
+ Collection<PersonalAttribute> values();
+
+ /**
+ * Returns a {@link Set} view of the keys contained in this map.
+ * The set is backed by the map, so changes to the map are
+ * reflected in the set, and vice-versa. If the map is modified
+ * while an iteration over the set is in progress (except through
+ * the iterator's own <tt>remove</tt> operation), the results of
+ * the iteration are undefined. The set supports element removal,
+ * which removes the corresponding mapping from the map, via the
+ * <tt>Iterator.remove</tt>, <tt>Set.remove</tt>,
+ * <tt>removeAll</tt>, <tt>retainAll</tt>, and <tt>clear</tt>
+ * operations. It does not support the <tt>add</tt> or <tt>addAll</tt>
+ * operations.
+ *
+ * @return a set view of the keys contained in this map
+ */
+ Set<String> keySet();
+
+
+ /**
+ * Returns a IPersonalAttributeList of the complex attributes.
+ *
+ * @return an IPersonalAttributeList of the complex attributes.
+ */
+ IPersonalAttributeList getComplexAttributes();
+
+ /**
+ * Returns a IPersonalAttributeList of the simple value attributes.
+ *
+ * @return an IPersonalAttributeList of the simple value attributes.
+ */
+ IPersonalAttributeList getSimpleValueAttributes();
+
+ /**
+ * Returns a IPersonalAttributeList of the mandatory attributes in this map.
+ *
+ * @return an IPersonalAttributeList of the mandatory attributes contained in this map.
+ */
+ IPersonalAttributeList getMandatoryAttributes();
+
+ /**
+ * Returns a IPersonalAttributeList of the optional attributes in this map.
+ *
+ * @return an IPersonalAttributeList of the optional attributes contained in this map.
+ */
+ IPersonalAttributeList getOptionalAttributes();
+
+ /**
+ * Returns <tt>true</tt> if this map contains no key-value mappings.
+ *
+ * @return <tt>true</tt> if this map contains no key-value mappings.
+ */
+ boolean isEmpty();
+
+ /**
+ * Returns <tt>true</tt> if this map contains at least one element that doesn't have value.
+ *
+ * @return <tt>true</tt> if this map contains at least one element that doesn't have value.
+ */
+ boolean hasMissingValues();
+
+ /**
+ * Returns a copy of this <tt>IPersonalAttributeList</tt> instance.
+ *
+ * @return The copy of this IPersonalAttributeList.
+ */
+ Object clone() throws CloneNotSupportedException;
+
+}
diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/IStorkLogger.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/IStorkLogger.java
new file mode 100644
index 000000000..33eb618f0
--- /dev/null
+++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/IStorkLogger.java
@@ -0,0 +1,239 @@
+/*
+ * This work is Open Source and licensed by the European Commission under the
+ * conditions of the European Public License v1.1
+ *
+ * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1);
+ *
+ * any use of this file implies acceptance of the conditions of this license.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations
+ * under the License.
+ */
+package eu.stork.peps.auth.commons;
+
+/**
+ * Interface for stork logging.
+ *
+ * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com,
+ * luis.felix@multicert.com, hugo.magalhaes@multicert.com,
+ * paulo.ribeiro@multicert.com
+ * @version $Revision: 1.10 $, $Date: 2011-02-17 22:44:34 $
+ */
+public interface IStorkLogger {
+
+ /**
+ * Getter for SpApplication.
+ *
+ * @return The SpApplication value.
+ */
+ String getSpApplication();
+
+ /**
+ * Setter for SpApplication.
+ *
+ * @param spApplication The SP Application.
+ */
+ void setSpApplication(String spApplication);
+
+ /**
+ * Getter for ProviderName.
+ *
+ * @return The ProviderName value.
+ */
+ String getProviderName();
+
+ /**
+ * Setter for ProviderName.
+ *
+ * @param providerName The provider name.
+ */
+ void setProviderName(String providerName);
+
+ /**
+ *
+ * Getter for Origin.
+ *
+ * @return The Origin value.
+ *
+ */
+ String getOrigin();
+
+ /**
+ * Setter for Origin.
+ *
+ * @param origin The origin.
+ */
+ void setOrigin(String origin);
+
+ /**
+ *
+ * Getter for QAA Level.
+ *
+ * @return The QAA Level value.
+ *
+ */
+ int getQaaLevel();
+
+ /**
+ * Setter for QAA Level.
+ *
+ * @param qaaLevel The qaa level.
+ */
+ void setQaaLevel(int qaaLevel);
+
+ /**
+ *
+ * Getter for timestamp.
+ *
+ * @return The timestamp value.
+ *
+ */
+ String getTimestamp();
+
+ /**
+ * Setter for timestamp.
+ *
+ * @param timestamp The request's timestamp.
+ */
+ void setTimestamp(String timestamp);
+
+ /**
+ * Getter for InResponseTo.
+ *
+ * @return The InResponseTo value.
+ */
+ String getInResponseTo();
+
+ /**
+ * Setter for InResponseTo.
+ *
+ * @param inResponseTo The Saml's response id.
+ */
+ void setInResponseTo(String inResponseTo);
+
+ /**
+ * Getter for InResponseToSPReq.
+ *
+ * @return The InResponseToSPReq value.
+ */
+ String getInResponseToSPReq();
+
+ /**
+ * Setter for InResponseToSPRequ.
+ *
+ * @param inResponseToSPReq The Saml's response id.
+ */
+ void setInResponseToSPReq(String inResponseToSPReq);
+
+ /**
+ * Getter for opType.
+ *
+ * @return The opType value.
+ */
+ String getOpType();
+
+ /**
+ * Setter for opType.
+ *
+ * @param opType The operation type.
+ */
+ void setOpType(String opType);
+
+ /**
+ * Getter for destination.
+ *
+ * @return The destination value.
+ */
+ String getDestination();
+
+ /**
+ * Setter for destinationIp.
+ *
+ * @param destination The remote IP.
+ */
+ void setDestination(String destination);
+
+ /**
+ * Getter for message or assertion consumer.
+ *
+ * @return The message or assertion consumer.
+ */
+ String getMessage();
+
+ /**
+ * Setter for message or assertion consumer.
+ *
+ * @param message or assertion consumer.
+ */
+ void setMessage(String message);
+
+ /**
+ * Getter for country.
+ *
+ * @return The country value.
+ */
+ String getCountry();
+
+ /**
+ * Setter for country.
+ *
+ * @param country The country.
+ */
+ void setCountry(String country);
+
+ /**
+ * Getter for samlHash.
+ *
+ * @return The samlHash value.
+ */
+ byte[] getSamlHash();
+
+ /**
+ * Setter for samlHash.
+ *
+ * @param samlHash the encrypted SAML token
+ */
+ void setSamlHash(byte[] samlHash);
+
+ /**
+ * Getter for msgId.
+ *
+ * @return the msgId
+ */
+ String getMsgId();
+
+ /**
+ * Setter for msgId.
+ *
+ * @param msgId the ID of the originator of this message
+ */
+ void setMsgId(String msgId);
+
+ /**
+ * Getter for sPMsgId.
+ *
+ * @return the sPMsgId
+ */
+ String getSPMsgId();
+
+ /**
+ * Setter for sPMsgId.
+ *
+ * @param sPMsgId the ID of the originator of this message
+ */
+ void setSPMsgId(String sPMsgId);
+
+ /**
+ * The format of the returned String must be the following:
+ * "requestCounter#ddMMMyyyykk:mm:ss#opType#originIp#originName
+ * #destinationIp#destinationName#samlHash#[originatorName#msgId#]"
+ *
+ * The values enclosed in '[]' only apply when logging responses.
+ *
+ * @return {@inheritDoc}
+ */
+ @Override
+ String toString();
+}
diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/IStorkSession.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/IStorkSession.java
new file mode 100644
index 000000000..f38b41838
--- /dev/null
+++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/IStorkSession.java
@@ -0,0 +1,85 @@
+/*
+ * This work is Open Source and licensed by the European Commission under the
+ * conditions of the European Public License v1.1
+ *
+ * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1);
+ *
+ * any use of this file implies acceptance of the conditions of this license.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations
+ * under the License.
+ */
+package eu.stork.peps.auth.commons;
+
+/**
+ * Interface for stork session.
+ *
+ * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com,
+ * luis.felix@multicert.com, hugo.magalhaes@multicert.com,
+ * paulo.ribeiro@multicert.com
+ * @version $Revision: 1.9 $, $Date: 2010-11-17 05:15:28 $
+ */
+public interface IStorkSession {
+
+ /**
+ * Returns the object associated the the given key.
+ *
+ * @param key with which the specified value is to be associated.
+ *
+ * @return The object associated the the given key.
+ */
+ Object get(Object key);
+
+ /**
+ * Associates a key to a value, and inserts them in the session object.
+ *
+ * @param key with which the specified value is to be associated.
+ * @param value to be associated with the specified key.
+ *
+ * @return previous value associated with specified key, or null if there was
+ * no mapping for key. A null return can also indicate that the map
+ * previously associated null with the specified key.
+ */
+ Object put(String key, Object value);
+
+ /**
+ * Removes the mapping for this key.
+ *
+ * @param key with which the specified value is to be associated.
+ *
+ * @return previous value associated with specified key, or null if there was
+ * no mapping for key. A null return can also indicate that the map
+ * previously associated null with the specified key.
+ */
+ Object remove(Object key);
+
+ /**
+ * Returns the number of key-value mappings in this map.
+ *
+ * @return the number of key-value mappings in this map.
+ */
+ int size();
+
+ /**
+ * Returns true if this map contains a mapping for the specified key.
+ *
+ * @param key with which the specified value is to be associated.
+ *
+ * @return true if this map contains a mapping for the specified key.
+ */
+ boolean containsKey(Object key);
+
+ /**
+ * Removes all mappings from this map.
+ */
+ void clear();
+
+ /**
+ * Returns true if this map contains no key-value mappings.
+ *
+ * @return true if this map contains no key-value mappings.
+ */
+ boolean isEmpty();
+}
diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/Linker.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/Linker.java
new file mode 100644
index 000000000..6e7c891da
--- /dev/null
+++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/Linker.java
@@ -0,0 +1,316 @@
+package eu.stork.peps.auth.commons;
+
+import java.io.Serializable;
+import java.util.ArrayList;
+import java.util.Iterator;
+import java.util.LinkedHashMap;
+import java.util.List;
+
+import org.apache.log4j.Logger;
+
+/**
+ * This class is a bean used to store the information of Attribute Providers, the Attribute
+ * List to be requested, the Assertions returned by the Attribute Providers and the values
+ * that each Attribute has. This information along with the current status of the Linker (the
+ * attribute providers that were queried and the remaining providers) is used by the PEPS
+ * actions in order to complete the Attribute gathering.
+ *
+ * @author Stelios Lelis (stelios.lelis@aegean.gr), Elias Pastos (ilias@aegean.gr)
+ *
+ * @version $Revision: 1.50 $, $Date: 2013-11-28 $
+ */
+public final class Linker implements Serializable {
+ /**
+ * Unique identifier.
+ */
+ private static final long serialVersionUID = -3268006381745987237L;
+
+ /**
+ * Logger object.
+ */
+ private static final Logger LOG = Logger.getLogger(Linker.class.getName());
+
+ /**
+ * Attributes Providers map.
+ */
+ private IAttributeProvidersMap attributeProvidersMap;
+
+ /**
+ * Assertion map.
+ */
+ private LinkedHashMap<AttributeSource, STORKAttrQueryResponse> assertions;
+
+ /**
+ * The current index of local (domestic) Attribute Providers.
+ */
+ private int localIndex;
+
+ /**
+ * The current index of remote (foreign) Attribute Providers - countries.
+ */
+ private int remoteIndex;
+
+ /**
+ * Constructs an empty Linker object.
+ */
+ public Linker() {
+ localIndex = 0;
+ remoteIndex = 0;
+
+ assertions = new LinkedHashMap<AttributeSource, STORKAttrQueryResponse>();
+ }
+
+ /**
+ * Based on the internal state of the Linker it returns the next local Attribute Source
+ *
+ * @return The next Attribute Source or null if not found
+ *
+ * @see AttributeSource
+ */
+ public AttributeSource getNextLocalProvider() {
+ Iterator<AttributeSource> iterator;
+ AttributeSource source, found;
+ int curIndex = 0;
+
+ found = null;
+
+ if ( attributeProvidersMap!=null && !attributeProvidersMap.isEmpty() ) {
+ iterator = attributeProvidersMap.keyIterator();
+ while (iterator.hasNext()) {
+ source = iterator.next();
+
+ if ( source.getSourceType()==AttributeSource.SOURCE_LOCAL_APROVIDER ) {
+ if ( curIndex>=localIndex ) {
+ found = source;
+
+ break;
+ }
+
+ curIndex++;
+ }
+ }
+ }
+
+ return found;
+ }
+
+ /**
+ * Based on the internal state of the Linker it returns the next remote Attribute Source
+ *
+ * @return The next Attribute Source or null if not found
+ *
+ * @see AttributeSource
+ */
+ public AttributeSource getNextRemoteProvider() {
+ Iterator<AttributeSource> iterator;
+ AttributeSource source, found;
+ int curIndex = 0;
+
+ found = null;
+
+ if ( attributeProvidersMap !=null && !attributeProvidersMap.isEmpty() ) {
+ iterator = attributeProvidersMap.keyIterator();
+ while (iterator.hasNext()) {
+ source = iterator.next();
+
+ if ( source.getSourceType()==AttributeSource.SOURCE_REMOTE_COUNTRY ) {
+ if ( curIndex>=remoteIndex ) {
+ found = source;
+
+ break;
+ }
+
+ curIndex++;
+ }
+ }
+ }
+
+ return found;
+ }
+
+ /**
+ * It updates the Linker with the values returned by the Attribute Source. It also advances
+ * to the next index in order to mark this attribute source as completed.
+ *
+ * @param source The Attribute Source that was queried for attribute values.
+ * @param attrResponse The attrResponse returned by the Attribute Source that contains the attribute values.
+ *
+ * @see AttributeSource, STORKAttrQueryResponse
+ */
+ public void setProviderReponse(AttributeSource source, STORKAttrQueryResponse attrResponse) {
+ if ( source.getSourceType()==AttributeSource.SOURCE_REMOTE_COUNTRY )
+ remoteIndex++;
+ else
+ localIndex++;
+
+ //Assertion storage
+ this.assertions.put(source, attrResponse);
+
+ this.attributeProvidersMap.put(source, attrResponse.getPersonalAttributeList());
+ //this.attributeProvidersMap.put(source, attrResponse.getTotalPersonalAttributeList());
+ }
+
+ /**
+ * Reset the internal state of the local Attribute Source in order to start over.
+ */
+ public void resetLocalIndex() {
+ localIndex = 0;
+ }
+
+ /**
+ * Reset the internal state of the remote Attribute Source in order to start over.
+ */
+ public void resetRemoteIndex() {
+ remoteIndex = 0;
+ }
+
+ /**
+ * Setter for attributeProvidersMap.
+ *
+ * @param attributeProvidersMap The attributeProvidersMap to set.
+ */
+ public void setAttributeProvidersMap(IAttributeProvidersMap attributeProvidersMap) {
+ this.attributeProvidersMap = attributeProvidersMap;
+ }
+
+ /**
+ * Getter for attributeProvidersMap.
+ *
+ * @return attributeProvidersMap
+ */
+ public IAttributeProvidersMap getAttributeProvidersMap() {
+ return attributeProvidersMap;
+ }
+
+ /**
+ * Returns the Personal Attribute list of the provided Attribute Source.
+ *
+ * @param source The attributeSource in reference
+ *
+ * @return The IPersonalAttributeList assosiated with this source or null if empty
+ *
+ * @see IPersonalAttributeList
+ */
+ public IPersonalAttributeList getProviderAttributes(AttributeSource source) {
+ if ( attributeProvidersMap.containsKey(source) )
+ return attributeProvidersMap.get(source);
+ else
+ return null;
+ }
+
+ /**
+ * Returns the merged Personal Attribute list from all the Attribute Sources.
+ *
+ * @return The IPersonalAttributeList merged Personal Attribute list or null if empty
+ *
+ * @see IPersonalAttributeList
+ */
+ public IPersonalAttributeList getAllAttributes() {
+ Iterator<AttributeSource> iterator;
+ AttributeSource source;
+ IPersonalAttributeList list, merged;
+
+ merged = null;
+
+ if ( attributeProvidersMap !=null && !attributeProvidersMap.isEmpty() ) {
+ iterator = attributeProvidersMap.keyIterator();
+
+ merged = new PersonalAttributeList();
+ while (iterator.hasNext()) {
+ source = iterator.next();
+ list = this.getProviderAttributes(source);
+
+ for (final PersonalAttribute pa : list) {
+ merged.add(pa);
+ }
+ }
+ }
+
+ return merged;
+ }
+
+ /**
+ * Returns a List with all the assertions gathered by the AAS-PEPS module
+ * returned both by local APs or remote A-PEPS.
+ *
+ * @return The assertions returned from the APs and A-PEPS
+ */
+ public List<STORKAttrQueryResponse> getAttrQueryResponseList() {
+ List<STORKAttrQueryResponse> originalAssertions;
+
+ originalAssertions = new ArrayList<STORKAttrQueryResponse>();
+
+ //Gather all assertions
+ for (STORKAttrQueryResponse element : this.assertions.values()) {
+ originalAssertions.add(element);
+ }
+
+ return originalAssertions;
+ }
+
+ /**
+ * Checks the internal state of the Linker and if all Attribute Sources where visited
+ * returns true, otherwise it returns false. So if you go directly from AtPLinkerAction
+ * to MoreAttributesAction the call will have, since the method setProviderReponse
+ * was not executed from every Attribute Source.
+ *
+ * @return true if everything is OK, false otherwise
+ */
+ public boolean isComplete() {
+ boolean outcome = false;
+
+ LOG.debug("Check if linkder is complete: R[" + remoteIndex + "], L[" + localIndex + "], S[" + attributeProvidersMap.size() + "]");
+ if ( attributeProvidersMap !=null && !attributeProvidersMap.isEmpty() ) {
+ if ( (remoteIndex + localIndex)==attributeProvidersMap.size() )
+ outcome = true;
+ }
+ else {
+ outcome = true;
+ }
+
+ return outcome;
+ }
+
+ /**
+ * Merge the two Linker objects.
+ *
+ * @param previous The other Linker object to merge with this one.
+ */
+ public void mergeWith(Linker previous) {
+ //BEFORE
+ if ( LOG.isDebugEnabled() ) {
+ LOG.debug("The attributeProvidersMap from the current object.");
+ ((AttributeProvidersMap)this.attributeProvidersMap).trace();
+ LOG.debug("The attributeProvidersMap from the provided object.");
+ ((AttributeProvidersMap)previous.getAttributeProvidersMap()).trace();
+ }
+
+ IAttributeProvidersMap map = previous.getAttributeProvidersMap();
+ Iterator<AttributeSource> items = map.keyIterator();
+ while( items.hasNext() ) {
+ AttributeSource item = items.next();
+ IPersonalAttributeList pal = map.get(item);
+
+ if ( this.attributeProvidersMap.containsKey(item) ) {
+ IPersonalAttributeList new_pal = this.attributeProvidersMap.get(item);
+
+ for(PersonalAttribute pa : pal)
+ new_pal.add(pa);
+ }
+ else {
+ if ( item.getSourceType()==AttributeSource.SOURCE_REMOTE_COUNTRY )
+ remoteIndex++;
+ else
+ localIndex++;
+
+ this.attributeProvidersMap.put(item, pal);
+ }
+ }
+
+ //AFTER
+ if ( LOG.isDebugEnabled() ) {
+ LOG.debug("The attributeProvidersMap after the merge.");
+ ((AttributeProvidersMap)this.attributeProvidersMap).trace();
+ }
+ }
+} \ No newline at end of file
diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PEPSErrors.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PEPSErrors.java
new file mode 100644
index 000000000..5da9ba494
--- /dev/null
+++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PEPSErrors.java
@@ -0,0 +1,392 @@
+/*
+ * This work is Open Source and licensed by the European Commission under the
+ * conditions of the European Public License v1.1
+ *
+ * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1);
+ *
+ * any use of this file implies acceptance of the conditions of this license.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations
+ * under the License.
+ */
+package eu.stork.peps.auth.commons;
+
+/**
+ * This enum class contains all the STORK PEPS, Commons and Specific errors
+ * constant identifiers.
+ *
+ * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com,
+ * luis.felix@multicert.com, hugo.magalhaes@multicert.com,
+ * paulo.ribeiro@multicert.com
+ * @version $Revision: 1.10 $, $Date: 2011-02-17 22:44:34 $
+ */
+public enum PEPSErrors {
+
+ /**
+ * Represents the 'authenticationFailed' constant error identifier.
+ */
+ AUTHENTICATION_FAILED_ERROR("authenticationFailed"),
+ /**
+ * Represents the 'spCountrySelector.errorCreatingSAML' constant error
+ * identifier.
+ */
+ SP_COUNTRY_SELECTOR_ERROR_CREATE_SAML("spCountrySelector.errorCreatingSAML"),
+ /**
+ * Represents the 'spCountrySelector.destNull' constant error identifier.
+ */
+ SP_COUNTRY_SELECTOR_DESTNULL("spCountrySelector.destNull"),
+ /**
+ * Represents the 'spCountrySelector.invalidAttr' constant error identifier.
+ */
+ SP_COUNTRY_SELECTOR_INVALID_ATTR("spCountrySelector.invalidAttr"),
+ /**
+ * Represents the 'spCountrySelector.invalidProviderName' constant error
+ * identifier.
+ */
+ SP_COUNTRY_SELECTOR_INVALID_PROVIDER_NAME(
+ "spCountrySelector.invalidProviderName"),
+ /**
+ * Represents the 'spCountrySelector.invalidQaaSPid' constant error
+ * identifier.
+ */
+ SP_COUNTRY_SELECTOR_INVALID_QAASPID("spCountrySelector.invalidQaaSPid"),
+ /**
+ * Represents the 'spCountrySelector.invalidSpId' constant error identifier.
+ */
+ SP_COUNTRY_SELECTOR_INVALID_SPID("spCountrySelector.invalidSpId"),
+ /**
+ * Represents the 'spCountrySelector.invalidSPQAA' constant error identifier.
+ */
+ SP_COUNTRY_SELECTOR_INVALID_SPQAA("spCountrySelector.invalidSPQAA"),
+ /**
+ * Represents the 'spCountrySelector.invalidSpURL' constant error identifier.
+ */
+ SP_COUNTRY_SELECTOR_INVALID_SPURL("spCountrySelector.invalidSpURL"),
+ /**
+ * Represents the 'spCountrySelector.spNotAllowed' constant error identifier.
+ */
+ SP_COUNTRY_SELECTOR_SPNOTALLOWED("spCountrySelector.spNotAllowed"),
+
+ /**
+ * Represents the 'sProviderAction.errorCreatingSAML' constant error
+ * identifier.
+ */
+ SPROVIDER_SELECTOR_ERROR_CREATE_SAML("sProviderAction.errorCreatingSAML"),
+ /**
+ * Represents the 'sProviderAction.attr' constant error identifier.
+ */
+ SPROVIDER_SELECTOR_INVALID_ATTR("sProviderAction.invalidAttr"),
+ /**
+ * Represents the 'sProviderAction.country' constant error identifier.
+ */
+ SPROVIDER_SELECTOR_INVALID_COUNTRY("sProviderAction.invalidCountry"),
+ /**
+ * Represents the 'sProviderAction.relayState' constant error identifier.
+ */
+ SPROVIDER_SELECTOR_INVALID_RELAY_STATE("sProviderAction.invalidRelayState"),
+ /**
+ * Represents the 'sProviderAction.saml' constant error identifier.
+ */
+ SPROVIDER_SELECTOR_INVALID_SAML("sProviderAction.invalidSaml"),
+ /**
+ * Represents the 'sProviderAction.spAlias' constant error identifier.
+ */
+ SPROVIDER_SELECTOR_INVALID_SPALIAS("sProviderAction.invalidSPAlias"),
+ /**
+ * Represents the 'sProviderAction.spDomain' constant error identifier.
+ */
+ SPROVIDER_SELECTOR_INVALID_SPDOMAIN("sProviderAction.invalidSPDomain"),
+ /**
+ * Represents the 'sProviderAction.spId' constant error identifier.
+ */
+ SPROVIDER_SELECTOR_INVALID_SPID("sProviderAction.invalidSPId"),
+ /**
+ * Represents the 'sProviderAction.spQAA' constant error identifier.
+ */
+ SPROVIDER_SELECTOR_INVALID_SPQAA("sProviderAction.invalidSPQAA"),
+ /**
+ * Represents the 'sProviderAction.spQAAId' constant error identifier.
+ */
+ SPROVIDER_SELECTOR_INVALID_SPQAAID("sProviderAction.invalidSPQAAId"),
+ /**
+ * Represents the 'sProviderAction.spRedirect' constant error identifier.
+ */
+ SPROVIDER_SELECTOR_INVALID_SPREDIRECT("sProviderAction.invalidSPRedirect"),
+ /**
+ * Represents the 'sPPowerValidationAction.invalidSPPVAttrList' constant error identifier.
+ */
+ SPPOWERVALIDATION_SELECTOR_INVALID_SP_PV_ATTR_LIST("sPPowerValidationAction.invalidSPPVAttrList"),
+
+ /**
+ * Represents the 'sProviderAction.invalidSPProviderName' constant error
+ * identifier.
+ */
+ SPROVIDER_SELECTOR_INVALID_SP_PROVIDERNAME(
+ "sProviderAction.invalidSPProviderName"),
+ /**
+ * Represents the 'sProviderAction.spNotAllowed' constant error identifier.
+ */
+ SPROVIDER_SELECTOR_SPNOTALLOWED("sProviderAction.spNotAllowed"),
+
+
+ /**
+ * Represents the 'internalError' constant error identifier.
+ */
+ INTERNAL_ERROR("internalError"),
+
+ /**
+ * Represents the 'colleagueRequest.attrNull' constant error identifier.
+ */
+ COLLEAGUE_REQ_ATTR_NULL("colleagueRequest.attrNull"),
+ /**
+ * Represents the 'colleagueRequest.errorCreatingSAML' constant error
+ * identifier.
+ */
+ COLLEAGUE_REQ_ERROR_CREATE_SAML("colleagueRequest.errorCreatingSAML"),
+ /**
+ * Represents the 'colleagueRequest.invalidCountryCode' constant error
+ * identifier.
+ */
+ COLLEAGUE_REQ_INVALID_COUNTRYCODE("colleagueRequest.invalidCountryCode"),
+ /**
+ * Represents the 'colleagueRequest.invalidDestUrl' constant error identifier.
+ */
+ COLLEAGUE_REQ_INVALID_DEST_URL("colleagueRequest.invalidDestUrl"),
+ /**
+ * Represents the 'colleagueRequest.invalidQaa' constant error identifier.
+ */
+ COLLEAGUE_REQ_INVALID_QAA("colleagueRequest.invalidQaa"),
+ /**
+ * Represents the 'colleagueRequest.invalidRedirect' constant error
+ * identifier.
+ */
+ COLLEAGUE_REQ_INVALID_REDIRECT("colleagueRequest.invalidRedirect"),
+ /**
+ * Represents the 'colleagueRequest.invalidSAML' constant error identifier.
+ */
+ COLLEAGUE_REQ_INVALID_SAML("colleagueRequest.invalidSAML"),
+
+ /**
+ * Represents the 'colleaguePVRequest.invalidPVAttrList' constant error identifier.
+ */
+ COLLEAGUE_PV_REQ_INVALID_PV_ATTR_LIST("colleaguePVRequest.invalidPVAttrList"),
+
+
+ /**
+ * Represents the 'cpepsRedirectUrl' constant error identifier.
+ */
+ CPEPS_REDIRECT_URL("cpepsRedirectUrl"),
+ /**
+ * Represents the 'spepsRedirectUrl' constant error identifier.
+ */
+ SPEPS_REDIRECT_URL("spepsRedirectUrl"),
+ /**
+ * Represents the 'sProviderAction.invCountry' constant error identifier.
+ */
+ SP_ACTION_INV_COUNTRY("sProviderAction.invCountry"),
+
+ /**
+ * Represents the 'providernameAlias.invalid' constant error identifier.
+ */
+ PROVIDER_ALIAS_INVALID("providernameAlias.invalid"),
+
+
+ /**
+ * Represents the 'cPeps.attrNull' constant error identifier.
+ */
+ CPEPS_ATTR_NULL("cPeps.attrNull"),
+
+ /**
+ * Represents the 'colleagueResponse.invalidSAML' constant error identifier.
+ */
+ COLLEAGUE_RESP_INVALID_SAML("colleagueResponse.invalidSAML"),
+
+ /**
+ * Represents the 'citizenNoConsent.mandatory' constant error identifier.
+ */
+ CITIZEN_NO_CONSENT_MANDATORY("citizenNoConsent.mandatory"),
+ /**
+ * Represents the 'citizenResponse.mandatory' constant error identifier.
+ */
+ CITIZEN_RESPONSE_MANDATORY("citizenResponse.mandatory"),
+ /**
+ * Represents the 'attVerification.mandatory' constant error identifier.
+ */
+ ATT_VERIFICATION_MANDATORY("attVerification.mandatory"),
+ /**
+ * Represents the 'attrValue.verification' constant error identifier.
+ */
+ ATTR_VALUE_VERIFICATION("attrValue.verification"),
+
+ /**
+ * Represents the 'audienceRestrictionError' constant error identifier.
+ */
+ AUDIENCE_RESTRICTION("audienceRestrictionError"),
+ /**
+ * Represents the 'auRequestIdError' constant error identifier.
+ */
+ AU_REQUEST_ID("auRequestIdError"),
+ /**
+ * Represents the 'domain' constant error identifier.
+ */
+ DOMAIN("domain"),
+ /**
+ * Represents the 'hash.error' constant error identifier.
+ */
+ HASH_ERROR("hash.error"),
+ /**
+ * Represents the 'invalidAttributeList' constant error identifier.
+ */
+ INVALID_ATTRIBUTE_LIST("invalidAttributeList"),
+ /**
+ * Represents the 'invalidAttributeValue' constant error identifier.
+ */
+ INVALID_ATTRIBUTE_VALUE("invalidAttributeValue"),
+ /**
+ * Represents the 'qaaLevel' constant error identifier.
+ */
+ QAALEVEL("qaaLevel"),
+ /**
+ * Represents the 'requests' constant error identifier.
+ */
+ REQUESTS("requests"),
+ /**
+ * Represents the 'SPSAMLRequest' constant error identifier.
+ */
+ SP_SAML_REQUEST("SPSAMLRequest"),
+ /**
+ * Represents the 'spepsSAMLRequest' constant error identifier.
+ */
+ SPEPS_SAML_REQUEST("spepsSAMLRequest"),
+ /**
+ * Represents the 'IdPSAMLResponse' constant error identifier.
+ */
+ IDP_SAML_RESPONSE("IdPSAMLResponse"),
+ /**
+ * Represents the 'cpepsSAMLResponse' constant error identifier.
+ */
+ CPEPS_SAML_RESPONSE("cpepsSAMLResponse"),
+ /**
+ * Represents the 'cpepsSAMLResponse' constant error identifier.
+ */
+ SPEPS_SAML_RESPONSE("spepsSAMLResponse"),
+ /**
+ * Represents the 'session' constant error identifier.
+ */
+ SESSION("session"),
+ /**
+ * Represents the 'invalid.session' constant error identifier.
+ */
+ INVALID_SESSION("invalid.session"),
+ /**
+ * Represents the 'invalid.sessionId' constant error identifier.
+ */
+ INVALID_SESSION_ID("invalid.sessionId"),
+ /**
+ * Represents the 'missing.sessionId' constant error identifier.
+ */
+ MISSING_SESSION_ID("sessionError"),
+ /**
+ * Represents the 'missing.mandate' constant error identifier.
+ */
+ MISSING_MANDATE("missing.mandate"),
+ /**
+ * Represents the 'AtPSAMLResponse' constant error identifier.
+ */
+ ATP_SAML_RESPONSE("AtPSAMLResponse"),
+
+ /**
+ * Represents the 'AtPSAMLResponse' constant error identifier.
+ */
+ ATP_RESPONSE_ERROR("atp.response.error"),
+
+ /**
+ * Represents the 'apepsSAMLRequest' constant error identifier.
+ */
+ APEPS_SAML_REQUEST("apepsSAMLRequest"),
+
+ /**
+ * Represents the 'apepsSAMLResponse' constant error identifier.
+ */
+ APEPS_SAML_RESPONSE("apepsSAMLResponse"),
+
+ /**
+ * Represents the 'invalid.apepsRedirectUrl' constant error identifier.
+ */
+ INVALID_APEPS_REDIRECT_URL("invalid.apepsRedirectUrl"),
+
+ /**
+ * Represents the 'invalid.apepsCallbackUrl' constant error identifier.
+ */
+ INVALID_APEPS_CALLBACK_URL("invalid.apepsCallbackUrl"),
+
+ /**
+ * Represents the 'colleagueAttributeRequest.invalidSAML' constant error identifier.
+ */
+ COLLEAGUE_ATTR_REQ_INVALID_SAML("colleagueAttributeRequest.invalidSAML");
+
+ /**
+ * Represents the constant's value.
+ */
+ private String error;
+
+ /**
+ * Solo Constructor.
+ *
+ * @param nError The Constant error value.
+ */
+ PEPSErrors(final String nError) {
+ this.error = nError;
+ }
+
+ /**
+ * Construct the errorCode Constant value.
+ *
+ * @return The errorCode Constant.
+ */
+ public String errorCode() {
+ return error + ".code";
+ }
+
+ /**
+ * Construct the errorCode Constant value with the given code text.
+ *
+ * @param text the code text to append to the constant.
+ *
+ * @return The errorCode Constant for the given code text.
+ */
+ public String errorCode(final String text) {
+ return error + "." + text + ".code";
+ }
+
+ /**
+ * Construct the errorMessage constant value.
+ *
+ * @return The errorMessage constant.
+ */
+ public String errorMessage() {
+ return error + ".message";
+ }
+
+ /**
+ * Construct the errorMessage Constant value with the given message text.
+ *
+ * @param text the message text to append to the constant.
+ *
+ * @return The errorMessage Constant for the given text.
+ */
+ public String errorMessage(final String text) {
+ return error + "." + text + ".message";
+ }
+
+ /**
+ * Return the Constant Value.
+ *
+ * @return The constant value.
+ */
+ public String toString() {
+ return error;
+ }
+}
diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PEPSParameters.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PEPSParameters.java
new file mode 100644
index 000000000..146e4c39d
--- /dev/null
+++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PEPSParameters.java
@@ -0,0 +1,619 @@
+/*
+ * This work is Open Source and licensed by the European Commission under the
+ * conditions of the European Public License v1.1
+ *
+ * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1);
+ *
+ * any use of this file implies acceptance of the conditions of this license.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations
+ * under the License.
+ */
+package eu.stork.peps.auth.commons;
+
+/**
+ * This enum class contains all the STORK PEPS, Commons and Specific Parameters.
+ *
+ * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com,
+ * luis.felix@multicert.com, hugo.magalhaes@multicert.com,
+ * paulo.ribeiro@multicert.com
+ * @version $Revision: 1.13 $, $Date: 2011-07-07 20:48:45 $
+ */
+public enum PEPSParameters {
+
+ /**
+ * Represents the 'apId' parameter constant.
+ */
+ AP_ID("apId"),
+ /**
+ * Represents the 'apUrl' parameter constant.
+ */
+ AP_URL("apUrl"),
+ /**
+ * Represents the 'ap.number' parameter constant.
+ */
+ AP_NUMBER("ap.number"),
+
+ /**
+ * Represents the 'assertionConsumerServiceURL' parameter constant.
+ */
+ ASSERTION_CONSUMER_S_URL("assertionConsumerServiceURL"),
+
+ /**
+ * Represents the 'auth' parameter constant.
+ */
+ AUTHENTICATION("auth"),
+
+ /**
+ * Represents the 'auth-on-behalf-of' parameter constant.
+ */
+ AUTHENTICATION_ON_BEHALF_OF("auth-on-behalf-of"),
+
+ /**
+ * Represents the 'attr' parameter constant.
+ */
+ ATTRIBUTE("attr"),
+ /**
+ * Represents the 'attrName' parameter constant.
+ */
+ ATTRIBUTE_NAME("attrName"),
+ /**
+ * Represents the 'attrStatus' parameter constant.
+ */
+ ATTRIBUTE_STATUS("attrStatus"),
+ /**
+ * Represents the 'attrType' parameter constant.
+ */
+ ATTRIBUTE_TYPE("attrType"),
+ /**
+ * Represents the 'attrValue' parameter constant.
+ */
+ ATTRIBUTE_VALUE("attrValue"),
+ /**
+ * Represents the 'attrList' parameter constant.
+ */
+ ATTRIBUTE_LIST("attrList"),
+ /**
+ * Represents the 'apMandAttrList' parameter constant.
+ */
+ AP_MANDATORY_ATTRIBUTE_LIST("apMandAttrList"),
+ /**
+ * Represents the 'attrTuple' parameter constant.
+ */
+ ATTRIBUTE_TUPLE("attrTuple"),
+ /**
+ * Represents the 'attribute-missing' parameter constant.
+ */
+ ATTRIBUTE_MISSING("attribute-missing"),
+ /**
+ * Represents the 'attributesNotAllowed' parameter constant.
+ */
+ ATTRIBUTES_NOT_ALLOWED("attributesNotAllowed"),
+ /**
+ * Represents the 'authnRequest' parameter constant.
+ */
+ AUTH_REQUEST("authnRequest"),
+
+ /**
+ * Represents the 'attrValue.number' parameter constant.
+ */
+ ATTR_VALUE_NUMBER("attrValue.number"),
+
+ /**
+ * Represents the 'derivation.date.format' parameter constant.
+ */
+ DERIVATION_DATE_FORMAT("derivation.date.format"),
+ /**
+ * Represents the 'deriveAttr.number' parameter constant.
+ */
+ DERIVE_ATTRIBUTE_NUMBER("deriveAttr.number"),
+
+ /**
+ * Represents the complex attributes parameter constant.
+ */
+ COMPLEX_ADDRESS_VALUE("canonicalResidenceAddress"),
+ COMPLEX_NEWATTRIBUTE_VALUE("newAttribute2"),
+ COMPLEX_HASDEGREE_VALUE("hasDegree"),
+ COMPLEX_MANDATECONTENT_VALUE("mandateContent"),
+ /**
+ * Represents the 'consent-type' parameter constant.
+ */
+ CONSENT_TYPE("consent-type"),
+ /**
+ * Represents the 'consent-value' parameter constant.
+ */
+ CONSENT_VALUE("consent-value"),
+ /**
+ * Represents the 'country' parameter constant.
+ */
+ COUNTRY("country"),
+ /**
+ * Represents the 'countryOrigin' parameter constant.
+ */
+ COUNTRY_ORIGIN("countryOrigin"),
+
+ /**
+ * Represents the 'cpepsURL' parameter constant.
+ */
+ CPEPS_URL("cpepsURL"),
+ /**
+ * Represents the 'callback' parameter constant.
+ */
+ CPEPS_CALLBACK("callback"),
+ /**
+ * Represents the 'peps.specificidpredirect.url' parameter constant.
+ */
+ CPEPS_IDP_CALLBACK_VALUE("peps.specificidpredirect.url"),
+ /**
+ * Represents the 'peps.specificapredirect.url' parameter constant.
+ */
+ CPEPS_AP_CALLBACK_VALUE("peps.specificapredirect.url"),
+
+ /**
+ * Represents the 'errorCode' parameter constant.
+ */
+ ERROR_CODE("errorCode"),
+ /**
+ * Represents the 'subCode' parameter constant.
+ */
+ ERROR_SUBCODE("subCode"),
+ /**
+ * Represents the 'errorMessage' parameter constant.
+ */
+ ERROR_MESSAGE("errorMessage"),
+ /**
+ * Represents the 'errorRedirectUrl' parameter constant.
+ */
+ ERROR_REDIRECT_URL("errorRedirectUrl"),
+
+ /**
+ * errorRedirectUrl Represents the 'external-authentication' parameter
+ * constant.
+ */
+ EXTERNAL_AUTH("external-authentication"),
+ /**
+ * Represents the 'external-ap' parameter constant.
+ */
+ EXTERNAL_AP("external-ap"),
+ /**
+ * Represents the 'external-pv' parameter constant.
+ */
+ EXTERNAL_PV("external-pv"),
+ /**
+ * Represents the 'external-sig-module' parameter constant.
+ */
+ EXT_SIG_CREATOR_MOD("external-sig-module"),
+
+ /**
+ * Represents the 'http-x-forwarded-for' parameter constant.
+ */
+ HTTP_X_FORWARDED_FOR("http-x-forwarded-for"),
+
+ /**
+ * Represents the 'idp.url' parameter constant.
+ */
+ IDP_URL("idp.url"),
+ /**
+ * Represents the 'idpAUB.url' parameter constant.
+ */
+ IDPAUB_URL("idpAUB.url"),
+ /**
+ * Represents the 'internal-authentication' parameter constant.
+ */
+ INTERNAL_AUTH("internal-authentication"),
+ /**
+ * Represents the 'internal-ap' parameter constant.
+ */
+ INTERNAL_AP("internal-ap"),
+ /**
+ * Represents the 'internal-pv' parameter constant.
+ */
+ INTERNAL_PV("internal-pv"),
+
+ /**
+ * Represents the 'samlIssuer' parameter constant.
+ */
+ ISSUER("samlIssuer"),
+ /**
+ * Represents the 'samlIssuer.idp' parameter constant.
+ */
+ ISSUER_IDP("samlIssuer.idp"),
+ /**
+ * Represents the 'samlIssuer.atp' parameter constant.
+ */
+ ISSUER_ATP("samlIssuer.atp"),
+
+ /**
+ * Represents the 'mandatory' parameter constant.
+ */
+ MANDATORY("mandatory"),
+ /**
+ * Represents the 'mandatoryAttributeMissing' parameter constant.
+ */
+ MANDATORY_ATTR_MISSING("mandatoryAttributeMissing"),
+ /**
+ * Represents the 'mandatoryConsentAttrMissing' parameter constant.
+ */
+ MANDATORY_CONSENT_MISSING("mandatoryConsentAttrMissing"),
+ /**
+ * Represents the 'missing-attrs' parameter constant.
+ */
+ MISSING_ATTRS("missing-attrs"),
+ /**
+ * Represents the 'no-more-attrs' parameter constant.
+ */
+ NO_MORE_ATTRS("no-more-attrs"),
+
+ /**
+ * Represents the 'optional' parameter constant.
+ */
+ OPTIONAL("optional"),
+
+ /**
+ * Represents the 'no-consent-type' parameter constant.
+ */
+ NO_CONSENT_TYPE("no-consent-type"),
+ /**
+ * Represents the 'no-consent-value' parameter constant.
+ */
+ NO_CONSENT_VALUE("no-consent-value"),
+
+ /**
+ * Represents the 'provider.name' parameter constant.
+ */
+ PROVIDER_NAME_VALUE("providerName"),
+ /**
+ * Represents the 'cpeps.askconsent' parameter constant.
+ */
+ PEPS_ASK_CONSENT("cpeps.askconsent"),
+ /**
+ * Represents the 'cpeps.askconsentvalue' parameter constant.
+ */
+ PEPS_ASK_CONSENT_VALUE("cpeps.askconsentvalue"),
+ /**
+ * Represents the 'pepsAuth' parameter constant.
+ */
+ PEPS_AUTH_CONSENT("pepsAuth"),
+ /**
+ * Represents the 'validation.bypass' parameter constant.
+ */
+ PEPS_BYPASS("validation.bypass"),
+ /**
+ * Represents the 'cpeps.number' parameter constant.
+ */
+ PEPS_NUMBER("cpeps.number"),
+ /**
+ * Represents the 'cpeps.specificapredirect.url' parameter constant.
+ */
+ PEPS_SPECIFIC_URL("cpeps.specificapredirect.url"),
+ /**
+ * Represents the 'pv.url' parameter constant.
+ */
+ PV_URL("pv.url"),
+
+ /**
+ * Represents the 'qaaLevel' parameter constant.
+ */
+ QAALEVEL("qaaLevel"),
+
+ /**
+ * Represents the 'speps.redirectUrl' parameter constant.
+ */
+ SPEPS_REDIRECT_URL("speps.redirectUrl"),
+
+ /**
+ * Represents the 'sp.redirectUrl' parameter constant.
+ */
+ SP_REDIRECT_URL("sp.redirectUrl"),
+ /**
+ * Represents the 'cpeps.redirectUrl' parameter constant.
+ */
+ CPEPS_REDIRECT_URL("cpeps.redirectUrl"),
+ /**
+ * Represents the 'RelayState' parameter constant.
+ */
+ RELAY_STATE("RelayState"),
+ /**
+ * Represents the 'remoteAddr' parameter constant.
+ */
+ REMOTE_ADDR("remoteAddr"),
+ /**
+ * Represents the 'remoteUser' parameter constant.
+ */
+ REMOTE_USER("remoteUser"),
+
+ /**
+ * Represents the 'SAMLRequest' parameter constant.
+ */
+ SAML_REQUEST("SAMLRequest"),
+ /**
+ * Represents the 'SAMLResponse' parameter constant.
+ */
+ SAML_RESPONSE("SAMLResponse"),
+ /**
+ * Represents the 'SAMLFail' parameter constant.
+ */
+ SAML_TOKEN_FAIL("SAMLFail"),
+ /**
+ * Represents the 'TokenId' parameter constant.
+ */
+ SAML_TOKEN_ID("TokenId"),
+ /**
+ * Represents the 'inResponseTo' parameter constant.
+ */
+ SAML_IN_RESPONSE_TO("inResponseTo"),
+ /**
+ * Represents the 'inResponseTo.idp' parameter constant.
+ */
+ SAML_IN_RESPONSE_TO_IDP("inResponseTo.idp"),
+ /**
+ * Represents the 'inResponseTo.atp' parameter constant.
+ */
+ SAML_IN_RESPONSE_TO_ATP("inResponseTo.atp"),
+ /**
+ * Represents the 'SignatureResponse' parameter constant.
+ */
+ SIGNATURE_RESPONSE("SignatureResponse"),
+
+ /**
+ * Represents the 'cPepsSession' parameter constant.
+ */
+ SESSION_ID_URL("cPepsSession"),
+ /**
+ * Represents the 'spId' parameter constant.
+ */
+ SP_ID("spId"),
+ /**
+ * Represents the 'spQaaLevel' parameter constant.
+ */
+ SP_QAALEVEL("spQaaLevel"),
+ /**
+ * Represents the 'spUrl' parameter constant.
+ */
+ SP_URL("spUrl"),
+
+ /**
+ * Represents the 'allow.derivation.all' parameter constant.
+ */
+ SPECIFIC_ALLOW_DERIVATION_ALL("allow.derivation.all"),
+ /**
+ * Represents the ''allow.unknowns parameter constant.
+ */
+ SPECIFIC_ALLOW_UNKNOWNS("allow.unknowns"),
+ /**
+ * Represents the 'derivation.date.separator' parameter constant.
+ */
+ SPECIFIC_DERIVATION_DATE_SEP("derivation.date.separator"),
+ /**
+ * Represents the 'derivation.month.position' parameter constant.
+ */
+ SPECIFIC_DERIVATION_MONTH_POS("derivation.month.position"),
+ /**
+ * Represents the 'derivation.day.position' parameter constant.
+ */
+ SPECIFIC_DERIVATION_DAY_POS("derivation.day.position"),
+ /**
+ * Represents the 'derivation.year.position' parameter constant.
+ */
+ SPECIFIC_DERIVATION_YEAR_POS("derivation.year.position"),
+
+ /**
+ * sp.authorized.parameters Represents the '' parameter constant.
+ */
+ SPEPS_AUTHORIZED("sp.authorized.parameters"),
+
+ /**
+ * Represents the 'spSector' constant value.
+ */
+ SPSECTOR("spSector"),
+ /**
+ * Represents the 'spApplication' constant value.
+ */
+ SPAPPLICATION("spApplication"),
+ /**
+ * Represents the 'spCountry' constant value.
+ */
+ SPCOUNTRY("spCountry"),
+ /**
+ * Represents the 'spInstitution' constant value.
+ */
+ SPINSTITUTION("spInstitution"),
+ /**
+ * Represents the 'storkAttribute.number' parameter constant.
+ */
+ STORK_ATTRIBUTE_NUMBER("storkAttribute.number"),
+ /**
+ * Represents the 'storkAttributeValue.number' parameter constant.
+ */
+ STORK_ATTRIBUTE_VALUE_NUMBER("storkAttributeValue.number"),
+
+ /**
+ * Represents the 'username' parameter constant.
+ */
+ USERNAME("username"),
+
+ /**
+ * Represents the 'tooManyParameters' parameter constant.
+ */
+ TOO_MANY_PARAMETERS("tooManyParameters"),
+ /**
+ * Represents the 'validation.active' parameter constant.
+ */
+ VALIDATION_ACTIVE("validation.active"),
+
+ /**
+ * Represents the 'x-forwarded-for' parameter constant.
+ */
+ X_FORWARDED_FOR("x-forwarded-for"),
+ /**
+ * Represents the 'x-forwarded-host' parameter constant.
+ */
+ X_FORWARDED_HOST("x-forwarded-host"),
+ /**
+ * Represents the 'XMLResponse' parameter constant.
+ */
+ XML_RESPONSE("XMLResponse"),
+
+ /**
+ * Represents the 'ap-cpeps.number' parameter constant.
+ */
+ AP_PEPS_NUMBER("ap-cpeps.number"),
+
+ /**
+ * Represents the 'atp.number' parameter constant.
+ */
+ ATTRIBUTE_PROVIDER_NUMBER("atp.number"),
+
+ /**
+ * Represents the 'atn.number' parameter constant.
+ */
+ ATTRIBUTE_NAME_NUMBER("atn.number"),
+
+ /**
+ * Represents the 'apLinker' parameter constant.
+ */
+ AP_LINKER("apLinker"),
+
+ /**
+ * Represents the 'prevApLinker' parameter constant.
+ */
+ PREV_AP_LINKER("prevApLinker"),
+
+ /**
+ * Represents the 'NOSEL' parameter constant (no attribute provider selected).
+ */
+ AP_NO_SELECTION("NOSEL"),
+
+ /**
+ * Represents the 'OCSEL' parameter constant (attribute provider in another country).
+ */
+ AP_OTHER_COUNTRY("OCSEL"),
+
+ /**
+ * Represents the '_provider' suffix parameter constant.
+ */
+ AP_PROVIDER_SELECT_SUFFIX("_provider"),
+
+ /**
+ * Represents the '_country' suffix parameter constant.
+ */
+ AP_COUNTRY_SELECT_SUFFIX("_country"),
+
+ /**
+ * Represents the '_name' suffix parameter constant.
+ */
+ AP_NAME_SELECT_SUFFIX("_name"),
+
+ /**
+ * Represents the 'next-ap' parameter constant.
+ */
+ NEXT_AP("next-ap"),
+
+ /**
+ * Represents the 'next-apeps' parameter constant.
+ */
+ NEXT_APEPS("next-apeps"),
+
+ /**
+ * Represents the 'back-to-apeps' parameter constant.
+ */
+ BACK_TO_APEPS("back-to-apeps"),
+
+ /**
+ * Represents the 'is-remote-apeps' parameter constant.
+ */
+ IS_REMOTE_APEPS("is-remote-apeps"),
+
+ /**
+ * Represents the 'more-attributes' parameter constant.
+ */
+ MORE_ATTRIBUTES("more-attributes"),
+
+ /**
+ * Represents the 'attr-filter.number' parameter constant.
+ */
+ ATTRIBUTES_FILTER_NUMBER("attr-filter.number"),
+
+ /**
+ * Represents the 'atp.url' parameter constant.
+ */
+ ATP_URL("atp.url"),
+ /**
+ * Represents the 'apepsURL' parameter constant.
+ */
+ APEPS_URL("apepsUrl"),
+
+ /**
+ * Represents the 'apepsCountry' parameter constant.
+ */
+ APEPS_COUNTRY("apepsCountry"),
+
+ /**
+ * Represents the 'apepsAuthRequest' parameter constant.
+ */
+ APEPS_ATTR_REQUEST("apepsAttrRequest"),
+
+ /**
+ * Represents the 'isApepsRequest' parameter constant.
+ */
+ APEPS_REQUEST_COMPLETE("apeps-request-complete"),
+
+ /**
+ * Represents the 'apeps.callbackUrl' parameter constant.
+ */
+ APEPS_CALLBACK_URL("apeps.callbackUrl"),
+ /**
+ * Represents the 'attrListMand' parameter constant.
+ */
+ ATTR_LIST_MAND("attrListMand"),
+
+ /**
+ * Represents the 'attrListOpt' parameter constant.
+ */
+ ATTR_LIST_OPT("attrListOpt"),
+
+ /**
+ * Represents the 'simpleAttrListMand' parameter constant.
+ */
+ SIMPLE_ATTR_LIST_MAND("simpleAttrListMand"),
+
+ /**
+ * Represents the 'simpleAttrListOpt' parameter constant.
+ */
+ SIMPLE_ATTR_LIST_OPT("simpleAttrListOpt"),
+
+ /**
+ * Represents the 'complexAttrListMand' parameter constant.
+ */
+ COMPLEX_ATTR_LIST_MAND("complexAttrListMand"),
+
+ /**
+ * Represents the 'complexAttrListOpt' parameter constant.
+ */
+ COMPLEX_ATTR_LIST_OPT("complexAttrListOpt");
+
+ /**
+ * Represents the constant's value.
+ */
+ private String value;
+
+ /**
+ * Solo Constructor.
+ *
+ * @param nValue The Constant value.
+ */
+ PEPSParameters(final String nValue) {
+ this.value = nValue;
+ }
+
+ /**
+ * Return the Constant Value.
+ *
+ * @return The constant value.
+ */
+ public String toString() {
+ return value;
+ }
+}
diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PEPSUtil.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PEPSUtil.java
new file mode 100644
index 000000000..a16b03edb
--- /dev/null
+++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PEPSUtil.java
@@ -0,0 +1,353 @@
+/*
+ * This work is Open Source and licensed by the European Commission under the
+ * conditions of the European Public License v1.1
+ *
+ * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1);
+ *
+ * any use of this file implies acceptance of the conditions of this license.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations
+ * under the License.
+ */
+package eu.stork.peps.auth.commons;
+
+import java.io.UnsupportedEncodingException;
+import java.util.Properties;
+
+import org.apache.commons.lang.StringUtils;
+import org.apache.log4j.Logger;
+import org.bouncycastle.crypto.Digest;
+import org.bouncycastle.util.encoders.Base64;
+
+import eu.stork.peps.auth.commons.exceptions.InternalErrorPEPSException;
+import eu.stork.peps.auth.commons.exceptions.InvalidParameterPEPSException;
+
+/**
+ * This class holds static helper methods.
+ *
+ * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com,
+ * luis.felix@multicert.com, hugo.magalhaes@multicert.com,
+ * paulo.ribeiro@multicert.com
+ * @version $Revision: 1.75 $, $Date: 2010-11-23 00:05:35 $
+ */
+public final class PEPSUtil {
+
+ /**
+ * Logger object.
+ */
+ private static final Logger LOG = Logger.getLogger(PEPSUtil.class.getName());
+
+ /**
+ * Configurations object.
+ */
+ private static Properties configs;
+
+ /**
+ * Max prefix.
+ */
+ private static final String MAX_PARAM_PREFIX = "max.";
+
+ /**
+ * Code prefix to get error code.
+ */
+ private static final String CODE_PARAM_SUFFIX = ".code";
+
+ /**
+ * param's size prefix to get max param size.
+ */
+ private static final String MAX_PARAM_SUFFIX = ".size";
+
+ /**
+ * Message prefix to get error message.
+ */
+ private static final String MSG_PARAM_SUFFIX = ".message";
+
+ /**
+ * Private constructor. Prevents the class from being instantiated.
+ */
+ private PEPSUtil() {
+ // empty constructor
+ }
+
+ /**
+ * Creates a single instance of this class and sets the properties.
+ *
+ * @param nConfigs The set of available configurations.
+ *
+ * @return The created PEPSUtil's class.
+ */
+ public static PEPSUtil createInstance(final Properties nConfigs) {
+ if (nConfigs != null) {
+ PEPSUtil.configs = nConfigs;
+ }
+ return new PEPSUtil();
+ }
+
+ /**
+ * Getter for the Properties.
+ *
+ * @return configs The properties value.
+ */
+ public Properties getConfigs() {
+ return configs;
+ }
+
+ /**
+ * Setter for the Properties.
+ *
+ * @param nConfigs The new properties value.
+ */
+ public static void setConfigs(final Properties nConfigs) {
+ if (nConfigs != null) {
+ PEPSUtil.configs = nConfigs;
+ }
+ }
+
+ /**
+ * Returns the identifier of some configuration given a set of configurations
+ * and the corresponding configuration key.
+ *
+ * @param configKey The key that IDs some configuration.
+ *
+ * @return The configuration String value.
+ */
+ public static String getConfig(final String configKey) {
+ return configs.getProperty(configKey);
+ }
+
+ /**
+ * Validates the input paramValue identified by the paramName.
+ *
+ * @param paramName The name of the parameter to validate.
+ * @param paramValue The value of the parameter to validate.
+ *
+ * @return true if the parameter is valid.
+ */
+ public static boolean isValidParameter(final String paramName,
+ final String paramValue) {
+
+ final String validationParam =
+ PEPSUtil.getConfig(PEPSParameters.VALIDATION_ACTIVE.toString());
+ boolean retVal = true;
+
+ final String paramConf = MAX_PARAM_PREFIX + paramName + MAX_PARAM_SUFFIX;
+
+ if (PEPSValues.TRUE.toString().equals(validationParam)) {
+ final String paramSizeStr = PEPSUtil.getConfig(paramConf);
+ // Checking if the parameter size exists and if it's numeric
+ if (StringUtils.isNumeric(paramSizeStr)) {
+ final int maxParamSize = Integer.valueOf(paramSizeStr);
+ if (StringUtils.isEmpty(paramValue)
+ || paramValue.length() > maxParamSize) {
+ retVal = false;
+ LOG.warn("Invalid parameter [" + paramName + "] value " + paramValue);
+ }
+ } else {
+ retVal = false;
+ LOG.error("Missing " + paramConf
+ + " configuration in the pepsUtils.properties configuration file");
+ }
+ }
+ return retVal;
+ }
+
+ /**
+ * Validates the Parameter and throws an exception if an error occurs. Throws
+ * an InvalidParameterPEPSException runtime exception if the parameter is
+ * invalid.
+ *
+ * @param className The Class Name that invoked the method.
+ * @param paramName The name of the parameter to validate.
+ * @param paramValue The value of the parameter to validate.
+ */
+ public static void validateParameter(final String className,
+ final String paramName, final Object paramValue) {
+
+ if (paramValue == null) {
+ PEPSUtil.validateParameter(className, paramName, "");
+ } else {
+ PEPSUtil.validateParameter(className, paramName, paramValue.toString());
+ }
+ }
+
+ /**
+ * Validates the Parameters and throws an exception if an error occurs.
+ *
+ * @param className The Class Name that invoked the method.
+ * @param paramName The name of the parameter to validate.
+ * @param paramValue The value of the parameter to validate.
+ */
+ public static void validateParameter(final String className,
+ final String paramName, final String paramValue) {
+
+ PEPSUtil.validateParameter(className, paramName, paramValue,
+ PEPSUtil.getErrorCode(paramName), PEPSUtil.getErrorMessage(paramName));
+ }
+
+ /**
+ * Validates the Parameters and throws an exception if an error occurs.
+ *
+ * @param className The Class Name that invoked the method.
+ * @param paramName The name of the parameter to validate.
+ * @param paramValue The value of the parameter to validate.
+ * @param error The PEPSError to get error code and messages from configs.
+ */
+ public static void validateParameter(final String className,
+ final String paramName, final String paramValue, final PEPSErrors error) {
+
+ PEPSUtil.validateParameter(className, paramName, paramValue,
+ PEPSUtil.getConfig(error.errorCode()),
+ PEPSUtil.getConfig(error.errorMessage()));
+ }
+
+ /**
+ * Validates the HTTP Parameter and throws an exception if an error occurs.
+ * Throws an InvalidParameterPEPSException runtime exception if the parameter
+ * is invalid.
+ *
+ * @param className The Class Name that invoked the method.
+ * @param paramName The name of the parameter to validate.
+ * @param paramValue The value of the parameter to validate.
+ * @param errorCode The error code to include on the exception.
+ * @param errorMessage The error message to include on the exception.
+ */
+ public static void validateParameter(final String className,
+ final String paramName, final String paramValue, final String errorCode,
+ final String errorMessage) {
+
+ if (!isValidParameter(paramName, paramValue)) {
+ LOG.warn("Invalid parameter [" + paramName + "] value found at "
+ + className);
+ throw new InvalidParameterPEPSException(errorCode, errorMessage);
+ }
+ }
+
+ /**
+ * Getter for the error code of some given error related to the input param.
+ *
+ * @param paramName The name of the parameter associated with the error.
+ *
+ * @return The code of the error.
+ */
+ private static String getErrorCode(final String paramName) {
+ return getConfig(paramName + CODE_PARAM_SUFFIX);
+ }
+
+ /**
+ * Getter for the error message of some given error related to the input
+ * parameter.
+ *
+ * @param paramName The name of the parameter associated with the message.
+ *
+ * @return The message for the error.
+ */
+ private static String getErrorMessage(final String paramName) {
+ return getConfig(paramName + MSG_PARAM_SUFFIX);
+ }
+
+ /**
+ * {@link Base64} encodes the input samlToken parameter.
+ *
+ * @param samlToken the SAML Token to be encoded.
+ *
+ * @return The Base64 String representing the samlToken.
+ *
+ * @see Base64#encode
+ */
+ public static String encodeSAMLToken(final byte[] samlToken) {
+ try {
+ return new String(Base64.encode(samlToken), "UTF8");
+ } catch (UnsupportedEncodingException e) {
+ LOG.error(PEPSErrors.INTERNAL_ERROR.errorMessage(), e);
+ return null;
+ }
+ }
+
+ /**
+ * Decodes the {@link Base64} String input parameter representing a samlToken.
+ *
+ * @param samlToken the SAML Token to be decoded.
+ *
+ * @return The samlToken decoded bytes.
+ *
+ * @see Base64#decode
+ */
+ public static byte[] decodeSAMLToken(final String samlToken) {
+ return Base64.decode(samlToken);
+ }
+
+ /**
+ * Hashes a SAML token. Throws an InternalErrorPEPSException runtime exception
+ * if the Cryptographic Engine fails.
+ *
+ * @param samlToken the SAML Token to be hashed.
+ *
+ * @return byte[] with the hashed SAML Token.
+ */
+ public static byte[] hashPersonalToken(final byte[] samlToken) {
+ try {
+ final String className =
+ PEPSUtil.getConfig(PEPSValues.HASH_DIGEST_CLASS.toString());
+
+ final Digest digest =
+ (Digest) Class.forName(className).getConstructor()
+ .newInstance((Object[]) null);
+ digest.update(samlToken, 0, samlToken.length);
+
+ final int retLength = digest.getDigestSize();
+ final byte[] ret = new byte[retLength];
+
+ digest.doFinal(ret, 0);
+ return ret;
+
+ } catch (final Exception e) {
+ // For all those exceptions that could be thrown, we always log it and
+ // thrown an InternalErrorPEPSException.
+ LOG.error(PEPSErrors.HASH_ERROR.errorMessage(), e);
+ throw new InternalErrorPEPSException(
+ PEPSUtil.getConfig(PEPSErrors.HASH_ERROR.errorCode()),
+ PEPSUtil.getConfig(PEPSErrors.HASH_ERROR.errorMessage()), e);
+ }
+ }
+
+ /**
+ * Gets the Stork error code in the error message if exists!
+ *
+ * @param errorMessage The message to get the error code if exists;
+ *
+ * @return the error code if exists. Returns null otherwise.
+ */
+ public static String getStorkErrorCode(final String errorMessage) {
+ if (StringUtils.isNotBlank(errorMessage)
+ && errorMessage.indexOf(PEPSValues.ERROR_MESSAGE_SEP.toString()) >= 0) {
+ final String[] msgSplitted =
+ errorMessage.split(PEPSValues.ERROR_MESSAGE_SEP.toString());
+ if (msgSplitted.length == 2 && StringUtils.isNumeric(msgSplitted[0])) {
+ return msgSplitted[0];
+ }
+ }
+ return null;
+ }
+
+ /**
+ * Gets the Stork error message in the saml message if exists!
+ *
+ * @param errorMessage The message to get in the saml message if exists;
+ *
+ * @return the error message if exists. Returns the original message
+ * otherwise.
+ */
+ public static String getStorkErrorMessage(final String errorMessage) {
+ if (StringUtils.isNotBlank(errorMessage)
+ && errorMessage.indexOf(PEPSValues.ERROR_MESSAGE_SEP.toString()) >= 0) {
+ final String[] msgSplitted =
+ errorMessage.split(PEPSValues.ERROR_MESSAGE_SEP.toString());
+ if (msgSplitted.length == 2 && StringUtils.isNumeric(msgSplitted[0])) {
+ return msgSplitted[1];
+ }
+ }
+ return errorMessage;
+ }
+}
diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PEPSValues.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PEPSValues.java
new file mode 100644
index 000000000..e14c21cb5
--- /dev/null
+++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PEPSValues.java
@@ -0,0 +1,329 @@
+/*
+ * This work is Open Source and licensed by the European Commission under the
+ * conditions of the European Public License v1.1
+ *
+ * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1);
+ *
+ * any use of this file implies acceptance of the conditions of this license.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations
+ * under the License.
+ */
+package eu.stork.peps.auth.commons;
+
+/**
+ * This enum class contains all the value constants.
+ *
+ * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com,
+ * luis.felix@multicert.com, hugo.magalhaes@multicert.com,
+ * paulo.ribeiro@multicert.com
+ * @version $Revision: 1.17 $, $Date: 2011-07-07 20:48:45 $
+ */
+public enum PEPSValues {
+
+ /**
+ * Represents the 'all' constant value.
+ */
+ ALL("all"),
+ /**
+ * Represents the 'none' constant value.
+ */
+ NONE("none"),
+ /**
+ * Represents the 'true' constant value.
+ */
+ TRUE("true"),
+ /**
+ * Represents the 'false' constant value.
+ */
+ FALSE("false"),
+ /**
+ * Represents the empty string constant value.
+ */
+ EMPTY_STRING(""),
+
+ /**
+ * Represents the ',' separator constant value.
+ */
+ ATTRIBUTE_VALUE_SEP(","),
+ /**
+ * Represents the ';' separator constant value.
+ */
+ ATTRIBUTE_SEP(";"),
+ /**
+ * Represents the ':' separator constant value.
+ */
+ ATTRIBUTE_TUPLE_SEP(":"),
+ /**
+ * Represents the '/' separator constant value.
+ */
+ EID_SEPARATOR("/"),
+ /**
+ * Represents the ' - ' separator constant value.
+ */
+ ERROR_MESSAGE_SEP(" - "),
+ /**
+ * Represents the '#' parameter constant value.
+ */
+ LOGGER_SEP("#"),
+ /**
+ * Represents the 'NOT_AVAILABLE' parameter constant value.
+ */
+ NOT_AVAILABLE("NotAvailable"),
+ /**
+ * Represents the ';' parameter constant value.
+ */
+ SPEPS_AUTHORIZED_SEP(";"),
+
+ /**
+ * Represents the 'ap' constant value.
+ */
+ AP("ap"),
+ /**
+ * Represents the 'C-PEPS' constant value.
+ */
+ CPEPS("C-PEPS"),
+ /**
+ * Represents the 'cpeps' constant value.
+ */
+ CPEPS_PREFIX("cpeps"),
+ /**
+ * Represents the 'peps' constant value.
+ */
+ PEPS("peps"),
+ /**
+ * Represents the '-PEPS' constant value.
+ */
+ PEPS_SUFFIX("-PEPS"),
+ /**
+ * Represents the 'SP' constant value.
+ */
+ SP("SP"),
+ /**
+ * Represents the 'S-PEPS' constant value.
+ */
+ SPEPS("S-PEPS"),
+ /**
+ * Represents the 'speps' constant value.
+ */
+ SPEPS_PREFIX("speps"),
+ /**
+ * Represents the 'sp.default.parameters' constant value.
+ */
+ DEFAULT("sp.default.parameters"),
+ /**
+ * Represents the default saml id constant value.
+ */
+ DEFAULT_SAML_ID("1"),
+ /**
+ * Represents the 'hashDigest.className' constant value.
+ */
+ HASH_DIGEST_CLASS("hashDigest.className"),
+
+ /**
+ * Represents the 'eu.stork.communication.requests' constant value.
+ */
+ STORK_PACKAGE_REQUEST_LOGGER_VALUE("eu.stork.communication.requests"),
+ /**
+ * Represents the 'eu.stork.communication.responses' constant value.
+ */
+ STORK_PACKAGE_RESPONSE_LOGGER_VALUE("eu.stork.communication.responses"),
+
+ /**
+ * Represents the 'S-PEPS receives request from SP' constant value.
+ */
+ SP_REQUEST("S-PEPS receives request from SP"),
+ /**
+ * Represents the 'Get Citizen Consent' constant value.
+ */
+ CITIZEN_CONSENT_LOG("Get Citizen Consent"),
+ /**
+ * Represents the 'C-PEPS receives request from S-PEPS' constant value.
+ */
+ CPEPS_REQUEST("C-PEPS receives request from S-PEPS"),
+ /**
+ * Represents the 'C-PEPS generates response to S-PEPS' constant value.
+ */
+ CPEPS_RESPONSE("C-PEPS generates response to S-PEPS"),
+ /**
+ * Represents the 'S-PEPS generates request to C-PEPS' constant value.
+ */
+ SPEPS_REQUEST("S-PEPS generates request to C-PEPS"),
+ /**
+ * Represents the 'S-PEPS receives response from C-PEPS' constant value.
+ */
+ SPEPS_RESPONSE("S-PEPS receives response from C-PEPS"),
+ /**
+ * Represents the 'S-PEPS generates response to SP' constant value.
+ */
+ SP_RESPONSE("S-PEPS generates response to SP"),
+ /**
+ * Represents the 'Success' constant value.
+ */
+ SUCCESS("Success"),
+ /**
+ * Represents the December's month number constant value.
+ */
+ LAST_MONTH("12"),
+ /**
+ * Represents the yyyyMM constant value.
+ */
+ NO_DAY_DATE_FORMAT("yyyyMM"),
+
+ /**
+ * Represents the 'attrValue' constant value.
+ */
+ ATTRIBUTE("attrValue"),
+ /**
+ * Represents the 'derivedAttr' constant value.
+ */
+ DERIVE_ATTRIBUTE("deriveAttr"),
+ /**
+ * Represents the 'storkAttribute' constant value.
+ */
+ STORK_ATTRIBUTE("storkAttribute"),
+
+ /**
+ * Represents the 'properties' constant value.
+ */
+ PROPERTIES("properties"),
+ /**
+ * Represents the 'referer' constant value.
+ */
+ REFERER("referer"),
+ /**
+ * Represents the 'host' constant value.
+ */
+ HOST("host"),
+ /**
+ * Represents the 'spid' constant value.
+ */
+ SPID("spid"),
+ /**
+ * Represents the 'domain' constant value.
+ */
+ DOMAIN("domain"),
+ /**
+ * Represents the '.validation' constant value.
+ */
+ VALIDATION_SUFFIX(".validation"),
+ /**
+ * Represents the 'jsessionid' constant value.
+ */
+ EQUAL("="),
+ /**
+ * Represents the 'HttpOnly' constant value.
+ */
+ HTTP_ONLY("HttpOnly"),
+ /**
+ * Represents the 'SET-COOKIE' constant value.
+ */
+ JSSESSION("JSESSIONID"),
+ /**
+ * Represents the '=' constant value.
+ */
+ SETCOOKIE("SET-COOKIE"),
+ /**
+ * Represents the ';' constant value.
+ */
+ SEMICOLON(";"),
+ /**
+ * Represents the ' ' constant value.
+ */
+ SPACE(" "),
+ /**
+ * Represents the 'atp' constant value.
+ */
+ APROVIDER_PREFIX("atp"),
+ /**
+ * Represents the 'atn' constant value.
+ */
+ ANAME_PREFIX("atn"),
+ /**
+ * Represents the 'ap-cpeps' constant value.
+ */
+ AP_CPEPS_PREFIX("ap-cpeps"),
+ /**
+ * Represents the 'attr-filter' constant value.
+ */
+ AP_ATTRFILTER_PREFIX("attr-filter");
+
+ /**
+ * Represents the constant's value.
+ */
+ private String value;
+
+ /**
+ * Solo Constructor.
+ *
+ * @param val The Constant value.
+ */
+ PEPSValues(final String val) {
+
+ this.value = val;
+ }
+
+ /**
+ * Return the Constant Value.
+ *
+ * @return The constant value.
+ */
+ public String toString() {
+
+ return value;
+ }
+
+ /**
+ * Construct the return value with the following structure
+ * CONSTANT_VALUE+index+".id".
+ *
+ * @param index the number.
+ *
+ * @return The concatenated String value.
+ */
+ public String index(final int index) {
+
+ return value + index + ".id";
+ }
+
+ /**
+ * Construct the return value with the following structure
+ * CONSTANT_VALUE+index+".value".
+ *
+ * @param index the number.
+ *
+ * @return The concatenated string value.
+ */
+ public String value(final int index) {
+
+ return value + index + ".value";
+ }
+
+ /**
+ * Construct the return value with the following structure
+ * CONSTANT_VALUE+index+".name".
+ *
+ * @param index the number.
+ *
+ * @return The concatenated String value.
+ */
+ public String name(final int index) {
+
+ return value + index + ".name";
+ }
+
+ /**
+ * Construct the return value with the following structure
+ * CONSTANT_VALUE+index+".url".
+ *
+ * @param index the number.
+ *
+ * @return The concatenated String value.
+ */
+ public String url(final int index) {
+
+ return value + index + ".url";
+ }
+}
diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PersonalAttribute.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PersonalAttribute.java
new file mode 100644
index 000000000..5d8281445
--- /dev/null
+++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PersonalAttribute.java
@@ -0,0 +1,348 @@
+/*
+ * This work is Open Source and licensed by the European Commission under the
+ * conditions of the European Public License v1.1
+ *
+ * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1);
+ *
+ * any use of this file implies acceptance of the conditions of this license.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations
+ * under the License.
+ */
+package eu.stork.peps.auth.commons;
+
+import java.io.Serializable;
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+import java.util.concurrent.ConcurrentHashMap;
+
+import org.apache.log4j.Logger;
+
+import eu.stork.peps.auth.commons.exceptions.InternalErrorPEPSException;
+
+/**
+ * This class is a bean used to store the information relative to the
+ * PersonalAttribute.
+ *
+ * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com,
+ * luis.felix@multicert.com, hugo.magalhaes@multicert.com,
+ * paulo.ribeiro@multicert.com
+ * @version $Revision: 1.22 $, $Date: 2010-11-17 05:15:28 $
+ */
+public final class PersonalAttribute implements Serializable, Cloneable {
+
+ /**
+ * Unique identifier.
+ */
+ private static final long serialVersionUID = 2612951678412632174L;
+
+ /**
+ * Logger object.
+ */
+ private static final Logger LOG = Logger.getLogger(PersonalAttribute.class
+ .getName());
+
+ /**
+ * Name of the personal attribute.
+ */
+ private String name;
+
+ /**
+ * Values of the personal attribute.
+ */
+ private List<String> value = new ArrayList<String>();
+
+ /**
+ * Type of the personal attribute.
+ */
+ private String type;
+
+ /**
+ * Complex values of the personal attribute.
+ */
+ private Map<String, String> complexValue = new ConcurrentHashMap<String, String>();
+
+ /**
+ * Is the personal attribute mandatory?
+ */
+ private transient boolean required;
+
+ /**
+ * Returned status of the attribute from the IdP.
+ */
+ private String status;
+
+ /**
+ * Name of the personal attribute.
+ */
+ private String friendlyName;
+
+ /**
+ * Empty Constructor.
+ */
+ public PersonalAttribute() {
+ super();
+ }
+
+ /**
+ * PersonalAttribute Constructor for complex values.
+ *
+ * @param attrName The attribute name.
+ * @param attrIsRequired The attribute type value.
+ * @param attrComplexValue The attribute's value.
+ * @param attrStatus The attribute's status value.
+ */
+ public PersonalAttribute(final String attrName, final boolean attrIsRequired,
+ final List<String> attrComplexValue, final String attrStatus) {
+ this.setName(attrName);
+ this.setIsRequired(attrIsRequired);
+ this.setValue(attrComplexValue);
+ this.setStatus(attrStatus);
+ }
+
+ /**
+ * PersonalAttribute Constructor for complex values.
+ *
+ * @param attrName The attribute name.
+ * @param attrIsRequired The attribute type value.
+ * @param attrComplexValue The attribute's complex value.
+ * @param attrStatus The attribute's status value.
+ */
+ public PersonalAttribute(final String attrName, final boolean attrIsRequired,
+ final Map<String, String> attrComplexValue, final String attrStatus) {
+ this.setName(attrName);
+ this.setIsRequired(attrIsRequired);
+ this.setComplexValue(attrComplexValue);
+ this.setStatus(attrStatus);
+ }
+
+ /**
+ * {@inheritDoc}
+ */
+ @SuppressWarnings("unchecked")
+ public Object clone() {
+
+ try {
+ final PersonalAttribute personalAttr = (PersonalAttribute) super.clone();
+ personalAttr.setIsRequired(this.isRequired());
+ personalAttr.setName(this.getName());
+ personalAttr.setStatus(this.getStatus());
+ if (!isEmptyValue()) {
+ final List<String> val =
+ (List<String>) ((ArrayList<String>) this.getValue()).clone();
+ personalAttr.setValue(val);
+ }
+ if (!isEmptyComplexValue()) {
+ final Map<String, String> complexVal =
+ (Map<String, String>) ((HashMap<String, String>) this
+ .getComplexValue()).clone();
+ personalAttr.setComplexValue(complexVal);
+ }
+ return personalAttr;
+ } catch (final CloneNotSupportedException e) {
+ // assert false;
+ LOG.trace("Nothing to do.");
+ throw new InternalErrorPEPSException(
+ PEPSUtil.getConfig(PEPSErrors.INTERNAL_ERROR.errorCode()),
+ PEPSUtil.getConfig(PEPSErrors.INTERNAL_ERROR.errorMessage()), e);
+ }
+ }
+
+ /**
+ * Getter for the required value.
+ *
+ * @return The required value.
+ */
+ public boolean isRequired() {
+ return required;
+ }
+
+ /**
+ * Setter for the required value.
+ *
+ * @param attrIsRequired this attribute?
+ */
+ public void setIsRequired(final boolean attrIsRequired) {
+ this.required = attrIsRequired;
+ }
+
+ /**
+ * Getter for the name value.
+ *
+ * @return The name value.
+ */
+ public String getName() {
+ return name;
+ }
+
+ /**
+ * Setter for the name value.
+ *
+ * @param attrName The personal attribute name.
+ */
+ public void setName(final String attrName) {
+ this.name = attrName;
+ }
+
+ /**
+ * Getter for the value.
+ *
+ * @return The list of values.
+ */
+ public List<String> getValue() {
+ return value;
+ }
+
+ /**
+ * Setter for the list of values.
+ *
+ * @param attrValue The personal attribute value.
+ */
+ public void setValue(final List<String> attrValue) {
+ if (attrValue != null) {
+ this.value = attrValue;
+ }
+ }
+
+
+ /**
+ * Getter for the type value.
+ *
+ * @return The name value.
+ */
+ public String getType() {
+ return type;
+ }
+
+ /**
+ * Setter for the type value.
+ *
+ * @param attrName The personal attribute type.
+ */
+ public void setType(final String attrType) {
+ this.type = attrType;
+ }
+
+ /**
+ * Getter for the status.
+ *
+ * @return The status value.
+ */
+ public String getStatus() {
+ return status;
+ }
+
+ /**
+ * Setter for the status value.
+ *
+ * @param attrStatus The personal attribute status.
+ */
+ public void setStatus(final String attrStatus) {
+ this.status = attrStatus;
+ }
+
+ /**
+ * Getter for the complex value.
+ *
+ * @return The complex value.
+ */
+ public Map<String, String> getComplexValue() {
+ return complexValue;
+ }
+
+ /**
+ * Setter for the complex value.
+ *
+ * @param complexVal The personal attribute Complex value.
+ */
+ public void setComplexValue(final Map<String, String> complexVal) {
+ if (complexVal != null) {
+ this.complexValue = complexVal;
+ }
+ }
+
+ /**
+ * Getter for the personal's friendly name.
+ *
+ * @return The personal's friendly name value.
+ */
+ public String getFriendlyName() {
+ return friendlyName;
+ }
+
+ /**
+ * Setter for the personal's friendly name.
+ *
+ * @param fName The personal's friendly name.
+ */
+ public void setFriendlyName(final String fName) {
+ this.friendlyName = fName;
+ }
+
+ /**
+ * Return true the value is empty.
+ *
+ * @return True if the value is empty "[]";
+ */
+ public boolean isEmptyValue() {
+ return value.isEmpty() || (value.size() == 1 && value.get(0).length() == 0);
+ }
+
+ /**
+ * Returns true if the Complex Value is empty.
+ *
+ * @return True if the Complex Value is empty;
+ */
+ public boolean isEmptyComplexValue() {
+ return complexValue.isEmpty();
+ }
+
+ /**
+ * Returns true if the Status is empty.
+ *
+ * @return True if the Status is empty;
+ */
+ public boolean isEmptyStatus() {
+ return (status == null || status.length() == 0);
+ }
+
+ /**
+ * Prints the PersonalAttribute in the following format.
+ * name:required:[v,a,l,u,e,s]|[v=a,l=u,e=s]:status;
+ *
+ * @return The PersonalAttribute as a string.
+ */
+ public String toString() {
+ final StringBuilder strBuild = new StringBuilder();
+
+ AttributeUtil.appendIfNotNull(strBuild, getName());
+ strBuild.append(PEPSValues.ATTRIBUTE_TUPLE_SEP.toString());
+ AttributeUtil.appendIfNotNull(strBuild, String.valueOf(isRequired()));
+ strBuild.append(PEPSValues.ATTRIBUTE_TUPLE_SEP.toString());
+ strBuild.append('[');
+
+ if (isEmptyValue()) {
+ if (!isEmptyComplexValue()) {
+ AttributeUtil.appendIfNotNull(strBuild, AttributeUtil.mapToString(
+ getComplexValue(), PEPSValues.ATTRIBUTE_VALUE_SEP.toString()));
+ }
+ } else {
+ AttributeUtil.appendIfNotNull(
+ strBuild,
+ AttributeUtil.listToString(getValue(),
+ PEPSValues.ATTRIBUTE_VALUE_SEP.toString()));
+ }
+
+ strBuild.append(']');
+ strBuild.append(PEPSValues.ATTRIBUTE_TUPLE_SEP.toString());
+ AttributeUtil.appendIfNotNull(strBuild, getStatus());
+ strBuild.append(PEPSValues.ATTRIBUTE_SEP.toString());
+
+ return strBuild.toString();
+ }
+
+}
diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PersonalAttributeList.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PersonalAttributeList.java
new file mode 100644
index 000000000..642b249d4
--- /dev/null
+++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PersonalAttributeList.java
@@ -0,0 +1,396 @@
+/*
+ * This work is Open Source and licensed by the European Commission under the
+ * conditions of the European Public License v1.1
+ *
+ * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1);
+ *
+ * any use of this file implies acceptance of the conditions of this license.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations
+ * under the License.
+ */
+package eu.stork.peps.auth.commons;
+
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Map;
+import java.util.concurrent.ConcurrentHashMap;
+import java.util.StringTokenizer;
+
+import org.apache.commons.lang.StringUtils;
+import org.apache.log4j.Logger;
+
+/**
+ * This class is a bean used to store the information relative to the
+ * PersonalAttributeList.
+ *
+ * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com,
+ * luis.felix@multicert.com, hugo.magalhaes@multicert.com,
+ * paulo.ribeiro@multicert.com
+ * @version $Revision: 1.27 $, $Date: 2010-11-18 22:54:56 $
+ *
+ * @see PersonalAttribute
+ */
+@SuppressWarnings("PMD")
+public final class PersonalAttributeList extends
+ ConcurrentHashMap<String, PersonalAttribute> implements IPersonalAttributeList{
+
+ /**
+ * Logger object.
+ */
+ private static final Logger LOG = Logger
+ .getLogger(PersonalAttributeList.class.getName());
+
+ /**
+ * Serial id.
+ */
+ private static final long serialVersionUID = 7375127363889975062L;
+
+ /**
+ * Hash with the latest fetched attribute name alias.
+ */
+ private final transient Map<String, Integer> latestAttrAlias =
+ new HashMap<String, Integer>();
+
+ /**
+ * Hash with mapping number of alias or the attribute name.
+ */
+ private final transient Map<String, Integer> attrAliasNumber =
+ new HashMap<String, Integer>();
+
+ /**
+ * Default constructor.
+ */
+ public PersonalAttributeList() {
+ // The best practices recommend to call the super constructor.
+ super();
+ }
+
+ /**
+ * Constructor with initial capacity for the PersonalAttributeList size.
+ *
+ * @param capacity The initial capacity for the PersonalAttributeList.
+ */
+ public PersonalAttributeList(final int capacity) {
+ super(capacity);
+ }
+
+ /**
+ * {@inheritDoc}
+ */
+ public Iterator<PersonalAttribute> iterator() {
+ return this.values().iterator();
+ }
+
+ /**
+ * {@inheritDoc}
+ */
+ public PersonalAttribute get(final Object key) {
+ String attrName = (String) key;
+
+ if (this.latestAttrAlias.containsKey(key)) {
+ attrName = attrName + this.latestAttrAlias.get(key);
+ } else {
+ if (this.attrAliasNumber.containsKey(key)) {
+ this.latestAttrAlias.put(attrName, this.attrAliasNumber.get(key));
+ }
+ }
+ return super.get(attrName);
+ }
+
+ /**
+ * {@inheritDoc}
+ */
+ public void add(final PersonalAttribute value) {
+ if (value != null) {
+ this.put(value.getName(), value);
+ }
+ }
+
+ /**
+ * {@inheritDoc}
+ */
+ public PersonalAttribute put(final String key, final PersonalAttribute val) {
+ if (StringUtils.isNotEmpty(key) && val != null) {
+ // Validate if attribute name already exists!
+ String attrAlias = key;
+ if (this.containsKey(attrAlias)) {
+ //TODO isAgeOver should not be hardcoded, a better way of handling multipe isAgeOver requests should be implemented.
+ if (!val.isEmptyValue() && StringUtils.isNumeric(val.getValue().get(0)) && "isAgeOver".equals( val.getName() ) ) {
+ final String attrValue = val.getValue().get(0);
+ attrAlias = key + attrValue;
+ this.attrAliasNumber.put(key, Integer.valueOf(attrValue));
+ } else {
+ final PersonalAttribute attr = super.get(key);
+ if (!attr.isEmptyValue()
+ && StringUtils.isNumeric(attr.getValue().get(0))) {
+ attrAlias = key + attr.getValue().get(0);
+ super.put(key, (PersonalAttribute) attr);
+ this.attrAliasNumber.put(key, null);
+ }
+ }
+ }
+ return super.put(attrAlias, val);
+ } else {
+ return null;
+ }
+ }
+
+ /**
+ * {@inheritDoc}
+ */
+ public void populate(final String attrList) {
+ final StringTokenizer strToken =
+ new StringTokenizer(attrList, PEPSValues.ATTRIBUTE_SEP.toString());
+
+ while (strToken.hasMoreTokens()) {
+ final PersonalAttribute persAttr = new PersonalAttribute();
+ String[] tuples =
+ strToken.nextToken().split(PEPSValues.ATTRIBUTE_TUPLE_SEP.toString(),
+ AttributeConstants.NUMBER_TUPLES.intValue());
+
+ // Convert to the new format if needed!
+ tuples = convertFormat(tuples);
+
+ if (AttributeUtil.hasValidTuples(tuples)) {
+ final int attrValueIndex =
+ AttributeConstants.ATTR_VALUE_INDEX.intValue();
+ final String tmpAttrValue =
+ tuples[attrValueIndex].substring(1,
+ tuples[attrValueIndex].length() - 1);
+ final String[] vals =
+ tmpAttrValue.split(PEPSValues.ATTRIBUTE_VALUE_SEP.toString());
+
+ persAttr.setName(tuples[AttributeConstants.ATTR_NAME_INDEX.intValue()]);
+ persAttr.setIsRequired(Boolean
+ .valueOf(tuples[AttributeConstants.ATTR_TYPE_INDEX.intValue()]));
+
+ // check if it is a complex value
+ if (isComplexValue(vals)) {
+ persAttr.setComplexValue(createComplexValue(vals));
+ }
+ else
+ {
+ persAttr.setValue(createValues(vals));
+ }
+
+ if (tuples.length == AttributeConstants.NUMBER_TUPLES.intValue()) {
+ persAttr.setStatus(tuples[AttributeConstants.ATTR_STATUS_INDEX
+ .intValue()]);
+ }
+ this.put(tuples[AttributeConstants.ATTR_NAME_INDEX.intValue()],
+ persAttr);
+
+ } else {
+ LOG.warn("Invalid personal attribute list tuples");
+ }
+
+ }
+ }
+
+ /**
+ * Returns a copy of this <tt>IPersonalAttributeList</tt> instance.
+ *
+ * @return The copy of this IPersonalAttributeList.
+ */
+ public Object clone() {
+ try {
+ return (PersonalAttributeList) super.clone();
+ } catch (CloneNotSupportedException e) {
+ return null;
+ }
+ }
+
+ /**
+ * Creates a string in the following format.
+ *
+ * attrName:attrType:[attrValue1,attrValue2=attrComplexValue]:attrStatus;
+ *
+ * @return {@inheritDoc}
+ */
+ @Override
+ public String toString() {
+ final Iterator<Entry<String, PersonalAttribute>> itAttrs =
+ this.entrySet().iterator();
+ final StringBuilder strBuilder = new StringBuilder();
+
+ while (itAttrs.hasNext()) {
+ final Entry<String, PersonalAttribute> attrEntry = itAttrs.next();
+ final PersonalAttribute attr = attrEntry.getValue();
+ //strBuilder.append(attr.toString());
+ strBuilder.insert(0, attr.toString());
+ }
+
+ return strBuilder.toString();
+ }
+
+ /**
+ * Validates and creates the attribute's complex values.
+ *
+ * @param values The complex values.
+ *
+ * @return The {@link Map} with the complex values.
+ *
+ * @see Map
+ */
+ private Map<String, String> createComplexValue(final String[] values) {
+ final Map<String, String> complexValue = new HashMap<String, String>();
+ for (final String val : values) {
+ final String[] tVal = val.split("=");
+ if (StringUtils.isNotEmpty(val) && tVal.length == 2) {
+ complexValue.put(tVal[0], AttributeUtil.unescape(tVal[1]));
+ }
+ }
+ return complexValue;
+ }
+
+ /**
+ * Checks if value is complex or not
+ * @param values The values to check
+ * @return True if succesful
+ */
+ private boolean isComplexValue(final String[] values) {
+ boolean isComplex = false;
+ if (values.length > 0) {
+ final String[] tVal = values[0].split("=");
+ if (StringUtils.isNotEmpty(values[0]) && tVal.length == 2) {
+ isComplex = true;
+ }
+ }
+ return isComplex;
+ }
+
+ /**
+ * Validates and creates the attribute values.
+ *
+ * @param vals The attribute values.
+ *
+ * @return The {@link List} with the attribute values.
+ *
+ * @see List
+ */
+ private List<String> createValues(final String[] vals) {
+ final List<String> values = new ArrayList<String>();
+ for (final String val : vals) {
+ if (StringUtils.isNotEmpty(val)) {
+ values.add(AttributeUtil.unescape(val));
+ }
+ }
+ return values;
+ }
+
+ /**
+ * Converts the attribute tuple (attrName:attrType...) to the new format.
+ *
+ * @param tuples The attribute tuples to convert.
+ *
+ * @return The attribute tuples in the new format.
+ */
+ private String[] convertFormat(final String[] tuples) {
+ final String[] newFormatTuples =
+ new String[AttributeConstants.NUMBER_TUPLES.intValue()];
+ if (tuples != null) {
+ System.arraycopy(tuples, 0, newFormatTuples, 0, tuples.length);
+
+ for (int i = tuples.length; i < newFormatTuples.length; i++) {
+ if (i == AttributeConstants.ATTR_VALUE_INDEX.intValue()) {
+ newFormatTuples[i] = "[]";
+ } else {
+ newFormatTuples[i] = "";
+ }
+ }
+ }
+ return newFormatTuples;
+ }
+
+ /**
+ * Returns a IPersonalAttributeList of the complex attributes in this map.
+ *
+ * @return an IPersonalAttributeList of the complex attributes contained in this map.
+ */
+ public IPersonalAttributeList getComplexAttributes() {
+ LOG.info("get complex attributes");
+ IPersonalAttributeList attrList = new PersonalAttributeList();
+ for(PersonalAttribute attr: this) {
+ if(!attr.getComplexValue().isEmpty()) {
+ attrList.put(attr.getName(), attr);
+ LOG.info("adding complex attribute:"+attr.getName());
+ }
+ }
+ return attrList;
+ }
+
+ /**
+ * Returns a IPersonalAttributeList of the mandatory attributes in this map.
+ *
+ * @return an IPersonalAttributeList of the mandatory attributes contained in this map.
+ */
+ public IPersonalAttributeList getSimpleValueAttributes() {
+ LOG.info("get simple attributes");
+ IPersonalAttributeList attrList = new PersonalAttributeList();
+ for(PersonalAttribute attr: this) {
+ if(attr.getComplexValue().isEmpty()) {
+ attrList.put(attr.getName(), attr);
+ LOG.info("adding simple attribute:"+attr.getName());
+ }
+ }
+ return attrList;
+ }
+
+
+
+ /**
+ * Returns a IPersonalAttributeList of the mandatory attributes in this map.
+ *
+ * @return an IPersonalAttributeList of the mandatory attributes contained in this map.
+ */
+ public IPersonalAttributeList getMandatoryAttributes() {
+ return getAttributesByParam(true);
+ }
+
+
+ /**
+ * Returns a IPersonalAttributeList of the attributes in this map by parameter value.
+ *
+ * @param compareValue The boolean to get mandatory (true) or optional (false) attributes.
+ *
+ * @return an IPersonalAttributeList of the mandatory attributes contained in this map if compareValue is true or optional otherwise.
+ */
+ private IPersonalAttributeList getAttributesByParam(final boolean compareValue) {
+ LOG.info("get attributes by param :"+compareValue);
+ IPersonalAttributeList attrList = new PersonalAttributeList();
+ for(PersonalAttribute attr: this) {
+ if(attr.isRequired() == compareValue) {
+ attrList.put(attr.getName(), attr);
+ LOG.info("adding attribute:"+attr.getName());
+ }
+ }
+ return attrList;
+ }
+
+
+ /**
+ * Returns a IPersonalAttributeList of the optional attributes in this map.
+ *
+ * @return an IPersonalAttributeList of the optional attributes contained in this map.
+ */
+ public IPersonalAttributeList getOptionalAttributes() {
+ return getAttributesByParam(false);
+ }
+
+ /**
+ * {@inheritDoc}
+ */
+ public boolean hasMissingValues() {
+ for(PersonalAttribute attr: this) {
+ if(attr.isEmptyValue() && attr.isEmptyComplexValue()) {
+ return true;
+ }
+ }
+ return false;
+ }
+} \ No newline at end of file
diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKAttrQueryRequest.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKAttrQueryRequest.java
new file mode 100644
index 000000000..65936f1a8
--- /dev/null
+++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKAttrQueryRequest.java
@@ -0,0 +1,447 @@
+package eu.stork.peps.auth.commons;
+
+import java.io.Serializable;
+
+import org.apache.log4j.Logger;
+
+public class STORKAttrQueryRequest implements Serializable, Cloneable {
+
+ /** The Constant serialVersionUID. */
+ private static final long serialVersionUID = 4778480781609392750L;
+
+ /**
+ * Logger object.
+ */
+ private static final Logger LOG = Logger.getLogger(STORKAttrQueryRequest.class
+ .getName());
+
+ /** The samlId. */
+ private String samlId;
+
+ /** The destination. */
+ private String destination;
+
+ /** The assertion consumer service url. */
+ private String serviceURL;
+
+ /** The distinguished name. */
+ private String distinguishedName;
+
+ /** The e id sector share. */
+ private boolean eIDSectorShare;
+
+ /** The e id cross sector share. */
+ private boolean eIDCrossSectorShare;
+
+ /** The e id cross border share. */
+ private boolean eIDCrossBorderShare;
+
+ /** The personal attribute list. */
+ private IPersonalAttributeList attributeList = new PersonalAttributeList();
+
+ /** The qaa. */
+ private int qaa;
+
+ /** The token saml. */
+ private byte[] tokenSaml = new byte[0];
+
+ /** The issuer. */
+ private String issuer;
+
+ /** The service provider sector. */
+ private String spSector;
+
+ /** The service provider institution. */
+ private String spInstitution;
+
+ /** The service provider application. */
+ private String spApplication;
+
+ /** The service provider country. */
+ private String spCountry;
+
+ /** The country. */
+ private String country;
+
+ /** The citizen country code. */
+ private String citizenCountry;
+
+ /** The Service Provider ID. */
+ private String sPID;
+
+ /** The Alias used at the keystore for saving this certificate. */
+ private String alias;
+
+ /**
+ * Gets the SP's Certificate Alias.
+ *
+ * @return alias The SP's Certificate Alias.
+ */
+ public String getAlias() {
+ return alias;
+ }
+
+ /**
+ * Sets the SP's Certificate Alias.
+ *
+ * @param nAlias The SP's Certificate Alias.
+ */
+ public void setAlias(final String nAlias) {
+ this.alias = nAlias;
+ }
+
+ /**
+ * Gets the SP ID.
+ *
+ * @return sPID The SP ID.
+ */
+ public String getSPID() {
+ return sPID;
+ }
+
+ /**
+ * Sets the SP ID.
+ *
+ * @param sPId The new sp samlId.
+ */
+ public void setSPID(final String sPId) {
+ this.sPID = sPId;
+ }
+
+ /**
+ * Gets the citizen country code.
+ *
+ * @return The citizen country code value.
+ */
+ public String getCitizenCountryCode() {
+ return citizenCountry;
+ }
+
+ /**
+ * Sets the citizen country code.
+ *
+ * @param countryCode the new citizen country code value.
+ */
+ public void setCitizenCountryCode(final String countryCode) {
+ this.citizenCountry = countryCode;
+ }
+
+ /**
+ * Gets the sp country.
+ *
+ * @return The sp country value.
+ */
+ public String getSpCountry() {
+ return spCountry;
+ }
+
+ /**
+ * Sets the sp country.
+ *
+ * @param sPCountry the new sp country value.
+ */
+ public void setSpCountry(final String sPCountry) {
+ this.spCountry = sPCountry;
+ }
+
+ /**
+ * Gets the issuer.
+ *
+ * @return The issuer value.
+ */
+ public String getIssuer() {
+ return issuer;
+ }
+
+ /**
+ * Sets the issuer.
+ *
+ * @param samlIssuer the new issuer value.
+ */
+ public void setIssuer(final String samlIssuer) {
+ this.issuer = samlIssuer;
+ }
+
+ /**
+ * Gets the SAML Token.
+ *
+ * @return The SAML Token value.
+ */
+ public byte[] getTokenSaml() {
+ return tokenSaml.clone();
+ }
+
+ /**
+ * Sets the SAML Token.
+ *
+ * @param samlToken The new SAML Token value.
+ */
+ public void setTokenSaml(final byte[] samlToken) {
+ if (samlToken != null) {
+ this.tokenSaml = samlToken.clone();
+ }
+ }
+
+ /**
+ * Gets the country.
+ *
+ * @return The country value.
+ */
+ public String getCountry() {
+ return country;
+ }
+
+ /**
+ * Sets the country.
+ *
+ * @param nCountry the new country value.
+ */
+ public void setCountry(final String nCountry) {
+ this.country = nCountry;
+ }
+
+ /**
+ * Getter for the qaa value.
+ *
+ * @return The qaa value value.
+ */
+ public int getQaa() {
+ return qaa;
+ }
+
+ /**
+ * Setter for the qaa value.
+ *
+ * @param qaaLevel The new qaa value.
+ */
+ public void setQaa(final int qaaLevel) {
+ this.qaa = qaaLevel;
+ }
+
+ /**
+ * Getter for the serviceURL value.
+ *
+ * @return The serviceURL value.
+ */
+ public String getAssertionConsumerServiceURL() {
+ return serviceURL;
+ }
+
+ /**
+ * Setter for the serviceURL value.
+ *
+ * @param newServiceURL the assertion consumer service URL.
+ */
+ public void setAssertionConsumerServiceURL(final String newServiceURL) {
+ this.serviceURL = newServiceURL;
+ }
+
+ /**
+ * Getter for the destination value.
+ *
+ * @return The destination value.
+ */
+ public String getDestination() {
+ return destination;
+ }
+
+ /**
+ * Setter for the destination value.
+ *
+ * @param detination the new destination value.
+ */
+ public void setDestination(final String detination) {
+ this.destination = detination;
+ }
+
+ /**
+ * Getter for the samlId value.
+ *
+ * @return The samlId value.
+ */
+ public String getSamlId() {
+ return samlId;
+ }
+
+ /**
+ * Setter for the samlId value.
+ *
+ * @param newSamlId the new samlId value.
+ */
+ public void setSamlId(final String newSamlId) {
+ this.samlId = newSamlId;
+ }
+
+
+ /**
+ * Getter for the attributeList value.
+ *
+ * @return The attributeList value.
+ *
+ * @see IPersonalAttributeList
+ */
+ public IPersonalAttributeList getPersonalAttributeList() {
+ IPersonalAttributeList personnalAttributeList = null;
+ try {
+ personnalAttributeList = (IPersonalAttributeList) attributeList.clone();
+ } catch (CloneNotSupportedException e1) {
+ LOG.trace("[PersonalAttribute] Nothing to do.");
+ }
+ return personnalAttributeList;
+ }
+
+ /**
+ * Setter for the attributeList value.
+ *
+ * @param attrList the personal attribute list value.
+ *
+ * @see IPersonalAttributeList
+ */
+ public void setPersonalAttributeList(final IPersonalAttributeList attrList) {
+ if (attrList != null) {
+ this.attributeList = attrList;
+ }
+ }
+
+ /**
+ * Getter for the distinguishedName value.
+ *
+ * @return The distinguishedName value.
+ */
+ public String getDistinguishedName() {
+ return distinguishedName;
+ }
+
+ /**
+ * Setter for the distinguishedName value.
+ *
+ * @param certDN the distinguished name value.
+ */
+ public void setDistinguishedName(final String certDN) {
+ this.distinguishedName = certDN;
+ }
+
+ /**
+ * Gets the service provider sector.
+ *
+ * @return The service provider sector value.
+ */
+ public String getSpSector() {
+ return spSector;
+ }
+
+ /**
+ * Sets the service provider sector.
+ *
+ * @param samlSPSector the new service provider sector value.
+ */
+ public void setSpSector(final String samlSPSector) {
+ this.spSector = samlSPSector;
+ }
+
+ /**
+ * Gets the service provider institution.
+ *
+ * @return The service provider institution value.
+ */
+ public String getSpInstitution() {
+ return spInstitution;
+ }
+
+ /**
+ * Sets the service provider institution.
+ *
+ * @param samlSPInst the new service provider institution value.
+ */
+ public void setSpInstitution(final String samlSPInst) {
+ this.spInstitution = samlSPInst;
+ }
+
+ /**
+ * Gets the service provider application.
+ *
+ * @return The service provider application value.
+ */
+ public String getSpApplication() {
+ return spApplication;
+ }
+
+ /**
+ * Sets the service provider application.
+ *
+ * @param samlSPApp the new service provider application value.
+ */
+ public void setSpApplication(final String samlSPApp) {
+ this.spApplication = samlSPApp;
+ }
+
+ /**
+ * Checks if is eId sector share.
+ *
+ * @return true, if is eId sector share.
+ */
+ public boolean isEIDSectorShare() {
+ return eIDSectorShare;
+ }
+
+ /**
+ * Sets the eId sector share.
+ *
+ * @param eIdSectorShare the new eId sector share value.
+ */
+ public void setEIDSectorShare(final boolean eIdSectorShare) {
+ this.eIDSectorShare = eIdSectorShare;
+ }
+
+ /**
+ * Checks if is eId cross sector share.
+ *
+ * @return true, if is eId cross sector share.
+ */
+ public boolean isEIDCrossSectorShare() {
+ return eIDCrossSectorShare;
+ }
+
+ /**
+ * Sets the eId cross sector share.
+ *
+ * @param eIdCrossSectorShare the new eId cross sector share value.
+ */
+ public void setEIDCrossSectorShare(final boolean eIdCrossSectorShare) {
+ this.eIDCrossSectorShare = eIdCrossSectorShare;
+ }
+
+ /**
+ * Checks if is eId cross border share.
+ *
+ * @return true, if is eId cross border share.
+ */
+ public boolean isEIDCrossBorderShare() {
+ return eIDCrossBorderShare;
+ }
+
+ /**
+ * Sets the eId cross border share.
+ *
+ * @param eIdCrossBorderShare the new eId cross border share value.
+ */
+ public void setEIDCrossBorderShare(final boolean eIdCrossBorderShare) {
+ this.eIDCrossBorderShare = eIdCrossBorderShare;
+ }
+
+ /**
+ * Returns a copy of this <tt>STORKAttrQueryRequest</tt> instance.
+ *
+ * @return The copy of this STORKAttrQueryRequest.
+ * @throws CloneNotSupportedException on clone exception
+ */
+ @Override
+ public Object clone() throws CloneNotSupportedException{
+ STORKAttrQueryRequest storkAttrQueryReq = null;
+ storkAttrQueryReq = (STORKAttrQueryRequest) super.clone();
+ storkAttrQueryReq.setPersonalAttributeList(getPersonalAttributeList());
+ storkAttrQueryReq.setTokenSaml(getTokenSaml());
+ return storkAttrQueryReq;
+ }
+
+}
diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKAttrQueryResponse.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKAttrQueryResponse.java
new file mode 100644
index 000000000..4e40d6d01
--- /dev/null
+++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKAttrQueryResponse.java
@@ -0,0 +1,388 @@
+/*
+ * This work is Open Source and licensed by the European Commission under the
+ * conditions of the European Public License v1.1
+ *
+ * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1);
+ *
+ * any use of this file implies acceptance of the conditions of this license.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations
+ * under the License.
+ */
+package eu.stork.peps.auth.commons;
+
+import java.util.List;
+
+import org.apache.log4j.Logger;
+import org.joda.time.DateTime;
+import org.opensaml.saml2.core.Assertion;
+
+public class STORKAttrQueryResponse {
+
+ /** Response Id. */
+ private String samlId;
+
+ /** Request failed? */
+ private boolean fail;
+
+ /** Status code. */
+ private String statusCode;
+
+ /** Secondary status code. */
+ private String subStatusCode;
+
+ /** Audience restriction. */
+ private transient String audienceRest;
+
+ /** Error message. */
+ private String message;
+
+ /** Id of the request that originated this response. */
+ private String inResponseTo;
+
+ /** Expiration date. */
+ private DateTime notOnOrAfter;
+
+ /** Creation date. */
+ private DateTime notBefore;
+
+ /** The SAML token. */
+ private byte[] tokenSaml = new byte[0];
+
+ /** Country. */
+ private String country;
+
+ /** The complete assertion **/
+ private Assertion assertion;
+
+ /** List of all assertions in response **/
+ private List<Assertion> assertions;
+
+ /** The complete list from all assertions **/
+ private transient IPersonalAttributeList totalAttributeList = new PersonalAttributeList();
+
+ /** All personal attribute lists **/
+ private List<IPersonalAttributeList> attributeLists;
+
+ /** Citizen's personal attribute list. */
+ private transient IPersonalAttributeList attributeList = new PersonalAttributeList();
+
+ /**
+ * Logger object.
+ */
+ private static final Logger LOG = Logger.getLogger(STORKAttrQueryResponse.class.getName());
+
+ /**
+ * Getter for the subStatusCode.
+ *
+ * @return The subStatusCode value.
+ */
+ public String getSubStatusCode() {
+ return subStatusCode;
+ }
+
+ /**
+ * Setter for the subStatusCode.
+ *
+ * @param samlSubStatusCode the new subStatusCode value.
+ */
+ public void setSubStatusCode(final String samlSubStatusCode) {
+ this.subStatusCode = samlSubStatusCode;
+ }
+
+ /**
+ * Getter for audienceRest.
+ *
+ * @return The audienceRest value.
+ */
+ public String getAudienceRestriction() {
+ return audienceRest;
+ }
+
+ /**
+ * Setter for audienceRest.
+ *
+ * @param audRest the new audienceRest value.
+ */
+ public void setAudienceRestriction(final String audRest) {
+ this.audienceRest = audRest;
+ }
+
+ /**
+ * Getter for the samlToken.
+ *
+ * @return The samlToken value.
+ */
+ public byte[] getTokenSaml() {
+ return tokenSaml.clone();
+ }
+
+ /**
+ * Setter for samlToken.
+ *
+ * @param samlToken the new tokenSaml value.
+ */
+ public void setTokenSaml(final byte[] samlToken) {
+ if (samlToken != null) {
+ this.tokenSaml = samlToken.clone();
+ }
+ }
+
+ /**
+ * Getter for the country name.
+ *
+ * @return The country name value.
+ */
+ public String getCountry() {
+ return country;
+ }
+
+ /**
+ * Setter for the country name.
+ *
+ * @param cCountry the new country name value.
+ */
+ public void setCountry(final String cCountry) {
+ this.country = cCountry;
+ }
+
+ /**
+ * Getter for pal value.
+ *
+ * @return The pal value.
+ *
+ * @see PersonalAttributeList
+ */
+ public IPersonalAttributeList getPersonalAttributeList() {
+ IPersonalAttributeList personnalAttributeList = null;
+ try {
+ personnalAttributeList = (IPersonalAttributeList) attributeList.clone();
+ } catch (CloneNotSupportedException e1) {
+ LOG.trace("[PersonalAttribute] Nothing to do.");
+ }
+ return personnalAttributeList;
+ }
+
+ /**
+ * Setter for the Personal Attribute List value.
+ *
+ * @param attrList the new value.
+ *
+ * @see PersonalAttributeList
+ */
+ public void setPersonalAttributeList(final IPersonalAttributeList attrList) {
+ if (attrList != null) {
+ this.attributeList = attrList;
+ }
+ }
+
+ /**
+ * Getter for the inResponseTo value.
+ *
+ * @return The inResponseTo value.
+ */
+ public String getInResponseTo() {
+ return inResponseTo;
+ }
+
+ /**
+ * Setter for the inResponseTo value.
+ *
+ * @param samlInResponseTo the new inResponseTo value.
+ */
+ public void setInResponseTo(final String samlInResponseTo) {
+ this.inResponseTo = samlInResponseTo;
+ }
+
+ /**
+ * Getter for the fail value.
+ *
+ * @return The fail value.
+ */
+ public boolean isFail() {
+ return fail;
+ }
+
+ /**
+ * Setter for the fail value.
+ *
+ * @param failVal the new fail value.
+ */
+ public void setFail(final boolean failVal) {
+ this.fail = failVal;
+ }
+
+ /**
+ * Getter for the message value.
+ *
+ * @return The message value.
+ */
+ public String getMessage() {
+ return message;
+ }
+
+ /**
+ * Setter for the message value.
+ *
+ * @param msg the new message value.
+ */
+ public void setMessage(final String msg) {
+ this.message = msg;
+ }
+
+ /**
+ * Getter for the statusCode value.
+ *
+ * @return The statusCode value.
+ */
+ public String getStatusCode() {
+ return statusCode;
+ }
+
+ /**
+ * Setter for the statusCode value.
+ *
+ * @param status the new statusCode value.
+ */
+ public void setStatusCode(final String status) {
+ this.statusCode = status;
+ }
+
+ /**
+ * Getter for the samlId value.
+ *
+ * @return The samlId value.
+ */
+ public String getSamlId() {
+ return samlId;
+ }
+
+ /**
+ * Setter for the samlId value.
+ *
+ * @param nSamlId the new samlId value.
+ */
+ public void setSamlId(final String nSamlId) {
+ this.samlId = nSamlId;
+ }
+
+ /**
+ * Getter for the notOnOrAfter value.
+ *
+ * @return The notOnOrAfter value.
+ *
+ * @see DateTime
+ */
+ public DateTime getNotOnOrAfter() {
+ return this.notOnOrAfter;
+ }
+
+ /**
+ * Setter for the notOnOrAfter value.
+ *
+ * @param nOnOrAfter the new notOnOrAfter value.
+ *
+ * @see DateTime
+ */
+ public void setNotOnOrAfter(final DateTime nOnOrAfter) {
+ this.notOnOrAfter = nOnOrAfter;
+ }
+
+ /**
+ * Getter for the notBefore value.
+ *
+ * @return The notBefore value.
+ *
+ * @see DateTime
+ */
+ public DateTime getNotBefore() {
+ return notBefore;
+ }
+
+ /**
+ * Setter for the notBefore value.
+ *
+ * @param nBefore the new notBefore value.
+ *
+ * @see DateTime
+ */
+ public void setNotBefore(final DateTime nBefore) {
+ this.notBefore = nBefore;
+ }
+
+ /** Get the assertion from the response **/
+ public Assertion getAssertion() {
+ return assertion;
+ }
+
+ /** Set the assertion in the response **/
+ public void setAssertion(final Assertion nAssertion) {
+ this.assertion = nAssertion;
+ }
+
+ public void setAssertions(List<Assertion> newAssert) {
+ this.assertions = newAssert;
+ }
+
+ public List<Assertion> getAssertions() {
+ return assertions;
+ }
+
+ /**
+ * Getter for the toal pal value.
+ *
+ * @return The total pal value.
+ *
+ * @see PersonalAttributeList
+ */
+ public IPersonalAttributeList getTotalPersonalAttributeList() {
+ IPersonalAttributeList personnalAttributeList = null;
+ try {
+ personnalAttributeList = (IPersonalAttributeList) totalAttributeList.clone();
+ } catch (CloneNotSupportedException e1) {
+ LOG.trace("[PersonalAttribute] Nothing to do.");
+ }
+ return personnalAttributeList;
+ }
+
+ /**
+ * Setter for the total Personal Attribute List value.
+ *
+ * @param attrList the new value.
+ *
+ * @see PersonalAttributeList
+ */
+ public void setTotalPersonalAttributeList(final IPersonalAttributeList attrList) {
+ if (attrList != null) {
+ this.totalAttributeList = attrList;
+ }
+ }
+
+ /**
+ * Getter for personal attribute lists
+ *
+ * @return The lists
+ *
+ * @see PersonalAttributeList
+ */
+ public List<IPersonalAttributeList> getPersonalAttributeLists() {
+ return attributeLists;
+ }
+
+ /**
+ * Setter for the Personal Attribute List value.
+ *
+ * @param attrList the new value.
+ *
+ * @see PersonalAttributeList
+ */
+ public void setPersonalAttributeLists(final List<IPersonalAttributeList> attrLists) {
+ if (attrLists != null) {
+ this.attributeLists = attrLists;
+ }
+ }
+
+}
+
diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKAuthnRequest.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKAuthnRequest.java
new file mode 100644
index 000000000..2354d0eb1
--- /dev/null
+++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKAuthnRequest.java
@@ -0,0 +1,495 @@
+/*
+ * This work is Open Source and licensed by the European Commission under the
+ * conditions of the European Public License v1.1
+ *
+ * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1);
+ *
+ * any use of this file implies acceptance of the conditions of this license.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations
+ * under the License.
+ */
+package eu.stork.peps.auth.commons;
+
+import java.io.Serializable;
+
+import org.apache.log4j.Logger;
+
+/**
+ * This class is a bean used to store the information relative to the
+ * STORKAuthnRequest (SAML Token Request).
+ *
+ * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com,
+ * luis.felix@multicert.com, hugo.magalhaes@multicert.com,
+ * paulo.ribeiro@multicert.com
+ * @version $Revision: 1.21 $, $Date: 2011-02-17 22:44:34 $
+ */
+public final class STORKAuthnRequest implements Serializable, Cloneable {
+
+ /** The Constant serialVersionUID. */
+ private static final long serialVersionUID = 4778480781609392750L;
+
+ /**
+ * Logger object.
+ */
+ private static final Logger LOG = Logger.getLogger(STORKAuthnRequest.class
+ .getName());
+
+ /** The samlId. */
+ private String samlId;
+
+ /** The assertion consumer service url. */
+ private String serviceURL;
+
+ /** The destination. */
+ private String destination;
+
+ /** The provider name. */
+ private String providerName;
+
+ /** The distinguished name. */
+ private String distinguishedName;
+
+ /** The e id sector share. */
+ private boolean eIDSectorShare;
+
+ /** The e id cross sector share. */
+ private boolean eIDCrossSectorShare;
+
+ /** The e id cross border share. */
+ private boolean eIDCrossBorderShare;
+
+ /** The personal attribute list. */
+ private IPersonalAttributeList attributeList = new PersonalAttributeList();
+
+ /** The qaa. */
+ private int qaa;
+
+ /** The token saml. */
+ private byte[] tokenSaml = new byte[0];
+
+ /** The issuer. */
+ private String issuer;
+
+ /** The service provider sector. */
+ private String spSector;
+
+ /** The service provider institution. */
+ private String spInstitution;
+
+ /** The service provider application. */
+ private String spApplication;
+
+ /** The service provider country. */
+ private String spCountry;
+
+ /** The country. */
+ private String country;
+
+ /** The citizen country code. */
+ private String citizenCountry;
+
+ /** The Service Provider ID. */
+ private String sPID;
+
+ /** The Alias used at the keystore for saving this certificate. */
+ private String alias;
+
+ /**
+ * Gets the SP's Certificate Alias.
+ *
+ * @return alias The SP's Certificate Alias.
+ */
+ public String getAlias() {
+ return alias;
+ }
+
+ /**
+ * Sets the SP's Certificate Alias.
+ *
+ * @param nAlias The SP's Certificate Alias.
+ */
+ public void setAlias(final String nAlias) {
+ this.alias = nAlias;
+ }
+
+ /**
+ * Gets the SP ID.
+ *
+ * @return sPID The SP ID.
+ */
+ public String getSPID() {
+ return sPID;
+ }
+
+ /**
+ * Sets the SP ID.
+ *
+ * @param sPId The new sp samlId.
+ */
+ public void setSPID(final String sPId) {
+ this.sPID = sPId;
+ }
+
+ /**
+ * Gets the citizen country code.
+ *
+ * @return The citizen country code value.
+ */
+ public String getCitizenCountryCode() {
+ return citizenCountry;
+ }
+
+ /**
+ * Sets the citizen country code.
+ *
+ * @param countryCode the new citizen country code value.
+ */
+ public void setCitizenCountryCode(final String countryCode) {
+ this.citizenCountry = countryCode;
+ }
+
+ /**
+ * Gets the sp country.
+ *
+ * @return The sp country value.
+ */
+ public String getSpCountry() {
+ return spCountry;
+ }
+
+ /**
+ * Sets the sp country.
+ *
+ * @param sPCountry the new sp country value.
+ */
+ public void setSpCountry(final String sPCountry) {
+ this.spCountry = sPCountry;
+ }
+
+ /**
+ * Gets the issuer.
+ *
+ * @return The issuer value.
+ */
+ public String getIssuer() {
+ return issuer;
+ }
+
+ /**
+ * Sets the issuer.
+ *
+ * @param samlIssuer the new issuer value.
+ */
+ public void setIssuer(final String samlIssuer) {
+ this.issuer = samlIssuer;
+ }
+
+ /**
+ * Gets the SAML Token.
+ *
+ * @return The SAML Token value.
+ */
+ public byte[] getTokenSaml() {
+ return tokenSaml.clone();
+ }
+
+ /**
+ * Sets the SAML Token.
+ *
+ * @param samlToken The new SAML Token value.
+ */
+ public void setTokenSaml(final byte[] samlToken) {
+ if (samlToken != null) {
+ this.tokenSaml = samlToken.clone();
+ }
+ }
+
+ /**
+ * Gets the country.
+ *
+ * @return The country value.
+ */
+ public String getCountry() {
+ return country;
+ }
+
+ /**
+ * Sets the country.
+ *
+ * @param nCountry the new country value.
+ */
+ public void setCountry(final String nCountry) {
+ this.country = nCountry;
+ }
+
+ /**
+ * Getter for the qaa value.
+ *
+ * @return The qaa value value.
+ */
+ public int getQaa() {
+ return qaa;
+ }
+
+ /**
+ * Setter for the qaa value.
+ *
+ * @param qaaLevel The new qaa value.
+ */
+ public void setQaa(final int qaaLevel) {
+ this.qaa = qaaLevel;
+ }
+
+ /**
+ * Getter for the serviceURL value.
+ *
+ * @return The serviceURL value.
+ */
+ public String getAssertionConsumerServiceURL() {
+ return serviceURL;
+ }
+
+ /**
+ * Setter for the serviceURL value.
+ *
+ * @param newServiceURL the assertion consumer service URL.
+ */
+ public void setAssertionConsumerServiceURL(final String newServiceURL) {
+ this.serviceURL = newServiceURL;
+ }
+
+ /**
+ * Getter for the destination value.
+ *
+ * @return The destination value.
+ */
+ public String getDestination() {
+ return destination;
+ }
+
+ /**
+ * Setter for the destination value.
+ *
+ * @param detination the new destination value.
+ */
+ public void setDestination(final String detination) {
+ this.destination = detination;
+ }
+
+ /**
+ * Getter for the samlId value.
+ *
+ * @return The samlId value.
+ */
+ public String getSamlId() {
+ return samlId;
+ }
+
+ /**
+ * Setter for the samlId value.
+ *
+ * @param newSamlId the new samlId value.
+ */
+ public void setSamlId(final String newSamlId) {
+ this.samlId = newSamlId;
+ }
+
+ /**
+ * Getter for the providerName value.
+ *
+ * @return The provider name value.
+ */
+ public String getProviderName() {
+ return providerName;
+ }
+
+ /**
+ * Setter for the providerName value.
+ *
+ * @param samlProvider the provider name value.
+ */
+ public void setProviderName(final String samlProvider) {
+ this.providerName = samlProvider;
+ }
+
+ /**
+ * Getter for the attributeList value.
+ *
+ * @return The attributeList value.
+ *
+ * @see IPersonalAttributeList
+ */
+ public IPersonalAttributeList getPersonalAttributeList() {
+ IPersonalAttributeList personnalAttributeList = null;
+ try {
+ personnalAttributeList = (IPersonalAttributeList) attributeList.clone();
+ } catch (CloneNotSupportedException e1) {
+ LOG.trace("[PersonalAttribute] Nothing to do.");
+ }
+ return personnalAttributeList;
+ }
+
+ /**
+ * Setter for the attributeList value.
+ *
+ * @param attrList the personal attribute list value.
+ *
+ * @see IPersonalAttributeList
+ */
+ public void setPersonalAttributeList(final IPersonalAttributeList attrList) {
+ if (attrList != null) {
+ this.attributeList = attrList;
+ }
+ }
+
+ /**
+ * Getter for the distinguishedName value.
+ *
+ * @return The distinguishedName value.
+ */
+ public String getDistinguishedName() {
+ return distinguishedName;
+ }
+
+ /**
+ * Setter for the distinguishedName value.
+ *
+ * @param certDN the distinguished name value.
+ */
+ public void setDistinguishedName(final String certDN) {
+ this.distinguishedName = certDN;
+ }
+
+ /**
+ * Gets the service provider sector.
+ *
+ * @return The service provider sector value.
+ */
+ public String getSpSector() {
+ return spSector;
+ }
+
+ /**
+ * Sets the service provider sector.
+ *
+ * @param samlSPSector the new service provider sector value.
+ */
+ public void setSpSector(final String samlSPSector) {
+ this.spSector = samlSPSector;
+ }
+
+ /**
+ * Gets the service provider institution.
+ *
+ * @return The service provider institution value.
+ */
+ public String getSpInstitution() {
+ return spInstitution;
+ }
+
+ /**
+ * Sets the service provider institution.
+ *
+ * @param samlSPInst the new service provider institution value.
+ */
+ public void setSpInstitution(final String samlSPInst) {
+ this.spInstitution = samlSPInst;
+ }
+
+ /**
+ * Gets the service provider application.
+ *
+ * @return The service provider application value.
+ */
+ public String getSpApplication() {
+ return spApplication;
+ }
+
+ /**
+ * Sets the service provider application.
+ *
+ * @param samlSPApp the new service provider application value.
+ */
+ public void setSpApplication(final String samlSPApp) {
+ this.spApplication = samlSPApp;
+ }
+
+ /**
+ * Checks if is eId sector share.
+ *
+ * @return true, if is eId sector share.
+ */
+ public boolean isEIDSectorShare() {
+ return eIDSectorShare;
+ }
+
+ /**
+ * Sets the eId sector share.
+ *
+ * @param eIdSectorShare the new eId sector share value.
+ */
+ public void setEIDSectorShare(final boolean eIdSectorShare) {
+ this.eIDSectorShare = eIdSectorShare;
+ }
+
+ /**
+ * Checks if is eId cross sector share.
+ *
+ * @return true, if is eId cross sector share.
+ */
+ public boolean isEIDCrossSectorShare() {
+ return eIDCrossSectorShare;
+ }
+
+ /**
+ * Sets the eId cross sector share.
+ *
+ * @param eIdCrossSectorShare the new eId cross sector share value.
+ */
+ public void setEIDCrossSectorShare(final boolean eIdCrossSectorShare) {
+ this.eIDCrossSectorShare = eIdCrossSectorShare;
+ }
+
+ /**
+ * Checks if is eId cross border share.
+ *
+ * @return true, if is eId cross border share.
+ */
+ public boolean isEIDCrossBorderShare() {
+ return eIDCrossBorderShare;
+ }
+
+ /**
+ * Sets the eId cross border share.
+ *
+ * @param eIdCrossBorderShare the new eId cross border share value.
+ */
+ public void setEIDCrossBorderShare(final boolean eIdCrossBorderShare) {
+ this.eIDCrossBorderShare = eIdCrossBorderShare;
+ }
+
+ /**
+ * Returns a copy of this <tt>STORKAuthnRequest</tt> instance.
+ *
+ * @return The copy of this STORKAuthnRequest.
+ * @throws CloneNotSupportedException on clone exception
+ */
+ @Override
+ public Object clone() throws CloneNotSupportedException{
+ STORKAuthnRequest storkAuthnReq = null;
+ try {
+ storkAuthnReq = (STORKAuthnRequest) super.clone();
+ storkAuthnReq.setPersonalAttributeList(getPersonalAttributeList());
+ storkAuthnReq.setTokenSaml(getTokenSaml());
+ } catch (final CloneNotSupportedException e) {
+ // assert false;
+ LOG.trace("[PersonalAttribute] Nothing to do.");
+ }
+
+ return storkAuthnReq;
+ }
+
+}
diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKAuthnResponse.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKAuthnResponse.java
new file mode 100644
index 000000000..84fadd023
--- /dev/null
+++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKAuthnResponse.java
@@ -0,0 +1,383 @@
+/*
+ * This work is Open Source and licensed by the European Commission under the
+ * conditions of the European Public License v1.1
+ *
+ * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1);
+ *
+ * any use of this file implies acceptance of the conditions of this license.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations
+ * under the License.
+ */
+package eu.stork.peps.auth.commons;
+
+import java.util.List;
+
+import org.apache.log4j.Logger;
+import org.joda.time.DateTime;
+import org.opensaml.saml2.core.Assertion;
+
+/**
+ * This class is a bean used to store the information relative to the
+ * STORKAuthnResponse.
+ *
+ * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com,
+ * luis.felix@multicert.com, hugo.magalhaes@multicert.com,
+ * paulo.ribeiro@multicert.com
+ * @version $Revision: 1.15 $, $Date: 2010-11-17 05:15:28 $
+ */
+public final class STORKAuthnResponse {
+
+ /** Response Id. */
+ private String samlId;
+
+ /** Authentication failed? */
+ private boolean fail;
+
+ /** Status code. */
+ private String statusCode;
+
+ /** Secondary status code. */
+ private String subStatusCode;
+
+ /** Audience restriction. */
+ private transient String audienceRest;
+
+ /** Error message. */
+ private String message;
+
+ /** Id of the request that originated this response. */
+ private String inResponseTo;
+
+ /** Expiration date. */
+ private DateTime notOnOrAfter;
+
+ /** Creation date. */
+ private DateTime notBefore;
+
+ /** The SAML token. */
+ private byte[] tokenSaml = new byte[0];
+
+ /** Country. */
+ private String country;
+
+ /** Citizen's personal attribute list. */
+ private transient IPersonalAttributeList attributeList = new PersonalAttributeList();
+
+ /** List of all assertions in response **/
+ private List<Assertion> assertions;
+
+ /** The complete list from all assertions **/
+ private transient IPersonalAttributeList totalAttributeList = new PersonalAttributeList();
+
+ /** All personal attribute lists **/
+ private List<IPersonalAttributeList> attributeLists;
+
+ /**
+ * Logger object.
+ */
+ private static final Logger LOG = Logger.getLogger(STORKAuthnResponse.class.getName());
+
+ /**
+ * Getter for the subStatusCode.
+ *
+ * @return The subStatusCode value.
+ */
+ public String getSubStatusCode() {
+ return subStatusCode;
+ }
+
+ /**
+ * Setter for the subStatusCode.
+ *
+ * @param samlSubStatusCode the new subStatusCode value.
+ */
+ public void setSubStatusCode(final String samlSubStatusCode) {
+ this.subStatusCode = samlSubStatusCode;
+ }
+
+ /**
+ * Getter for audienceRest.
+ *
+ * @return The audienceRest value.
+ */
+ public String getAudienceRestriction() {
+ return audienceRest;
+ }
+
+ /**
+ * Setter for audienceRest.
+ *
+ * @param audRest the new audienceRest value.
+ */
+ public void setAudienceRestriction(final String audRest) {
+ this.audienceRest = audRest;
+ }
+
+ /**
+ * Getter for the samlToken.
+ *
+ * @return The samlToken value.
+ */
+ public byte[] getTokenSaml() {
+ return tokenSaml.clone();
+ }
+
+ /**
+ * Setter for samlToken.
+ *
+ * @param samlToken the new tokenSaml value.
+ */
+ public void setTokenSaml(final byte[] samlToken) {
+ if (samlToken != null) {
+ this.tokenSaml = samlToken.clone();
+ }
+ }
+
+ /**
+ * Getter for the country name.
+ *
+ * @return The country name value.
+ */
+ public String getCountry() {
+ return country;
+ }
+
+ /**
+ * Setter for the country name.
+ *
+ * @param cCountry the new country name value.
+ */
+ public void setCountry(final String cCountry) {
+ this.country = cCountry;
+ }
+
+ /**
+ * Getter for pal value.
+ *
+ * @return The pal value.
+ *
+ * @see PersonalAttributeList
+ */
+ public IPersonalAttributeList getPersonalAttributeList() {
+ IPersonalAttributeList personnalAttributeList = null;
+ try {
+ personnalAttributeList = (IPersonalAttributeList) attributeList.clone();
+ } catch (CloneNotSupportedException e1) {
+ LOG.trace("[PersonalAttribute] Nothing to do.");
+ }
+ return personnalAttributeList;
+ }
+
+ /**
+ * Setter for the Personal Attribute List value.
+ *
+ * @param attrList the new value.
+ *
+ * @see PersonalAttributeList
+ */
+ public void setPersonalAttributeList(final IPersonalAttributeList attrList) {
+ if (attrList != null) {
+ this.attributeList = attrList;
+ }
+ }
+
+ /**
+ * Getter for the inResponseTo value.
+ *
+ * @return The inResponseTo value.
+ */
+ public String getInResponseTo() {
+ return inResponseTo;
+ }
+
+ /**
+ * Setter for the inResponseTo value.
+ *
+ * @param samlInResponseTo the new inResponseTo value.
+ */
+ public void setInResponseTo(final String samlInResponseTo) {
+ this.inResponseTo = samlInResponseTo;
+ }
+
+ /**
+ * Getter for the fail value.
+ *
+ * @return The fail value.
+ */
+ public boolean isFail() {
+ return fail;
+ }
+
+ /**
+ * Setter for the fail value.
+ *
+ * @param failVal the new fail value.
+ */
+ public void setFail(final boolean failVal) {
+ this.fail = failVal;
+ }
+
+ /**
+ * Getter for the message value.
+ *
+ * @return The message value.
+ */
+ public String getMessage() {
+ return message;
+ }
+
+ /**
+ * Setter for the message value.
+ *
+ * @param msg the new message value.
+ */
+ public void setMessage(final String msg) {
+ this.message = msg;
+ }
+
+ /**
+ * Getter for the statusCode value.
+ *
+ * @return The statusCode value.
+ */
+ public String getStatusCode() {
+ return statusCode;
+ }
+
+ /**
+ * Setter for the statusCode value.
+ *
+ * @param status the new statusCode value.
+ */
+ public void setStatusCode(final String status) {
+ this.statusCode = status;
+ }
+
+ /**
+ * Getter for the samlId value.
+ *
+ * @return The samlId value.
+ */
+ public String getSamlId() {
+ return samlId;
+ }
+
+ /**
+ * Setter for the samlId value.
+ *
+ * @param nSamlId the new samlId value.
+ */
+ public void setSamlId(final String nSamlId) {
+ this.samlId = nSamlId;
+ }
+
+ /**
+ * Getter for the notOnOrAfter value.
+ *
+ * @return The notOnOrAfter value.
+ *
+ * @see DateTime
+ */
+ public DateTime getNotOnOrAfter() {
+ return this.notOnOrAfter;
+ }
+
+ /**
+ * Setter for the notOnOrAfter value.
+ *
+ * @param nOnOrAfter the new notOnOrAfter value.
+ *
+ * @see DateTime
+ */
+ public void setNotOnOrAfter(final DateTime nOnOrAfter) {
+ this.notOnOrAfter = nOnOrAfter;
+ }
+
+ /**
+ * Getter for the notBefore value.
+ *
+ * @return The notBefore value.
+ *
+ * @see DateTime
+ */
+ public DateTime getNotBefore() {
+ return notBefore;
+ }
+
+ /**
+ * Setter for the notBefore value.
+ *
+ * @param nBefore the new notBefore value.
+ *
+ * @see DateTime
+ */
+ public void setNotBefore(final DateTime nBefore) {
+ this.notBefore = nBefore;
+ }
+
+ public void setAssertions(List<Assertion> newAssert) {
+ this.assertions = newAssert;
+ }
+
+ public List<Assertion> getAssertions() {
+ return assertions;
+ }
+
+ /**
+ * Getter for the toal pal value.
+ *
+ * @return The total pal value.
+ *
+ * @see PersonalAttributeList
+ */
+ public IPersonalAttributeList getTotalPersonalAttributeList() {
+ IPersonalAttributeList personnalAttributeList = null;
+ try {
+ personnalAttributeList = (IPersonalAttributeList) totalAttributeList.clone();
+ } catch (CloneNotSupportedException e1) {
+ LOG.trace("[PersonalAttribute] Nothing to do.");
+ }
+ return personnalAttributeList;
+ }
+
+ /**
+ * Setter for the total Personal Attribute List value.
+ *
+ * @param attrList the new value.
+ *
+ * @see PersonalAttributeList
+ */
+ public void setTotalPersonalAttributeList(final IPersonalAttributeList attrList) {
+ if (attrList != null) {
+ this.totalAttributeList = attrList;
+ }
+ }
+
+ /**
+ * Getter for personal attribute lists
+ *
+ * @return The lists
+ *
+ * @see PersonalAttributeList
+ */
+ public List<IPersonalAttributeList> getPersonalAttributeLists() {
+ return attributeLists;
+ }
+
+ /**
+ * Setter for the Personal Attribute List value.
+ *
+ * @param attrList the new value.
+ *
+ * @see PersonalAttributeList
+ */
+ public void setPersonalAttributeLists(final List<IPersonalAttributeList> attrLists) {
+ if (attrLists != null) {
+ this.attributeLists = attrLists;
+ }
+ }
+
+}
diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKLogoutRequest.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKLogoutRequest.java
new file mode 100644
index 000000000..44811aee2
--- /dev/null
+++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKLogoutRequest.java
@@ -0,0 +1,197 @@
+package eu.stork.peps.auth.commons;
+
+import java.io.Serializable;
+
+public class STORKLogoutRequest implements Serializable, Cloneable {
+ private static final long serialVersionUID = 4778480781609392750L;
+
+ /** The samlId. */
+ private String samlId;
+
+ /** The destination. */
+ private String destination;
+
+ /** The distinguished name. */
+ private String distinguishedName;
+
+ /** The qaa. */
+ private int qaa;
+
+ /** The token saml. */
+ private byte[] tokenSaml = new byte[0];
+
+ /** The issuer. */
+ private String issuer;
+
+ /** The country. */
+ private String country;
+
+ /** The Alias used at the keystore for saving this certificate. */
+ private String alias;
+
+ /** The ID of principal as known to SP **/
+ private String spProvidedId;
+
+ /**
+ * Gets the SP's Certificate Alias.
+ *
+ * @return alias The SP's Certificate Alias.
+ */
+ public String getAlias() {
+ return alias;
+ }
+
+ /**
+ * Sets the SP's Certificate Alias.
+ *
+ * @param nAlias The SP's Certificate Alias.
+ */
+ public void setAlias(final String nAlias) {
+ this.alias = nAlias;
+ }
+
+ /**
+ * Gets the issuer.
+ *
+ * @return The issuer value.
+ */
+ public String getIssuer() {
+ return issuer;
+ }
+
+ /**
+ * Sets the issuer.
+ *
+ * @param samlIssuer the new issuer value.
+ */
+ public void setIssuer(final String samlIssuer) {
+ this.issuer = samlIssuer;
+ }
+
+ /**
+ * Gets the SAML Token.
+ *
+ * @return The SAML Token value.
+ */
+ public byte[] getTokenSaml() {
+ return tokenSaml.clone();
+ }
+
+ /**
+ * Sets the SAML Token.
+ *
+ * @param samlToken The new SAML Token value.
+ */
+ public void setTokenSaml(final byte[] samlToken) {
+ if (samlToken != null) {
+ this.tokenSaml = samlToken.clone();
+ }
+ }
+
+ /**
+ * Gets the country.
+ *
+ * @return The country value.
+ */
+ public String getCountry() {
+ return country;
+ }
+
+ /**
+ * Sets the country.
+ *
+ * @param nCountry the new country value.
+ */
+ public void setCountry(final String nCountry) {
+ this.country = nCountry;
+ }
+
+ /**
+ * Getter for the qaa value.
+ *
+ * @return The qaa value value.
+ */
+ public int getQaa() {
+ return qaa;
+ }
+
+ /**
+ * Setter for the qaa value.
+ *
+ * @param qaaLevel The new qaa value.
+ */
+ public void setQaa(final int qaaLevel) {
+ this.qaa = qaaLevel;
+ }
+
+ /**
+ * Getter for the destination value.
+ *
+ * @return The destination value.
+ */
+ public String getDestination() {
+ return destination;
+ }
+
+ /**
+ * Setter for the destination value.
+ *
+ * @param detination the new destination value.
+ */
+ public void setDestination(final String detination) {
+ this.destination = detination;
+ }
+
+ /**
+ * Getter for the samlId value.
+ *
+ * @return The samlId value.
+ */
+ public String getSamlId() {
+ return samlId;
+ }
+
+ /**
+ * Setter for the samlId value.
+ *
+ * @param newSamlId the new samlId value.
+ */
+ public void setSamlId(final String newSamlId) {
+ this.samlId = newSamlId;
+ }
+
+ /**
+ * Getter for the distinguishedName value.
+ *
+ * @return The distinguishedName value.
+ */
+ public String getDistinguishedName() {
+ return distinguishedName;
+ }
+
+ /**
+ * Setter for the distinguishedName value.
+ *
+ * @param certDN the distinguished name value.
+ */
+ public void setDistinguishedName(final String certDN) {
+ this.distinguishedName = certDN;
+ }
+
+ /** Getter for spProvidedId **/
+ public String getSpProvidedId() {
+ return spProvidedId;
+ }
+
+ public void setSpProvidedId(final String nSpProvidedId) {
+ this.spProvidedId = nSpProvidedId;
+ }
+
+ @Override
+ public Object clone() throws CloneNotSupportedException{
+ STORKLogoutRequest storkLogoutRequest = null;
+ storkLogoutRequest = (STORKLogoutRequest) super.clone();
+ storkLogoutRequest.setTokenSaml(getTokenSaml());
+ return storkLogoutRequest;
+ }
+}
diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKLogoutResponse.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKLogoutResponse.java
new file mode 100644
index 000000000..21b53a652
--- /dev/null
+++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKLogoutResponse.java
@@ -0,0 +1,250 @@
+package eu.stork.peps.auth.commons;
+
+import java.io.Serializable;
+
+public class STORKLogoutResponse implements Serializable, Cloneable {
+ private static final long serialVersionUID = 4778480781609392750L;
+
+ /** The samlId. */
+ private String samlId;
+
+ /** The destination. */
+ private String destination;
+
+ /** The distinguished name. */
+ private String distinguishedName;
+
+ /** The token saml. */
+ private byte[] tokenSaml = new byte[0];
+
+ /** The issuer. */
+ private String issuer;
+
+ /** The country. */
+ private String country;
+
+ /** The Alias used at the keystore for saving this certificate. */
+ private String alias;
+
+ /** Status code. */
+ private String statusCode;
+
+ /** Secondary status code. */
+ private String subStatusCode;
+
+ /** Status message. */
+ private String statusMessage;
+
+ /** Logout failed? */
+ private boolean fail;
+
+ /**
+ * Gets the SP's Certificate Alias.
+ *
+ * @return alias The SP's Certificate Alias.
+ */
+ public String getAlias() {
+ return alias;
+ }
+
+ /**
+ * Sets the SP's Certificate Alias.
+ *
+ * @param nAlias The SP's Certificate Alias.
+ */
+ public void setAlias(final String nAlias) {
+ this.alias = nAlias;
+ }
+
+ /**
+ * Gets the issuer.
+ *
+ * @return The issuer value.
+ */
+ public String getIssuer() {
+ return issuer;
+ }
+
+ /**
+ * Sets the issuer.
+ *
+ * @param samlIssuer the new issuer value.
+ */
+ public void setIssuer(final String samlIssuer) {
+ this.issuer = samlIssuer;
+ }
+
+ /**
+ * Gets the SAML Token.
+ *
+ * @return The SAML Token value.
+ */
+ public byte[] getTokenSaml() {
+ return tokenSaml.clone();
+ }
+
+ /**
+ * Sets the SAML Token.
+ *
+ * @param samlToken The new SAML Token value.
+ */
+ public void setTokenSaml(final byte[] samlToken) {
+ if (samlToken != null) {
+ this.tokenSaml = samlToken.clone();
+ }
+ }
+
+ /**
+ * Gets the country.
+ *
+ * @return The country value.
+ */
+ public String getCountry() {
+ return country;
+ }
+
+ /**
+ * Sets the country.
+ *
+ * @param nCountry the new country value.
+ */
+ public void setCountry(final String nCountry) {
+ this.country = nCountry;
+ }
+
+ /**
+ * Getter for the destination value.
+ *
+ * @return The destination value.
+ */
+ public String getDestination() {
+ return destination;
+ }
+
+ /**
+ * Setter for the destination value.
+ *
+ * @param detination the new destination value.
+ */
+ public void setDestination(final String detination) {
+ this.destination = detination;
+ }
+
+ /**
+ * Getter for the samlId value.
+ *
+ * @return The samlId value.
+ */
+ public String getSamlId() {
+ return samlId;
+ }
+
+ /**
+ * Setter for the samlId value.
+ *
+ * @param newSamlId the new samlId value.
+ */
+ public void setSamlId(final String newSamlId) {
+ this.samlId = newSamlId;
+ }
+
+ /**
+ * Getter for the distinguishedName value.
+ *
+ * @return The distinguishedName value.
+ */
+ public String getDistinguishedName() {
+ return distinguishedName;
+ }
+
+ /**
+ * Setter for the distinguishedName value.
+ *
+ * @param certDN the distinguished name value.
+ */
+ public void setDistinguishedName(final String certDN) {
+ this.distinguishedName = certDN;
+ }
+
+
+ /**
+ * Getter for the fail value.
+ *
+ * @return The fail value.
+ */
+ public boolean isFail() {
+ return fail;
+ }
+
+ /**
+ * Setter for the fail value.
+ *
+ * @param failVal the new fail value.
+ */
+ public void setFail(final boolean failVal) {
+ this.fail = failVal;
+ }
+
+ /**
+ * Getter for the statusCode value.
+ *
+ * @return The statusCode value.
+ */
+ public String getStatusCode() {
+ return statusCode;
+ }
+
+ /**
+ * Getter for the subStatusCode.
+ *
+ * @return The subStatusCode value.
+ */
+ public String getSubStatusCode() {
+ return subStatusCode;
+ }
+
+ /**
+ * Setter for the subStatusCode.
+ *
+ * @param samlSubStatusCode the new subStatusCode value.
+ */
+ public void setSubStatusCode(final String samlSubStatusCode) {
+ this.subStatusCode = samlSubStatusCode;
+ }
+
+ /**
+ * Setter for the statusMessage value.
+ *
+ * @param status the new statusMessage value.
+ */
+ public void setStatusMessage(final String status) {
+ this.statusMessage = status;
+ }
+
+ /**
+ * Getter for the statusMessage value.
+ *
+ * @return The statusMessage value.
+ */
+ public String getStatusMessage() {
+ return statusMessage;
+ }
+
+ /**
+ * Setter for the statusCode value.
+ *
+ * @param status the new statusCode value.
+ */
+ public void setStatusCode(final String status) {
+ this.statusCode = status;
+ }
+
+ @Override
+ public Object clone() throws CloneNotSupportedException{
+ STORKLogoutResponse storkLogoutResponse = null;
+ storkLogoutResponse = (STORKLogoutResponse) super.clone();
+ storkLogoutResponse.setTokenSaml(getTokenSaml());
+ return storkLogoutResponse;
+ }
+
+}
diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKStatusCode.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKStatusCode.java
new file mode 100644
index 000000000..a9c4a156b
--- /dev/null
+++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKStatusCode.java
@@ -0,0 +1,68 @@
+/*
+ * This work is Open Source and licensed by the European Commission under the
+ * conditions of the European Public License v1.1
+ *
+ * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1);
+ *
+ * any use of this file implies acceptance of the conditions of this license.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations
+ * under the License.
+ */
+package eu.stork.peps.auth.commons;
+
+/**
+ * This enum class contains the SAML Token Status Code.
+ *
+ * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com,
+ * luis.felix@multicert.com, hugo.magalhaes@multicert.com,
+ * paulo.ribeiro@multicert.com
+ * @version $Revision: 1.13 $, $Date: 2010-11-17 05:15:28 $
+ */
+public enum STORKStatusCode {
+
+ /** URI for Requester status code. */
+ REQUESTER_URI("urn:oasis:names:tc:SAML:2.0:status:Requester"),
+
+ /** URI for Responder status code. */
+ RESPONDER_URI("urn:oasis:names:tc:SAML:2.0:status:Responder"),
+
+ /** URI for Success status code. */
+ SUCCESS_URI("urn:oasis:names:tc:SAML:2.0:status:Success"),
+
+ /** Attribute is Available. */
+ STATUS_AVAILABLE("Available"),
+
+ /** Attribute is NotAvailable. */
+ STATUS_NOT_AVAILABLE("NotAvailable"),
+
+ /** Attribute is Withheld. */
+ STATUS_WITHHELD("Withheld");
+
+ /**
+ * Represents the constant's value.
+ */
+ private String value;
+
+ /**
+ * Solo Constructor.
+ *
+ * @param val The Constant value.
+ */
+ private STORKStatusCode(final String val) {
+
+ this.value = val;
+ }
+
+ /**
+ * Return the Constant Value.
+ *
+ * @return The constant value.
+ */
+ public String toString() {
+
+ return value;
+ }
+}
diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKSubStatusCode.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKSubStatusCode.java
new file mode 100644
index 000000000..0a711c9b7
--- /dev/null
+++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKSubStatusCode.java
@@ -0,0 +1,71 @@
+/*
+ * This work is Open Source and licensed by the European Commission under the
+ * conditions of the European Public License v1.1
+ *
+ * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1);
+ *
+ * any use of this file implies acceptance of the conditions of this license.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations
+ * under the License.
+ */
+package eu.stork.peps.auth.commons;
+
+/**
+ * This enum class contains the SAML Token Sub Status Code.
+ *
+ * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com,
+ * luis.felix@multicert.com, hugo.magalhaes@multicert.com,
+ * paulo.ribeiro@multicert.com
+ * @version $Revision: 1.7 $, $Date: 2010-11-17 05:15:28 $
+ */
+public enum STORKSubStatusCode {
+
+ /** URI for AuthnFailed status code. */
+ AUTHN_FAILED_URI("urn:oasis:names:tc:SAML:2.0:status:AuthnFailed"),
+
+ /** URI for InvalidAttrNameOrValue status code. */
+ INVALID_ATTR_NAME_VALUE_URI(
+ "urn:oasis:names:tc:SAML:2.0:status:InvalidAttrNameOrValue"),
+
+ /** URI for InvalidNameIDPolicy status code. */
+ INVALID_NAMEID_POLICY_URI(
+ "urn:oasis:names:tc:SAML:2.0:status:InvalidNameIDPolicy"),
+
+ /** URI for VersionMismatch status code. */
+ VERSION_MISMATCH_URI("urn:oasis:names:tc:SAML:2.0:status:VersionMismatch"),
+
+ /** URI for RequestDenied status code. */
+ REQUEST_DENIED_URI("urn:oasis:names:tc:SAML:2.0:status:RequestDenied"),
+
+ /** URI for QaaNotSupported status code. */
+ QAA_NOT_SUPPORTED(
+ "http://www.stork.gov.eu/saml20/statusCodes/QAANotSupported");
+
+ /**
+ * Represents the constant's value.
+ */
+ private String value;
+
+ /**
+ * Solo Constructor.
+ *
+ * @param val The Constant value.
+ */
+ private STORKSubStatusCode(final String val) {
+
+ this.value = val;
+ }
+
+ /**
+ * Return the Constant Value.
+ *
+ * @return The constant value.
+ */
+ public String toString() {
+
+ return value;
+ }
+}
diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/AbstractPEPSException.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/AbstractPEPSException.java
new file mode 100644
index 000000000..e9a96d7c2
--- /dev/null
+++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/AbstractPEPSException.java
@@ -0,0 +1,173 @@
+/*
+ * This work is Open Source and licensed by the European Commission under the
+ * conditions of the European Public License v1.1
+ *
+ * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1);
+ *
+ * any use of this file implies acceptance of the conditions of this license.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations
+ * under the License.
+ */
+package eu.stork.peps.auth.commons.exceptions;
+
+import java.io.Serializable;
+
+/**
+ * Abstract class to represent the various PEPS exceptions.
+ *
+ * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com,
+ * luis.felix@multicert.com, hugo.magalhaes@multicert.com,
+ * paulo.ribeiro@multicert.com
+ * @version $Revision: 1.13 $, $Date: 2010-11-17 05:15:28 $
+ */
+public abstract class AbstractPEPSException extends RuntimeException implements
+ Serializable {
+
+ /**
+ * Unique identifier.
+ */
+ private static final long serialVersionUID = -1884417567740138022L;
+
+ /**
+ * Error code.
+ */
+ private String errorCode;
+
+ /**
+ * Error message.
+ */
+ private String errorMessage;
+
+ /**
+ * SAML token.
+ */
+ private String samlTokenFail;
+
+ /**
+ * Exception Constructor with two Strings representing the errorCode and
+ * errorMessage as parameters.
+ *
+ * @param code The error code value.
+ * @param message The error message value.
+ */
+ public AbstractPEPSException(final String code, final String message) {
+
+ super(message);
+ this.errorCode = code;
+ this.errorMessage = message;
+ }
+
+ /**
+ * Exception Constructor with the errorMessage as parameters and the Throwable
+ * cause.
+ *
+ * @param message The error message value.
+ * @param cause The throwable object.
+ */
+ public AbstractPEPSException(final String message, final Throwable cause) {
+
+ super(message, cause);
+ this.errorMessage = message;
+ }
+
+ /**
+ * Exception Constructor with two Strings representing the errorCode and
+ * errorMessage as parameters and the Throwable cause.
+ *
+ * @param code The error code value.
+ * @param message The error message value.
+ * @param cause The throwable object.
+ */
+ public AbstractPEPSException(final String code, final String message,
+ final Throwable cause) {
+
+ super(message, cause);
+ this.errorCode = code;
+ this.errorMessage = message;
+ }
+
+ /**
+ * Exception Constructor with three Strings representing the errorCode,
+ * errorMessage and encoded samlToken as parameters.
+ *
+ * @param code The error code value.
+ * @param message The error message value.
+ * @param samlToken The error SAML Token.
+ */
+ public AbstractPEPSException(final String code, final String message,
+ final String samlToken) {
+
+ super(message);
+ this.errorCode = code;
+ this.errorMessage = message;
+ this.samlTokenFail = samlToken;
+ }
+
+ /**
+ * Constructor with SAML Token as argument. Error message and error code are
+ * embedded in the SAML.
+ *
+ * @param samlToken The error SAML Token.
+ */
+ public AbstractPEPSException(final String samlToken) {
+ super();
+ this.samlTokenFail = samlToken;
+ }
+
+ /**
+ * Getter for errorCode.
+ *
+ * @return The errorCode value.
+ */
+ public final String getErrorCode() {
+ return errorCode;
+ }
+
+ /**
+ * Setter for errorCode.
+ *
+ * @param code The error code value.
+ */
+ public final void setErrorCode(final String code) {
+ this.errorCode = code;
+ }
+
+ /**
+ * Getter for errorMessage.
+ *
+ * @return The error Message value.
+ */
+ public final String getErrorMessage() {
+ return errorMessage;
+ }
+
+ /**
+ * Setter for errorMessage.
+ *
+ * @param message The error message value.
+ */
+ public final void setErrorMessage(final String message) {
+ this.errorMessage = message;
+ }
+
+ /**
+ * Getter for SAMLTokenFail.
+ *
+ * @return The error SAML Token.
+ */
+ public final String getSamlTokenFail() {
+ return samlTokenFail;
+ }
+
+ /**
+ * Setter for SAMLTokenFail.
+ *
+ * @param samlToken The error SAML token.
+ */
+ public final void setSamlTokenFail(final String samlToken) {
+ this.samlTokenFail = samlToken;
+ }
+}
diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/CPEPSException.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/CPEPSException.java
new file mode 100644
index 000000000..69cb20fdd
--- /dev/null
+++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/CPEPSException.java
@@ -0,0 +1,143 @@
+/*
+ * This work is Open Source and licensed by the European Commission under the
+ * conditions of the European Public License v1.1
+ *
+ * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1);
+ *
+ * any use of this file implies acceptance of the conditions of this license.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations
+ * under the License.
+ */
+package eu.stork.peps.auth.commons.exceptions;
+
+/**
+ * This exception is thrown by the C-PEPS service and holds the relative
+ * information to present to the citizen.
+ *
+ * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com,
+ * luis.felix@multicert.com, hugo.magalhaes@multicert.com,
+ * paulo.ribeiro@multicert.com
+ * @version $Revision: 1.9 $, $Date: 2010-11-17 05:15:28 $
+ */
+public final class CPEPSException extends RuntimeException {
+
+ /**
+ * Serial id.
+ */
+ private static final long serialVersionUID = -4012295047127999362L;
+
+ /**
+ * Error code.
+ */
+ private String errorCode;
+
+ /**
+ * Error message.
+ */
+ private String errorMessage;
+
+ /**
+ * SAML token.
+ */
+ private String samlTokenFail;
+
+ /**
+ * Exception Constructor with two Strings representing the errorCode and
+ * errorMessage as parameters.
+ *
+ * @param samlToken The SAML Token.
+ * @param code The error code value.
+ * @param message The error message value.
+ */
+ public CPEPSException(final String samlToken, final String code,
+ final String message) {
+
+ super(message);
+ this.setErrorCode(code);
+ this.setErrorMessage(message);
+ this.setSamlTokenFail(samlToken);
+ }
+
+ /**
+ * Exception Constructor with two Strings representing the errorCode and
+ * errorMessage as parameters.
+ *
+ * @param samlToken The SAML Token.
+ * @param code The error code value.
+ * @param message The error message value.
+ * @param cause The original exception;
+ */
+ public CPEPSException(final String samlToken, final String code,
+ final String message, final Throwable cause) {
+
+ super(message, cause);
+ this.setErrorCode(code);
+ this.setErrorMessage(message);
+ this.setSamlTokenFail(samlToken);
+ }
+
+ /**
+ * {@inheritDoc}
+ */
+ public String getMessage() {
+ return this.getErrorMessage() + " (" + this.getErrorCode() + ")";
+ }
+
+ /**
+ * Getter for the error code.
+ *
+ * @return The errorCode value.
+ */
+ public String getErrorCode() {
+ return errorCode;
+ }
+
+ /**
+ * Setter for the error code.
+ *
+ * @param code The error code.
+ */
+ public void setErrorCode(final String code) {
+ this.errorCode = code;
+ }
+
+ /**
+ * Getter for the error message.
+ *
+ * @return The errorMessage value.
+ */
+ public String getErrorMessage() {
+ return errorMessage;
+ }
+
+ /**
+ * Setter for the error message.
+ *
+ * @param message The error message.
+ */
+ public void setErrorMessage(final String message) {
+ this.errorMessage = message;
+ }
+
+ /**
+ * Getter for the samlTokenFail.
+ *
+ * @return The samlTokenFail value.
+ */
+ public String getSamlTokenFail() {
+ return samlTokenFail;
+ }
+
+ /**
+ * Setter for the samlTokenFail.
+ *
+ * @param samlToken The error Saml Token.
+ */
+ public void setSamlTokenFail(final String samlToken) {
+ this.samlTokenFail = samlToken;
+ }
+
+}
diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/InternalErrorPEPSException.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/InternalErrorPEPSException.java
new file mode 100644
index 000000000..67514d4fe
--- /dev/null
+++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/InternalErrorPEPSException.java
@@ -0,0 +1,74 @@
+/*
+ * This work is Open Source and licensed by the European Commission under the
+ * conditions of the European Public License v1.1
+ *
+ * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1);
+ *
+ * any use of this file implies acceptance of the conditions of this license.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations
+ * under the License.
+ */
+package eu.stork.peps.auth.commons.exceptions;
+
+/**
+ * Internal Error Exception class.
+ *
+ * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com,
+ * luis.felix@multicert.com, hugo.magalhaes@multicert.com,
+ * paulo.ribeiro@multicert.com
+ * @version $Revision: 1.13 $, $Date: 2010-11-17 05:15:28 $
+ *
+ * @see AbstractPEPSException
+ */
+public final class InternalErrorPEPSException extends AbstractPEPSException {
+
+ /**
+ * Unique identifier.
+ */
+ private static final long serialVersionUID = 1193001455410319795L;
+
+ /**
+ * Exception Constructor with two Strings representing the errorCode and
+ * errorMessage as parameters and the Throwable cause.
+ *
+ * @param errorCode The error code value.
+ * @param errorMessage The error message value.
+ * @param cause The throwable object.
+ */
+ public InternalErrorPEPSException(final String errorCode,
+ final String errorMessage, final Throwable cause) {
+
+ super(errorCode, errorMessage, cause);
+ }
+
+ /**
+ * Exception Constructor with three strings representing the errorCode,
+ * errorMessage and encoded samlToken as parameters.
+ *
+ * @param errorCode The error code value.
+ * @param errorMessage The error message value.
+ * @param samlTokenFail The error SAML Token.
+ */
+ public InternalErrorPEPSException(final String errorCode,
+ final String errorMessage, final String samlTokenFail) {
+
+ super(errorCode, errorMessage, samlTokenFail);
+ }
+
+ /**
+ * Exception Constructor with two Strings representing the errorCode and
+ * errorMessage as parameters.
+ *
+ * @param errorCode The error code value.
+ * @param errorMessage The error message value.
+ */
+ public InternalErrorPEPSException(final String errorCode,
+ final String errorMessage) {
+
+ super(errorCode, errorMessage);
+ }
+
+}
diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/InvalidParameterPEPSException.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/InvalidParameterPEPSException.java
new file mode 100644
index 000000000..12c83b589
--- /dev/null
+++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/InvalidParameterPEPSException.java
@@ -0,0 +1,54 @@
+/*
+ * This work is Open Source and licensed by the European Commission under the
+ * conditions of the European Public License v1.1
+ *
+ * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1);
+ *
+ * any use of this file implies acceptance of the conditions of this license.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations
+ * under the License.
+ */
+package eu.stork.peps.auth.commons.exceptions;
+
+/**
+ * Invalid Parameter Exception class.
+ *
+ * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com,
+ * luis.felix@multicert.com, hugo.magalhaes@multicert.com,
+ * paulo.ribeiro@multicert.com
+ * @version $Revision: 1.11 $, $Date: 2010-11-17 05:15:28 $
+ *
+ * @see InvalidParameterPEPSException
+ */
+public class InvalidParameterPEPSException extends AbstractPEPSException {
+
+ /**
+ * Unique identifier.
+ */
+ private static final long serialVersionUID = 2046282148740524875L;
+
+ /**
+ * Exception Constructor with two Strings representing the errorCode and
+ * errorMessage as parameters.
+ *
+ * @param errorCode The error code value.
+ * @param errorMessage The error code message value.
+ */
+ public InvalidParameterPEPSException(final String errorCode,
+ final String errorMessage) {
+ super(errorCode, errorMessage);
+ }
+
+ /**
+ * Exception Constructor with one String representing the encoded samlToken.
+ *
+ * @param samlTokenFail The error SAML Token.
+ */
+ public InvalidParameterPEPSException(final String samlTokenFail) {
+ super(samlTokenFail);
+ }
+
+}
diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/InvalidSessionPEPSException.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/InvalidSessionPEPSException.java
new file mode 100644
index 000000000..800525eee
--- /dev/null
+++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/InvalidSessionPEPSException.java
@@ -0,0 +1,46 @@
+/*
+ * This work is Open Source and licensed by the European Commission under the
+ * conditions of the European Public License v1.1
+ *
+ * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1);
+ *
+ * any use of this file implies acceptance of the conditions of this license.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations
+ * under the License.
+ */
+package eu.stork.peps.auth.commons.exceptions;
+
+/**
+ * Invalid session Exception class.
+ *
+ * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com,
+ * luis.felix@multicert.com, hugo.magalhaes@multicert.com,
+ * paulo.ribeiro@multicert.com
+ * @version $Revision: 1.14 $, $Date: 2010-11-17 05:15:28 $
+ *
+ * @see InvalidParameterPEPSException
+ */
+public class InvalidSessionPEPSException extends InvalidParameterPEPSException {
+
+ /**
+ * Unique identifier.
+ */
+ private static final long serialVersionUID = 7147090160978319016L;
+
+ /**
+ * Exception Constructor with two Strings representing the errorCode and
+ * errorMessage as parameters.
+ *
+ * @param errorCode The error code value.
+ * @param errorMessage The error message value.
+ */
+ public InvalidSessionPEPSException(final String errorCode,
+ final String errorMessage) {
+
+ super(errorCode, errorMessage);
+ }
+
+}
diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/SecurityPEPSException.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/SecurityPEPSException.java
new file mode 100644
index 000000000..fc27371d2
--- /dev/null
+++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/SecurityPEPSException.java
@@ -0,0 +1,67 @@
+/*
+ * This work is Open Source and licensed by the European Commission under the
+ * conditions of the European Public License v1.1
+ *
+ * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1);
+ *
+ * any use of this file implies acceptance of the conditions of this license.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations
+ * under the License.
+ */
+package eu.stork.peps.auth.commons.exceptions;
+
+/**
+ * Security PEPS Exception class.
+ *
+ * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com,
+ * luis.felix@multicert.com, hugo.magalhaes@multicert.com,
+ * paulo.ribeiro@multicert.com
+ * @version $Revision: 1.18 $, $Date: 2010-11-17 05:15:28 $
+ *
+ * @see AbstractPEPSException
+ */
+public final class SecurityPEPSException extends AbstractPEPSException {
+
+ /**
+ * Unique identifier.
+ */
+ private static final long serialVersionUID = 5605743302478554967L;
+
+ /**
+ * Exception Constructor with two Strings representing the errorCode and
+ * errorMessage as parameters.
+ *
+ * @param errorCode The error code value.
+ * @param errorMsg The error message value.
+ */
+ public SecurityPEPSException(final String errorCode, final String errorMsg) {
+ super(errorCode, errorMsg);
+ }
+
+ /**
+ * Exception Constructor with two Strings representing the errorCode and
+ * errorMessage as parameters and the Throwable cause.
+ *
+ * @param errorCode The error code value.
+ * @param errorMessage The error message value.
+ * @param cause The throwable object.
+ */
+ public SecurityPEPSException(final String errorCode,
+ final String errorMessage, final Throwable cause) {
+
+ super(errorCode, errorMessage, cause);
+ }
+
+ /**
+ * Exception Constructor with one String representing the encoded samlToken.
+ *
+ * @param samlTokenFail The error SAML Token.
+ */
+ public SecurityPEPSException(final String samlTokenFail) {
+ super(samlTokenFail);
+ }
+
+}
diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/StorkPEPSException.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/StorkPEPSException.java
new file mode 100644
index 000000000..a2da61a02
--- /dev/null
+++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/StorkPEPSException.java
@@ -0,0 +1,53 @@
+/*
+ * This work is Open Source and licensed by the European Commission under the
+ * conditions of the European Public License v1.1
+ *
+ * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1);
+ *
+ * any use of this file implies acceptance of the conditions of this license.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations
+ * under the License.
+ */
+package eu.stork.peps.auth.commons.exceptions;
+
+/**
+ * Security PEPS Exception class.
+ *
+ * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com,
+ * luis.felix@multicert.com, hugo.magalhaes@multicert.com,
+ * paulo.ribeiro@multicert.com
+ * @version $Revision: 1.15 $, $Date: 2010-11-17 05:15:28 $
+ *
+ * @see AbstractPEPSException
+ */
+public final class StorkPEPSException extends AbstractPEPSException {
+
+ /**
+ * Unique identifier.
+ */
+ private static final long serialVersionUID = 8048033129798427574L;
+
+ /**
+ * Exception Constructor with two Strings representing the errorCode and
+ * errorMessage as parameters.
+ *
+ * @param errorCode The error code value.
+ * @param errorMsg The error message value.
+ */
+ public StorkPEPSException(final String errorCode, final String errorMsg) {
+ super(errorCode, errorMsg);
+ }
+
+ /**
+ * {@inheritDoc}
+ */
+ public String getMessage() {
+
+ return "Security Error (" + this.getErrorCode() + ") processing request : "
+ + this.getErrorMessage();
+ }
+
+}
diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/package-info.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/package-info.java
new file mode 100644
index 000000000..d83068beb
--- /dev/null
+++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/package-info.java
@@ -0,0 +1,7 @@
+/**
+ * Package for the PEPS’ Exceptions handling.
+ *
+ * @since 1.0
+ */
+package eu.stork.peps.auth.commons.exceptions;
+
diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/package-info.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/package-info.java
new file mode 100644
index 000000000..19d45aaa2
--- /dev/null
+++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/package-info.java
@@ -0,0 +1,9 @@
+/**
+ * Common Authentication Service functionalities to be deployed in every PEPS
+ * is contained in this package.
+ * In particular, it contains the SAML Engine that implements the SAML messages
+ * management
+ *
+ * @since 1.0
+ */
+package eu.stork.peps.auth.commons;
diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/IAUService.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/IAUService.java
new file mode 100644
index 000000000..5c24cc5a8
--- /dev/null
+++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/IAUService.java
@@ -0,0 +1,215 @@
+/*
+ * This work is Open Source and licensed by the European Commission under the
+ * conditions of the European Public License v1.1
+ *
+ * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1);
+ *
+ * any use of this file implies acceptance of the conditions of this license.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations
+ * under the License.
+ */
+package eu.stork.peps.auth.specific;
+
+import java.util.Map;
+
+import eu.stork.peps.auth.commons.IPersonalAttributeList;
+import eu.stork.peps.auth.commons.IStorkSession;
+import eu.stork.peps.auth.commons.STORKAttrQueryResponse;
+import eu.stork.peps.auth.commons.STORKAuthnResponse;
+
+/**
+ * Interface for Specific Authentication methods.
+ *
+ * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com,
+ * luis.felix@multicert.com, hugo.magalhaes@multicert.com
+ */
+public interface IAUService {
+
+ /**
+ * Prepares the citizen to be redirected to the IdP.
+ *
+ * @param personalList The Personal Attribute List.
+ * @param parameters The parameters.
+ * @param session The session object.
+ * @param requestAttributes The Requested attributes.
+ *
+ * @return byte[] containing a SAML Request.
+ *
+ * @see IPersonalAttributeList
+ * @see IStorkSession
+ */
+ byte[] prepareCitizenAuthentication(IPersonalAttributeList personalList,
+ Map<String, Object> parameters, Map<String, Object> requestAttributes,
+ IStorkSession session);
+
+ /**
+ * Prepares the citizen to be redirected to the PV.
+ *
+ * @param personalList The Personal Attribute List.
+ * @param parameters The parameters.
+ * @param session The session object.
+ * @param requestAttributes The Requested attributes.
+ *
+ * @return byte[] containing a SAML Request.
+ *
+ * @see IPersonalAttributeList
+ * @see IStorkSession
+ */
+ byte[] preparePVRequest(IPersonalAttributeList personalList,
+ Map<String, Object> parameters, Map<String, Object> requestAttributes,
+ IStorkSession session);
+
+ /**
+ * Authenticates a citizen.
+ *
+ * @param personalList The Personal Attribute List.
+ * @param parameters The parameters.
+ * @param requestAttributes The requested attributes.
+ *
+ * @return The updated Personal Attribute List.
+ *
+ * @see IPersonalAttributeList
+ */
+ IPersonalAttributeList authenticateCitizen(
+ IPersonalAttributeList personalList, Map<String, Object> parameters,
+ Map<String, Object> requestAttributes);
+
+ /**
+ * Validates a power.
+ *
+ * @param personalList The Personal Attribute List.
+ * @param parameters The parameters.
+ * @param requestAttributes The requested attributes.
+ *
+ * @return The updated Personal Attribute List (power validated).
+ *
+ * @see IPersonalAttributeList
+ */
+ IPersonalAttributeList powerValidation(
+ IPersonalAttributeList personalList, Map<String, Object> parameters,
+ Map<String, Object> requestAttributes);
+
+ /**
+ * Prepares the Citizen browser to be redirected to the AP.
+ *
+ * @param personalList The Personal Attribute List.
+ * @param parameters The parameters.
+ * @param session The session object.
+ * @param requestAttributes The requested attributes.
+ *
+ * @return true in case of no error.
+ *
+ * @see IPersonalAttributeList
+ * @see IStorkSession
+ */
+ boolean prepareAPRedirect(IPersonalAttributeList personalList,
+ Map<String, Object> parameters, Map<String, Object> requestAttributes,
+ IStorkSession session);
+
+ /**
+ * Returns the attributes values from the AP.
+ *
+ * @param personalList The Personal Attribute List.
+ * @param parameters The parameters.
+ * @param requestAttributes The request attributes.
+ *
+ * @return The updated Personal Attribute List.
+ *
+ * @see IPersonalAttributeList
+ */
+ IPersonalAttributeList getAttributesFromAttributeProviders(
+ IPersonalAttributeList personalList, Map<String, Object> parameters,
+ Map<String, Object> requestAttributes);
+
+ /**
+ * Get the attributes from the AP with verification.
+ *
+ * @param personalList The Personal Attribute List.
+ * @param parameters The HTTP Parameters.
+ * @param requestAttributes The requested Attributes.
+ * @param session The session object.
+ * @param auProcessId The SAML identifier.
+ *
+ * @return true if the attributes were correctly verified.
+ *
+ * @see IPersonalAttributeList
+ * @see IStorkSession
+ */
+ boolean getAttributesWithVerification(IPersonalAttributeList personalList,
+ Map<String, Object> parameters, Map<String, Object> requestAttributes,
+ IStorkSession session, String auProcessId);
+
+ /**
+ * Validates a SAML Response.
+ *
+ * @param samlToken The SAML Token.
+ * @param session The session object.
+ *
+ * @return the STORKAuthnResponse associated with the validated response.
+ *
+ * @see IStorkSession
+ */
+ STORKAuthnResponse processAuthenticationResponse(byte[] samlToken,
+ IStorkSession session);
+
+ /**
+ * Generates a SAML Response in case of error.
+ *
+ * @param inResponseTo The SAML's identifier to response.
+ * @param issuer The issuer value.
+ * @param assertionURL The assertion URL.
+ * @param code The error code.
+ * @param subcode The sub error code.
+ * @param message The error message.
+ * @param ipUserAddress The user IP address.
+ *
+ * @return byte[] containing the SAML Response.
+ */
+ byte[] generateErrorAuthenticationResponse(String inResponseTo,
+ String issuer, String assertionURL, String code, String subcode,
+ String message, String ipUserAddress);
+
+ /**
+ * Compares two given personal attribute lists.
+ *
+ * @param original The original Personal Attribute List.
+ * @param modified The modified Personal Attribute List.
+ * @return true if the original list contains the modified one. False
+ * otherwise.
+ *
+ * @see IPersonalAttributeList
+ */
+ boolean comparePersonalAttributeLists(IPersonalAttributeList original,
+ IPersonalAttributeList modified);
+
+ /**
+ * Prepares the citizen to be redirected to the AtP.
+ *
+ * @param personalList The Personal Attribute List.
+ * @param parameters The parameters.
+ * @param session The session object.
+ *
+ * @return byte[] containing a SAML Request.
+ *
+ * @see IPersonalAttributeList
+ * @see IStorkSession
+ */
+ byte[] prepareAttributeRequest(IPersonalAttributeList personalList,
+ Map<String, Object> parameters, IStorkSession session);
+
+ /**
+ * Validates a SAML Response.
+ *
+ * @param samlToken The SAML Token.
+ * @param session The session object.
+ *
+ * @return the STORKAttrQueryResponse associated with the validated response.
+ *
+ * @see IStorkSession
+ */
+ STORKAttrQueryResponse processAttributeResponse(byte[] samlToken,
+ IStorkSession session);
+}
diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/ICheckAttributeValue.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/ICheckAttributeValue.java
new file mode 100644
index 000000000..31a8d78ff
--- /dev/null
+++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/ICheckAttributeValue.java
@@ -0,0 +1,37 @@
+/*
+ * This work is Open Source and licensed by the European Commission under the
+ * conditions of the European Public License v1.1
+ *
+ * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1);
+ *
+ * any use of this file implies acceptance of the conditions of this license.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations
+ * under the License.
+ */
+package eu.stork.peps.auth.specific;
+
+import java.util.List;
+
+/**
+ * Interface that defines the methods to work with the validation of attributes.
+ *
+ * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com,
+ * luis.felix@multicert.com, hugo.magalhaes@multicert.com
+ */
+public interface ICheckAttributeValue {
+
+ /**
+ * Checks if the list of values contains the expected value.
+ *
+ * @param values The List of values.
+ * @param expectedValue The value to check if it exists on the list.
+ *
+ * @return boolean true, if the value is present in the list. False,
+ * otherwise.
+ */
+ boolean checkValue(List<String> values, String expectedValue);
+
+}
diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/IDeriveAttribute.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/IDeriveAttribute.java
new file mode 100644
index 000000000..78eb53004
--- /dev/null
+++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/IDeriveAttribute.java
@@ -0,0 +1,40 @@
+/*
+ * This work is Open Source and licensed by the European Commission under the
+ * conditions of the European Public License v1.1
+ *
+ * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1);
+ *
+ * any use of this file implies acceptance of the conditions of this license.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations
+ * under the License.
+ */
+package eu.stork.peps.auth.specific;
+
+import eu.stork.peps.auth.commons.IStorkSession;
+import eu.stork.peps.auth.commons.PersonalAttribute;
+
+/**
+ * Interface that defines the methods to work with derivation of attributes.
+ *
+ * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com,
+ * luis.felix@multicert.com, hugo.magalhaes@multicert.com
+ */
+public interface IDeriveAttribute {
+
+ /**
+ * Derives the attribute value. Set the Personal Attribute value to null if
+ * the value in session or the value of age are invalid (non-numeric or null).
+ *
+ * @param personalAttrList The Personal Attribute List.
+ * @param session The session object.
+ *
+ * @see PersonalAttribute The personal Attribute
+ * @see IStorkSession The session object.
+ */
+ void deriveAttributeToData(PersonalAttribute personalAttrList,
+ IStorkSession session);
+
+}
diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/INormaliseValue.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/INormaliseValue.java
new file mode 100644
index 000000000..ca2114e32
--- /dev/null
+++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/INormaliseValue.java
@@ -0,0 +1,35 @@
+/*
+ * This work is Open Source and licensed by the European Commission under the
+ * conditions of the European Public License v1.1
+ *
+ * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1);
+ *
+ * any use of this file implies acceptance of the conditions of this license.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations
+ * under the License.
+ */
+package eu.stork.peps.auth.specific;
+
+import eu.stork.peps.auth.commons.PersonalAttribute;
+
+/**
+ * Interface for attribute's value normalisation.
+ *
+ *
+ * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com,
+ * luis.felix@multicert.com, hugo.magalhaes@multicert.com
+ */
+public interface INormaliseValue {
+
+ /**
+ * Translates the attribute's value from local format to STORK format.
+ *
+ * @param personalAttribute The Personal Attribute to normalise the value.
+ *
+ * @see PersonalAttribute
+ */
+ void normaliseAttributeValueToStork(PersonalAttribute personalAttribute);
+}
diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/ITranslatorService.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/ITranslatorService.java
new file mode 100644
index 000000000..8a33897d8
--- /dev/null
+++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/ITranslatorService.java
@@ -0,0 +1,100 @@
+/*
+ * This work is Open Source and licensed by the European Commission under the
+ * conditions of the European Public License v1.1
+ *
+ * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1);
+ *
+ * any use of this file implies acceptance of the conditions of this license.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations
+ * under the License.
+ */
+package eu.stork.peps.auth.specific;
+
+import eu.stork.peps.auth.commons.IPersonalAttributeList;
+import eu.stork.peps.auth.commons.IStorkSession;
+import eu.stork.peps.auth.commons.STORKAuthnRequest;
+
+/**
+ * Interface for attributes normalization.
+ *
+ * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com,
+ * luis.felix@multicert.com, hugo.magalhaes@multicert.com
+ */
+public interface ITranslatorService {
+
+ /**
+ * Translates the attributes from local format to STORK format.
+ *
+ * @param personalList The Personal Attribute List.
+ *
+ * @return The Personal Attribute List with normalised attributes.
+ *
+ * @see IPersonalAttributeList
+ */
+ IPersonalAttributeList normaliseAttributeNamesToStork(
+ IPersonalAttributeList personalList);
+
+ /**
+ * Translates the attributes values from local format to STORK format.
+ *
+ * @param personalList The Personal Attribute List.
+ *
+ * @return The PersonalAttributeList with normalised values.
+ *
+ * @see IPersonalAttributeList
+ */
+ IPersonalAttributeList normaliseAttributeValuesToStork(
+ IPersonalAttributeList personalList);
+
+ /**
+ * Translates the attributes from STORK format to local format.
+ *
+ * @param personalList The Personal Attribute List.
+ *
+ * @return The PersonalAttributeList with normalised attributes.
+ *
+ * @see IPersonalAttributeList
+ */
+ IPersonalAttributeList normaliseAttributeNamesFromStork(
+ IPersonalAttributeList personalList);
+
+ /**
+ * Derive Attribute Names To Stork format.
+ *
+ * @param personalList The Personal Attribute List,
+ *
+ * @return The PersonalAttributeList with derived attributes.
+ *
+ * @see IPersonalAttributeList
+ */
+ IPersonalAttributeList deriveAttributeFromStork(
+ IPersonalAttributeList personalList);
+
+ /**
+ * Derive Attribute Names from Stork format.
+ *
+ * @param session The session object.
+ * @param modifiedList The Personal Attribute List.
+ *
+ * @return The PersonalAttributeList with derived attributes.
+ *
+ * @see IStorkSession
+ * @see IPersonalAttributeList
+ */
+ IPersonalAttributeList deriveAttributeToStork(IStorkSession session,
+ IPersonalAttributeList modifiedList);
+
+ /**
+ * Validate the values of the attributes.
+ *
+ * @param pal The attribute list
+ *
+ * @return True, if all the attributes have values. False, otherwise.
+ *
+ * @see STORKAuthnRequest
+ */
+ boolean checkAttributeValues(IPersonalAttributeList pa);
+}
diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/package-info.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/package-info.java
new file mode 100644
index 000000000..a25c52311
--- /dev/null
+++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/package-info.java
@@ -0,0 +1,8 @@
+/**
+ * Specific PEPS Interfaces that implements functionality of the Authentication
+ * Service.
+ *
+ * @since 1.0
+ */
+package eu.stork.peps.auth.specific;
+
diff --git a/id/server/stork2-commons/src/main/resources/log4j.xml b/id/server/stork2-commons/src/main/resources/log4j.xml
new file mode 100644
index 000000000..8bce0bec0
--- /dev/null
+++ b/id/server/stork2-commons/src/main/resources/log4j.xml
@@ -0,0 +1,19 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE log4j:configuration SYSTEM "log4j.dtd">
+
+<log4j:configuration xmlns:log4j="http://jakarta.apache.org/log4j/">
+ <appender name="MainLogger" class="org.apache.log4j.DailyRollingFileAppender">
+ <param name="File" value="/opt/storklogs/stork-commons.log" />
+ <param name="DatePattern" value="'.'yyyy-MM-dd" />
+ <param name="Append" value="true" />
+ <layout class="org.apache.log4j.PatternLayout">
+ <param name="ConversionPattern" value="%d{HH:mm:ss:SSS} - %p - %C{1} - %m%n" />
+ </layout>
+ </appender>
+
+ <root>
+ <priority value="info" />
+ <appender-ref ref="MainLogger" />
+ </root>
+
+</log4j:configuration>
diff --git a/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/AttributeProvidersMapTestCase.java b/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/AttributeProvidersMapTestCase.java
new file mode 100644
index 000000000..2e8cc2e62
--- /dev/null
+++ b/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/AttributeProvidersMapTestCase.java
@@ -0,0 +1,134 @@
+package eu.stork.peps.tests;
+
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertTrue;
+
+import org.junit.Test;
+
+import eu.stork.peps.auth.commons.AttributeProvider;
+import eu.stork.peps.auth.commons.AttributeProvidersMap;
+import eu.stork.peps.auth.commons.AttributeSource;
+import eu.stork.peps.auth.commons.Country;
+import eu.stork.peps.auth.commons.IAttributeProvidersMap;
+import eu.stork.peps.auth.commons.IPersonalAttributeList;
+import eu.stork.peps.auth.commons.PersonalAttributeList;
+
+/**
+ * The AttributeSource's Test Case.
+ *
+ * @author Stelios Lelis (stelios.lelis@aegean.gr), Elias Pastos (ilias@aegean.gr)
+ *
+ * @version $Revision: $, $Date: $
+ */
+public class AttributeProvidersMapTestCase {
+
+ @Test
+ public void testObjectOK1() {
+ IAttributeProvidersMap map = new AttributeProvidersMap();
+ AttributeSource source = new AttributeSource(new AttributeProvider("ID1", "Name 1"), "URL");
+ IPersonalAttributeList pal = new PersonalAttributeList();
+ boolean outcome = false;
+
+ //Add a single item
+ map.put(source, pal);
+
+ if ( map.containsKey(source) ) {
+ outcome = true;
+ }
+
+ assertTrue(outcome);
+ }
+
+ @Test
+ public void testObjectOK2() {
+ IAttributeProvidersMap map = new AttributeProvidersMap();
+ AttributeSource source = new AttributeSource(new AttributeProvider("ID1", "Name 1"), "URL");
+ IPersonalAttributeList pal = new PersonalAttributeList();
+ boolean outcome = false;
+
+ //Add a single item
+ map.put(source, pal);
+
+ if ( map.containsKey(source) ) {
+ if ( map.get(source)!=null ) {
+ outcome = true;
+ }
+ }
+
+ assertTrue(outcome);
+ }
+
+ @Test
+ public void testObjectOK3() {
+ IAttributeProvidersMap map = new AttributeProvidersMap();
+ AttributeSource source = new AttributeSource(new AttributeProvider("ID1", "Name 1"), "URL");
+ AttributeSource target = new AttributeSource(new AttributeProvider("ID1", "Name 1"), "URL");
+ IPersonalAttributeList pal = new PersonalAttributeList();
+ boolean outcome = false;
+
+ //Add a single item
+ map.put(source, pal);
+
+ if ( map.containsKey(target) ) {
+ outcome = true;
+ }
+
+ assertTrue(outcome);
+ }
+
+ @Test
+ public void testObjectOK4() {
+ IAttributeProvidersMap map = new AttributeProvidersMap();
+ AttributeSource source = new AttributeSource(new AttributeProvider("ID1", "Name 1"), "URL");
+ AttributeSource target = new AttributeSource(new AttributeProvider("ID1", "Name 1"), "URL");
+ IPersonalAttributeList pal = new PersonalAttributeList();
+ boolean outcome = false;
+
+ //Add a single item
+ map.put(source, pal);
+
+ if ( map.containsKey(target) ) {
+ if ( map.get(target)!=null ) {
+ outcome = true;
+ }
+ }
+
+ assertTrue(outcome);
+ }
+
+ @Test
+ public void testObjectNOK1() {
+ IAttributeProvidersMap map = new AttributeProvidersMap();
+ AttributeSource source = new AttributeSource(new AttributeProvider("ID1", "Name 1"), "URL");
+ AttributeSource target = new AttributeSource(new Country("ID1", "Name 1"), "URL");
+ IPersonalAttributeList pal = new PersonalAttributeList();
+ boolean outcome = false;
+
+ //Add a single item
+ map.put(source, pal);
+
+ if ( map.containsKey(target) ) {
+ outcome = true;
+ }
+
+ assertFalse(outcome);
+ }
+
+ @Test
+ public void testObjectNOK2() {
+ IAttributeProvidersMap map = new AttributeProvidersMap();
+ AttributeSource source = new AttributeSource(new AttributeProvider("ID1", "Name 1"), "URL");
+ AttributeSource target = new AttributeSource(new AttributeProvider("ID2", "Name 1"), "URL");
+ IPersonalAttributeList pal = new PersonalAttributeList();
+ boolean outcome = false;
+
+ //Add a single item
+ map.put(source, pal);
+
+ if ( map.containsKey(target) ) {
+ outcome = true;
+ }
+
+ assertFalse(outcome);
+ }
+}
diff --git a/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/AttributeSourceTestCase.java b/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/AttributeSourceTestCase.java
new file mode 100644
index 000000000..31cabb612
--- /dev/null
+++ b/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/AttributeSourceTestCase.java
@@ -0,0 +1,88 @@
+package eu.stork.peps.tests;
+
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertTrue;
+
+import org.junit.Test;
+
+import eu.stork.peps.auth.commons.AttributeProvider;
+import eu.stork.peps.auth.commons.AttributeSource;
+import eu.stork.peps.auth.commons.Country;
+
+/**
+ * The AttributeSource's Test Case.
+ *
+ * @author Stelios Lelis (stelios.lelis@aegean.gr), Elias Pastos (ilias@aegean.gr)
+ *
+ * @version $Revision: $, $Date: $
+ */
+public final class AttributeSourceTestCase {
+ private AttributeSource ap1 = new AttributeSource(new AttributeProvider("ID1", "Name 1"), "URL1");
+ private AttributeSource ap2 = new AttributeSource(new AttributeProvider("ID2", "Name 2"), "URL2");
+ private AttributeSource ap3 = new AttributeSource(new AttributeProvider("ID1", "Name 2"), "URL2");
+ private AttributeSource ap4 = new AttributeSource(new AttributeProvider("ID1", "Name 2"), "URL1");
+ private AttributeSource ap5 = new AttributeSource(new AttributeProvider("ID1", "Name 1"), "URL1");
+
+ private AttributeSource c1 = new AttributeSource(new Country("ID1", "Name 1"), "URL1");
+ private AttributeSource c2 = new AttributeSource(new Country("ID2", "Name 2"), "URL2");
+ private AttributeSource c3 = new AttributeSource(new Country("ID1", "Name 2"), "URL2");
+ private AttributeSource c4 = new AttributeSource(new Country("ID1", "Name 2"), "URL1");
+ private AttributeSource c5 = new AttributeSource(new Country("ID1", "Name 1"), "URL1");
+
+ @Test
+ public void testNotEquals1() {
+ assertFalse(ap1.equals(ap2));
+ }
+
+ @Test
+ public void testNotEquals2() {
+ assertFalse(ap1.equals(c1));
+ }
+
+ @Test
+ public void testNotEquals3() {
+ assertFalse(c1.equals(c2));
+ }
+
+ @Test
+ public void testEquals1() {
+ assertTrue(ap1.equals(ap3));
+ }
+
+ @Test
+ public void testEquals2() {
+ assertTrue(ap1.equals(ap4));
+ }
+
+ @Test
+ public void testEquals3() {
+ assertTrue(ap1.equals(ap5));
+ }
+
+ @Test
+ public void testEquals4() {
+ assertTrue(c1.equals(c3));
+ }
+
+ @Test
+ public void testEquals5() {
+ assertTrue(c1.equals(c4));
+ }
+
+ @Test
+ public void testEquals6() {
+ assertTrue(c1.equals(c5));
+ }
+
+ @Test
+ public void testEquals7() {
+ Object obj = ap5;
+ assertTrue(ap1.equals(obj));
+ }
+
+ @Test
+ public void testEquals8() {
+ Object obj = c5;
+ assertTrue(c1.equals(obj));
+ }
+}
diff --git a/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/AttributeUtilTestCase.java b/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/AttributeUtilTestCase.java
new file mode 100644
index 000000000..77fc4b9c2
--- /dev/null
+++ b/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/AttributeUtilTestCase.java
@@ -0,0 +1,537 @@
+/*
+ * This work is Open Source and licensed by the European Commission under the
+ * conditions of the European Public License v1.1
+ *
+ * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1);
+ *
+ * any use of this file implies acceptance of the conditions of this license.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations
+ * under the License.
+ */
+package eu.stork.peps.tests;
+
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertTrue;
+import static org.junit.Assert.assertEquals;
+
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+import org.junit.Test;
+
+import eu.stork.peps.auth.commons.AttributeUtil;
+import eu.stork.peps.auth.commons.IPersonalAttributeList;
+import eu.stork.peps.auth.commons.PEPSValues;
+import eu.stork.peps.auth.commons.PersonalAttributeList;
+
+/**
+ * The AttributeUtil's Test Case.
+ *
+ * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com,
+ * luis.felix@multicert.com
+ *
+ * @version $Revision: $, $Date: $
+ */
+public final class AttributeUtilTestCase {
+
+ /**
+ * Empty String to be used on the tests.
+ */
+ private static final String EMPTY_STRING = "";
+
+ /**
+ * Tuple value sample to be used on the tests.
+ */
+ private static final String[] TUPLE_STRING = new String[] { "age", "true",
+ "[18]", "Available" };
+
+ /**
+ * Complex value to be used on escape/unescape tests.
+ */
+ private static final String COMPLEX_VAL = "postalCode=4100,"
+ + "apartmentNumber=A,state=Porto,countryCodeAddress=PT,streetNumber=379,"
+ + "streetName=Avenida Sidonio Pais,town=Porto,";
+
+ /**
+ * Escaped Complex value to be used on escape/unescape tests.
+ */
+ private static final String ESC_COMPLEX_VAL = "postalCode=4100%44"
+ + "apartmentNumber=A%44state=Porto%44countryCodeAddress=PT%44"
+ + "streetNumber=379%44streetName=Avenida Sidonio Pais%44town=Porto%44";
+
+ /**
+ * Simple value to be used on escape/unescape tests.
+ */
+ private static final String SIMPLE_VAL = "Avenida da Boavista, Porto";
+
+ /**
+ * Escaped simple value to be used on escape/unescape tests.
+ */
+ private static final String ESC_SIMPLE_VAL = "Avenida da Boavista%44 Porto";
+
+ /**
+ * Simple text to be used on escape/unescape tests. Must match the escaped
+ * text.
+ */
+ private static final String SIMPLE_TEXT = "John Doe";
+
+ /**
+ * Tests the {@link AttributeUtil#escape(String)} method for the given complex
+ * attribute value (canonical address' example attribute value).
+ */
+ @Test
+ public void testEscapeSpecialCharsComplexVal() {
+ assertEquals(AttributeUtil.escape(COMPLEX_VAL), ESC_COMPLEX_VAL);
+ }
+
+ /**
+ * Tests the {@link AttributeUtil#escape(String)} method for the given
+ * attribute value.
+ */
+ @Test
+ public void testEscapeSpecialCharsVal() {
+ assertEquals(AttributeUtil.escape(SIMPLE_VAL), ESC_SIMPLE_VAL);
+ }
+
+ /**
+ * Tests the {@link AttributeUtil#escape(String)} method for the given simple
+ * text: no special characters to escape.
+ */
+ @Test
+ public void testEscapeNormalChars() {
+ assertEquals(AttributeUtil.escape(SIMPLE_TEXT), SIMPLE_TEXT);
+ }
+
+ /**
+ * Tests the {@link AttributeUtil#unescape(String)} method for the given
+ * escape complex attribute value (canonical address' example attribute
+ * value).
+ */
+ @Test
+ public void testUnescapeSpecialCharsComplexVal() {
+ assertEquals(AttributeUtil.unescape(ESC_COMPLEX_VAL), COMPLEX_VAL);
+ }
+
+ /**
+ * Tests the {@link AttributeUtil#escape(String)} method for the given escape
+ * attribute value.
+ */
+ @Test
+ public void testUnescapeSpecialCharsVal() {
+ assertEquals(AttributeUtil.unescape(ESC_SIMPLE_VAL), SIMPLE_VAL);
+ }
+
+ /**
+ * Tests the {@link AttributeUtil#escape(String)} method for the given simple
+ * text: no special characters to unescape.
+ */
+ @Test
+ public void testUnescapeNormalChars() {
+ assertEquals(AttributeUtil.unescape(SIMPLE_TEXT), SIMPLE_TEXT);
+ }
+
+ /**
+ * Tests the {@link AttributeUtil#appendIfNotNull(StringBuilder, Object)}
+ * method for the given empty string.
+ */
+ @Test
+ public void testAppendIfNotNullEmptyStr() {
+ final StringBuilder strBuilder = new StringBuilder(SIMPLE_TEXT);
+ AttributeUtil.appendIfNotNull(strBuilder, EMPTY_STRING);
+ assertEquals(strBuilder.toString(), SIMPLE_TEXT);
+ }
+
+ /**
+ * Tests the {@link AttributeUtil#appendIfNotNull(StringBuilder, Object)}
+ * method for the given string.
+ */
+ @Test
+ public void testAppendIfNotNullStr() {
+ final StringBuilder strBuilder = new StringBuilder();
+ AttributeUtil.appendIfNotNull(strBuilder, SIMPLE_TEXT);
+ assertEquals(strBuilder.toString(), SIMPLE_TEXT);
+ }
+
+ /**
+ * Tests the {@link AttributeUtil#appendIfNotNull(StringBuilder, Object)}
+ * method for the given null value.
+ */
+ @Test
+ public void testAppendIfNotNull() {
+ final StringBuilder strBuilder = new StringBuilder();
+ AttributeUtil.appendIfNotNull(strBuilder, null);
+ assertEquals(strBuilder.toString(), EMPTY_STRING);
+ }
+
+ /**
+ * Tests the {@link AttributeUtil#listToString(List, String)} method for the
+ * given List with two values.
+ */
+ @Test
+ public void testListToStringTwoVals() {
+ final List<String> vals = new ArrayList<String>();
+ vals.add(SIMPLE_VAL);
+ vals.add(SIMPLE_TEXT);
+
+ final StringBuilder strBuilder = new StringBuilder();
+ strBuilder.append(ESC_SIMPLE_VAL);
+ strBuilder.append(PEPSValues.ATTRIBUTE_VALUE_SEP.toString());
+ strBuilder.append(SIMPLE_TEXT);
+ strBuilder.append(PEPSValues.ATTRIBUTE_VALUE_SEP.toString());
+
+ assertEquals(
+ AttributeUtil.listToString(vals,
+ PEPSValues.ATTRIBUTE_VALUE_SEP.toString()), strBuilder.toString());
+ }
+
+ /**
+ * Tests the {@link AttributeUtil#listToString(List, String)} method for the
+ * given List with one values.
+ */
+ @Test
+ public void testListToStringOneVal() {
+ final List<String> vals = new ArrayList<String>();
+ vals.add(SIMPLE_VAL);
+
+ final StringBuilder strBuilder = new StringBuilder();
+ strBuilder.append(ESC_SIMPLE_VAL);
+ strBuilder.append(PEPSValues.ATTRIBUTE_VALUE_SEP.toString());
+
+ assertEquals(
+ AttributeUtil.listToString(vals,
+ PEPSValues.ATTRIBUTE_VALUE_SEP.toString()), strBuilder.toString());
+ }
+
+ /**
+ * Tests the {@link AttributeUtil#listToString(List, String)} method for the
+ * given List with one value.
+ */
+ @Test
+ public void testListToStringEmptyVal() {
+ final List<String> vals = new ArrayList<String>();
+
+ final StringBuilder strBuilder = new StringBuilder();
+
+ assertEquals(
+ AttributeUtil.listToString(vals,
+ PEPSValues.ATTRIBUTE_VALUE_SEP.toString()), strBuilder.toString());
+ }
+
+ /**
+ * Tests the {@link AttributeUtil#mapToString(java.util.Map, String)} method
+ * for the given Map with one value.
+ */
+ @Test
+ public void testMapToStringOneVal() {
+ final Map<String, String> vals = new HashMap<String, String>();
+ vals.put("CanonicalAddress", COMPLEX_VAL);
+
+ final StringBuilder strBuilder = new StringBuilder();
+ strBuilder.append("CanonicalAddress=");
+ strBuilder.append(ESC_COMPLEX_VAL);
+ strBuilder.append(PEPSValues.ATTRIBUTE_VALUE_SEP.toString());
+
+ assertEquals(AttributeUtil.mapToString(vals,
+ PEPSValues.ATTRIBUTE_VALUE_SEP.toString()), strBuilder.toString());
+ }
+
+ /**
+ * Tests the {@link AttributeUtil#mapToString(java.util.Map, String)} method
+ * for the given empty Map.
+ */
+ @Test
+ public void testMapToStringEmptyVal() {
+ final Map<String, String> vals = new HashMap<String, String>();
+
+ final StringBuilder strBuilder = new StringBuilder();
+
+ assertEquals(AttributeUtil.mapToString(vals,
+ PEPSValues.ATTRIBUTE_VALUE_SEP.toString()), strBuilder.toString());
+ }
+
+ /**
+ * Tests the {@link AttributeUtil#isValidValue(String)} method for the given
+ * invalid List.
+ */
+ @Test
+ public void testIsValidValueInvalidList() {
+ final StringBuilder strBuilder = new StringBuilder();
+ strBuilder.append(ESC_SIMPLE_VAL);
+ strBuilder.append("]");
+ assertFalse(AttributeUtil.isValidValue(strBuilder.toString()));
+ }
+
+ /**
+ * Tests the {@link AttributeUtil#isValidValue(String)} method for the given
+ * null value.
+ */
+ @Test
+ public void testIsValidValueNullList() {
+ assertFalse(AttributeUtil.isValidValue(null));
+ }
+
+ /**
+ * Tests the {@link AttributeUtil#isValidValue(String)} method for the given
+ * empty List.
+ */
+ @Test
+ public void testIsValidValueEmptyList() {
+ assertTrue(AttributeUtil.isValidValue("[]"));
+ }
+
+ /**
+ * Tests the {@link AttributeUtil#isValidValue(String)} method for the given
+ * empty List.
+ */
+ @Test
+ public void testIsValidValueEmptyCommaList() {
+ assertTrue(AttributeUtil.isValidValue("[,]"));
+ }
+
+ /**
+ * Tests the {@link AttributeUtil#isValidValue(String)} method for the given
+ * one simple value List.
+ */
+ @Test
+ public void testIsValidValueOneValueList() {
+ final StringBuilder strBuilder = new StringBuilder();
+ strBuilder.append("[");
+ strBuilder.append(ESC_SIMPLE_VAL);
+ strBuilder.append("]");
+ assertTrue(AttributeUtil.isValidValue(strBuilder.toString()));
+ }
+
+ /**
+ * Tests the {@link AttributeUtil#isValidValue(String)} method for the given
+ * one simple value List.
+ */
+ @Test
+ public void testIsValidValueOneValueCommaList() {
+ final StringBuilder strBuilder = new StringBuilder();
+ strBuilder.append("[");
+ strBuilder.append(ESC_SIMPLE_VAL);
+ strBuilder.append(PEPSValues.ATTRIBUTE_VALUE_SEP.toString());
+ strBuilder.append("]");
+ assertTrue(AttributeUtil.isValidValue(strBuilder.toString()));
+ }
+
+ /**
+ * Tests the {@link AttributeUtil#isValidValue(String)} method for the given
+ * one complex value List.
+ */
+ @Test
+ public void testIsValidValueOneComplexValueList() {
+ final StringBuilder strBuilder = new StringBuilder();
+ strBuilder.append("[");
+ strBuilder.append(ESC_COMPLEX_VAL);
+ strBuilder.append("]");
+ assertTrue(AttributeUtil.isValidValue(strBuilder.toString()));
+ }
+
+ /**
+ * Tests the {@link AttributeUtil#isValidValue(String)} method for the given
+ * one complex value List.
+ */
+ @Test
+ public void testIsValidValueOneComplexValueCommaList() {
+ final StringBuilder strBuilder = new StringBuilder();
+ strBuilder.append("[");
+ strBuilder.append(ESC_COMPLEX_VAL);
+ strBuilder.append(PEPSValues.ATTRIBUTE_VALUE_SEP.toString());
+ strBuilder.append("]");
+ assertTrue(AttributeUtil.isValidValue(strBuilder.toString()));
+ }
+
+ /**
+ * Tests the {@link AttributeUtil#isValidValue(String)} method for the given
+ * multi value List.
+ */
+ @Test
+ public void testIsValidValueMultiValueList() {
+ final StringBuilder strBuilder = new StringBuilder();
+ strBuilder.append("[");
+ strBuilder.append(ESC_SIMPLE_VAL);
+ strBuilder.append(PEPSValues.ATTRIBUTE_VALUE_SEP.toString());
+ strBuilder.append(SIMPLE_TEXT);
+ strBuilder.append(PEPSValues.ATTRIBUTE_VALUE_SEP.toString());
+ strBuilder.append("]");
+ assertTrue(AttributeUtil.isValidValue(strBuilder.toString()));
+ }
+
+ /**
+ * Tests the {@link AttributeUtil#isValidValue(String)} method for the given
+ * invalid multi value List.
+ */
+ @Test
+ public void testIsValidValueInvalidMultiValueList() {
+ final StringBuilder strBuilder = new StringBuilder();
+ strBuilder.append(ESC_SIMPLE_VAL);
+ strBuilder.append(PEPSValues.ATTRIBUTE_VALUE_SEP.toString());
+ strBuilder.append(SIMPLE_TEXT);
+ strBuilder.append(PEPSValues.ATTRIBUTE_VALUE_SEP.toString());
+ strBuilder.append("]");
+ assertFalse(AttributeUtil.isValidValue(strBuilder.toString()));
+ }
+
+ /**
+ * Tests the {@link AttributeUtil#isValidType(String)} method for the given
+ * true type.
+ */
+ @Test
+ public void testIsValidTypetrue() {
+ assertTrue(AttributeUtil.isValidType("true"));
+ }
+
+ /**
+ * Tests the {@link AttributeUtil#isValidType(String)} method for the given
+ * True type.
+ */
+ @Test
+ public void testIsValidTypeTrue() {
+ assertTrue(AttributeUtil.isValidType("True"));
+ }
+
+ /**
+ * Tests the {@link AttributeUtil#isValidType(String)} method for the given
+ * TRUE type.
+ */
+ @Test
+ public void testIsValidTypeTRUE() {
+ assertTrue(AttributeUtil.isValidType("TRUE"));
+ }
+
+ /**
+ * Tests the {@link AttributeUtil#isValidType(String)} method for the given
+ * invalid type.
+ */
+ @Test
+ public void testIsValidTypeInvalidType() {
+ assertFalse(AttributeUtil.isValidType("str"));
+ }
+
+ /**
+ * Tests the {@link AttributeUtil#isValidType(String)} method for the given
+ * false type.
+ */
+ @Test
+ public void testIsValidTypefalse() {
+ assertTrue(AttributeUtil.isValidType("false"));
+ }
+
+ /**
+ * Tests the {@link AttributeUtil#isValidType(String)} method for the given
+ * False type.
+ */
+ @Test
+ public void testIsValidTypeFalse() {
+ assertTrue(AttributeUtil.isValidType("False"));
+ }
+
+ /**
+ * Tests the {@link AttributeUtil#isValidType(String)} method for the given
+ * FALSE type.
+ */
+ @Test
+ public void testIsValidTypeFALSEVal() {
+ assertTrue(AttributeUtil.isValidType("False"));
+ }
+
+ /**
+ * Tests the {@link AttributeUtil#isValidType(String)} method for the given
+ * null.
+ */
+ @Test
+ public void testIsValidTypeNullVal() {
+ assertFalse(AttributeUtil.isValidType(null));
+ }
+
+ /**
+ * Tests the {@link AttributeUtil#hasValidTuples(String[])} method for the
+ * given valid tuple.
+ */
+ @Test
+ public void testHasValidTuples() {
+ assertTrue(AttributeUtil.hasValidTuples(TUPLE_STRING));
+ }
+
+ /**
+ * Tests the {@link AttributeUtil#hasValidTuples(String[])} method for the
+ * given invalid tuple.
+ */
+ @Test
+ public void testHasValidTuplesInvalid() {
+ final String[] tuple = new String[]{"name", "type"};
+ assertFalse(AttributeUtil.hasValidTuples(tuple));
+ }
+
+ /**
+ * Tests the {@link AttributeUtil#hasValidTuples(String[])} method for the
+ * given invalid tuple with valid size.
+ */
+ @Test
+ public void testHasValidTuplesSameSizeInvalidValues() {
+ final String[] tuple = new String[] { "age", "type", "[18]", "Available"};
+ assertFalse(AttributeUtil.hasValidTuples(tuple));
+ }
+
+ /**
+ * Tests the {@link AttributeUtil#hasValidTuples(String[])} method for the
+ * given null value.
+ */
+ @Test
+ public void testHasValidTuplesNull() {
+ assertFalse(AttributeUtil.hasValidTuples(null));
+ }
+
+ /**
+ * Tests the
+ * {@link AttributeUtil#checkMandatoryAttributes(IPersonalAttributeList)}
+ * method for the given attribute list..
+ */
+ @Test
+ public void testCheckMandatoryAttributes() {
+ final IPersonalAttributeList attrList = new PersonalAttributeList();
+ attrList.populate("isAgeOver:true:[18,]:Available;");
+ assertTrue(AttributeUtil.checkMandatoryAttributes(attrList));
+
+ }
+
+ /**
+ * Tests the
+ * {@link AttributeUtil#checkMandatoryAttributes(IPersonalAttributeList)}
+ * method for the given null value.
+ */
+ @Test(expected = NullPointerException.class)
+ public void testCheckMandatoryAttributesNullAttrList() {
+ assertTrue(AttributeUtil.checkMandatoryAttributes(null));
+ }
+
+ /**
+ * Tests the
+ * {@link AttributeUtil#checkMandatoryAttributes(IPersonalAttributeList)}
+ * method for the given empty attribute list.
+ */
+ @Test
+ public void testCheckMandatoryAttributesEmptyAttrList() {
+ final IPersonalAttributeList attrList = new PersonalAttributeList();
+ assertTrue(AttributeUtil.checkMandatoryAttributes(attrList));
+ }
+
+ /**
+ * Tests the
+ * {@link AttributeUtil#checkMandatoryAttributes(IPersonalAttributeList)}
+ * method for the given attribute list (missing mandatory attribute).
+ */
+ @Test
+ public void testCheckMandatoryAttributesMissingAttr() {
+ final IPersonalAttributeList attrList = new PersonalAttributeList();
+ attrList.populate("isAgeOver:true:[]:NotAvailable;");
+ assertFalse(AttributeUtil.checkMandatoryAttributes(attrList));
+ }
+
+}
diff --git a/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/DateUtilTestCase.java b/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/DateUtilTestCase.java
new file mode 100644
index 000000000..5d2296997
--- /dev/null
+++ b/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/DateUtilTestCase.java
@@ -0,0 +1,294 @@
+/*
+ * This work is Open Source and licensed by the European Commission under the
+ * conditions of the European Public License v1.1
+ *
+ * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1);
+ *
+ * any use of this file implies acceptance of the conditions of this license.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations
+ * under the License.
+ */
+package eu.stork.peps.tests;
+
+import java.sql.Timestamp;
+import java.util.Properties;
+
+import org.joda.time.DateTime;
+import org.junit.Assert;
+import org.junit.BeforeClass;
+import org.junit.Test;
+
+import eu.stork.peps.auth.commons.DateUtil;
+import eu.stork.peps.auth.commons.PEPSUtil;
+import eu.stork.peps.auth.commons.exceptions.SecurityPEPSException;
+
+/**
+ * The PersonalAttribute's Test Case.
+ *
+ * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com,
+ * luis.felix@multicert.com, hugo.magalhaes@multicert.com,
+ * paulo.ribeiro@multicert.com
+ * @version $Revision: 1.2 $, $Date: 2010-11-17 05:17:03 $
+ */
+public final class DateUtilTestCase {
+
+ /**
+ * Stork Format date.
+ */
+ private static final String FORMAT = "yyyyMMdd";
+
+ /**
+ * Expected 10 value.
+ */
+ private static final int TEN = 10;
+
+ /**
+ * Expected 11 value.
+ */
+ private static final int ELEVEN = 11;
+
+ /**
+ * The testing Date ("current" date).
+ */
+ private static final DateTime TESTDATE = new DateTime(2011, 10, 10, 15, 20,
+ 0, 0);
+
+ /**
+ * Init DateUtilTestCase class.
+ */
+ @BeforeClass
+ public static void runsBeforeTheTestSuite() {
+ final Properties configs = new Properties();
+ configs.setProperty("invalidAgeDateValue.code", "35");
+ configs.setProperty("invalidAttributeValue.code", "34");
+ configs
+ .setProperty(
+ "invalidAttributeValue.message",
+ "Unexpected or invalid content was encountered within a "
+ + "<saml:Attribute> or <saml:AttributeValue> element.");
+ PEPSUtil.createInstance(configs);
+ }
+
+ /**
+ * Tests the {@link DateUtil#calculateAge} method for the given year against
+ * the testDate: 2011-10-10 15:20:00.0. Must return 10.
+ */
+ @Test
+ public void calculateAgeFromYear() {
+ Assert.assertTrue(TEN == DateUtil.calculateAge("2000", TESTDATE, FORMAT));
+ }
+
+ /**
+ * Tests the {@link DateUtil#calculateAge} method for the given year and month
+ * against the testDate: 2011-10-10 15:20:00.0. Must return 11.
+ */
+ @Test
+ public void calculateAgeFromEarlyMonth() {
+ Assert.assertTrue(ELEVEN == DateUtil.calculateAge("200001", TESTDATE,
+ FORMAT));
+ }
+
+ /**
+ * Tests the {@link DateUtil#calculateAge} method for the given year and month
+ * against the testDate: 2011-10-10 15:20:00.0. Must return 10.
+ */
+ @Test
+ public void calculateAgeFromSameMonth() {
+ Assert.assertTrue(TEN == DateUtil.calculateAge("200010", TESTDATE, FORMAT));
+ }
+
+ /**
+ * Tests the {@link DateUtil#calculateAge} method for the given year and month
+ * against the testDate: 2011-10-10 15:20:00.0. Must return 10.
+ */
+ @Test
+ public void calculateAgeFromLaterMonth() {
+ Assert.assertTrue(TEN == DateUtil.calculateAge("200011", TESTDATE, FORMAT));
+ }
+
+ /**
+ * Tests the {@link DateUtil#calculateAge} method for the given full date
+ * against the testDate: 2011-10-10 15:20:00.0. Must return 11.
+ */
+ @Test
+ public void calculateAgeFromEarlyFullDate() {
+ Assert.assertTrue(ELEVEN == DateUtil.calculateAge("20000101", TESTDATE,
+ FORMAT));
+ }
+
+ /**
+ * Tests the {@link DateUtil#calculateAge} method for the given full date
+ * against the testDate: 2011-10-10 15:20:00.0. Must return 11.
+ */
+ @Test
+ public void calculateAgeFromSameDay() {
+ Assert.assertTrue(ELEVEN == DateUtil.calculateAge("20001010", TESTDATE,
+ FORMAT));
+ }
+
+ /**
+ * Tests the {@link DateUtil#calculateAge} method for the given full date
+ * against the testDate: 2011-10-10 15:20:00.0. Must return 10.
+ */
+ @Test
+ public void calculateAgeFromLaterFullDate() {
+ Assert.assertTrue(TEN == DateUtil
+ .calculateAge("20001011", TESTDATE, FORMAT));
+ }
+
+ /**
+ * Tests the {@link DateUtil#calculateAge} method for the given full date
+ * against the testDate: 2011-10-10 15:20:00.0. Must return a
+ * SecurityPEPSException exception.
+ */
+ @Test(expected = SecurityPEPSException.class)
+ public void calculateAgeFromInvalidDate() {
+ DateUtil.calculateAge("200", TESTDATE, FORMAT);
+ }
+
+ /**
+ * Tests the {@link DateUtil#calculateAge} method for the given full date
+ * against the testDate: 2011-10-10 15:20:00.0. Must return a
+ * SecurityPEPSException exception.
+ */
+ @Test(expected = SecurityPEPSException.class)
+ public void calculateAgeFromInvalidMonth() {
+ DateUtil.calculateAge("200013", TESTDATE, FORMAT);
+ }
+
+ /**
+ * Tests the {@link DateUtil#calculateAge} method for the given full date
+ * against the testDate: 2011-10-10 15:20:00.0. Must return a
+ * SecurityPEPSException exception.
+ */
+ @Test(expected = SecurityPEPSException.class)
+ public void calculateAgeFromInvalidDay() {
+ DateUtil.calculateAge("20000230", TESTDATE, FORMAT);
+ }
+
+ /**
+ * Tests the {@link DateUtil#calculateAge} method for the given full date
+ * against the testDate: 2011-10-10 15:20:00.0. Must return a
+ * SecurityPEPSException exception.
+ */
+ @Test(expected = SecurityPEPSException.class)
+ public void calculateAgeFromNullDate() {
+ DateUtil.calculateAge(null, TESTDATE, FORMAT);
+ }
+
+ /**
+ * Tests the {@link DateUtil#calculateAge} method for the given full date
+ * against the testDate: 2011-10-10 15:20:00.0. Must return a
+ * SecurityPEPSException exception.
+ */
+ @Test(expected = SecurityPEPSException.class)
+ public void calculateAgeFromNullCurDate() {
+ DateUtil.calculateAge("2000", null, FORMAT);
+ }
+
+ /**
+ * Tests the {@link DateUtil#calculateAge} method for the given full date
+ * against the testDate: 2011-10-10 15:20:00.0. Must return a
+ * SecurityPEPSException exception.
+ */
+ @Test(expected = SecurityPEPSException.class)
+ public void calculateAgeFromNullFormat() {
+ DateUtil.calculateAge("2000", TESTDATE, null);
+ }
+
+ /**
+ * Tests the {@link DateUtil#isValidFormatDate} method for the given year.
+ * Must return true
+ */
+ @Test
+ public void isValidFormatDateFromYear() {
+ Assert.assertTrue(DateUtil.isValidFormatDate("2000", FORMAT));
+ }
+
+ /**
+ * Tests the {@link DateUtil#isValidFormatDate} method for the given year and
+ * month. Must return true.
+ */
+ @Test
+ public void isValidFormatDateFromMonth() {
+ Assert.assertTrue(DateUtil.isValidFormatDate("200001", FORMAT));
+ }
+
+ /**
+ * Tests the {@link DateUtil#isValidFormatDate} method for the given year.
+ * Must return false.
+ */
+ @Test
+ public void isValidFormatDate() {
+ Assert.assertTrue(DateUtil.isValidFormatDate("20000101", FORMAT));
+ }
+
+ /**
+ * Tests the {@link DateUtil#isValidFormatDate} method for the given year.
+ * Must return false.
+ */
+ @Test
+ public void isValidFormatDateInvalidYear() {
+ Assert.assertFalse(DateUtil.isValidFormatDate("200", FORMAT));
+ }
+
+ /**
+ * Tests the {@link DateUtil#isValidFormatDate} method for the given year.
+ * Must return false.
+ */
+ @Test
+ public void isValidFormatDateInvalidMonth() {
+ Assert.assertFalse(DateUtil.isValidFormatDate("200013", FORMAT));
+ }
+
+ /**
+ * Tests the {@link DateUtil#isValidFormatDate} method for the given year.
+ * Must return false.
+ */
+ @Test
+ public void isValidFormatDateInvalidDate() {
+ Assert.assertFalse(DateUtil.isValidFormatDate("20010229", FORMAT));
+ }
+
+ /**
+ * Tests the {@link DateUtil#isValidFormatDate} method for the given year.
+ * Must return false.
+ */
+ @Test
+ public void isValidFormatDateNullDate() {
+ Assert.assertFalse(DateUtil.isValidFormatDate(null, FORMAT));
+ }
+
+ /**
+ * Tests the {@link DateUtil#isValidFormatDate} method for the given year.
+ * Must return false.
+ */
+ @Test
+ public void isValidFormatDateNullFormat() {
+ Assert.assertFalse(DateUtil.isValidFormatDate("2000", null));
+ }
+
+ /**
+ * Tests the {@link DateUtil#currentTimeStamp()} method for the current
+ * TimeStamp (TS). Must return true.
+ */
+ @Test
+ public void testCurrentTimeStampBefore() {
+ Timestamp ts = DateUtil.currentTimeStamp();
+ Assert.assertNotSame(ts, DateUtil.currentTimeStamp());
+ }
+
+ /**
+ * Tests the {@link DateUtil#currentTimeStamp()} method for the current
+ * TimeStamp (TS). Must return true.
+ */
+ @Test
+ public void testCurrentTimeStampAfter() {
+ Timestamp ts = DateUtil.currentTimeStamp();
+ Assert.assertEquals(DateUtil.currentTimeStamp(), ts);
+ }
+
+}
diff --git a/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/PEPSUtilTestCase.java b/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/PEPSUtilTestCase.java
new file mode 100644
index 000000000..d4841ed43
--- /dev/null
+++ b/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/PEPSUtilTestCase.java
@@ -0,0 +1,553 @@
+/*
+ * This work is Open Source and licensed by the European Commission under the
+ * conditions of the European Public License v1.1
+ *
+ * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1);
+ *
+ * any use of this file implies acceptance of the conditions of this license.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations
+ * under the License.
+ */
+package eu.stork.peps.tests;
+
+import static org.junit.Assert.assertArrayEquals;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotSame;
+import static org.junit.Assert.assertNull;
+import static org.junit.Assert.assertTrue;
+import static org.junit.Assert.assertFalse;
+
+import java.util.Properties;
+
+import org.junit.Assert;
+import org.junit.BeforeClass;
+import org.junit.Test;
+
+import eu.stork.peps.auth.commons.IPersonalAttributeList;
+import eu.stork.peps.auth.commons.PEPSErrors;
+import eu.stork.peps.auth.commons.PEPSParameters;
+import eu.stork.peps.auth.commons.PEPSUtil;
+import eu.stork.peps.auth.commons.PersonalAttributeList;
+import eu.stork.peps.auth.commons.exceptions.InternalErrorPEPSException;
+import eu.stork.peps.auth.commons.exceptions.InvalidParameterPEPSException;
+
+/**
+ * The PEPSUtil's Test Case.
+ *
+ * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com,
+ * luis.felix@multicert.com
+ *
+ * @version $Revision: $, $Date: $
+ */
+public final class PEPSUtilTestCase {
+
+ /**
+ * Message example.
+ */
+ private static final String MESSAGE_SAMPLE = "003002 - Authentication Failed";
+
+ /**
+ * Error message example.
+ */
+ private static final String ERROR_MESSAGE_SAMPLE = "Authentication Failed";
+
+ /**
+ * Error code example.
+ */
+ private static final String ERROR_CODE_SAMPLE = "003002";
+
+ /**
+ * Properties values for testing proposes.
+ */
+ private static final Properties CONFIGS1 = new Properties();
+
+ /**
+ * Properties values for testing proposes.
+ */
+ private static final Properties CONFIGS2 = new Properties();
+
+ /**
+ * The empty string value: "".
+ */
+ private static final String EMPTY_STRING = "";
+
+ /**
+ * The empty byte value: [].
+ */
+ private static final byte[] EMPTY_BYTE = new byte[] {};
+
+ /**
+ * The empty byte hash value.
+ */
+ private static final byte[] EMPTY_HASH_BYTE = new byte[] { -49, -125, -31,
+ 53, 126, -17, -72, -67, -15, 84, 40, 80, -42, 109, -128, 7, -42, 32, -28,
+ 5, 11, 87, 21, -36, -125, -12, -87, 33, -45, 108, -23, -50, 71, -48, -47,
+ 60, 93, -123, -14, -80, -1, -125, 24, -46, -121, 126, -20, 47, 99, -71, 49,
+ -67, 71, 65, 122, -127, -91, 56, 50, 122, -7, 39, -38, 62 };
+
+ /**
+ * The SAML example byte[] value.
+ */
+ private static final byte[] SAML_BYTE_SAMPLE = new byte[] { 60, 115, 97, 109,
+ 108, 62, 46, 46, 46, 60, 47, 115, 97, 109, 108 };
+
+ /**
+ * The SAML's Base64 example value.
+ */
+ private static final String SAML_BASE64_SAMPLE = "PHNhbWw+Li4uPC9zYW1s";
+
+ /**
+ * The SAML's Base64 byte[] example value.
+ */
+ private static byte[] SAML_BASE64_BYTE_SAMPLE = new byte[] { 80, 72, 78, 104,
+ 98, 87, 119, 43, 76, 105, 52, 117, 80, 67, 57, 122, 89, 87, 49, 115 };
+
+ /**
+ * The SAML's Base64 Hash byte[] example value.
+ */
+ private static byte[] HASH_BYTE_SAMPLE = new byte[] { 67, 38, 11, 115, 49,
+ -5, 54, -85, 38, 43, -99, 96, 71, -41, 50, -96, 71, -86, 90, -97, 66, -67,
+ 90, 101, 30, 82, -13, 60, -106, -72, -103, -75, 19, 2, -107, 107, -6, -56,
+ 34, -111, -44, -57, -26, -5, 33, 78, -1, 30, 21, 74, -26, 118, -46, -12,
+ -102, 12, -56, 30, -59, -104, -21, -42, -103, 82 };
+
+ /**
+ * Init PEPSUtilTestCase class.
+ */
+ @BeforeClass
+ public static void runsBeforeTheTestSuite() {
+
+ CONFIGS1.setProperty("max.attrList.size", "20000");
+ CONFIGS1.setProperty("attrList.code", "202005");
+ CONFIGS1.setProperty("attrList.message", "invalid.attrList.parameter");
+
+ CONFIGS1.setProperty("max.qaaLevel.size", "1");
+ CONFIGS1.setProperty("max.spUrl.size", "inv");
+ CONFIGS1.setProperty("validation.active", "true");
+ CONFIGS1.setProperty("hashDigest.className",
+ "org.bouncycastle.crypto.digests.SHA512Digest");
+ CONFIGS1.setProperty("invalidAgeDateValue.code", "35");
+ CONFIGS1.setProperty("invalidAttributeValue.code", "34");
+ CONFIGS1.setProperty("invalidAttributeValue.message",
+ "Unexpected or invalid content was encountered within a "
+ + "<saml:Attribute> or <saml:AttributeValue> element.");
+ }
+
+ /**
+ * Tests the {@link PEPSUtil#createInstance(Properties)} method for the given
+ * properties object.
+ */
+ @Test
+ public void testCreateInstance() {
+ Assert.assertNotNull(PEPSUtil.createInstance(CONFIGS2));
+ }
+
+ /**
+ * Tests the {@link PEPSUtil#getConfigs()}.
+ */
+ @Test
+ public void testGetConfigs() {
+ final PEPSUtil pepsUtils = PEPSUtil.createInstance(CONFIGS1);
+ assertEquals(pepsUtils.getConfigs(), CONFIGS1);
+ }
+
+ /**
+ * Tests the {@link PEPSUtil#getConfigs()}.
+ */
+ @Test
+ public void testGetConfigsDifferent() {
+ final PEPSUtil pepsUtils = PEPSUtil.createInstance(CONFIGS1);
+ assertNotSame(pepsUtils.getConfigs(), CONFIGS2);
+ }
+
+ /**
+ * Tests the {@link PEPSUtil#getConfig(String)} method for the given existing
+ * config.
+ */
+ @Test
+ public void testGetConfigExists() {
+ assertEquals(PEPSUtil.getConfig("hashDigest.className"),
+ "org.bouncycastle.crypto.digests.SHA512Digest");
+ }
+
+ /**
+ * Tests the {@link PEPSUtil#getConfig(String)} method for the given not
+ * existing config.
+ */
+ @Test
+ public void testGetConfigNoExists() {
+ assertNull(PEPSUtil.getConfig("doesnt.exists"));
+ }
+
+ /**
+ * Tests the {@link PEPSUtil#getConfig(String)} method for the given null
+ * value.
+ */
+ @Test(expected = NullPointerException.class)
+ public void testGetConfigNull() {
+ assertNull(PEPSUtil.getConfig(null));
+ }
+
+ /**
+ * Tests the {@link PEPSUtil#isValidParameter(String, String)} method for the
+ * given param values.
+ */
+ @Test
+ public void testIsValidParameterExists() {
+ assertTrue(PEPSUtil.isValidParameter("qaaLevel", "1"));
+ }
+
+ /**
+ * Tests the {@link PEPSUtil#isValidParameter(String, String)} method for the
+ * given param values.
+ */
+ @Test
+ public void testIsValidParameterExistsGreat() {
+ assertFalse(PEPSUtil.isValidParameter("qaaLevel", "12"));
+ }
+
+ /**
+ * Tests the {@link PEPSUtil#isValidParameter(String, String)} method for the
+ * given param values.
+ */
+ @Test
+ public void testIsValidParameterExistsIvalidConf() {
+ assertFalse(PEPSUtil
+ .isValidParameter("spUrl", "http://localhost:8080/SP/"));
+ }
+
+ /**
+ * Tests the {@link PEPSUtil#isValidParameter(String, String)} method for the
+ * given param values.
+ */
+ @Test
+ public void testIsValidParameterNotExists() {
+ assertFalse(PEPSUtil.isValidParameter("doesntexists",
+ "http://localhost:8080/SP/"));
+ }
+
+ /**
+ * Tests the {@link PEPSUtil#isValidParameter(String, String)} method for the
+ * given param values.
+ */
+ @Test
+ public void testIsValidParameterNullParamName() {
+ assertFalse(PEPSUtil.isValidParameter(null, "http://localhost:8080/SP/"));
+ }
+
+ /**
+ * Tests the {@link PEPSUtil#isValidParameter(String, String)} method for the
+ * given param values.
+ */
+ @Test
+ public void testIsValidParameterNullParamValue() {
+ assertFalse(PEPSUtil.isValidParameter("spUrl", null));
+ }
+
+ /**
+ * Tests the {@link PEPSUtil#validateParameter(String, String, Object)} method
+ * for the given object values.
+ */
+ @Test
+ public void testValidateParameterValid() {
+ final IPersonalAttributeList persAttrList = new PersonalAttributeList();
+ persAttrList.populate("isAgeOver:true:[15,]:Available;");
+ PEPSUtil.validateParameter("ServiceProviderAction",
+ PEPSParameters.ATTRIBUTE_LIST.toString(), persAttrList);
+ }
+
+ /**
+ * Tests the {@link PEPSUtil#validateParameter(String, String, Object)} method
+ * for the given string values.
+ */
+ @Test(expected = InvalidParameterPEPSException.class)
+ public void testValidateParameterNull() {
+ PEPSUtil.validateParameter("ServiceProviderAction",
+ PEPSParameters.ATTRIBUTE_LIST.toString(), null);
+ }
+
+ /**
+ * Tests the {@link PEPSUtil#validateParameter(String, String, String)} method
+ * for the given string values.
+ *
+ * The tested class just invokes
+ * {@link PEPSUtil#validateParameter(String, String, String, String, String)}
+ * so further tests will be later.
+ */
+ @Test
+ public void testValidateParameter() {
+ PEPSUtil.validateParameter("ServiceProviderAction",
+ PEPSParameters.ATTRIBUTE_LIST.toString(),
+ "isAgeOver:true:[15,]:Available;");
+ }
+
+ /**
+ * Tests the
+ * {@link PEPSUtil#validateParameter(String, String, String, PEPSErrors)}
+ * method for the given string value and {@link PEPSErrors} enum.
+ *
+ * The tested class just invokes
+ * {@link PEPSUtil#validateParameter(String, String, String, String, String)}
+ * so further tests will be later.
+ */
+ @Test
+ public void testValidateParameterPEPSErrors() {
+ PEPSUtil.validateParameter("CountrySelectorAction",
+ PEPSParameters.ATTRIBUTE_LIST.toString(),
+ "isAgeOver:true:[15,]:Available;",
+ PEPSErrors.SP_COUNTRY_SELECTOR_INVALID_ATTR);
+ }
+
+ /**
+ * Tests the
+ * {@link PEPSUtil#validateParameter(String, String, String, String, String)}
+ * method for the given string values.
+ */
+ @Test
+ public void testValidateParameterValidParams() {
+ PEPSUtil.validateParameter("ServiceProviderAction", "qaaLevel", "1",
+ "qaaLevel.code", "qaaLevel.message");
+ }
+
+ /**
+ * Tests the
+ * {@link PEPSUtil#validateParameter(String, String, String, String, String)}
+ * method for the given string values.
+ */
+ @Test(expected = InvalidParameterPEPSException.class)
+ public void testValidateParameterInvalidParamValue() {
+ PEPSUtil.validateParameter("ServiceProviderAction", "qaaLevel", "10",
+ "qaaLevel.code", "qaaLevel.message");
+ }
+
+ /**
+ * Tests the
+ * {@link PEPSUtil#validateParameter(String, String, String, String, String)}
+ * method for the given string values.
+ */
+ @Test(expected = InvalidParameterPEPSException.class)
+ public void testValidateParameterInvalidParamName() {
+ PEPSUtil.validateParameter("ServiceProviderAction", "doesnt.exists", "1",
+ "qaaLevel.code", "qaaLevel.message");
+ }
+
+ /**
+ * Tests the
+ * {@link PEPSUtil#validateParameter(String, String, String, String, String)}
+ * method for the given string values.
+ */
+ @Test(expected = InvalidParameterPEPSException.class)
+ public void testValidateParameterNullParamName() {
+ PEPSUtil.validateParameter("ServiceProviderAction", null, "1",
+ "qaaLevel.code", "qaaLevel.message");
+ }
+
+ /**
+ * Tests the
+ * {@link PEPSUtil#validateParameter(String, String, String, String, String)}
+ * method for the given string values.
+ */
+ @Test(expected = InvalidParameterPEPSException.class)
+ public void testValidateParameterNullParamValue() {
+ PEPSUtil.validateParameter("ServiceProviderAction", "qaaLevel", null,
+ "qaaLevel.code", "qaaLevel.message");
+ }
+
+ /**
+ * Tests the {@link PEPSUtil#encodeSAMLToken(byte[])} method for the given
+ * string value.
+ */
+ @Test
+ public void testEncodeSAMLToken() {
+ assertEquals(PEPSUtil.encodeSAMLToken(SAML_BYTE_SAMPLE), SAML_BASE64_SAMPLE);
+ }
+
+ /**
+ * Tests the {@link PEPSUtil#encodeSAMLToken(byte[])} method for the given
+ * null.
+ */
+ @Test(expected = NullPointerException.class)
+ public void testEncodeSAMLTokenNull() {
+ assertNotSame(PEPSUtil.encodeSAMLToken(null), SAML_BASE64_SAMPLE);
+ }
+
+ /**
+ * Tests the {@link PEPSUtil#encodeSAMLToken(byte[])} method for the given
+ * empty byte[] value.
+ */
+ @Test
+ public void testEncodeSAMLTokenEmpty() {
+ assertEquals(PEPSUtil.encodeSAMLToken(EMPTY_BYTE), EMPTY_STRING);
+ }
+
+ /**
+ * Tests the {@link PEPSUtil#decodeSAMLToken(byte[])} method for the given
+ * byte[] value.
+ */
+ @Test
+ public void testDecodeSAMLToken() {
+ assertArrayEquals(PEPSUtil.decodeSAMLToken(SAML_BASE64_SAMPLE),
+ SAML_BYTE_SAMPLE);
+ }
+
+ /**
+ * Tests the {@link PEPSUtil#decodeSAMLToken(byte[])} method for the given
+ * null value.
+ */
+ @Test(expected = NullPointerException.class)
+ public void testDecodeSAMLTokenNull() {
+ assertNotSame(PEPSUtil.decodeSAMLToken(null), SAML_BYTE_SAMPLE);
+ }
+
+ /**
+ * Tests the {@link PEPSUtil#decodeSAMLToken(byte[])} method for the given
+ * empty string value.
+ */
+ @Test(expected = StringIndexOutOfBoundsException.class)
+ public void testDecodeSAMLTokenEmpty() {
+ assertTrue(PEPSUtil.decodeSAMLToken(EMPTY_STRING) == EMPTY_BYTE);
+ }
+
+ /**
+ * Tests the {@link PEPSUtil#hashPersonalToken(byte[])} method for the given
+ * byte[] value.
+ */
+ @Test
+ public void testHashPersonalToken() {
+ assertArrayEquals(PEPSUtil.hashPersonalToken(SAML_BASE64_BYTE_SAMPLE),
+ HASH_BYTE_SAMPLE);
+ }
+
+ /**
+ * Tests the {@link PEPSUtil#hashPersonalToken(byte[])} method for the given
+ * null value.
+ */
+ @Test(expected = InternalErrorPEPSException.class)
+ public void testHashPersonalTokenNull() {
+ assertNull(PEPSUtil.hashPersonalToken(null));
+ }
+
+ /**
+ * Tests the {@link PEPSUtil#hashPersonalToken(byte[])} method for the given
+ * empty value.
+ */
+ @Test
+ public void testHashPersonalTokenEmpty() {
+ assertArrayEquals(PEPSUtil.hashPersonalToken(EMPTY_BYTE), EMPTY_HASH_BYTE);
+ }
+
+ /**
+ * Tests the {@link PEPSUtil#getStorkErrorCode(String)} method for the given
+ * correct message.
+ */
+ @Test
+ public void testGetStorkErrorCodeExists() {
+ assertEquals(PEPSUtil.getStorkErrorCode(MESSAGE_SAMPLE), ERROR_CODE_SAMPLE);
+ }
+
+ /**
+ * Tests the {@link PEPSUtil#getStorkErrorCode(String)} method for the given
+ * invalid message.
+ */
+ @Test
+ public void testGetStorkErrorCodeNoExists() {
+ assertNull(PEPSUtil.getStorkErrorCode(ERROR_MESSAGE_SAMPLE));
+ }
+
+ /**
+ * Tests the {@link PEPSUtil#getStorkErrorCode(String)} method for the given
+ * empty message.
+ */
+ @Test
+ public void testGetStorkErrorCodeEmpty() {
+ assertNull(PEPSUtil.getStorkErrorCode(EMPTY_STRING));
+ }
+
+ /**
+ * Tests the {@link PEPSUtil#getStorkErrorCode(String)} method for the given
+ * null message.
+ */
+ @Test
+ public void testGetStorkErrorCodeNull() {
+ assertNull(PEPSUtil.getStorkErrorCode(null));
+ }
+
+ /**
+ * Tests the {@link PEPSUtil#getStorkErrorCode(String)} method for the given
+ * invalid message.
+ */
+ @Test
+ public void testGetStorkErrorCodeWithSepFake() {
+ assertNull(PEPSUtil.getStorkErrorCode("-"));
+ }
+
+ /**
+ * Tests the {@link PEPSUtil#getStorkErrorCode(String)} method for the given
+ * invalid message.
+ */
+ @Test
+ public void testGetStorkErrorCodeWithSepAndCodeFake() {
+ assertNull(PEPSUtil.getStorkErrorCode("000001 -"));
+ }
+
+ /**
+ * Tests the {@link PEPSUtil#getStorkErrorMessage(String)} method for the
+ * given correct message.
+ */
+ @Test
+ public void testGetStorkErrorMessageExists() {
+ assertEquals(PEPSUtil.getStorkErrorMessage(MESSAGE_SAMPLE),
+ ERROR_MESSAGE_SAMPLE);
+ }
+
+ /**
+ * Tests the {@link PEPSUtil#getStorkErrorMessage(String)} method for the
+ * given invalid message.
+ */
+ @Test
+ public void testGetStorkErrorMessageNoExists() {
+ assertEquals(PEPSUtil.getStorkErrorMessage(ERROR_MESSAGE_SAMPLE),
+ ERROR_MESSAGE_SAMPLE);
+ }
+
+ /**
+ * Tests the {@link PEPSUtil#getStorkErrorMessage(String)} method for the
+ * given empty message.
+ */
+ @Test
+ public void testGetStorkErrorMessageEmpty() {
+ assertEquals(PEPSUtil.getStorkErrorMessage(EMPTY_STRING),
+ EMPTY_STRING);
+ }
+
+ /**
+ * Tests the {@link PEPSUtil#getStorkErrorMessage(String)} method for the
+ * given null message.
+ */
+ @Test
+ public void testGetStorkErrorMessageNull() {
+ assertNull(PEPSUtil.getStorkErrorMessage(null));
+ }
+
+ /**
+ * Tests the {@link PEPSUtil#getStorkErrorMessage(String)} method for the
+ * given invalid message.
+ */
+ @Test
+ public void testGetStorkErrorMessageWithSepFake() {
+ assertEquals(PEPSUtil.getStorkErrorMessage("-"),"-");
+ }
+
+ /**
+ * Tests the {@link PEPSUtil#getStorkErrorMessage(String)} method for the
+ * given invalid message.
+ */
+ @Test
+ public void testGetStorkErrorMessageWithSepAndCodeFake() {
+ assertEquals(PEPSUtil.getStorkErrorMessage("000001 -"),"000001 -");
+ }
+
+}
diff --git a/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/PersonalAttributeListTestCase.java b/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/PersonalAttributeListTestCase.java
new file mode 100644
index 000000000..7052b320a
--- /dev/null
+++ b/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/PersonalAttributeListTestCase.java
@@ -0,0 +1,747 @@
+/*
+ * This work is Open Source and licensed by the European Commission under the
+ * conditions of the European Public License v1.1
+ *
+ * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1);
+ *
+ * any use of this file implies acceptance of the conditions of this license.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations
+ * under the License.
+ */
+package eu.stork.peps.tests;
+
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.Iterator;
+import java.util.Map;
+
+import org.junit.Assert;
+import org.junit.BeforeClass;
+import org.junit.Test;
+
+import eu.stork.peps.auth.commons.PersonalAttribute;
+import eu.stork.peps.auth.commons.PersonalAttributeList;
+import eu.stork.peps.auth.commons.STORKStatusCode;
+
+/**
+ * The PersonalAttributeList's Test Case.
+ *
+ * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com,
+ * luis.felix@multicert.com, hugo.magalhaes@multicert.com,
+ * paulo.ribeiro@multicert.com
+ * @version $Revision: 1.5 $, $Date: 2010-11-17 05:17:02 $
+ */
+public final class PersonalAttributeListTestCase {
+
+ /**
+ * isAgeOver constant value.
+ */
+ private static final String ISAGEOVER_CONS = "isAgeOver";
+
+ /**
+ * 1 constant value.
+ */
+ private static final int ONE_CONS = 1;
+
+ /**
+ * 2 constant value.
+ */
+ private static final int TWO_CONS = 2;
+
+ /**
+ * An empty attribute.
+ */
+ @SuppressWarnings("unused")
+ private static final PersonalAttributeList EMPTY_ATTR_LIST =
+ new PersonalAttributeList(0);
+
+ /**
+ * An attribute with a complex value (canonicalResidenceAddress).
+ */
+ private static PersonalAttribute complexAttrValue = null;
+
+ /**
+ * Simple attribute value list string.
+ */
+ private static final String SIMPLE_ATTRLIST =
+ "isAgeOver:true:[15,]:Available;";
+
+ /**
+ * Simple attribute value list string.
+ */
+ private static final String SIMPLE_ATTRLIST2 =
+ "isAgeOver:true:[18,]:Available;";
+
+ /**
+ * Simple attribute value list string.
+ */
+ private static final String SIMPLE_ATTRLIST3 =
+ "isAgeOver:true:[15,]:Available;isAgeOver:true:[18,]:Available;";
+
+ /**
+ * Simple attribute value list string.
+ */
+ private static final String SIMPLE_ATTRLIST3_REVERSE =
+ "isAgeOver:true:[18,]:Available;isAgeOver:true:[15,]:Available;";
+ /**
+ * Simple attribute value list string.
+ */
+ private static final String COMPLEX_ATTRLIST =
+ "canonicalResidenceAddress:true:[postalCode=4100,apartmentNumber=Ed. B,"
+ + "state=Porto,countryCodeAddress=PT,streetNumber=379,"
+ + "streetName=Avenida Sidonio Pais,town=Porto,]:Available;";
+ /**
+ * Mix attribute list string.
+ */
+ private static final String STR_MIX_ATTR_LIST =
+ "isAgeOver:true:[15,]:Available;canonicalResidenceAddress:true:["
+ + "postalCode=4100,apartmentNumber=Ed.B,state=Porto,countryCodeAddress=PT,"
+ + "streetNumber=379,streetName=Avenida Sidonio Pais,town=Porto,]:"
+ + "Available;";
+
+ /**
+ * Mix attribute list 2 string.
+ */
+ private static final String STR_MIX_ATTR_LIST2 =
+ "isAgeOver:true:[15,]:Available;canonicalResidenceAddress:true:["
+ + "postalCode=4100,apartmentNumber=Ed.B,state=Porto,countryCodeAddress=PT,"
+ + "streetNumber=379,streetName=Avenida Sidonio Pais,town=Porto,]:Available;"
+ + "mandateContent:true:["
+ + "isJoint=\"isjoint\",typeOfPower=\"power\",ValidTo=\"validto\",validfrom=\"validfrom\",AQAA=\"3\",isChained=\"ischained\",]:"
+ + "Available;";
+
+ /**
+ * Attribute List example.
+ */
+ @SuppressWarnings({ "serial" })
+ private static final PersonalAttribute ATTR_VALUE = new PersonalAttribute(
+ "age", true, new ArrayList<String>() {
+ {
+ add("15");
+ }
+ }, STORKStatusCode.STATUS_AVAILABLE.toString());
+
+ /**
+ * Init PersonalAttributeListTestCase class.
+ */
+ @SuppressWarnings("serial")
+ @BeforeClass
+ public static void runsBeforeTheTestSuite() {
+ final Map<String, String> values = new HashMap<String, String>() {
+ {
+ put("countryCodeAddress", "PT");
+ put("state", "Porto");
+ put("town", "Porto");
+ put("postalCode", "4100");
+ put("streetName", "Avenida Sidonio Pais");
+ put("streetNumber", "379");
+ put("apartmentNumber", "Ed. B");
+ }
+ };
+
+ complexAttrValue =
+ new PersonalAttribute("canonicalResidenceAddress", true, values,
+ STORKStatusCode.STATUS_AVAILABLE.toString());
+
+ }
+
+ /**
+ * Testing Personal Attribute List add method. Personal Attribute list must be
+ * size 1 - Simple attribute.
+ */
+ @Test
+ public void testAddSimpleAttr() {
+ final PersonalAttributeList attrList = new PersonalAttributeList(1);
+ attrList.add(ATTR_VALUE);
+ Assert.assertTrue(attrList.size() == 1);
+ }
+
+ /**
+ * Testing Personal Attribute List add method. Personal Attribute list must be
+ * size 1 - Complex attribute.
+ */
+ @Test
+ public void testAddCompleAttr() {
+ final PersonalAttributeList attrList = new PersonalAttributeList(1);
+ attrList.add(complexAttrValue);
+ Assert.assertTrue(attrList.size() == 1);
+ }
+
+ /**
+ * Testing Personal Attribute List add method. Personal Attribute list must be
+ * size 0 - no attribute.
+ */
+ @Test
+ public void testAddNull() {
+ final PersonalAttributeList attrList = new PersonalAttributeList(1);
+ attrList.add(null);
+ Assert.assertTrue(attrList.size() == 0);
+ }
+
+ /**
+ * Testing Personal Attribute List add method. Same attribute name added
+ * twice. Personal Attribute list must be size 2 - IsAgeOver attribute added
+ * twice.
+ */
+ @SuppressWarnings("serial")
+ @Test
+ public void testAddSameAttrName() {
+ final PersonalAttribute attrValueUnder =
+ new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList<String>() {
+ {
+ add("15");
+ }
+ }, STORKStatusCode.STATUS_AVAILABLE.toString());
+
+ final PersonalAttribute attrValueOver =
+ new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList<String>() {
+ {
+ add("18");
+ }
+ }, STORKStatusCode.STATUS_AVAILABLE.toString());
+ final PersonalAttributeList attrList = new PersonalAttributeList(1);
+ attrList.add(attrValueUnder);
+ attrList.add(attrValueOver);
+ Assert.assertTrue(attrList.size() == 2);
+ }
+
+ /**
+ * Testing Personal Attribute List add method. Same attribute name added
+ * twice. Personal Attribute list must be size 2 - IsAgeOver attribute added
+ * twice.
+ */
+ @SuppressWarnings("serial")
+ @Test
+ public void testAddSameAttrNameEmpty() {
+ final PersonalAttribute attrValueUnder =
+ new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList<String>() {
+ {
+ add("15");
+ }
+ }, STORKStatusCode.STATUS_AVAILABLE.toString());
+
+ final PersonalAttribute attrValueOver =
+ new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList<String>() {
+ {
+ add("");
+ }
+ }, STORKStatusCode.STATUS_AVAILABLE.toString());
+ final PersonalAttributeList attrList = new PersonalAttributeList(1);
+ attrList.add(attrValueUnder);
+ attrList.add(attrValueOver);
+ Assert.assertTrue(attrList.size() == 2);
+ }
+
+ /**
+ * Testing Personal Attribute List put method. Personal Attribute list must be
+ * size 1 - Simple Value.
+ */
+ @Test
+ public void testPutSimpleAttr() {
+ final PersonalAttributeList attrList = new PersonalAttributeList(1);
+ attrList.put(ATTR_VALUE.getName(), ATTR_VALUE);
+ Assert.assertTrue(attrList.size() == 1);
+ }
+
+ /**
+ * Testing Personal Attribute List put method. Personal Attribute list must be
+ * size 1 - Complex Value.
+ */
+ @Test
+ public void testPutComplexAttr() {
+ final PersonalAttributeList attrList = new PersonalAttributeList(1);
+ attrList.put(ATTR_VALUE.getName(), complexAttrValue);
+ Assert.assertTrue(attrList.size() == 1);
+ }
+
+ /**
+ * Testing Personal Attribute List put method. Personal Attribute list must be
+ * size 0 - no attribute.
+ */
+ @Test
+ public void testPutNull() {
+ final PersonalAttributeList attrList = new PersonalAttributeList(1);
+ attrList.put("", null);
+ Assert.assertTrue(attrList.size() == 0);
+ }
+
+ /**
+ * Testing Personal Attribute List put method. Personal Attribute list must be
+ * size 2 - IsAgeOver attribute added twice.
+ */
+ @SuppressWarnings("serial")
+ @Test
+ public void testPutSameAttrName() {
+ final PersonalAttribute attrValueUnder =
+ new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList<String>() {
+ {
+ add("15");
+ }
+ }, STORKStatusCode.STATUS_AVAILABLE.toString());
+
+ final PersonalAttribute attrValueOver =
+ new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList<String>() {
+ {
+ add("18");
+ }
+ }, STORKStatusCode.STATUS_AVAILABLE.toString());
+
+ final PersonalAttributeList attrList = new PersonalAttributeList(1);
+ attrList.put(attrValueUnder.getName(), attrValueUnder);
+ attrList.put(attrValueOver.getName(), attrValueOver);
+ Assert.assertTrue(attrList.size() == 2);
+ }
+
+ /**
+ * Testing Personal Attribute List put method. Personal Attribute list must be
+ * size 2 - IsAgeOver attribute added twice.
+ */
+ @SuppressWarnings("serial")
+ @Test
+ public void testPutSameAttrNameEmpty() {
+ final PersonalAttribute attrValueUnder =
+ new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList<String>() {
+ {
+ add("15");
+ }
+ }, STORKStatusCode.STATUS_AVAILABLE.toString());
+
+ final PersonalAttribute attrValueOver =
+ new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList<String>() {
+ {
+ add("");
+ }
+ }, STORKStatusCode.STATUS_AVAILABLE.toString());
+
+ final PersonalAttributeList attrList = new PersonalAttributeList(1);
+ attrList.put(attrValueUnder.getName(), attrValueUnder);
+ attrList.put(attrValueOver.getName(), attrValueOver);
+ Assert.assertTrue(attrList.size() == 2);
+ }
+
+ /**
+ * Testing Personal Attribute List get method. Personal Attribute list must be
+ * size 1 - Simple attribute.
+ */
+ @Test
+ public void testGetSimpleAttr() {
+ final PersonalAttributeList attrList = new PersonalAttributeList(1);
+ attrList.add(ATTR_VALUE);
+ Assert.assertEquals(ATTR_VALUE, attrList.get(ATTR_VALUE.getName()));
+ }
+
+ /**
+ * Testing Personal Attribute List add method. Personal Attribute list must be
+ * size 1 - Complex attribute.
+ */
+ @Test
+ public void testGetCompleAttr() {
+ final PersonalAttributeList attrList = new PersonalAttributeList(1);
+ attrList.add(complexAttrValue);
+ Assert.assertEquals(complexAttrValue.toString(),
+ attrList.get(complexAttrValue.getName()).toString());
+ }
+
+ /**
+ * Testing Personal Attribute List get method. Personal Attribute list must be
+ * size 2 - IsAgeOver attribute.
+ */
+ @SuppressWarnings("serial")
+ @Test
+ public void testGetIsAgeOverAttr() {
+ final PersonalAttribute attrValueUnder =
+ new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList<String>() {
+ {
+ add("15");
+ }
+ }, STORKStatusCode.STATUS_AVAILABLE.toString());
+
+ final PersonalAttribute attrValueOver =
+ new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList<String>() {
+ {
+ add("18");
+ }
+ }, STORKStatusCode.STATUS_AVAILABLE.toString());
+ final PersonalAttributeList attrList = new PersonalAttributeList(1);
+ attrList.add(attrValueUnder);
+ attrList.add(attrValueOver);
+ Assert.assertEquals(SIMPLE_ATTRLIST,
+ attrList.get(attrValueUnder.getName()).toString());
+ Assert.assertEquals(SIMPLE_ATTRLIST2,
+ attrList.get(attrValueOver.getName()).toString());
+ }
+
+ /**
+ * Testing Personal Attribute List populate method. Personal Attribute list
+ * must be size 1 - Simple attribute.
+ */
+ @Test
+ public void testPopulateSimpleAttr() {
+ final PersonalAttributeList attrList = new PersonalAttributeList(1);
+ attrList.populate(SIMPLE_ATTRLIST);
+ Assert.assertTrue(attrList.size() == 1);
+ }
+
+ /**
+ * Testing Personal Attribute List populate method. Personal Attribute list
+ * must be size 1 - Complex attribute.
+ */
+ @Test
+ public void testPopulateComplexAttr() {
+ final PersonalAttributeList attrList = new PersonalAttributeList(1);
+ attrList.populate(COMPLEX_ATTRLIST);
+ Assert.assertTrue(attrList.size() == 1);
+ }
+
+ /**
+ * Testing Personal Attribute List populate method. Personal Attribute list
+ * must be size 1 - Simple and Complex attribute.
+ */
+ @Test
+ public void testPopulateMixAttrs() {
+ final PersonalAttributeList attrList = new PersonalAttributeList(1);
+ attrList.populate(STR_MIX_ATTR_LIST);
+ Assert.assertTrue(attrList.size() == 2);
+ }
+
+ /**
+ * Testing Personal Attribute List toString method using add.
+ */
+ @SuppressWarnings("serial")
+ @Test
+ public void testToStringFromAdd() {
+ final PersonalAttribute attrValueUnder =
+ new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList<String>() {
+ {
+ add("15");
+ }
+ }, STORKStatusCode.STATUS_AVAILABLE.toString());
+
+ final PersonalAttribute attrValueOver =
+ new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList<String>() {
+ {
+ add("18");
+ }
+ }, STORKStatusCode.STATUS_AVAILABLE.toString());
+ final PersonalAttributeList attrList = new PersonalAttributeList(1);
+ attrList.add(attrValueUnder);
+ attrList.add(attrValueOver);
+ Assert.assertEquals(SIMPLE_ATTRLIST3_REVERSE, attrList.toString());
+ }
+
+ /**
+ * Testing Personal Attribute List toString method using put.
+ *
+ */
+ @SuppressWarnings("serial")
+ @Test
+ public void testToStringFromPut() {
+ final PersonalAttribute attrValueUnder =
+ new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList<String>() {
+ {
+ add("15");
+ }
+ }, STORKStatusCode.STATUS_AVAILABLE.toString());
+
+ final PersonalAttribute attrValueOver =
+ new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList<String>() {
+ {
+ add("18");
+ }
+ }, STORKStatusCode.STATUS_AVAILABLE.toString());
+ final PersonalAttributeList attrList = new PersonalAttributeList(1);
+ attrList.put(attrValueUnder.getName(), attrValueUnder);
+ attrList.put(attrValueOver.getName(), attrValueOver);
+ Assert.assertEquals(SIMPLE_ATTRLIST3_REVERSE, attrList.toString());
+ }
+
+ /**
+ * Testing Personal Attribute List toString method using populate.
+ */
+ @Test
+ public void testToStringFromSimplePopulate() {
+ final String strAttrList = "isAgeOver:true";
+ final PersonalAttributeList attrList = new PersonalAttributeList(1);
+ attrList.populate(strAttrList);
+ Assert.assertEquals("isAgeOver:true:[]:;", attrList.toString());
+ }
+
+ /**
+ * Testing Personal Attribute List toString method using populate.
+ */
+ @Test
+ public void testToStringFromPopulate() {
+ final PersonalAttributeList attrList = new PersonalAttributeList(1);
+ attrList.populate(SIMPLE_ATTRLIST3);
+ Assert.assertEquals(SIMPLE_ATTRLIST3_REVERSE, attrList.toString());
+ }
+
+ /**
+ * Testing Personal Attribute List populate method, with invalid values.
+ */
+ @Test
+ public void testPopulateWithInvalidValuesFormat() {
+ final PersonalAttributeList pal = new PersonalAttributeList();
+ pal.populate("name:type:values:status;");
+ Assert.assertEquals(pal, new PersonalAttributeList());
+ }
+
+ /**
+ * Testing Personal Attribute List populate method, with invalid format.
+ */
+ @Test
+ public void testPopulateWithInvalidFormat() {
+
+ final PersonalAttributeList pal = new PersonalAttributeList();
+ pal.populate("name:type::status;");
+ Assert.assertEquals(pal, new PersonalAttributeList());
+ }
+
+ /**
+ * Testing Personal Attribute List clone method using add.
+ */
+ @SuppressWarnings("serial")
+ @Test
+ public void testCloneFromAdd() {
+ final PersonalAttribute attrValueUnder =
+ new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList<String>() {
+ {
+ add("15");
+ }
+ }, STORKStatusCode.STATUS_AVAILABLE.toString());
+
+ final PersonalAttribute attrValueOver =
+ new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList<String>() {
+ {
+ add("18");
+ }
+ }, STORKStatusCode.STATUS_AVAILABLE.toString());
+ final PersonalAttributeList attrList = new PersonalAttributeList(1);
+ attrList.add(attrValueUnder);
+ attrList.add(attrValueOver);
+ Assert.assertNotSame(attrList, attrList.clone());
+ }
+
+ /**
+ * Testing Personal Attribute List clone method using put.
+ */
+ @SuppressWarnings("serial")
+ @Test
+ public void testCloneFromPut() {
+ final PersonalAttribute attrValueUnder =
+ new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList<String>() {
+ {
+ add("15");
+ }
+ }, STORKStatusCode.STATUS_AVAILABLE.toString());
+
+ final PersonalAttribute attrValueOver =
+ new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList<String>() {
+ {
+ add("18");
+ }
+ }, STORKStatusCode.STATUS_AVAILABLE.toString());
+ final PersonalAttributeList attrList = new PersonalAttributeList(1);
+ attrList.put(attrValueUnder.getName(), attrValueUnder);
+ attrList.put(attrValueOver.getName(), attrValueOver);
+ Assert.assertNotSame(attrList, attrList.clone());
+ }
+
+ /**
+ * Testing Personal Attribute List clone method using populate.
+ */
+ @Test
+ public void testCloneFromPopulate() {
+ final PersonalAttributeList pal = new PersonalAttributeList();
+ pal.populate(SIMPLE_ATTRLIST3);
+ Assert.assertNotSame(pal, pal.clone());
+ }
+
+ /**
+ * Testing Personal Attribute List iterator.
+ */
+ @Test
+ public void testIterator() {
+ final String strAttrList =
+ "isAgeOver:true:[15,]:Available;isAgeOver:true:[18,]:Available;";
+ final PersonalAttributeList pal = new PersonalAttributeList();
+ pal.populate(strAttrList);
+ final Iterator<PersonalAttribute> itAttr = pal.iterator();
+ while (itAttr.hasNext()) {
+ final PersonalAttribute attr = itAttr.next();
+ Assert.assertEquals(ISAGEOVER_CONS, attr.getName());
+ }
+ }
+
+ /**
+ * Testing Personal Attribute List's GetOptionalAttributes method with empty attribute list.
+ */
+ @Test
+ public void testGetOptionalAttributesWithEmptyList() {
+ final PersonalAttributeList pal = new PersonalAttributeList();
+ Assert.assertTrue(pal.getOptionalAttributes().isEmpty());
+ }
+
+ /**
+ * Testing Personal Attribute List's GetOptionalAttributes method without optional attributes.
+ */
+ @Test
+ public void testGetOptionalAttributesWithoutOptional() {
+ final String strAttrList =
+ "isAgeOver:true:[15,]:Available;isAgeOver:true:[18,]:Available;";
+ final PersonalAttributeList pal = new PersonalAttributeList();
+ pal.populate(strAttrList);
+ Assert.assertTrue(pal.getOptionalAttributes().isEmpty());
+ }
+
+ /**
+ * Testing Personal Attribute List's GetOptionalAttributes method with one optional attribute.
+ */
+ @Test
+ public void testGetOptionalAttributesWithOneOptional() {
+ final String strAttrList =
+ "age:false:[]:;isAgeOver:true:[15,]:;isAgeOver:true:[18,]:;";
+ final PersonalAttributeList pal = new PersonalAttributeList();
+ pal.populate(strAttrList);
+ Assert.assertTrue(pal.getOptionalAttributes().size() == ONE_CONS);
+ }
+
+ /**
+ * Testing Personal Attribute List's GetOptionalAttributes method with two optional attribute.
+ */
+ @Test
+ public void testGetOptionalAttributesWithOnlyOptional() {
+ final String strAttrList =
+ "age:false:[]:;isAgeOver:false:[18,]:;";
+ final PersonalAttributeList pal = new PersonalAttributeList();
+ pal.populate(strAttrList);
+ Assert.assertTrue(pal.getOptionalAttributes().size() == TWO_CONS);
+ }
+
+ /**
+ * Testing Personal Attribute List's getMandatoryAttributes method with empty attribute list.
+ */
+ @Test
+ public void testGetMandatoryAttributesWithEmptyList() {
+ final PersonalAttributeList pal = new PersonalAttributeList();
+ Assert.assertTrue(pal.getMandatoryAttributes().isEmpty());
+ }
+
+ /**
+ * Testing Personal Attribute List's getMandatoryAttributes method without mandatory attributes.
+ */
+ @Test
+ public void testGetMandatoryAttributesWithoutMandatory() {
+ final String strAttrList =
+ "isAgeOver:false:[15,]:Available;isAgeOver:false:[18,]:Available;";
+ final PersonalAttributeList pal = new PersonalAttributeList();
+ pal.populate(strAttrList);
+ Assert.assertTrue(pal.getMandatoryAttributes().isEmpty());
+ }
+
+ /**
+ * Testing Personal Attribute List's GetMandatoryAttributes method with one mandatory attribute.
+ */
+ @Test
+ public void testGetMandatoryAttributesWithOneMandatory() {
+ final String strAttrList =
+ "age:true:[]:;isAgeOver:false:[15,]:;isAgeOver:false:[18,]:;";
+ final PersonalAttributeList pal = new PersonalAttributeList();
+ pal.populate(strAttrList);
+ Assert.assertTrue(pal.getMandatoryAttributes().size() == ONE_CONS);
+ }
+
+ /**
+ * Testing Personal Attribute List's GetMandatoryAttributes method with two mandatory attribute.
+ */
+ @Test
+ public void testGetMandatoryAttributesWithOnlyMandatory() {
+ final String strAttrList =
+ "age:true:[]:;isAgeOver:true:[18,]:;";
+ final PersonalAttributeList pal = new PersonalAttributeList();
+ pal.populate(strAttrList);
+ Assert.assertTrue(pal.getMandatoryAttributes().size() == TWO_CONS);
+ }
+
+ /**
+ * Testing Personal Attribute List's getSimpleValueAttributes method with empty attribute list.
+ */
+ @Test
+ public void testGetSimpleValueAttributesWithEmptyList() {
+ final PersonalAttributeList pal = new PersonalAttributeList();
+ Assert.assertTrue(pal.getSimpleValueAttributes().isEmpty());
+ }
+
+ /**
+ * Testing Personal Attribute List's getSimpleValueAttributes() method without simple attributes.
+ */
+ @Test
+ public void testGetSimpleValueAttributesWithoutSimple() {
+ final PersonalAttributeList pal = new PersonalAttributeList();
+ pal.populate(COMPLEX_ATTRLIST);
+ Assert.assertTrue(pal.getSimpleValueAttributes().isEmpty());
+ }
+
+ /**
+ * Testing Personal Attribute List's getSimpleValueAttributes() method with one simple attribute.
+ */
+ @Test
+ public void testGetSimpleValueAttributesWithOneSimple() {
+ final PersonalAttributeList pal = new PersonalAttributeList();
+ pal.populate(STR_MIX_ATTR_LIST);
+ Assert.assertTrue(pal.getSimpleValueAttributes().size() == ONE_CONS);
+ }
+
+ /**
+ * Testing Personal Attribute List's GetMandatoryAttributes method with two simple attribute.
+ */
+ @Test
+ public void testGetSimpleValueAttributesWithOnlySimple() {
+ final PersonalAttributeList pal = new PersonalAttributeList();
+ pal.populate(SIMPLE_ATTRLIST3);
+ Assert.assertTrue(pal.getSimpleValueAttributes().size() == TWO_CONS);
+ }
+
+ /**
+ * Testing Personal Attribute List's getComplexValueAttributes method with empty attribute list.
+ */
+ @Test
+ public void testGetComplexAttributesWithEmptyList() {
+ final PersonalAttributeList pal = new PersonalAttributeList();
+ Assert.assertTrue(pal.getComplexAttributes().isEmpty());
+ }
+
+ /**
+ * Testing Personal Attribute List's getComplexAttributes() method without complex attributes.
+ */
+ @Test
+ public void testGetComplexAttributesWithoutSimple() {
+ final PersonalAttributeList pal = new PersonalAttributeList();
+ pal.populate(SIMPLE_ATTRLIST2);
+ Assert.assertTrue(pal.getComplexAttributes().isEmpty());
+ }
+
+ /**
+ * Testing Personal Attribute List's getComplexAttributes() method with one complex attribute.
+ */
+ @Test
+ public void testGetComplexAttributesWithOneComplex() {
+ final PersonalAttributeList pal = new PersonalAttributeList();
+ pal.populate(STR_MIX_ATTR_LIST);
+ Assert.assertTrue(pal.getComplexAttributes().size() == ONE_CONS);
+ }
+
+ /**
+ * Testing Personal Attribute List's GetMandatoryAttributes method with only two Complex attribute.
+ */
+ @Test
+ public void testGetComplexAttributesWithOnlyComplex() {
+ final PersonalAttributeList pal = new PersonalAttributeList();
+ pal.populate(STR_MIX_ATTR_LIST2);
+ Assert.assertTrue(pal.getComplexAttributes().size() == TWO_CONS);
+ }
+
+}
diff --git a/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/PersonalAttributeTestCase.java b/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/PersonalAttributeTestCase.java
new file mode 100644
index 000000000..458d510e0
--- /dev/null
+++ b/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/PersonalAttributeTestCase.java
@@ -0,0 +1,182 @@
+/*
+ * This work is Open Source and licensed by the European Commission under the
+ * conditions of the European Public License v1.1
+ *
+ * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1);
+ *
+ * any use of this file implies acceptance of the conditions of this license.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations
+ * under the License.
+ */
+package eu.stork.peps.tests;
+
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.Map;
+
+import junit.framework.Assert;
+
+import org.junit.BeforeClass;
+import org.junit.Test;
+
+import eu.stork.peps.auth.commons.PersonalAttribute;
+import eu.stork.peps.auth.commons.STORKStatusCode;
+
+/**
+ * The PersonalAttribute's Test Case.
+ *
+ * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com,
+ * luis.felix@multicert.com, hugo.magalhaes@multicert.com,
+ * paulo.ribeiro@multicert.com
+ * @version $Revision: 1.4 $, $Date: 2010-11-17 05:17:03 $
+ */
+public final class PersonalAttributeTestCase {
+
+ /**
+ * An empty attribute.
+ */
+ private static final PersonalAttribute EMPTYATTR = new PersonalAttribute();
+
+ /**
+ * An attribute with a complex value (canonicalResidenceAddress).
+ */
+ private static PersonalAttribute complexAttrValue = null;
+
+ /**
+ * An attribute with a simple value (age).
+ */
+ @SuppressWarnings("serial")
+ private static final PersonalAttribute ATTR_VALUE = new PersonalAttribute(
+ "age", true, new ArrayList<String>() {
+ {
+ add("15");
+ }
+ }, STORKStatusCode.STATUS_AVAILABLE.toString());
+
+ /**
+ * Init PersonalAttributeTestCase class.
+ */
+ @SuppressWarnings("serial")
+ @BeforeClass
+ public static void runsBeforeTheTestSuite() {
+ final Map<String, String> values = new HashMap<String, String>() {
+ {
+ put("countryCodeAddress", "PT");
+ put("state", "Porto");
+ put("town", "Porto");
+ put("postalCode", "4100");
+ put("streetName", "Avenida Sidonio Pais");
+ put("streetNumber", "379");
+ put("apartmentNumber", "B");
+ }
+ };
+
+ complexAttrValue =
+ new PersonalAttribute("canonicalResidenceAddress", true, values,
+ STORKStatusCode.STATUS_AVAILABLE.toString());
+
+ }
+
+ /**
+ * Tests the {@link PersonalAttribute#toString()} method for the given simple
+ * attribute value. Values must match.
+ */
+ @Test
+ public void testToStringValues() {
+ Assert.assertEquals("age:true:[15,]:Available;", ATTR_VALUE.toString());
+ }
+
+ /**
+ * Tests the {@link PersonalAttribute#toString()} method for the given complex
+ * attribute value. Values must match.
+ */
+ @Test
+ public void testToStringComplexValues() {
+ Assert.assertEquals(
+ "canonicalResidenceAddress:true:[postalCode=4100,apartmentNumber=B,"
+ + "state=Porto,countryCodeAddress=PT,streetNumber=379,"
+ + "streetName=Avenida Sidonio Pais,town=Porto,]:Available;",
+ complexAttrValue.toString());
+ }
+
+ /**
+ * Tests the {@link PersonalAttribute#isEmptyStatus()} method for the given
+ * empty attribute. Must return true.
+ */
+ @Test
+ public void testToIsEmptyStatusWithNull() {
+ Assert.assertTrue(EMPTYATTR.isEmptyStatus());
+ }
+
+ /**
+ * Tests the {@link PersonalAttribute#isEmptyStatus()} method for the given
+ * new attribute. Must return true.
+ */
+ @Test
+ public void testToIsEmptyStatusWithEmptyString() {
+ final PersonalAttribute attr = (PersonalAttribute) EMPTYATTR.clone();
+ attr.setStatus("");
+ Assert.assertTrue(attr.isEmptyStatus());
+ }
+
+ /**
+ * Tests the {@link PersonalAttribute#isEmptyValue()} method for the given
+ * empty attribute. Must return true.
+ */
+ @Test
+ public void testToIsEmptyValueWithNull() {
+ final PersonalAttribute attr = (PersonalAttribute) EMPTYATTR.clone();
+ attr.setValue(null);
+ Assert.assertTrue(attr.isEmptyValue());
+ }
+
+ /**
+ * Tests the {@link PersonalAttribute#isEmptyValue()} method for the given
+ * empty attribute. Must return true.
+ */
+ @Test
+ public void testToIsEmptyValue() {
+ Assert.assertTrue(EMPTYATTR.isEmptyValue());
+ }
+
+ /**
+ * Tests the {@link PersonalAttribute#isEmptyComplexValue()} method for the
+ * given empty attribute. Must return true.
+ */
+ @Test
+ public void testToIsEmptyComplexValueWithNull() {
+ final PersonalAttribute attr = (PersonalAttribute) EMPTYATTR.clone();
+ attr.setComplexValue(null);
+ Assert.assertTrue(attr.isEmptyComplexValue());
+ }
+
+ /**
+ * Tests the {@link PersonalAttribute#isEmptyComplexValue()} method for the
+ * given empty attribute. Must return true.
+ */
+ @Test
+ public void testToIsEmptyComplexValueWithEmptyComplexValue() {
+ Assert.assertTrue(EMPTYATTR.isEmptyComplexValue());
+ }
+
+ /**
+ * Tests the {@link PersonalAttribute#clone()} method for the given attribute.
+ * Must return true.
+ */
+ @Test
+ public void testCloneToComplexValue() {
+ Assert.assertNotSame(complexAttrValue, complexAttrValue.clone());
+ }
+
+ /**
+ * Tests the {@link PersonalAttribute#clone()} method for the given attribute.
+ * Must return true.
+ */
+ @Test
+ public void testCloneToValue() {
+ Assert.assertNotSame(ATTR_VALUE, ATTR_VALUE.clone());
+ }
+}
diff --git a/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/package-info.java b/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/package-info.java
new file mode 100644
index 000000000..452602210
--- /dev/null
+++ b/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/package-info.java
@@ -0,0 +1,5 @@
+/**
+ * This package provides all JUnit test classes.
+ */
+package eu.stork.peps.tests;
+
diff --git a/id/server/stork2-commons/src/test/resources/log4j.xml b/id/server/stork2-commons/src/test/resources/log4j.xml
new file mode 100644
index 000000000..0ad2ea9a4
--- /dev/null
+++ b/id/server/stork2-commons/src/test/resources/log4j.xml
@@ -0,0 +1,19 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE log4j:configuration SYSTEM "log4j.dtd">
+
+<log4j:configuration xmlns:log4j="http://jakarta.apache.org/log4j/">
+ <appender name="MainLogger" class="org.apache.log4j.DailyRollingFileAppender">
+ <param name="File" value="stork-commons.log" />
+ <param name="DatePattern" value="'.'yyyy-MM-dd" />
+ <param name="Append" value="true" />
+ <layout class="org.apache.log4j.PatternLayout">
+ <param name="ConversionPattern" value="%d{HH:mm:ss:SSS} - %p - %C{1} - %m%n" />
+ </layout>
+ </appender>
+
+ <root>
+ <priority value="info" />
+ <appender-ref ref="MainLogger" />
+ </root>
+
+</log4j:configuration>
diff --git a/id/server/stork2-saml-engine/Releases b/id/server/stork2-saml-engine/Releases
new file mode 100644
index 000000000..0031906e6
--- /dev/null
+++ b/id/server/stork2-saml-engine/Releases
@@ -0,0 +1,83 @@
+Created 06-04-2011
+
+Branch : STORKPEPS_0_5_UPDATE_06042011
+Date : 06-04-2011
+Changes: Updated SAML Engine version to 0.5.1.
+
+Branch : STORKPEPS_0_5_UPDATE_07072011
+Date : 07-07-2011
+Changes: Inserted HttpOnly HTTP Header to present XSS Attacks.
+ Removed logs.
+
+Branch : STORKPEPS_0_6_1
+Date : 07-11-2011
+Changes: Improved error exception handling (few changes on the exception Interceptors classes)
+ Improved Errors (three new categories classes: SysAdmin specific errors, CPEPS translation errors, Citizen errors)
+ Fix some minor bugs found.
+ New Copyright License added.
+
+Branch : STORKPEPS_0_6_1
+Date : 28-11-2011
+Changes: Complex value are displayed to citizen on the Citizen Consent Value form!
+ Fix minor bug found on check attribute value error code and message (saml token message, log messages, citizen messages).
+
+Branch : STORKPEPS_1_0
+Date : 02-12-2011
+Changes: Version Update to 1.0
+
+Branch : STORKPEPS_1_1_0
+Date : 01-11-2013
+Changes: Version Update to 1.1.0
+ Dependencies updated
+ Business Logic Part I changes
+ SAML Engine Changes merged (from SamlEngine/1.1.0/PEPS branch to be easier to merge this branch with trunk)
+ Fixed some errors on Test Case
+ Added SAML Engine Attributes to configuration files
+ Jersey dependency fix
+
+Branch : PEPS (Trunk)
+Date : 02-12-2013
+Version: 1.1.1
+Changes: Version Update to 1.1.1
+ Added AUB IdP URL to peps.xml
+ Business Logic Part I changes:
+ 1 ) APResponseAction changed:
+ *) created private variables with filtered attribute lists (optional/mandatory and
+ simple/complex attributes) to send to consent value page
+ 2) CitizenConsentAction changed:
+ *) Removed callbackURL (this is in the AuthenticationOnBehalfOfAction and CitizenAuthenticationAction classes)
+ 3) ColleagueRequestAction changed:
+ created private variables with filtered attribute lists (optional/mandatory) to send to consent type page
+
+ 4) AUSPEPSSAML - Fixed bug when missing SP URL on configurations... wrong validateParameter method used.
+ 5) citizenConsent.jsp - some changes on page:
+ *) complex attributes and simple attributes were split
+ *) optional and mandatory attributes shown using bootstrap
+ *) fixed some issues on some labels
+ 6) presentConsent.jsp - some changes on page:
+ *) optional and mandatory attributes shown using bootstrap
+ *) fixed some issues on some labels
+
+ 7) applicationContext.xml - few changes:
+ *) removed callbackURL from CitizenConsentAction
+ *) callbackURL added to AuthenticationOnBehalfOfAction and CitizenAuthenticationAction
+ *) changed from file to classpath the origin of configuration files (peps.xml, pepsUtil.properties and specific.properties)
+
+ Integrated Anonimity funcionality
+
+Branch : PEPS (Trunk)
+Date : 15-01-2014
+Version: 1.2.0
+Release: 2
+Changes: Updated Version to 1.2.0
+ Added request flow of PV (incomplete)
+ Added AP mandatory attribute to get data for business attributes
+ *) based on configuration file it adds the missing attributes (eIdentifier, givenName, surname and dateOfBirth) or change isRequired to true.
+ changes original isRequired state in response
+ Fixed some bugs in Test Case
+ Changed some packages names on S-PEPS
+ Power Validation is complete now
+ Business Logic I and II integration (Request Complete!)
+ BL I doesn't redirect to BL II if all attributes already have value
+ Bug fix on normalization
+ \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/pom.xml b/id/server/stork2-saml-engine/pom.xml
new file mode 100644
index 000000000..6be0472a7
--- /dev/null
+++ b/id/server/stork2-saml-engine/pom.xml
@@ -0,0 +1,196 @@
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+ <groupId>eu.stork</groupId>
+ <artifactId>SamlEngine</artifactId>
+ <packaging>jar</packaging>
+ <name>STORKSAMLEngine</name>
+ <properties>
+ <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
+ <saml.version>1.1.0</saml.version>
+ <samlspec.version>0.5.2</samlspec.version>
+ <samlspecacept.version>0.5.1</samlspecacept.version>
+ <commons.version>1.2.0</commons.version>
+ <opensaml.version>2.6.0</opensaml.version>
+ <timestamp>${maven.build.timestamp}</timestamp>
+ </properties>
+ <version>${saml.version}</version>
+ <description>
+ The STORKSAMLEngine library provides tools to support developers working with the Security Assertion Markup Language (SAML).
+ </description>
+
+ <repositories>
+ <repository>
+ <id>org.opensaml</id>
+ <url>https://build.shibboleth.net/nexus/content/repositories/releases</url>
+ </repository>
+ <!-- repository OpenSaml -->
+ <repository>
+ <id>shibboleth-release</id>
+ <name>Internet2 Releases</name>
+ <layout>default</layout>
+ <url>https://build.shibboleth.net/nexus/content/repositories/releases</url>
+ <snapshots>
+ <enabled>false</enabled>
+ </snapshots>
+ </repository>
+ </repositories>
+
+ <dependencies>
+ <!-- Compile dependencies -->
+ <dependency>
+ <groupId>eu.stork</groupId>
+ <artifactId>Commons</artifactId>
+ <version>${commons.version}</version>
+ </dependency>
+
+ <dependency>
+ <groupId>org.opensaml</groupId>
+ <artifactId>opensaml</artifactId>
+ <version>${opensaml.version}</version>
+ <exclusions>
+ <exclusion>
+ <groupId>org.slf4j</groupId>
+ <artifactId>slf4j-api</artifactId>
+ </exclusion>
+ <exclusion>
+ <groupId>org.slf4j</groupId>
+ <artifactId>slf4j-simple</artifactId>
+ </exclusion>
+ <exclusion>
+ <groupId>org.slf4j</groupId>
+ <artifactId>jcl-over-slf4j</artifactId>
+ </exclusion>
+ <exclusion>
+ <groupId>org.slf4j</groupId>
+ <artifactId>log4j-over-slf4j</artifactId>
+ </exclusion>
+ <exclusion>
+ <groupId>org.slf4j</groupId>
+ <artifactId>jul-to-slf4j</artifactId>
+ </exclusion>
+ </exclusions>
+ </dependency>
+
+ <dependency>
+ <groupId>org.slf4j</groupId>
+ <artifactId>slf4j-api</artifactId>
+ <version>1.7.5</version>
+ </dependency>
+ <dependency>
+ <groupId>org.slf4j</groupId>
+ <artifactId>slf4j-simple</artifactId>
+ <version>1.7.5</version>
+ </dependency>
+ <dependency>
+ <groupId>org.slf4j</groupId>
+ <artifactId>jcl-over-slf4j</artifactId>
+ <version>1.7.5</version>
+ </dependency>
+ <dependency>
+ <groupId>org.slf4j</groupId>
+ <artifactId>log4j-over-slf4j</artifactId>
+ <version>1.7.5</version>
+ </dependency>
+ <dependency>
+ <groupId>org.slf4j</groupId>
+ <artifactId>jul-to-slf4j</artifactId>
+ <version>1.7.5</version>
+ </dependency>
+
+ <dependency>
+ <groupId>commons-io</groupId>
+ <artifactId>commons-io</artifactId>
+ <version>2.2</version>
+ <scope>compile</scope>
+ </dependency>
+ <dependency>
+ <groupId>xerces</groupId>
+ <artifactId>xercesImpl</artifactId>
+ <version>2.11.0</version>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>junit</groupId>
+ <artifactId>junit</artifactId>
+ <version>4.11</version>
+ <scope>test</scope>
+ </dependency>
+ </dependencies>
+
+ <build>
+ <pluginManagement>
+ <plugins>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-compiler-plugin</artifactId>
+ <version>2.3.2</version>
+ <configuration>
+ <source>1.6</source>
+ <target>1.6</target>
+ </configuration>
+ </plugin>
+
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-surefire-plugin</artifactId>
+ <configuration>
+ <skip>true</skip>
+ </configuration>
+ </plugin>
+ </plugins>
+ </pluginManagement>
+ <plugins>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-source-plugin</artifactId>
+ <executions>
+ <execution>
+ <id>attach-sources</id>
+ <phase>verify</phase>
+ <goals>
+ <goal>jar</goal>
+ </goals>
+ </execution>
+ </executions>
+ </plugin>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-jar-plugin</artifactId>
+ <configuration>
+ <archive>
+ <manifestEntries>
+ <SAMLEngineVersion>${saml.version}</SAMLEngineVersion>
+ <SAMLSpecVersion-accept>${samlspecacept.version}</SAMLSpecVersion-accept>
+ <SAMLSpecVersion-send>${samlspec.version}</SAMLSpecVersion-send>
+ <SAMLSpecKnownIssues>None</SAMLSpecKnownIssues>
+ <timestamp>${timestamp}</timestamp>
+ </manifestEntries>
+ </archive>
+ </configuration>
+ </plugin>
+ </plugins>
+ </build>
+ <profiles>
+ <profile>
+ <id>metrics</id>
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>org.codehaus.mojo</groupId>
+ <artifactId>cobertura-maven-plugin</artifactId>
+ <version>2.5.1</version>
+ <configuration>
+ <formats>
+ <format>html</format>
+ <format>xml</format>
+ </formats>
+ </configuration>
+ </plugin>
+ </plugins>
+ </build>
+ </profile>
+ </profiles>
+ <reporting>
+ </reporting>
+</project>
diff --git a/id/server/stork2-saml-engine/src/main/config/embedded/StorkSamlEngine_CPEPS.xml b/id/server/stork2-saml-engine/src/main/config/embedded/StorkSamlEngine_CPEPS.xml
new file mode 100644
index 000000000..9a6086c74
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/config/embedded/StorkSamlEngine_CPEPS.xml
@@ -0,0 +1,69 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd">
+
+<properties>
+ <comment>SAML constants for AuthnRequests and Responses.</comment>
+
+ <!-- Types of consent obtained from the user for this authentication and
+ data transfer. Allow values: 'unspecified'. -->
+ <entry key="consentAuthnRequest">unspecified</entry>
+ <!-- Allow values: 'obtained', 'prior', 'curent-implicit', 'curent-explicit',
+ 'unspecified'. -->
+ <entry key="consentAuthnResponse">obtained</entry>
+
+ <!--URI representing the classification of the identifier Allow values:
+ 'entity'. -->
+ <entry key="formatEntity">entity</entry>
+
+ <!--Only HTTP-POST binding is only supported for inter PEPS -->
+ <!--The SOAP binding is only supported for direct communication between
+ SP-MW and VIdP -->
+ <entry key="protocolBinding">HTTP-POST</entry>
+
+ <entry key="eIDSectorShare">true</entry>
+ <entry key="eIDCrossSectorShare">true</entry>
+ <entry key="eIDCrossBorderShare">true</entry>
+
+ <!-- A friendly name for the attribute that can be displayed to a user -->
+ <entry key="friendlyName">false</entry>
+
+ <!--PEPS in the Service Provider's country -->
+ <entry key="requester">http://S-PEPS.gov.xx</entry>
+
+ <!--PEPS in the citizen's origin country -->
+ <entry key="responder">http://C-PEPS.gov.xx</entry>
+
+ <!--Subject cannot be confirmed on or after this seconds time (positive
+ number) -->
+ <entry key="timeNotOnOrAfter">300</entry>
+
+ <!--Validation IP of the response -->
+ <entry key="ipAddrValidation">false</entry>
+
+ <!--Subject Attribute Definitions-->
+ <entry key="eIdentifier">http://www.stork.gov.eu/1.0/eIdentifier</entry>
+ <entry key="givenName">http://www.stork.gov.eu/1.0/givenName</entry>
+ <entry key="surname">http://www.stork.gov.eu/1.0/surname</entry>
+ <entry key="inheritedFamilyName">http://www.stork.gov.eu/1.0/inheritedFamilyName</entry>
+ <entry key="adoptedFamilyName">http://www.stork.gov.eu/1.0/adoptedFamilyName</entry>
+ <entry key="gender">http://www.stork.gov.eu/1.0/gender</entry>
+ <entry key="dateOfBirth">http://www.stork.gov.eu/1.0/dateOfBirth</entry>
+ <entry key="countryCodeOfBirth">http://www.stork.gov.eu/1.0/countryCodeOfBirth</entry>
+ <entry key="nationalityCode">http://www.stork.gov.eu/1.0/nationalityCode</entry>
+ <entry key="maritalStatus">http://www.stork.gov.eu/1.0/maritalStatus</entry>
+ <entry key="textResidenceAddress">http://www.stork.gov.eu/1.0/textResidenceAddress</entry>
+ <entry key="canonicalResidenceAddress">http://www.stork.gov.eu/1.0/canonicalResidenceAddress</entry>
+ <entry key="eMail">http://www.stork.gov.eu/1.0/eMail</entry>
+ <entry key="title">http://www.stork.gov.eu/1.0/title</entry>
+ <entry key="residencePermit">http://www.stork.gov.eu/1.0/residencePermit</entry>
+ <entry key="pseudonym">http://www.stork.gov.eu/1.0/pseudonym</entry>
+ <entry key="age">http://www.stork.gov.eu/1.0/age</entry>
+ <entry key="isAgeOver">http://www.stork.gov.eu/1.0/isAgeOver</entry>
+ <entry key="signedDoc">http://www.stork.gov.eu/1.0/signedDoc</entry>
+ <entry key="citizenQAALevel">http://www.stork.gov.eu/1.0/citizenQAALevel</entry>
+ <entry key="fiscalNumber">http://www.stork.gov.eu/1.0/fiscalNumber</entry>
+ <entry key="newAttribute1">http://www.stork.gov.eu/1.0/newAttribute1</entry>
+ <entry key="newAttribute2">http://www.stork.gov.eu/1.0/newAttribute2</entry>
+ <entry key="hasDegree">http://www.stork.gov.eu/1.0/hasDegree</entry>
+ <entry key="mandateContent">http://www.stork.gov.eu/1.0/mandateContent</entry>
+</properties> \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/main/config/embedded/quartz.properties b/id/server/stork2-saml-engine/src/main/config/embedded/quartz.properties
new file mode 100644
index 000000000..4e4de5cac
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/config/embedded/quartz.properties
@@ -0,0 +1,5 @@
+org.quartz.scheduler.instanceName = UpdateScheduler
+org.quartz.threadPool.threadCount = 1
+org.quartz.jobStore.class =org.quartz.simpl.RAMJobStore
+org.quartz.plugin.shutdownhook.class = org.quartz.plugins.management.ShutdownHookPlugin
+org.quartz.plugin.shutdownhook.cleanShutdown = true \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/main/config/jBoss/context.xml b/id/server/stork2-saml-engine/src/main/config/jBoss/context.xml
new file mode 100644
index 000000000..9520f2161
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/config/jBoss/context.xml
@@ -0,0 +1 @@
+<Context cookies="true" /> \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/main/config/jBoss/jboss-classloading.xml b/id/server/stork2-saml-engine/src/main/config/jBoss/jboss-classloading.xml
new file mode 100644
index 000000000..20c6509de
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/config/jBoss/jboss-classloading.xml
@@ -0,0 +1,4 @@
+<classloading xmlns="urn:jboss:classloading:1.0" name="PEPS.war"
+ domain="PEPS_Domain" export-all="NON_EMPTY" import-all="true"
+ parent-first="true">
+</classloading>
diff --git a/id/server/stork2-saml-engine/src/main/java/META-INF/MANIFEST.MF b/id/server/stork2-saml-engine/src/main/java/META-INF/MANIFEST.MF
new file mode 100644
index 000000000..5e9495128
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/META-INF/MANIFEST.MF
@@ -0,0 +1,3 @@
+Manifest-Version: 1.0
+Class-Path:
+
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/SAMLEngine.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/SAMLEngine.java
new file mode 100644
index 000000000..48718242b
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/SAMLEngine.java
@@ -0,0 +1,420 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.auth.engine;
+
+import java.io.ByteArrayInputStream;
+import java.io.StringWriter;
+import java.io.UnsupportedEncodingException;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.Properties;
+
+import javax.xml.XMLConstants;
+import javax.xml.parsers.ParserConfigurationException;
+import javax.xml.transform.Transformer;
+import javax.xml.transform.TransformerConfigurationException;
+import javax.xml.transform.TransformerException;
+import javax.xml.transform.TransformerFactory;
+import javax.xml.transform.dom.DOMSource;
+import javax.xml.transform.stream.StreamResult;
+
+import org.opensaml.Configuration;
+import org.opensaml.DefaultBootstrap;
+import org.opensaml.common.SAMLObject;
+import org.opensaml.common.SignableSAMLObject;
+import org.opensaml.xml.ConfigurationException;
+import org.opensaml.xml.XMLObject;
+import org.opensaml.xml.io.Marshaller;
+import org.opensaml.xml.io.MarshallerFactory;
+import org.opensaml.xml.io.MarshallingException;
+import org.opensaml.xml.io.Unmarshaller;
+import org.opensaml.xml.io.UnmarshallerFactory;
+import org.opensaml.xml.io.UnmarshallingException;
+import org.opensaml.xml.parse.BasicParserPool;
+import org.opensaml.xml.parse.XMLParserException;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.w3c.dom.Document;
+import org.w3c.dom.Element;
+
+import eu.stork.peps.auth.engine.core.CustomAttributeQuery;
+import eu.stork.peps.auth.engine.core.SAMLEngineSignI;
+import eu.stork.peps.auth.engine.core.STORKSAMLCore;
+import eu.stork.peps.auth.engine.core.impl.CustomAttributeQueryMarshaller;
+import eu.stork.peps.auth.engine.core.impl.CustomAttributeQueryUnmarshaller;
+import eu.stork.peps.auth.engine.core.impl.SignModuleFactory;
+import eu.stork.peps.configuration.ConfigurationCreator;
+import eu.stork.peps.configuration.ConfigurationReader;
+import eu.stork.peps.configuration.InstanceEngine;
+import eu.stork.peps.exceptions.SAMLEngineException;
+import eu.stork.peps.exceptions.STORKSAMLEngineException;
+import eu.stork.peps.exceptions.STORKSAMLEngineRuntimeException;
+
+/**
+ * Class that wraps the operations over SAML tokens, both generation and
+ * validation of SAML requests and SAML responses. Compliant with "OASIS Secure
+ * Assertion Markup Language (SAML) 2.0, May 2005", but taking into account
+ * STORK specific requirements.
+ *
+ * @author fjquevedo
+ * @author iinigo
+ */
+
+public class SAMLEngine {
+
+ /** The Document Builder Factory. */
+ private static javax.xml.parsers.DocumentBuilderFactory dbf = null;
+
+ /** The instance of every engine SAML. */
+ private static Map<String, InstanceEngine> instanceConfigs;
+
+ /** The instances of SAML engine. */
+ private static Map<String, Map<String, Object>> instances;
+
+ /** The logger. */
+ private static final Logger LOG = LoggerFactory.getLogger(SAMLEngine.class
+ .getName());
+
+ /** The Constant MODULE_SIGN_CONF. */
+ private static final String MODULE_SIGN_CONF = "SignatureConf";
+
+ /** The Constant SAML_ENGINE_SIGN_CLASS. */
+ private static final String SAML_ENGINE_SIGN_CLASS = "class";
+
+ /** The Constant SAML_ENGINE_CONF. */
+ private static final String SAML_ENGINE_CONF = "SamlEngineConf";
+
+ /** The Constant SAML_ENGINE_FILE_CONF. */
+ private static final String SAML_ENGINE_FILE_CONF = "fileConfiguration";
+
+ /** The codification of characters. */
+ private static final String CHARACTER_ENCODING = "UTF-8";
+
+ /** The SAML core. */
+ private STORKSAMLCore samlCore;
+
+ /** The Module of Signature. */
+ private SAMLEngineSignI signer;
+
+
+ /** Initializes the SAML engine. */
+ /** Configure Document Builder Factory. */
+
+ static {
+ startUp();
+ loadDocumentFactory();
+ }
+
+ /**
+ * Load document factory.
+ */
+ private static void loadDocumentFactory() {
+
+ try {
+ dbf = javax.xml.parsers.DocumentBuilderFactory.newInstance();
+ dbf.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true);
+ dbf.setNamespaceAware(true);
+ dbf.setIgnoringComments(true);
+ } catch (ParserConfigurationException e) {
+ LOG.error("Error parser configuration.");
+ throw new STORKSAMLEngineRuntimeException(e);
+ }
+
+ }
+
+ /**
+ * Method that initializes the basic services for the SAML Engine, like the
+ * OpenSAML library and the BouncyCastle provider.
+ */
+ private static void startUp() {
+
+ LOG.info("SAMLEngine: Initialize OpenSAML");
+
+ try {
+ DefaultBootstrap.bootstrap();
+ } catch (ConfigurationException e) {
+ LOG.error("Problem initializing the OpenSAML library.");
+ throw new STORKSAMLEngineRuntimeException(e);
+ }
+
+ LOG.debug("Read all file configurations. (instances of SAMLEngine)");
+ try {
+ instanceConfigs = ConfigurationReader.readConfiguration();
+ } catch (SAMLEngineException e) {
+ LOG.error("Error read configuration file.");
+ throw new STORKSAMLEngineRuntimeException(e);
+ }
+
+ LOG.debug("Create all instaces of saml engine. (instances of SAMLEngine)");
+ try {
+ instances = ConfigurationCreator
+ .createConfiguration(instanceConfigs);
+ } catch (STORKSAMLEngineException e) {
+ LOG.error("Error initializing instances from Stork SAML engine.");
+ throw new STORKSAMLEngineRuntimeException(e);
+ }
+ }
+
+ /**
+ * Instantiates a new SAML engine.
+ */
+ private SAMLEngine() {
+
+ }
+
+ /**
+ * Instantiates a new SAML engine.
+ *
+ * @param nameInstance the name instance
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ protected SAMLEngine(final String nameInstance)
+ throws STORKSAMLEngineException {
+ LOG.info("Loading Specific Configuration.");
+
+ LOG.debug("Create intance of saml messages.");
+
+ Map<String, Object> instance = instances.get(nameInstance);
+
+ if (instance == null || instance.isEmpty()) {
+ LOG.error("Instance: " + nameInstance + " not exist.");
+ throw new STORKSAMLEngineException("Instance: " + nameInstance
+ + " not exist.");
+ }
+
+ Properties properties = (Properties) instance.get(SAML_ENGINE_CONF);
+
+ if (properties == null) {
+ LOG.error("SamlEngine.xml: not exist.");
+ throw new STORKSAMLEngineException("SamlEngine.xml: not exist.");
+ }
+
+ samlCore = new STORKSAMLCore(properties);
+
+ final HashMap<String, String> propertiesSign = (HashMap<String, String>) instance
+ .get(MODULE_SIGN_CONF);
+
+ LOG.debug("Loading Module of sign.");
+ signer = SignModuleFactory.getInstance(propertiesSign
+ .get(SAML_ENGINE_SIGN_CLASS));
+
+ try {
+ LOG.info("Initialize module of sign.");
+ signer.init(propertiesSign.get(SAML_ENGINE_FILE_CONF));
+ LOG.info("Load cryptographic service provider of module of sign.");
+ signer.loadCryptServiceProvider();
+ } catch (SAMLEngineException e) {
+ LOG.error("Error create signature module: "
+ + propertiesSign.get(SAML_ENGINE_FILE_CONF));
+ LOG.info("Exception" + e);
+ throw new STORKSAMLEngineException(e);
+ }
+ }
+
+ /**
+ * Gets the Signer properties.
+ *
+ * @return the SAML Sign properties
+ */
+ protected SAMLEngineSignI getSigner() {
+ return signer;
+ }
+
+ /**
+ * Gets the SAML core properties.
+ *
+ * @return the SAML core properties
+ */
+ protected final STORKSAMLCore getSamlCoreProperties() {
+ return samlCore;
+ }
+
+ /**
+ * Method that transform the received SAML object into a byte array
+ * representation.
+ *
+ * @param samlToken the SAML token.
+ *
+ * @return the byte[] of the SAML token.
+ *
+ * @throws SAMLEngineException the SAML engine exception
+ */
+ private byte[] marshall(final XMLObject samlToken)
+ throws SAMLEngineException {
+
+ try {
+ javax.xml.parsers.DocumentBuilder docBuilder = null;
+
+ final MarshallerFactory marshallerFactory = Configuration
+ .getMarshallerFactory();
+
+ final Marshaller marshaller;
+ if (samlToken.getElementQName().toString().endsWith(CustomAttributeQuery.DEFAULT_ELEMENT_LOCAL_NAME))
+ marshaller = new CustomAttributeQueryMarshaller();
+ else
+ marshaller = marshallerFactory
+ .getMarshaller(samlToken);
+
+ docBuilder = dbf.newDocumentBuilder();
+
+ final Document doc = docBuilder.newDocument();
+
+ marshaller.marshall(samlToken, doc);
+
+ // Obtain a byte array representation of the marshalled SAML object
+ final DOMSource domSource = new DOMSource(doc);
+ final StringWriter writer = new StringWriter();
+ final StreamResult result = new StreamResult(writer);
+ final TransformerFactory transFactory = TransformerFactory
+ .newInstance();
+ Transformer transformer;
+
+ transformer = transFactory.newTransformer();
+ transformer.transform(domSource, result);
+ LOG.debug("SAML request \n"+ writer.toString());
+ return writer.toString().getBytes(CHARACTER_ENCODING);
+
+ } catch (ParserConfigurationException e) {
+ LOG.error("ParserConfigurationException.");
+ throw new SAMLEngineException(e);
+ } catch (MarshallingException e) {
+ LOG.error("MarshallingException.");
+ throw new SAMLEngineException(e);
+ } catch (TransformerConfigurationException e) {
+ LOG.error("TransformerConfigurationException.");
+ throw new SAMLEngineException(e);
+ } catch (TransformerException e) {
+ LOG.error("TransformerException.");
+ throw new SAMLEngineException(e);
+ } catch (UnsupportedEncodingException e) {
+ LOG.error("UnsupportedEncodingException: " + CHARACTER_ENCODING);
+ throw new SAMLEngineException(e);
+ }
+ }
+
+ /**
+ * Method that signs a SAML Token.
+ *
+ * @param tokenSaml the token SAML
+ *
+ * @return the SAML object sign
+ *
+ * @throws SAMLEngineException the SAML engine exception
+ */
+ private SignableSAMLObject sign(final SignableSAMLObject tokenSaml)
+ throws SAMLEngineException {
+ LOG.debug("Sign SamlToken.");
+ signer.sign(tokenSaml);
+ return tokenSaml;
+ }
+
+ /**
+ * Sign and transform to byte array.
+ *
+ * @param samlToken the SAML token
+ *
+ * @return the byte[] of the SAML token
+ *
+ * @throws SAMLEngineException the SAML engine exception
+ */
+ protected final byte[] signAndMarshall(final SignableSAMLObject samlToken)
+ throws SAMLEngineException {
+ LOG.debug("Marshall Saml Token.");
+ SignableSAMLObject signElement = sign(samlToken);
+ return marshall(signElement);
+ }
+
+ /**
+ * Method that unmarshalls a SAML Object from a byte array representation to
+ * an XML Object.
+ *
+ * @param samlToken Byte array representation of a SAML Object
+ *
+ * @return XML Object (superclass of SAMLObject)
+ *
+ * @throws SAMLEngineException the SAML engine exception
+ */
+ protected final XMLObject unmarshall(final byte[] samlToken)
+ throws SAMLEngineException {
+ try {
+ // Get parser pool manager
+ final BasicParserPool ppMgr = new BasicParserPool();
+ // Note: this is necessary due to an unresolved Xerces deferred DOM
+ // issue/bug
+ final HashMap<String, Boolean> features = new HashMap<String, Boolean>();
+ features.put(XMLConstants.FEATURE_SECURE_PROCESSING, Boolean.TRUE);
+ ppMgr.setBuilderFeatures(features);
+
+ ppMgr.setNamespaceAware(true);
+
+ // Parse SAMLToken
+ Document document = ppMgr.parse(new ByteArrayInputStream(samlToken));
+ if (document != null){
+ final Element root = document.getDocumentElement();
+ // Get appropriate unmarshaller
+ final UnmarshallerFactory unmarshallerFact = Configuration.getUnmarshallerFactory();
+ // Unmarshall using the SAML Token root element
+ if (unmarshallerFact != null && root != null){
+ final Unmarshaller unmarshaller;
+ if (root.getLocalName().equals(CustomAttributeQuery.DEFAULT_ELEMENT_LOCAL_NAME))
+ unmarshaller = new CustomAttributeQueryUnmarshaller();
+ else
+ unmarshaller = unmarshallerFact.getUnmarshaller(root);
+ try {
+ return unmarshaller.unmarshall(root);
+ } catch (NullPointerException e){
+ LOG.error("Error element tag incomplet or null.");
+ throw new SAMLEngineException("NullPointerException", e);
+ }
+ } else {
+ LOG.error("Error element tag incomplet or null.");
+ throw new SAMLEngineException("NullPointerException : unmarshallerFact or root is null");
+ }
+ } else {
+ LOG.error("Error element tag incomplet or null.");
+ throw new SAMLEngineException("NullPointerException : document is null");
+ }
+ } catch (XMLParserException e) {
+ LOG.error("XML Parsing Error.", e);
+ throw new SAMLEngineException(e);
+ } catch (UnmarshallingException e) {
+ LOG.error("TransformerException.", e);
+ throw new SAMLEngineException(e);
+ } catch (NullPointerException e) {
+ LOG.error("Error element tag incomplet or null.", e);
+ throw new SAMLEngineException(e);
+ }
+ }
+
+ /**
+ * Method that validates an XML Signature contained in a SAML Token.
+ *
+ * @param samlToken the SAML token
+ *
+ * @return the SAML object
+ *
+ * @throws SAMLEngineException the SAML engine exception
+ */
+ protected final SAMLObject validateSignature(
+ final SignableSAMLObject samlToken) throws SAMLEngineException {
+
+ LOG.info("Validate Signature");
+ signer.validateSignature(samlToken);
+
+ return samlToken;
+ }
+}
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/SAMLEngineUtils.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/SAMLEngineUtils.java
new file mode 100644
index 000000000..c77cc700a
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/SAMLEngineUtils.java
@@ -0,0 +1,885 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.auth.engine;
+
+import java.io.ByteArrayInputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.UnsupportedEncodingException;
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Map;
+import java.util.Map.Entry;
+
+import javax.xml.namespace.QName;
+import javax.xml.parsers.DocumentBuilder;
+import javax.xml.parsers.DocumentBuilderFactory;
+import javax.xml.parsers.ParserConfigurationException;
+
+import org.apache.commons.lang.StringUtils;
+import org.joda.time.DateTime;
+import org.opensaml.Configuration;
+import org.opensaml.common.SAMLVersion;
+import org.opensaml.common.impl.SecureRandomIdentifierGenerator;
+import org.opensaml.saml2.common.Extensions;
+import org.opensaml.saml2.common.impl.ExtensionsBuilder;
+import org.opensaml.saml2.core.Assertion;
+import org.opensaml.saml2.core.Attribute;
+import org.opensaml.saml2.core.AttributeQuery;
+import org.opensaml.saml2.core.AttributeValue;
+import org.opensaml.saml2.core.AuthnContext;
+import org.opensaml.saml2.core.AuthnRequest;
+import org.opensaml.saml2.core.AuthnStatement;
+import org.opensaml.saml2.core.Issuer;
+import org.opensaml.saml2.core.LogoutRequest;
+import org.opensaml.saml2.core.LogoutResponse;
+import org.opensaml.saml2.core.NameID;
+import org.opensaml.saml2.core.Response;
+import org.opensaml.saml2.core.Status;
+import org.opensaml.saml2.core.StatusCode;
+import org.opensaml.saml2.core.StatusMessage;
+import org.opensaml.saml2.core.Subject;
+import org.opensaml.saml2.core.SubjectConfirmation;
+import org.opensaml.saml2.core.SubjectConfirmationData;
+import org.opensaml.saml2.core.SubjectLocality;
+import org.opensaml.saml2.core.impl.AssertionBuilder;
+import org.opensaml.xml.XMLObject;
+import org.opensaml.xml.schema.XSAny;
+import org.opensaml.xml.schema.XSString;
+import org.opensaml.xml.signature.KeyInfo;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.w3c.dom.Document;
+import org.xml.sax.SAXException;
+
+import eu.stork.peps.auth.engine.core.CustomAttributeQuery;
+import eu.stork.peps.auth.engine.core.QAAAttribute;
+import eu.stork.peps.auth.engine.core.RequestedAttribute;
+import eu.stork.peps.auth.engine.core.SAMLCore;
+import eu.stork.peps.auth.engine.core.SPApplication;
+import eu.stork.peps.auth.engine.core.SPCountry;
+import eu.stork.peps.auth.engine.core.SPInstitution;
+import eu.stork.peps.auth.engine.core.SPSector;
+import eu.stork.peps.auth.engine.core.impl.CustomAttributeQueryBuilder;
+import eu.stork.peps.exceptions.STORKSAMLEngineException;
+import eu.stork.peps.exceptions.STORKSAMLEngineRuntimeException;
+
+/**
+ * The Class SAMLEngineUtils.
+ *
+ * @author fjquevedo
+ * @author iinigo
+ */
+public final class SAMLEngineUtils {
+
+ /** The Constant UTF_8. */
+ public static final String UTF_8 = "UTF-8";
+
+ /** The Constant SHA_512. */
+ public static final String SHA_512 = "SHA-512";
+
+
+ /** The generator. */
+ private static SecureRandomIdentifierGenerator generator;
+
+ /** The Constant LOG. */
+ private static final Logger LOG = LoggerFactory
+ .getLogger(SAMLEngineUtils.class.getName());
+
+ /**
+ * Method that generates a random value according to NCName grammar.
+ *
+ * NCName ::= NCNameStartChar NCNameChar* NCNameChar ::= NameChar - ':'
+ * NCNameStartChar ::= Letter | '_' NameStartChar ::= ":" | [A-Z] | "_" |
+ * [a-z] | [#xC0-#xD6] | [#xD8-#xF6] | [#xF8-#x2FF] | [#x370-#x37D] |
+ * [#x37F-#x1FFF] | [#x200C-#x200D] | [#x2070-#x218F] | [#x2C00-#x2FEF] |
+ * [#x3001-#xD7FF] | [#xF900-#xFDCF] | [#xFDF0-#xFFFD] | [#x10000-#xEFFFF]
+ * NameChar ::= NameStartChar | "-" | "." | [0-9] | #xB7 | [#x0300-#x036F] |
+ * [#x203F-#x2040] Name ::= NameStartChar (NameChar)* Letter ::= BaseChar |
+ * Ideographic BaseChar ::= [#x0041-#x005A] | [#x0061-#x007A] |
+ * [#x00C0-#x00D6] | [#x00D8-#x00F6] | [#x00F8-#x00FF] | [#x0100-#x0131] |
+ * [#x0134-#x013E] | [#x0141-#x0148] | [#x014A-#x017E] | [#x0180-#x01C3] |
+ * [#x01CD-#x01F0] | [#x01F4-#x01F5] | [#x01FA-#x0217] | [#x0250-#x02A8] |
+ * [#x02BB-#x02C1] | #x0386 | [#x0388-#x038A] | #x038C | [#x038E-#x03A1] |
+ * [#x03A3-#x03CE] | [#x03D0-#x03D6] | #x03DA | #x03DC | #x03DE | #x03E0 |
+ * [#x03E2-#x03F3] | [#x0401-#x040C] | [#x040E-#x044F] | [#x0451-#x045C] |
+ * [#x045E-#x0481] | [#x0490-#x04C4] | [#x04C7-#x04C8] | [#x04CB-#x04CC] |
+ * [#x04D0-#x04EB] | [#x04EE-#x04F5] | [#x04F8-#x04F9] | [#x0531-#x0556] |
+ * #x0559 | [#x0561-#x0586] | [#x05D0-#x05EA] | [#x05F0-#x05F2] |
+ * [#x0621-#x063A] | [#x0641-#x064A] | [#x0671-#x06B7] | [#x06BA-#x06BE] |
+ * [#x06C0-#x06CE] | [#x06D0-#x06D3] | #x06D5 | [#x06E5-#x06E6] |
+ * [#x0905-#x0939] | #x093D | [#x0958-#x0961] | [#x0985-#x098C] |
+ * [#x098F-#x0990] | [#x0993-#x09A8] | [#x09AA-#x09B0] | #x09B2 |
+ * [#x09B6-#x09B9] | [#x09DC-#x09DD] | [#x09DF-#x09E1] | [#x09F0-#x09F1] |
+ * [#x0A05-#x0A0A] | [#x0A0F-#x0A10] | [#x0A13-#x0A28] | [#x0A2A-#x0A30] |
+ * [#x0A32-#x0A33] | [#x0A35-#x0A36] | [#x0A38-#x0A39] | [#x0A59-#x0A5C] |
+ * #x0A5E | [#x0A72-#x0A74] | [#x0A85-#x0A8B] | #x0A8D | [#x0A8F-#x0A91] |
+ * [#x0A93-#x0AA8] | [#x0AAA-#x0AB0] | [#x0AB2-#x0AB3] | [#x0AB5-#x0AB9] |
+ * #x0ABD | #x0AE0 | [#x0B05-#x0B0C] | [#x0B0F-#x0B10] | [#x0B13-#x0B28] |
+ * [#x0B2A-#x0B30] | [#x0B32-#x0B33] | [#x0B36-#x0B39] | #x0B3D |
+ * [#x0B5C-#x0B5D] | [#x0B5F-#x0B61] | [#x0B85-#x0B8A] | [#x0B8E-#x0B90] |
+ * [#x0B92-#x0B95] | [#x0B99-#x0B9A] | #x0B9C | [#x0B9E-#x0B9F] |
+ * [#x0BA3-#x0BA4] | [#x0BA8-#x0BAA] | [#x0BAE-#x0BB5] | [#x0BB7-#x0BB9] |
+ * [#x0C05-#x0C0C] | [#x0C0E-#x0C10] | [#x0C12-#x0C28] | [#x0C2A-#x0C33] |
+ * [#x0C35-#x0C39] | [#x0C60-#x0C61] | [#x0C85-#x0C8C] | [#x0C8E-#x0C90] |
+ * [#x0C92-#x0CA8] | [#x0CAA-#x0CB3] | [#x0CB5-#x0CB9] | #x0CDE |
+ * [#x0CE0-#x0CE1] | [#x0D05-#x0D0C] | [#x0D0E-#x0D10] | [#x0D12-#x0D28] |
+ * [#x0D2A-#x0D39] | [#x0D60-#x0D61] | [#x0E01-#x0E2E] | #x0E30 |
+ * [#x0E32-#x0E33] | [#x0E40-#x0E45] | [#x0E81-#x0E82] | #x0E84 |
+ * [#x0E87-#x0E88] | #x0E8A | #x0E8D | [#x0E94-#x0E97] | [#x0E99-#x0E9F] |
+ * [#x0EA1-#x0EA3] | #x0EA5 | #x0EA7 | [#x0EAA-#x0EAB] | [#x0EAD-#x0EAE] |
+ * #x0EB0 | [#x0EB2-#x0EB3] | #x0EBD | [#x0EC0-#x0EC4] | [#x0F40-#x0F47] |
+ * [#x0F49-#x0F69] | [#x10A0-#x10C5] | [#x10D0-#x10F6] | #x1100 |
+ * [#x1102-#x1103] | [#x1105-#x1107] | #x1109 | [#x110B-#x110C] |
+ * [#x110E-#x1112] | #x113C | #x113E | #x1140 | #x114C | #x114E | #x1150 |
+ * [#x1154-#x1155] | #x1159 | [#x115F-#x1161] | #x1163 | #x1165 | #x1167 |
+ * #x1169 | [#x116D-#x116E] | [#x1172-#x1173] | #x1175 | #x119E | #x11A8 |
+ * #x11AB | [#x11AE-#x11AF] | [#x11B7-#x11B8] | #x11BA | [#x11BC-#x11C2] |
+ * #x11EB | #x11F0 | #x11F9 | [#x1E00-#x1E9B] | [#x1EA0-#x1EF9] |
+ * [#x1F00-#x1F15] | [#x1F18-#x1F1D] | [#x1F20-#x1F45] | [#x1F48-#x1F4D] |
+ * [#x1F50-#x1F57] | #x1F59 | #x1F5B | #x1F5D | [#x1F5F-#x1F7D] |
+ * [#x1F80-#x1FB4] | [#x1FB6-#x1FBC] | #x1FBE | [#x1FC2-#x1FC4] |
+ * [#x1FC6-#x1FCC] | [#x1FD0-#x1FD3] | [#x1FD6-#x1FDB] | [#x1FE0-#x1FEC] |
+ * [#x1FF2-#x1FF4] | [#x1FF6-#x1FFC] | #x2126 | [#x212A-#x212B] | #x212E |
+ * [#x2180-#x2182] | [#x3041-#x3094] | [#x30A1-#x30FA] | [#x3105-#x312C] |
+ * [#xAC00-#xD7A3] Ideographic ::= [#x4E00-#x9FA5] | #x3007 |
+ * [#x3021-#x3029]
+ *
+ * @return Random ID value
+ */
+
+ //Initialization of a generator of identifiers for all token SAML.
+
+ static {
+ loadRandomIdentifierGenerator();
+ }
+
+
+ /**
+ * Load random identifier generator.
+ *
+ *@throws STORKSAMLEngineRuntimeException the STORKSAML engine runtime exception
+ */
+ private static void loadRandomIdentifierGenerator() {
+
+ try {
+ generator = new SecureRandomIdentifierGenerator();
+ } catch (NoSuchAlgorithmException ex) {
+ LOG.error("Error init SecureRandomIdentifierGenerator", ex);
+ throw new STORKSAMLEngineRuntimeException(ex);
+ }
+
+ }
+
+ /**
+ * Creates the SAML object.
+ *
+ * @param qname the QName
+ *
+ * @return the XML object
+ */
+ public static XMLObject createSamlObject(final QName qname) {
+ if (qname.toString().endsWith(CustomAttributeQuery.DEFAULT_ELEMENT_LOCAL_NAME))
+ {
+ CustomAttributeQueryBuilder builder = new CustomAttributeQueryBuilder();
+ return builder.buildObject(qname);
+ }
+ else
+ {
+ return Configuration.getBuilderFactory().getBuilder(qname).buildObject(
+ qname);
+ }
+ }
+
+ /**
+ * Creates the SAML object.
+ *
+ * @param qname the quality name
+ * @param qname1 the qname1
+ *
+ * @return the xML object
+ */
+ public static XMLObject createSamlObject(final QName qname,
+ final QName qname1) {
+ return Configuration.getBuilderFactory().getBuilder(qname1)
+ .buildObject(qname, qname1);
+ }
+
+ /**
+ * Encode value with an specific algorithm.
+ *
+ * @param value the value
+ * @param alg the algorithm
+ *
+ * @return the string
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ public static String encode(final String value, final String alg)
+ throws STORKSAMLEngineException {
+ LOG.debug("Encode value with " + alg + " algorithm.");
+ byte[] buffer;
+
+ final StringBuffer hash = new StringBuffer("");
+ try {
+ buffer = value.getBytes(UTF_8);
+ MessageDigest msgDig;
+ msgDig = MessageDigest.getInstance(alg);
+
+
+ msgDig.update(buffer);
+ final byte[] digest = msgDig.digest();
+
+ final int signedByte = 0xff;
+ for (byte aux : digest) {
+ final int byt = aux & signedByte;
+ if (Integer.toHexString(byt).length() == 1) {
+ hash.append('0');
+ }
+ hash.append(Integer.toHexString(byt));
+ }
+
+ } catch (UnsupportedEncodingException e1) {
+ LOG.error("UnsupportedEncodingException: " + UTF_8);
+ throw new STORKSAMLEngineException(e1);
+ } catch (NoSuchAlgorithmException e) {
+ LOG.error("NoSuchAlgorithmException: " + alg);
+ throw new STORKSAMLEngineException(e);
+ }
+
+ return hash.toString();
+ }
+
+ /**
+ * Generate assertion.
+ *
+ * @param version the version
+ * @param identifier the identifier
+ * @param issueInstant the issue instant
+ * @param issuer the issuer
+ *
+ * @return the assertion
+ */
+ public static Assertion generateAssertion(final SAMLVersion version,
+ final String identifier, final DateTime issueInstant,
+ final Issuer issuer) {
+ final AssertionBuilder assertionBuilder = new AssertionBuilder();
+ final Assertion assertion = assertionBuilder.buildObject();
+ assertion.setVersion(version);
+ assertion.setID(identifier);
+ assertion.setIssueInstant(issueInstant);
+
+ // <saml:Issuer>
+ assertion.setIssuer(issuer);
+ return assertion;
+ }
+
+ /**
+ * Generate authentication statement.
+ *
+ * @param authnInstant the authentication instant
+ * @param authnContext the authentication context
+ *
+ * @return the authentication statement
+ */
+ public static AuthnStatement generateAthnStatement(final DateTime authnInstant,
+ final AuthnContext authnContext) {
+ // <saml:AuthnStatement>
+ final AuthnStatement authnStatement = (AuthnStatement) SAMLEngineUtils
+ .createSamlObject(AuthnStatement.DEFAULT_ELEMENT_NAME);
+
+ authnStatement.setAuthnInstant(authnInstant);
+ authnStatement.setAuthnContext(authnContext);
+
+ return authnStatement;
+ }
+
+
+
+
+
+ /**
+ * Generate attribute from a list of values.
+ *
+ * @param name the name of the attribute.
+ * @param status the status of the parameter: "Available", "NotAvailable" or
+ * "Withheld".
+ * @param values the value of the attribute.
+ * @param isHashing the is hashing with "SHA-512" algorithm.
+ * @return the attribute
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ public static Attribute generateAttrComplex(final String name,
+ final String status, final Map<String, String> values,
+ final boolean isHashing) throws STORKSAMLEngineException {
+ LOG.debug("Generate attribute complex: " + name);
+ final Attribute attribute = (Attribute) SAMLEngineUtils
+ .createSamlObject(Attribute.DEFAULT_ELEMENT_NAME);
+
+ attribute.setName(name);
+ attribute.setNameFormat(Attribute.URI_REFERENCE);
+
+ attribute.getUnknownAttributes().put(
+ new QName(SAMLCore.STORK10_NS.getValue(), "AttributeStatus",
+ SAMLCore.STORK10_PREFIX.getValue()), status);
+
+ if (!values.isEmpty()) {
+ LOG.debug("Add attribute values.");
+
+ // Create an attribute that contains all XSAny elements.
+ final XSAny attrValue = (XSAny) SAMLEngineUtils.createSamlObject(
+ AttributeValue.DEFAULT_ELEMENT_NAME, XSAny.TYPE_NAME);
+
+ final Iterator<Entry<String, String>> iterator = values.entrySet()
+ .iterator();
+ while (iterator.hasNext()) {
+ final Map.Entry<String, String> pairs = iterator.next();
+
+ final String value = pairs.getValue();
+
+ if (StringUtils.isNotBlank(value)) {
+ // Create the attribute statement
+ final XSAny attrValueSimple = (XSAny) SAMLEngineUtils
+ .createSamlObject(new QName(SAMLCore.STORK10_NS.getValue(),
+ pairs.getKey().toString(),
+ SAMLCore.STORK10_PREFIX.getValue()), XSAny.TYPE_NAME);
+
+ // if it's necessary encode the information.
+ if (isHashing) {
+ attrValueSimple
+ .setTextContent(encode(value, SHA_512));
+ } else {
+ attrValueSimple.setTextContent(value);
+ }
+
+ attrValue.getUnknownXMLObjects().add(attrValueSimple);
+ attribute.getAttributeValues().add(attrValue);
+ }
+ }
+
+ }
+ return attribute;
+ }
+
+ /**
+ * Generate extension.
+ *
+ * @return the extensions
+ */
+ public static Extensions generateExtension() {
+ final ExtensionsBuilder extensionsBuilder = new ExtensionsBuilder();
+ return extensionsBuilder.buildObject(
+ "urn:oasis:names:tc:SAML:2.0:protocol", "Extensions", "saml2p");
+ }
+
+
+
+
+ /**
+ * Generate issuer.
+ *
+ * @return the issuer
+ */
+ public static Issuer generateIssuer() {
+ return (Issuer) SAMLEngineUtils
+ .createSamlObject(Issuer.DEFAULT_ELEMENT_NAME);
+ }
+
+ /**
+ * Generate key info.
+ *
+ * @return the key info
+ */
+ public static KeyInfo generateKeyInfo() {
+ return (KeyInfo) SAMLEngineUtils
+ .createSamlObject(KeyInfo.DEFAULT_ELEMENT_NAME);
+ }
+
+ /**
+ * Generate name id.
+ *
+ * @return the name id
+ */
+ public static NameID generateNameID() {
+ return (NameID) SAMLEngineUtils
+ .createSamlObject(NameID.DEFAULT_ELEMENT_NAME);
+ }
+
+ /**
+ * Generate name id.
+ *
+ * @param nameQualifier the name qualifier
+ * @param format the format
+ * @param spNameQualifier the sP name qualifier
+ *
+ * @return the name id
+ */
+ public static NameID generateNameID(final String nameQualifier,
+ final String format, final String spNameQualifier) {
+ // <saml:NameID>
+ final NameID nameId = (NameID) Configuration.getBuilderFactory()
+ .getBuilder(NameID.DEFAULT_ELEMENT_NAME).buildObject(
+ NameID.DEFAULT_ELEMENT_NAME);
+
+ // optional
+ nameId.setNameQualifier(nameQualifier);
+
+ // optional
+ nameId.setFormat(format);
+
+ // optional
+ nameId.setSPNameQualifier(spNameQualifier);
+
+ return nameId;
+ }
+
+ /**
+ * Generate NCName.
+ *
+ * @return the string
+ */
+ public static String generateNCName() {
+ return generator.generateIdentifier();
+ }
+
+
+ /**
+ * Generate the quality authentication assurance level.
+ *
+ * @param qaal the level of quality authentication assurance.
+ *
+ * @return the quality authentication assurance attribute
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ public static QAAAttribute generateQAAAttribute(final int qaal)
+ throws STORKSAMLEngineException {
+ LOG.debug("Generate QAAAttribute.");
+
+ final QAAAttribute qaaAttribute = (QAAAttribute) SAMLEngineUtils
+ .createSamlObject(QAAAttribute.DEF_ELEMENT_NAME);
+ qaaAttribute.setQaaLevel(String.valueOf(qaal));
+ return qaaAttribute;
+ }
+
+ /**
+ * Generate requested attribute.
+ *
+ * @param name the name
+ * @param friendlyName the friendly name
+ * @param isRequired the is required
+ * @param value the value
+ *
+ * @return the requested attribute
+ */
+ public static RequestedAttribute generateReqAuthnAttributeSimple(
+ final String name, final String friendlyName,
+ final String isRequired, final List<String> value) {
+ LOG.debug("Generate the requested attribute.");
+
+ final RequestedAttribute requested = (RequestedAttribute) SAMLEngineUtils
+ .createSamlObject(RequestedAttribute.DEF_ELEMENT_NAME);
+ requested.setName(name);
+ requested.setNameFormat(RequestedAttribute.URI_REFERENCE);
+
+ requested.setFriendlyName(friendlyName);
+
+ requested.setIsRequired(isRequired);
+
+ // The value is optional in an authentication request.
+ if (!value.isEmpty()) {
+ for (int nextValue = 0; nextValue < value.size(); nextValue++) {
+ final String valor = value.get(nextValue);
+ if (StringUtils.isNotBlank(valor)) {
+
+ if(!name.equals("http://www.stork.gov.eu/1.0/signedDoc")){
+
+ // Create the attribute statement
+ final XSAny attrValue = (XSAny) SAMLEngineUtils
+ .createSamlObject(
+ new QName(SAMLCore.STORK10_NS.getValue(),
+ "AttributeValue",
+ SAMLCore.STORK10_PREFIX.getValue()),
+ XSAny.TYPE_NAME);
+
+ attrValue.setTextContent(valor.trim());
+ requested.getAttributeValues().add(attrValue);
+
+ }else{
+
+ DocumentBuilderFactory domFactory = DocumentBuilderFactory.newInstance();
+ domFactory.setNamespaceAware(true);
+ Document document = null;
+ DocumentBuilder builder;
+
+ // Parse the signedDoc value into an XML DOM Document
+ try {
+ builder = domFactory.newDocumentBuilder();
+ InputStream is;
+ is = new ByteArrayInputStream(valor.trim().getBytes("UTF-8"));
+ document = builder.parse(is);
+ is.close();
+ } catch (SAXException e1) {
+ LOG.error("SAX Error while parsing signModule attribute", e1);
+ throw new STORKSAMLEngineRuntimeException(e1);
+ } catch (ParserConfigurationException e2) {
+ LOG.error("Parser Configuration Error while parsing signModule attribute", e2);
+ throw new STORKSAMLEngineRuntimeException(e2);
+ } catch (UnsupportedEncodingException e3) {
+ LOG.error("Unsupported encoding Error while parsing signModule attribute", e3);
+ throw new STORKSAMLEngineRuntimeException(e3);
+ } catch (IOException e4) {
+ LOG.error("IO Error while parsing signModule attribute", e4);
+ throw new STORKSAMLEngineRuntimeException(e4);
+ }
+
+ // Create the XML statement(this will be overwritten with the previous DOM structure)
+ final XSAny xmlValue = (XSAny) SAMLEngineUtils
+ .createSamlObject(
+ new QName(SAMLCore.STORK10_NS.getValue(),
+ "XMLValue",
+ SAMLCore.STORK10_PREFIX.getValue()),
+ XSAny.TYPE_NAME);
+
+ //Set the signedDoc XML content to this element
+ xmlValue.setDOM(document.getDocumentElement());
+
+ // Create the attribute statement
+ final XSAny attrValue = (XSAny) SAMLEngineUtils
+ .createSamlObject(
+ new QName(SAMLCore.STORK10_NS.getValue(),
+ "AttributeValue",
+ SAMLCore.STORK10_PREFIX.getValue()),
+ XSAny.TYPE_NAME);
+
+ //Add previous signedDocXML to the AttributeValue Element
+ attrValue.getUnknownXMLObjects().add(xmlValue);
+
+ requested.getAttributeValues().add(attrValue);
+ }
+
+
+ }
+ }
+ }
+
+ return requested;
+ }
+
+ /**
+ * Generate response.
+ *
+ * @param version the version
+ * @param identifier the identifier
+ * @param issueInstant the issue instant
+ * @param status the status
+ *
+ * @return the response
+ */
+ public static Response generateResponse(final SAMLVersion version,
+ final String identifier, final DateTime issueInstant,
+ final Status status) {
+ final Response response = (Response) SAMLEngineUtils
+ .createSamlObject(Response.DEFAULT_ELEMENT_NAME);
+ response.setID(identifier);
+ response.setIssueInstant(issueInstant);
+ response.setStatus(status);
+ return response;
+ }
+
+ /**
+ * Method that generates a SAML Authentication Request basing on the
+ * provided information.
+ *
+ * @param identifier the identifier
+ * @param version the version
+ * @param issueInstant the issue instant
+ *
+ * @return the authentication request
+ */
+ public static AuthnRequest generateSAMLAuthnRequest(final String identifier,
+ final SAMLVersion version, final DateTime issueInstant) {
+ LOG.debug("Generate basic authentication request.");
+ final AuthnRequest authnRequest = (AuthnRequest) SAMLEngineUtils
+ .createSamlObject(AuthnRequest.DEFAULT_ELEMENT_NAME);
+
+ authnRequest.setID(identifier);
+ authnRequest.setVersion(version);
+ authnRequest.setIssueInstant(issueInstant);
+ return authnRequest;
+ }
+
+ /*public static AttributeQuery generateSAMLAttrQueryRequest(final String identifier,
+ final SAMLVersion version, final DateTime issueInstant) {
+ LOG.debug("Generate attribute query request.");
+ final AttributeQuery attrQueryRequest = (AttributeQuery) SAMLEngineUtils
+ .createSamlObject(AttributeQuery.DEFAULT_ELEMENT_NAME);
+
+ attrQueryRequest.setID(identifier);
+ attrQueryRequest.setVersion(version);
+ attrQueryRequest.setIssueInstant(issueInstant);
+ return attrQueryRequest;
+ }*/
+
+ public static CustomAttributeQuery generateSAMLAttrQueryRequest(final String identifier,
+ final SAMLVersion version, final DateTime issueInstant) {
+ LOG.debug("Generate attribute query request.");
+ final CustomAttributeQuery attrQueryRequest = (CustomAttributeQuery) SAMLEngineUtils
+ .createSamlObject(CustomAttributeQuery.DEFAULT_ELEMENT_NAME);
+
+ attrQueryRequest.setID(identifier);
+ attrQueryRequest.setVersion(version);
+ attrQueryRequest.setIssueInstant(issueInstant);
+ return attrQueryRequest;
+ }
+
+ public static LogoutRequest generateSAMLLogoutRequest(final String identifier,
+ final SAMLVersion version, final DateTime issueInstant) {
+ LOG.debug("Generate logout request.");
+ final LogoutRequest logoutRequest = (LogoutRequest)SAMLEngineUtils.
+ createSamlObject(LogoutRequest.DEFAULT_ELEMENT_NAME);
+
+
+ logoutRequest.setID(identifier);
+ logoutRequest.setVersion(version);
+ logoutRequest.setIssueInstant(issueInstant);
+ return logoutRequest;
+ }
+
+ public static LogoutResponse generateSAMLLogoutResponse(final String identifier,
+ final SAMLVersion version, final DateTime issueInstant,
+ final Status status, final String inResponseTo) {
+ LOG.debug("Generate logout response.");
+ final LogoutResponse logoutResponse = (LogoutResponse)SAMLEngineUtils.
+ createSamlObject(LogoutResponse.DEFAULT_ELEMENT_NAME);
+
+ logoutResponse.setInResponseTo(inResponseTo);
+ logoutResponse.setStatus(status);
+ logoutResponse.setID(identifier);
+ logoutResponse.setVersion(version);
+ logoutResponse.setIssueInstant(issueInstant);
+ return logoutResponse;
+ }
+
+ /**
+ * Generate service provider application.
+ *
+ * @param spApplication the service provider application
+ *
+ * @return the sP application
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ public static SPApplication generateSPApplication(final String spApplication)
+ throws STORKSAMLEngineException {
+ LOG.debug("Generate SPApplication.");
+
+ final SPApplication applicationAttr = (SPApplication) SAMLEngineUtils
+ .createSamlObject(SPApplication.DEF_ELEMENT_NAME);
+ applicationAttr.setSPApplication(spApplication);
+ return applicationAttr;
+ }
+
+ /**
+ * Generate service provider country.
+ *
+ * @param spCountry the service provider country
+ *
+ * @return the service provider country
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ public static SPCountry generateSPCountry(final String spCountry)
+ throws STORKSAMLEngineException {
+ LOG.debug("Generate SPApplication.");
+
+ final SPCountry countryAttribute = (SPCountry) SAMLEngineUtils
+ .createSamlObject(SPCountry.DEF_ELEMENT_NAME);
+ countryAttribute.setSPCountry(spCountry);
+ return countryAttribute;
+ }
+
+ /**
+ * Generate service provider institution.
+ *
+ * @param spInstitution the service provider institution
+ *
+ * @return the service provider institution
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ public static SPInstitution generateSPInstitution(final String spInstitution)
+ throws STORKSAMLEngineException {
+ LOG.debug("Generate SPInstitution.");
+
+ final SPInstitution institutionAttr = (SPInstitution) SAMLEngineUtils
+ .createSamlObject(SPInstitution.DEF_ELEMENT_NAME);
+ institutionAttr.setSPInstitution(spInstitution);
+ return institutionAttr;
+ }
+
+ /**
+ * Generate service provider sector.
+ *
+ * @param spSector the service provider sector
+ *
+ * @return the service provider sector
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ public static SPSector generateSPSector(final String spSector)
+ throws STORKSAMLEngineException {
+ LOG.debug("Generate SPSector.");
+
+ final SPSector sectorAttribute = (SPSector) SAMLEngineUtils
+ .createSamlObject(SPSector.DEF_ELEMENT_NAME);
+ sectorAttribute.setSPSector(spSector);
+ return sectorAttribute;
+ }
+
+ /**
+ * Generate status.
+ *
+ * @param statusCode the status code
+ *
+ * @return the status
+ */
+ public static Status generateStatus(final StatusCode statusCode) {
+ final Status status = (Status) SAMLEngineUtils
+ .createSamlObject(Status.DEFAULT_ELEMENT_NAME);
+ status.setStatusCode(statusCode);
+ return status;
+ }
+
+ /**
+ * Generate status code.
+ *
+ * @param value the value
+ *
+ * @return the status code
+ */
+ public static StatusCode generateStatusCode(final String value) {
+ final StatusCode statusCode = (StatusCode) SAMLEngineUtils
+ .createSamlObject(StatusCode.DEFAULT_ELEMENT_NAME);
+ statusCode.setValue(value);
+ return statusCode;
+ }
+
+
+ /**
+ * Generate status message.
+ *
+ * @param message the message
+ *
+ * @return the status message
+ */
+ public static StatusMessage generateStatusMessage(final String message) {
+ final StatusMessage statusMessage = (StatusMessage) SAMLEngineUtils
+ .createSamlObject(StatusMessage.DEFAULT_ELEMENT_NAME);
+ statusMessage.setMessage(message);
+ return statusMessage;
+ }
+
+ /**
+ * Generate subject.
+ *
+ * @return the subject
+ */
+ public static Subject generateSubject() {
+ return (Subject) SAMLEngineUtils
+ .createSamlObject(Subject.DEFAULT_ELEMENT_NAME);
+ }
+
+ /**
+ * Generate subject confirmation.
+ *
+ * @param method the method
+ * @param data the data
+ *
+ * @return the subject confirmation
+ */
+ public static SubjectConfirmation generateSubjectConfirmation(
+ final String method, final SubjectConfirmationData data) {
+ final SubjectConfirmation subjectConf = (SubjectConfirmation) Configuration
+ .getBuilderFactory().getBuilder(
+ SubjectConfirmation.DEFAULT_ELEMENT_NAME).buildObject(
+ SubjectConfirmation.DEFAULT_ELEMENT_NAME);
+
+ subjectConf.setMethod(method);
+
+ subjectConf.setSubjectConfirmationData(data);
+
+ return subjectConf;
+ }
+
+
+ /**
+ * Generate subject confirmation data.
+ *
+ * @param notOnOrAfter the not on or after
+ * @param recipient the recipient
+ * @param inResponseTo the in response to
+ *
+ * @return the subject confirmation data
+ */
+ public static SubjectConfirmationData generateSubjectConfirmationData(
+ final DateTime notOnOrAfter, final String recipient,
+ final String inResponseTo) {
+ final SubjectConfirmationData subjectConfData = (SubjectConfirmationData) SAMLEngineUtils
+ .createSamlObject(SubjectConfirmationData.DEFAULT_ELEMENT_NAME);
+ subjectConfData.setNotOnOrAfter(notOnOrAfter);
+ subjectConfData.setRecipient(recipient);
+ subjectConfData.setInResponseTo(inResponseTo);
+ return subjectConfData;
+ }
+
+
+ /**
+ * Generate subject locality.
+ *
+ * @param address the address
+ *
+ * @return the subject locality
+ */
+ public static SubjectLocality generateSubjectLocality(final String address) {
+ final SubjectLocality subjectLocality = (SubjectLocality) SAMLEngineUtils
+ .createSamlObject(SubjectLocality.DEFAULT_ELEMENT_NAME);
+ subjectLocality.setAddress(address);
+ return subjectLocality;
+ }
+
+
+
+
+ /**
+ * Method that returns the current time.
+ *
+ * @return the current time
+ */
+ public static DateTime getCurrentTime() {
+ return new DateTime();
+ }
+
+
+ /**
+ * Instantiates a new SAML engine utilities.
+ */
+ private SAMLEngineUtils() {
+ }
+
+}
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/STORKSAMLEngine.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/STORKSAMLEngine.java
new file mode 100644
index 000000000..20ebb709d
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/STORKSAMLEngine.java
@@ -0,0 +1,3705 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.auth.engine;
+
+import java.io.ByteArrayInputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.StringWriter;
+import java.io.UnsupportedEncodingException;
+import java.security.KeyStore;
+import java.security.KeyStoreException;
+import java.security.cert.CertificateException;
+import java.security.cert.CertificateFactory;
+import java.security.cert.X509Certificate;
+import java.util.ArrayList;
+import java.util.Enumeration;
+import java.util.HashMap;
+import java.util.Iterator;
+import java.util.List;
+
+import javax.xml.namespace.QName;
+import javax.xml.parsers.DocumentBuilder;
+import javax.xml.parsers.DocumentBuilderFactory;
+import javax.xml.parsers.ParserConfigurationException;
+import javax.xml.transform.OutputKeys;
+import javax.xml.transform.Transformer;
+import javax.xml.transform.TransformerConfigurationException;
+import javax.xml.transform.TransformerException;
+import javax.xml.transform.TransformerFactory;
+import javax.xml.transform.dom.DOMSource;
+import javax.xml.transform.stream.StreamResult;
+
+import org.apache.commons.lang.StringUtils;
+import org.bouncycastle.jce.X509Principal;
+import org.joda.time.DateTime;
+import org.opensaml.Configuration;
+import org.opensaml.common.SAMLVersion;
+import org.opensaml.common.SignableSAMLObject;
+import org.opensaml.common.xml.SAMLConstants;
+import org.opensaml.saml2.common.Extensions;
+import org.opensaml.saml2.core.Assertion;
+import org.opensaml.saml2.core.Attribute;
+import org.opensaml.saml2.core.AttributeQuery;
+import org.opensaml.saml2.core.AttributeStatement;
+import org.opensaml.saml2.core.AttributeValue;
+import org.opensaml.saml2.core.Audience;
+import org.opensaml.saml2.core.AudienceRestriction;
+import org.opensaml.saml2.core.AuthnContext;
+import org.opensaml.saml2.core.AuthnContextDecl;
+import org.opensaml.saml2.core.AuthnRequest;
+import org.opensaml.saml2.core.AuthnStatement;
+import org.opensaml.saml2.core.Conditions;
+import org.opensaml.saml2.core.Issuer;
+import org.opensaml.saml2.core.LogoutRequest;
+import org.opensaml.saml2.core.LogoutResponse;
+import org.opensaml.saml2.core.NameID;
+import org.opensaml.saml2.core.OneTimeUse;
+import org.opensaml.saml2.core.Response;
+import org.opensaml.saml2.core.Status;
+import org.opensaml.saml2.core.StatusCode;
+import org.opensaml.saml2.core.StatusMessage;
+import org.opensaml.saml2.core.Subject;
+import org.opensaml.saml2.core.SubjectConfirmation;
+import org.opensaml.saml2.core.SubjectConfirmationData;
+import org.opensaml.saml2.core.SubjectLocality;
+import org.opensaml.saml2.core.impl.SubjectConfirmationBuilder;
+import org.opensaml.xml.Namespace;
+import org.opensaml.xml.XMLObject;
+import org.opensaml.xml.schema.XSAny;
+import org.opensaml.xml.schema.impl.XSAnyBuilder;
+import org.opensaml.xml.schema.impl.XSAnyImpl;
+import org.opensaml.xml.schema.impl.XSAnyMarshaller;
+import org.opensaml.xml.schema.impl.XSAnyUnmarshaller;
+import org.opensaml.xml.schema.impl.XSDateTimeImpl;
+import org.opensaml.xml.schema.impl.XSStringImpl;
+import org.opensaml.xml.signature.KeyInfo;
+import org.opensaml.xml.util.Base64;
+import org.opensaml.xml.validation.ValidationException;
+import org.opensaml.xml.validation.Validator;
+import org.opensaml.xml.validation.ValidatorSuite;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.w3c.dom.Document;
+import org.xml.sax.SAXException;
+
+import eu.stork.peps.auth.commons.IPersonalAttributeList;
+import eu.stork.peps.auth.commons.PersonalAttribute;
+import eu.stork.peps.auth.commons.PersonalAttributeList;
+import eu.stork.peps.auth.commons.STORKAttrQueryRequest;
+import eu.stork.peps.auth.commons.STORKAttrQueryResponse;
+import eu.stork.peps.auth.commons.STORKAuthnRequest;
+import eu.stork.peps.auth.commons.STORKAuthnResponse;
+import eu.stork.peps.auth.commons.STORKLogoutRequest;
+import eu.stork.peps.auth.commons.STORKLogoutResponse;
+import eu.stork.peps.auth.engine.core.AuthenticationAttributes;
+import eu.stork.peps.auth.engine.core.CitizenCountryCode;
+import eu.stork.peps.auth.engine.core.CustomAttributeQuery;
+import eu.stork.peps.auth.engine.core.CustomRequestAbstractType;
+import eu.stork.peps.auth.engine.core.EIDCrossBorderShare;
+import eu.stork.peps.auth.engine.core.EIDCrossSectorShare;
+import eu.stork.peps.auth.engine.core.EIDSectorShare;
+import eu.stork.peps.auth.engine.core.QAAAttribute;
+import eu.stork.peps.auth.engine.core.RequestedAttribute;
+import eu.stork.peps.auth.engine.core.RequestedAttributes;
+import eu.stork.peps.auth.engine.core.SAMLCore;
+import eu.stork.peps.auth.engine.core.SPApplication;
+import eu.stork.peps.auth.engine.core.SPCountry;
+import eu.stork.peps.auth.engine.core.SPID;
+import eu.stork.peps.auth.engine.core.SPInformation;
+import eu.stork.peps.auth.engine.core.SPInstitution;
+import eu.stork.peps.auth.engine.core.SPSector;
+import eu.stork.peps.auth.engine.core.VIDPAuthenticationAttributes;
+import eu.stork.peps.auth.engine.core.impl.AuthenticationAttributesBuilder;
+import eu.stork.peps.auth.engine.core.impl.AuthenticationAttributesMarshaller;
+import eu.stork.peps.auth.engine.core.impl.AuthenticationAttributesUnmarshaller;
+import eu.stork.peps.auth.engine.core.impl.CitizenCountryCodeBuilder;
+import eu.stork.peps.auth.engine.core.impl.CitizenCountryCodeMarshaller;
+import eu.stork.peps.auth.engine.core.impl.CitizenCountryCodeUnmarshaller;
+import eu.stork.peps.auth.engine.core.impl.CustomAttributeQueryUnmarshaller;
+import eu.stork.peps.auth.engine.core.impl.EIDCrossBorderShareBuilder;
+import eu.stork.peps.auth.engine.core.impl.EIDCrossBorderShareMarshaller;
+import eu.stork.peps.auth.engine.core.impl.EIDCrossBorderShareUnmarshaller;
+import eu.stork.peps.auth.engine.core.impl.EIDCrossSectorShareBuilder;
+import eu.stork.peps.auth.engine.core.impl.EIDCrossSectorShareMarshaller;
+import eu.stork.peps.auth.engine.core.impl.EIDCrossSectorShareUnmarshaller;
+import eu.stork.peps.auth.engine.core.impl.EIDSectorShareBuilder;
+import eu.stork.peps.auth.engine.core.impl.EIDSectorShareMarshaller;
+import eu.stork.peps.auth.engine.core.impl.EIDSectorShareUnmarshaller;
+import eu.stork.peps.auth.engine.core.impl.QAAAttributeBuilder;
+import eu.stork.peps.auth.engine.core.impl.QAAAttributeMarshaller;
+import eu.stork.peps.auth.engine.core.impl.QAAAttributeUnmarshaller;
+import eu.stork.peps.auth.engine.core.impl.RequestedAttributeBuilder;
+import eu.stork.peps.auth.engine.core.impl.RequestedAttributeMarshaller;
+import eu.stork.peps.auth.engine.core.impl.RequestedAttributeUnmarshaller;
+import eu.stork.peps.auth.engine.core.impl.RequestedAttributesBuilder;
+import eu.stork.peps.auth.engine.core.impl.RequestedAttributesMarshaller;
+import eu.stork.peps.auth.engine.core.impl.RequestedAttributesUnmarshaller;
+import eu.stork.peps.auth.engine.core.impl.SPApplicationBuilder;
+import eu.stork.peps.auth.engine.core.impl.SPApplicationMarshaller;
+import eu.stork.peps.auth.engine.core.impl.SPApplicationUnmarshaller;
+import eu.stork.peps.auth.engine.core.impl.SPCountryBuilder;
+import eu.stork.peps.auth.engine.core.impl.SPCountryMarshaller;
+import eu.stork.peps.auth.engine.core.impl.SPCountryUnmarshaller;
+import eu.stork.peps.auth.engine.core.impl.SPIDBuilder;
+import eu.stork.peps.auth.engine.core.impl.SPIDMarshaller;
+import eu.stork.peps.auth.engine.core.impl.SPIDUnmarshaller;
+import eu.stork.peps.auth.engine.core.impl.SPInformationBuilder;
+import eu.stork.peps.auth.engine.core.impl.SPInformationMarshaller;
+import eu.stork.peps.auth.engine.core.impl.SPInformationUnmarshaller;
+import eu.stork.peps.auth.engine.core.impl.SPInstitutionBuilder;
+import eu.stork.peps.auth.engine.core.impl.SPInstitutionMarshaller;
+import eu.stork.peps.auth.engine.core.impl.SPInstitutionUnmarshaller;
+import eu.stork.peps.auth.engine.core.impl.SPSectorBuilder;
+import eu.stork.peps.auth.engine.core.impl.SPSectorMarshaller;
+import eu.stork.peps.auth.engine.core.impl.SPSectorUnmarshaller;
+import eu.stork.peps.auth.engine.core.impl.VIDPAuthenticationAttributesBuilder;
+import eu.stork.peps.auth.engine.core.impl.VIDPAuthenticationAttributesMarshaller;
+import eu.stork.peps.auth.engine.core.impl.VIDPAuthenticationAttributesUnmarshaller;
+import eu.stork.peps.auth.engine.core.validator.CustomAttributeQueryValidator;
+import eu.stork.peps.auth.engine.core.validator.ExtensionsSchemaValidator;
+import eu.stork.peps.auth.engine.core.validator.QAAAttributeSchemaValidator;
+import eu.stork.peps.exceptions.SAMLEngineException;
+import eu.stork.peps.exceptions.STORKSAMLEngineException;
+import eu.stork.peps.exceptions.STORKSAMLEngineRuntimeException;
+
+/**
+ * Class that wraps the operations over SAML tokens, both generation and
+ * validation of SAML STORK requests and SAML STORK responses. Complaint with
+ * "OASIS Secure Assertion Markup Language (SAML) 2.0, May 2005", but taking
+ * into account STORK specific requirements.
+ *
+ * @author fjquevedo
+ * @author iinigo
+ */
+public final class STORKSAMLEngine extends SAMLEngine {
+
+ /** The Constant LOG. */
+ private static final Logger LOG = LoggerFactory
+ .getLogger(STORKSAMLEngine.class.getName());
+
+ private static final String ATTRIBUTE_EMPTY_LITERAL = "Attribute name is null or empty.";
+ /**
+ * Gets the single instance of STORKSAMLEngine.
+ *
+ * @param nameInstance the name instance
+ *
+ * @return single instance of STORKSAMLEngine
+ */
+ public static synchronized STORKSAMLEngine getInstance(
+ final String nameInstance) {
+ STORKSAMLEngine engine = null;
+ LOG.info("Get instance: " + nameInstance);
+ try {
+ engine = new STORKSAMLEngine(nameInstance.trim());
+ } catch (Exception e) {
+ LOG.error("Error get instance: " + nameInstance);
+ }
+ return engine;
+ }
+
+ /**
+ * Instantiate a new STORKSAML engine.
+ *
+ * @param nameInstance the name instance
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ private STORKSAMLEngine(final String nameInstance)
+ throws STORKSAMLEngineException {
+ // Initialization OpenSAML.
+ super(nameInstance);
+ LOG.info("Register STORK objects provider.");
+ Configuration.registerObjectProvider(QAAAttribute.DEF_ELEMENT_NAME,
+ new QAAAttributeBuilder(), new QAAAttributeMarshaller(),
+ new QAAAttributeUnmarshaller());
+
+ Configuration.registerObjectProvider(EIDSectorShare.DEF_ELEMENT_NAME,
+ new EIDSectorShareBuilder(), new EIDSectorShareMarshaller(),
+ new EIDSectorShareUnmarshaller());
+
+ Configuration.registerObjectProvider(
+ EIDCrossSectorShare.DEF_ELEMENT_NAME,
+ new EIDCrossSectorShareBuilder(),
+ new EIDCrossSectorShareMarshaller(),
+ new EIDCrossSectorShareUnmarshaller());
+
+ Configuration.registerObjectProvider(
+ EIDCrossBorderShare.DEF_ELEMENT_NAME,
+ new EIDCrossBorderShareBuilder(),
+ new EIDCrossBorderShareMarshaller(),
+ new EIDCrossBorderShareUnmarshaller());
+
+ Configuration.registerObjectProvider(SPSector.DEF_ELEMENT_NAME,
+ new SPSectorBuilder(), new SPSectorMarshaller(),
+ new SPSectorUnmarshaller());
+
+ Configuration.registerObjectProvider(SPInstitution.DEF_ELEMENT_NAME,
+ new SPInstitutionBuilder(), new SPInstitutionMarshaller(),
+ new SPInstitutionUnmarshaller());
+
+ Configuration.registerObjectProvider(SPApplication.DEF_ELEMENT_NAME,
+ new SPApplicationBuilder(), new SPApplicationMarshaller(),
+ new SPApplicationUnmarshaller());
+
+ Configuration.registerObjectProvider(SPCountry.DEF_ELEMENT_NAME,
+ new SPCountryBuilder(), new SPCountryMarshaller(),
+ new SPCountryUnmarshaller());
+
+ Configuration.registerObjectProvider(XSAny.TYPE_NAME,
+ new XSAnyBuilder(), new XSAnyMarshaller(),
+ new XSAnyUnmarshaller());
+
+ Configuration.registerObjectProvider(
+ RequestedAttribute.DEF_ELEMENT_NAME,
+ new RequestedAttributeBuilder(),
+ new RequestedAttributeMarshaller(),
+ new RequestedAttributeUnmarshaller());
+
+ Configuration.registerObjectProvider(
+ RequestedAttributes.DEF_ELEMENT_NAME,
+ new RequestedAttributesBuilder(),
+ new RequestedAttributesMarshaller(),
+ new RequestedAttributesUnmarshaller());
+
+ Configuration.registerObjectProvider(
+ AuthenticationAttributes.DEF_ELEMENT_NAME,
+ new AuthenticationAttributesBuilder(),
+ new AuthenticationAttributesMarshaller(),
+ new AuthenticationAttributesUnmarshaller());
+
+ Configuration.registerObjectProvider(
+ VIDPAuthenticationAttributes.DEF_ELEMENT_NAME,
+ new VIDPAuthenticationAttributesBuilder(),
+ new VIDPAuthenticationAttributesMarshaller(),
+ new VIDPAuthenticationAttributesUnmarshaller());
+
+ Configuration.registerObjectProvider(
+ CitizenCountryCode.DEF_ELEMENT_NAME,
+ new CitizenCountryCodeBuilder(),
+ new CitizenCountryCodeMarshaller(),
+ new CitizenCountryCodeUnmarshaller());
+
+ Configuration.registerObjectProvider(
+ SPID.DEF_ELEMENT_NAME,
+ new SPIDBuilder(),
+ new SPIDMarshaller(),
+ new SPIDUnmarshaller());
+
+ Configuration.registerObjectProvider(
+ SPInformation.DEF_ELEMENT_NAME,
+ new SPInformationBuilder(),
+ new SPInformationMarshaller(),
+ new SPInformationUnmarshaller());
+
+ LOG.info("Register STORK object validators.");
+ final ValidatorSuite validatorSuite = new ValidatorSuite(
+ QAAAttribute.DEF_LOCAL_NAME);
+
+ validatorSuite.registerValidator(QAAAttribute.DEF_ELEMENT_NAME,
+ new QAAAttributeSchemaValidator());
+ final Extensions extensions = SAMLEngineUtils.generateExtension();
+ validatorSuite.registerValidator(extensions.getElementQName(),
+ new ExtensionsSchemaValidator());
+
+ Configuration.registerValidatorSuite(
+ "stork:QualityAuthenticationAssuranceLevel", validatorSuite);
+
+ }
+
+ /**
+ * Generate authentication response base.
+ *
+ * @param status the status
+ * @param assertConsumerURL the assert consumer URL.
+ * @param inResponseTo the in response to
+ *
+ * @return the response
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ private Response genAuthnRespBase(final Status status,
+ final String assertConsumerURL, final String inResponseTo)
+ throws STORKSAMLEngineException {
+ LOG.debug("Generate Authentication Response base.");
+ final Response response = SAMLEngineUtils.generateResponse(
+ SAMLVersion.VERSION_20, SAMLEngineUtils.generateNCName(),
+ SAMLEngineUtils.getCurrentTime(), status);
+
+ // Set name Spaces
+ this.setNameSpaces(response);
+
+ // Mandatory STORK
+ LOG.debug("Generate Issuer");
+ final Issuer issuer = SAMLEngineUtils.generateIssuer();
+ issuer.setValue(super.getSamlCoreProperties().getResponder());
+
+ // Format Entity Optional STORK
+ issuer.setFormat(super.getSamlCoreProperties().getFormatEntity());
+
+ response.setIssuer(issuer);
+
+ // destination Mandatory Stork
+ response.setDestination(assertConsumerURL.trim());
+
+ // inResponseTo Mandatory Stork
+ response.setInResponseTo(inResponseTo.trim());
+
+ // Optional STORK
+ response.setConsent(super.getSamlCoreProperties()
+ .getConsentAuthnResponse());
+
+ return response;
+ }
+
+ /**
+ * Generate attribute query response base.
+ *
+ * @param status the status
+ * @param destinationURL the assert consumer URL.
+ * @param inResponseTo the in response to
+ *
+ * @return the response
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ private Response genAttrQueryRespBase(final Status status,
+ final String destinationURL, final String inResponseTo)
+ throws STORKSAMLEngineException {
+ LOG.debug("Generate Attribute query Response base.");
+ final Response response = SAMLEngineUtils.generateResponse(
+ SAMLVersion.VERSION_20, SAMLEngineUtils.generateNCName(),
+ SAMLEngineUtils.getCurrentTime(), status);
+
+ // Set name Spaces
+ this.setNameSpaces(response);
+
+ // Mandatory STORK
+ LOG.debug("Generate Issuer");
+ final Issuer issuer = SAMLEngineUtils.generateIssuer();
+ issuer.setValue(super.getSamlCoreProperties().getResponder());
+
+ // Format Entity Optional STORK
+ issuer.setFormat(super.getSamlCoreProperties().getFormatEntity());
+
+ response.setIssuer(issuer);
+
+ // destination Mandatory Stork
+ response.setDestination(destinationURL.trim());
+
+ // inResponseTo Mandatory Stork
+ response.setInResponseTo(inResponseTo.trim());
+
+ // Optional STORK
+ response.setConsent(super.getSamlCoreProperties()
+ .getConsentAuthnResponse());
+
+ return response;
+ }
+
+ /**
+ * Generate assertion.
+ *
+ * @param ipAddress the IP address.
+ * @param assertConsumerURL the assert consumer URL.
+ * @param inResponseTo the in response to
+ * @param issuer the issuer
+ * @param notOnOrAfter the not on or after
+ *
+ * @return the assertion
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ private Assertion generateAssertion(final String ipAddress,
+ final String assertConsumerURL, final String inResponseTo,
+ final String issuer, final DateTime notOnOrAfter)
+ throws STORKSAMLEngineException {
+ LOG.info("Generate Assertion.");
+
+ // Mandatory STORK
+ LOG.debug("Generate Issuer to Assertion");
+ final Issuer issuerAssertion = SAMLEngineUtils.generateIssuer();
+ issuerAssertion.setValue(super.getSamlCoreProperties().getResponder());
+
+ // Format Entity Optional STORK
+ issuerAssertion.setFormat(super.getSamlCoreProperties()
+ .getFormatEntity());
+
+ final Assertion assertion = SAMLEngineUtils.generateAssertion(
+ SAMLVersion.VERSION_20, SAMLEngineUtils.generateNCName(),
+ SAMLEngineUtils.getCurrentTime(), issuerAssertion);
+
+ final Subject subject = SAMLEngineUtils.generateSubject();
+
+ // Mandatory STORK verified
+ // String format = NameID.UNSPECIFIED
+ // specification: 'SAML:2.0' exist
+ // opensaml: "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified"
+ // opensaml "urn:oasis:names:tc:SAML:2.0:nameid-format:unspecified"
+ final String format = "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified";
+
+ final String nameQualifier = "";
+
+ LOG.debug("Generate NameID");
+ final NameID nameId = SAMLEngineUtils.generateNameID(super
+ .getSamlCoreProperties().getResponder(), format, nameQualifier);
+ nameId.setValue(format);
+ subject.setNameID(nameId);
+
+ // Mandatory if urn:oasis:names:tc:SAML:2.0:cm:bearer.
+ // Optional in other case.
+ LOG.debug("Generate SubjectConfirmationData.");
+ final SubjectConfirmationData dataBearer = SAMLEngineUtils
+ .generateSubjectConfirmationData(SAMLEngineUtils
+ .getCurrentTime(), assertConsumerURL, inResponseTo);
+
+ // Mandatory if urn:oasis:names:tc:SAML:2.0:cm:bearer.
+ // Optional in other case.
+ LOG.debug("Generate SubjectConfirmation");
+ final SubjectConfirmation subjectConf = SAMLEngineUtils
+ .generateSubjectConfirmation(SubjectConfirmation.METHOD_BEARER,
+ dataBearer);
+
+ final ArrayList<SubjectConfirmation> listSubjectConf = new ArrayList<SubjectConfirmation>();
+ listSubjectConf.add(subjectConf);
+
+ for (final Iterator<SubjectConfirmation> iter = listSubjectConf
+ .iterator(); iter.hasNext();) {
+ final SubjectConfirmation element = iter.next();
+
+ if (SubjectConfirmation.METHOD_BEARER.equals(element.getMethod())) {
+ // ipAddress Mandatory if method is Bearer.
+
+ if (StringUtils.isBlank(ipAddress)) {
+ throw new STORKSAMLEngineException(
+ "ipAddress is null or empty");
+ }
+ element.getSubjectConfirmationData().setAddress(
+ ipAddress.trim());
+ }
+
+ element.getSubjectConfirmationData()
+ .setRecipient(assertConsumerURL);
+ element.getSubjectConfirmationData().setNotOnOrAfter(notOnOrAfter);
+ }
+
+ // The SAML 2.0 specification allows multiple SubjectConfirmations
+ subject.getSubjectConfirmations().addAll(listSubjectConf);
+
+ // Mandatory Stork
+ assertion.setSubject(subject);
+
+ // Conditions that MUST be evaluated when assessing the validity of
+ // and/or when using the assertion.
+ final Conditions conditions = this.generateConditions(SAMLEngineUtils
+ .getCurrentTime(), notOnOrAfter, issuer);
+
+ assertion.setConditions(conditions);
+
+ LOG.debug("Generate stork Authentication Statement.");
+ final AuthnStatement storkAuthnStat = this
+ .generateStorkAuthStatement(ipAddress);
+ assertion.getAuthnStatements().add(storkAuthnStat);
+
+ return assertion;
+ }
+
+ private String getAttributeName(final PersonalAttribute attribute) throws STORKSAMLEngineException {
+ if (StringUtils.isBlank(attribute.getName())) {
+ LOG.error(ATTRIBUTE_EMPTY_LITERAL);
+ throw new STORKSAMLEngineException(ATTRIBUTE_EMPTY_LITERAL);
+ }
+
+ final String attributeName = super.getSamlCoreProperties()
+ .getProperty(attribute.getName());
+
+ if (StringUtils.isBlank(attributeName)) {
+ LOG.error("Attribute name: {} it is not known.", attribute
+ .getName());
+ throw new STORKSAMLEngineException("Attribute name: "
+ + attribute.getName() + " it is not known.");
+ }
+ return attributeName;
+ }
+ /**
+ * Generate attribute statement.
+ *
+ * @param personalAttrList the personal attribute list
+ * @param isHashing the is hashing
+ *
+ * @return the attribute statement
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ * @throws IOException
+ */
+ private AttributeStatement generateAttributeStatement(
+ final IPersonalAttributeList personalAttrList,
+ final boolean isHashing) throws STORKSAMLEngineException {
+ LOG.debug("Generate attribute statement");
+
+ final AttributeStatement attrStatement = (AttributeStatement) SAMLEngineUtils
+ .createSamlObject(AttributeStatement.DEFAULT_ELEMENT_NAME);
+
+ for (PersonalAttribute attribute : personalAttrList) {
+
+ String attributeName = getAttributeName(attribute);
+
+ // Verification that only one value it's permitted, simple or
+ // complex, not both.
+
+ final boolean simpleNull = (attribute.getValue() == null);
+ final boolean simpleEmpty = (simpleNull || (!simpleNull && attribute
+ .getValue().isEmpty()));
+
+ final boolean complexNull = (attribute.getComplexValue() == null);
+ final boolean complexEmpty = (complexNull || (!complexNull && attribute
+ .getComplexValue().isEmpty()));
+
+ if ((!simpleEmpty && !complexEmpty)) {
+ throw new STORKSAMLEngineException(
+ "Attribute name: "
+ + attribute.getName()
+ + " must be contain one value, simple or complex value.");
+ } else {
+
+ if (!simpleEmpty) {
+ attrStatement.getAttributes().add(
+ this.generateAttrSimple(attributeName, attribute
+ .getStatus(), attribute.getValue(),
+ isHashing));
+ } else if (!complexEmpty) {
+ attrStatement.getAttributes().add(
+ SAMLEngineUtils.generateAttrComplex(attributeName,
+ attribute.getStatus(), attribute
+ .getComplexValue(), isHashing));
+ } else if (!simpleNull) {
+ attrStatement.getAttributes().add(
+ this.generateAttrSimple(attributeName, attribute
+ .getStatus(), new ArrayList<String>(),
+ isHashing));
+ } else {
+ // Add attribute complex.
+ attrStatement.getAttributes().add(
+ SAMLEngineUtils.generateAttrComplex(attributeName,
+ attribute.getStatus(),
+ new HashMap<String, String>(), isHashing));
+ }
+ }
+ }
+ return attrStatement;
+ }
+ private XSAny createAttributeValueForSignedDoc(final String value, final boolean isHashing) throws STORKSAMLEngineException {
+ DocumentBuilderFactory domFactory = DocumentBuilderFactory.newInstance();
+ domFactory.setNamespaceAware(true);
+ Document document = null;
+ DocumentBuilder builder;
+
+ // Parse the signedDoc value into an XML DOM Document
+ try {
+ builder = domFactory.newDocumentBuilder();
+ InputStream is;
+ is = new ByteArrayInputStream(value.trim().getBytes("UTF-8"));
+ document = builder.parse(is);
+ is.close();
+ } catch (SAXException e1) {
+ LOG.error("SAX Error while parsing signModule attribute", e1);
+ throw new STORKSAMLEngineRuntimeException(e1);
+ } catch (ParserConfigurationException e2) {
+ LOG.error("Parser Configuration Error while parsing signModule attribute", e2);
+ throw new STORKSAMLEngineRuntimeException(e2);
+ } catch (UnsupportedEncodingException e3) {
+ LOG.error("Unsupported encoding Error while parsing signModule attribute", e3);
+ throw new STORKSAMLEngineRuntimeException(e3);
+ } catch (IOException e4) {
+ LOG.error("IO Error while parsing signModule attribute", e4);
+ throw new STORKSAMLEngineRuntimeException(e4);
+ }
+
+ // Create the attribute statement
+ final XSAny xmlValue = (XSAny) SAMLEngineUtils
+ .createSamlObject(
+ AttributeValue.DEFAULT_ELEMENT_NAME,
+ XSAny.TYPE_NAME);
+
+ //Set the signedDoc XML content to this element
+ xmlValue.setDOM(document.getDocumentElement());
+
+ // Create the attribute statement
+ final XSAny attrValue = (XSAny) SAMLEngineUtils
+ .createSamlObject(
+ AttributeValue.DEFAULT_ELEMENT_NAME,
+ XSAny.TYPE_NAME);
+
+ //Add previous signedDocXML to the AttributeValue Element
+
+ // if it's necessary encode the information.
+ if (!isHashing) {
+ attrValue.getUnknownXMLObjects().add(xmlValue);
+ }
+ return attrValue;
+ }
+
+ private XSAny createAttributeValueForNonSignedDoc(final String value, final boolean isHashing) throws STORKSAMLEngineException {
+ // Create the attribute statement
+ final XSAny attrValue = (XSAny) SAMLEngineUtils
+ .createSamlObject(
+ AttributeValue.DEFAULT_ELEMENT_NAME,
+ XSAny.TYPE_NAME);
+ // if it's necessary encode the information.
+ if (isHashing) {
+ attrValue.setTextContent(SAMLEngineUtils.encode(value, SAMLEngineUtils.SHA_512));
+ } else {
+ attrValue.setTextContent(value);
+ }
+ return attrValue;
+ }
+
+ /**
+ * Generate attribute from a list of values.
+ *
+ * @param name the name of the attribute.
+ * @param values the value of the attribute.
+ * @param isHashing the is hashing with "SHA-512" algorithm.
+ * @param status the status of the parameter: "Available", "NotAvailable" or
+ * "Withheld".
+ *
+ * @return the attribute
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ private Attribute generateAttrSimple(final String name,
+ final String status, final List<String> values,
+ final boolean isHashing) throws STORKSAMLEngineException {
+ LOG.debug("Generate attribute simple: " + name);
+ final Attribute attribute = (Attribute) SAMLEngineUtils
+ .createSamlObject(Attribute.DEFAULT_ELEMENT_NAME);
+
+ attribute.setName(name);
+ attribute.setNameFormat(Attribute.URI_REFERENCE);
+
+ attribute.getUnknownAttributes().put(
+ new QName(SAMLCore.STORK10_NS.getValue(), "AttributeStatus",
+ SAMLCore.STORK10_PREFIX.getValue()), status);
+
+ if (values != null) {
+ LOG.debug("Add attribute values.");
+ for (int i = 0; i < values.size(); i++) {
+ final String value = values.get(i);
+ if (StringUtils.isNotBlank(value)) {
+ XSAny attrValue = null;
+ if (!name.equals("http://www.stork.gov.eu/1.0/signedDoc")) {
+ // Create the attribute statement
+ attrValue = createAttributeValueForNonSignedDoc(value, isHashing);
+
+ } else {
+ attrValue = createAttributeValueForSignedDoc(value, isHashing);
+ attribute.getAttributeValues().add(attrValue);
+ }
+ attribute.getAttributeValues().add(attrValue);
+ }
+ }
+ }
+ return attribute;
+ }
+
+ /**
+ * Generate conditions that MUST be evaluated when assessing the validity of
+ * and/or when using the assertion.
+ *
+ * @param notBefore the not before
+ * @param notOnOrAfter the not on or after
+ * @param audienceURI the audience URI.
+ *
+ * @return the conditions
+ */
+ private Conditions generateConditions(final DateTime notBefore,
+ final DateTime notOnOrAfter, final String audienceURI) {
+ LOG.debug("Generate conditions.");
+ final Conditions conditions = (Conditions) SAMLEngineUtils
+ .createSamlObject(Conditions.DEFAULT_ELEMENT_NAME);
+ conditions.setNotBefore(notBefore);
+ conditions.setNotOnOrAfter(notOnOrAfter);
+
+ final AudienceRestriction restrictions = (AudienceRestriction) SAMLEngineUtils
+ .createSamlObject(AudienceRestriction.DEFAULT_ELEMENT_NAME);
+
+ final Audience audience = (Audience) SAMLEngineUtils
+ .createSamlObject(Audience.DEFAULT_ELEMENT_NAME);
+ audience.setAudienceURI(audienceURI);
+
+ restrictions.getAudiences().add(audience);
+ conditions.getAudienceRestrictions().add(restrictions);
+
+ if (super.getSamlCoreProperties().isOneTimeUse()) {
+ final OneTimeUse oneTimeUse = (OneTimeUse) SAMLEngineUtils
+ .createSamlObject(OneTimeUse.DEFAULT_ELEMENT_NAME);
+ conditions.getConditions().add(oneTimeUse);
+ }
+ return conditions;
+ }
+
+ /**
+ * Generate personal attribute list.
+ *
+ * @param assertion the assertion
+ *
+ * @return the personal attribute list
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ private IPersonalAttributeList generatePersonalAttributeList(
+ final Assertion assertion) throws STORKSAMLEngineException {
+ LOG.debug("Generate personal attribute list from XMLObject.");
+ final List<XMLObject> listExtensions = assertion.getOrderedChildren();
+
+ boolean find = false;
+ AttributeStatement requestedAttr = null;
+
+ // Search the attribute statement.
+ for (int i = 0; i < listExtensions.size() && !find; i++) {
+ final XMLObject xml = listExtensions.get(i);
+ if (xml instanceof AttributeStatement) {
+ requestedAttr = (AttributeStatement) xml;
+ find = true;
+ }
+ }
+
+ if (!find) {
+ LOG.error("Error: AttributeStatement it's not present.");
+ throw new STORKSAMLEngineException(
+ "AttributeStatement it's not present.");
+ }
+
+ final List<Attribute> reqAttrs = requestedAttr.getAttributes();
+
+ final IPersonalAttributeList personalAttrList = new PersonalAttributeList();
+ String attributeName;
+
+ // Process the attributes.
+ for (int nextAttribute = 0; nextAttribute < reqAttrs.size(); nextAttribute++) {
+ final Attribute attribute = reqAttrs.get(nextAttribute);
+
+ final PersonalAttribute personalAttribute = new PersonalAttribute();
+
+ attributeName = attribute.getName();
+ personalAttribute.setName(attributeName.substring(attributeName
+ .lastIndexOf('/') + 1));
+
+ personalAttribute.setStatus(attribute.getUnknownAttributes().get(
+ new QName(SAMLCore.STORK10_NS.getValue(),
+ "AttributeStatus", SAMLCore.STORK10_PREFIX
+ .getValue())));
+
+ final ArrayList<String> simpleValues = new ArrayList<String>();
+ final HashMap<String, String> multiValues = new HashMap<String, String>();
+
+ final List<XMLObject> values = attribute.getOrderedChildren();
+
+
+ // Process the values.
+ for (int nextValue = 0; nextValue < values.size(); nextValue++) {
+
+ final XMLObject xmlObject = values.get(nextValue);
+
+ if (xmlObject instanceof XSStringImpl) {
+
+ simpleValues.add(((XSStringImpl) xmlObject).getValue());
+
+ } else if (xmlObject instanceof XSAnyImpl) {
+
+ if (attributeName.equals("http://www.stork.gov.eu/1.0/signedDoc")) {
+
+ final XSAnyImpl xmlString = (XSAnyImpl) values
+ .get(nextValue);
+
+ TransformerFactory transFactory = TransformerFactory
+ .newInstance();
+ Transformer transformer = null;
+ try {
+ transformer = transFactory.newTransformer();
+ transformer.setOutputProperty(
+ OutputKeys.OMIT_XML_DECLARATION, "yes");
+ } catch (TransformerConfigurationException e) {
+ LOG.error("Error transformer configuration exception", e);
+ }
+ StringWriter buffer = new StringWriter();
+ try {
+ if (xmlString != null && xmlString.getUnknownXMLObjects() != null && xmlString.getUnknownXMLObjects().size() > 0 ){
+ transformer.transform(new DOMSource(xmlString
+ .getUnknownXMLObjects().get(0).getDOM()),
+ new StreamResult(buffer));
+ }
+ } catch (TransformerException e) {
+ LOG.error("Error transformer exception", e);
+ }
+ String str = buffer.toString();
+
+ simpleValues.add(str);
+
+ } else if (isComplex(xmlObject))
+ {
+ LOG.info(attributeName + " found");
+ // Process complex value.
+ final XSAnyImpl complexValue = (XSAnyImpl) xmlObject;
+
+ for (int nextComplexValue = 0; nextComplexValue < complexValue
+ .getUnknownXMLObjects().size(); nextComplexValue++) {
+
+ final XSAnyImpl simple = (XSAnyImpl) complexValue
+ .getUnknownXMLObjects().get(
+ nextComplexValue);
+
+ multiValues.put(simple.getElementQName()
+ .getLocalPart(), simple.getTextContent());
+ }
+
+ }
+ else {
+ // Process simple value.
+ simpleValues.add(((XSAnyImpl) xmlObject)
+ .getTextContent());
+ }
+
+ } else {
+ LOG.error("Error: attribute value it's unknown.");
+ throw new STORKSAMLEngineException(
+ "Attribute value it's unknown.");
+ }
+ }
+
+ personalAttribute.setValue(simpleValues);
+ personalAttribute.setComplexValue(multiValues);
+ personalAttrList.add(personalAttribute);
+ }
+
+ return personalAttrList;
+ }
+
+ /**
+ * Generate stork authentication request.
+ *
+ * @param request the request that contain all parameters for generate an
+ * authentication request.
+ *
+ * @return the STORK authentication request that has been processed.
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ public STORKAuthnRequest generateSTORKAuthnRequest(
+ final STORKAuthnRequest request) throws STORKSAMLEngineException {
+ LOG.info("Generate SAMLAuthnRequest.");
+
+ // Validate Parameters mandatories
+ validateParamAuthnReq(request);
+
+ final AuthnRequest authnRequestAux = SAMLEngineUtils
+ .generateSAMLAuthnRequest(SAMLEngineUtils.generateNCName(),
+ SAMLVersion.VERSION_20, SAMLEngineUtils
+ .getCurrentTime());
+
+ // Set name spaces.
+ setNameSpaces(authnRequestAux);
+
+ // Add parameter Mandatory STORK
+ authnRequestAux.setForceAuthn(Boolean.TRUE);
+
+ // Add parameter Mandatory STORK
+ authnRequestAux.setIsPassive(Boolean.FALSE);
+
+ authnRequestAux.setAssertionConsumerServiceURL(request
+ .getAssertionConsumerServiceURL());
+
+ authnRequestAux.setProviderName(request.getProviderName());
+
+ // Add protocol binding
+ authnRequestAux.setProtocolBinding(super.getSamlCoreProperties()
+ .getProtocolBinding());
+
+ // Add parameter optional STORK
+ // Destination is mandatory if the destination is a C-PEPS
+ // The application must to know if the destination is a C-PEPS.
+ if (StringUtils.isNotBlank(request.getDestination())) {
+ authnRequestAux.setDestination(request.getDestination());
+ }
+
+ // Consent is optional. Set from SAMLEngine.xml - consent.
+ authnRequestAux.setConsent(super.getSamlCoreProperties()
+ .getConsentAuthnRequest());
+
+ final Issuer issuer = SAMLEngineUtils.generateIssuer();
+
+ if(request.getIssuer()!=null){
+ issuer.setValue(request.getIssuer());
+ } else {
+ issuer.setValue(super.getSamlCoreProperties().getRequester());
+ }
+
+ // Optional STORK
+ final String formatEntity = super.getSamlCoreProperties()
+ .getFormatEntity();
+ if (StringUtils.isNotBlank(formatEntity)) {
+ issuer.setFormat(formatEntity);
+ }
+
+ authnRequestAux.setIssuer(issuer);
+
+ // Generate stork extensions.
+ final Extensions storkExtensions = this
+ .generateSTORKExtensions(request);
+ // add the extensions to the SAMLAuthnRequest
+ authnRequestAux.setExtensions(storkExtensions);
+
+ // the result contains an authentication request token (byte[]),
+ // identifier of the token, and all parameters from the request.
+ final STORKAuthnRequest authRequest = processExtensions(authnRequestAux
+ .getExtensions());
+
+ try {
+ authRequest.setTokenSaml(super.signAndMarshall(authnRequestAux));
+ } catch (SAMLEngineException e) {
+ LOG.error("Sign and Marshall.", e);
+ throw new STORKSAMLEngineException(e);
+ }
+
+ authRequest.setSamlId(authnRequestAux.getID());
+ authRequest.setDestination(authnRequestAux.getDestination());
+ authRequest.setAssertionConsumerServiceURL(authnRequestAux
+ .getAssertionConsumerServiceURL());
+
+ authRequest.setProviderName(authnRequestAux.getProviderName());
+ authRequest.setIssuer(authnRequestAux.getIssuer().getValue());
+
+ return authRequest;
+ }
+
+ /**
+ * Generate stork authentication response.
+ *
+ * @param request the request
+ * @param responseAuthReq the response authentication request
+ * @param ipAddress the IP address
+ * @param isHashing the is hashing
+ *
+ * @return the sTORK authentication response
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ public STORKAuthnResponse generateSTORKAuthnResponse(
+ final STORKAuthnRequest request,
+ final STORKAuthnResponse responseAuthReq, final String ipAddress,
+ final boolean isHashing) throws STORKSAMLEngineException {
+ LOG.info("generateSTORKAuthnResponse");
+
+ // Validate parameters
+ validateParamResponse(request, responseAuthReq);
+
+ // Mandatory SAML
+ LOG.debug("Generate StatusCode");
+ final StatusCode statusCode = SAMLEngineUtils
+ .generateStatusCode(StatusCode.SUCCESS_URI);
+
+ LOG.debug("Generate Status");
+ final Status status = SAMLEngineUtils.generateStatus(statusCode);
+
+ LOG.debug("Generate StatusMessage");
+ final StatusMessage statusMessage = (StatusMessage) SAMLEngineUtils
+ .generateStatusMessage(StatusCode.SUCCESS_URI);
+
+ status.setStatusMessage(statusMessage);
+
+ LOG.debug("Generate Response");
+
+ // RESPONSE
+ final Response response = genAuthnRespBase(status, request
+ .getAssertionConsumerServiceURL(), request.getSamlId());
+
+ DateTime notOnOrAfter = new DateTime();
+
+ notOnOrAfter = notOnOrAfter.plusSeconds(super.getSamlCoreProperties()
+ .getTimeNotOnOrAfter());
+
+ final Assertion assertion = this.generateAssertion(ipAddress, request
+ .getAssertionConsumerServiceURL(), request.getSamlId(), request
+ .getIssuer(), notOnOrAfter);
+
+ final AttributeStatement attrStatement = this
+ .generateAttributeStatement(responseAuthReq
+ .getPersonalAttributeList(), isHashing);
+
+ assertion.getAttributeStatements().add(attrStatement);
+
+ // Add assertions
+ response.getAssertions().add(assertion);
+
+ final STORKAuthnResponse authresponse = new STORKAuthnResponse();
+
+ try {
+ authresponse.setTokenSaml(super.signAndMarshall(response));
+ authresponse.setSamlId(response.getID());
+ } catch (SAMLEngineException e) {
+ LOG.error("Sign and Marshall.", e);
+ throw new STORKSAMLEngineException(e);
+ }
+ return authresponse;
+ }
+
+ /**
+ * Generate stork authentication response.
+ *
+ * @param request the request
+ * @param responseAuthReq the response authentication request
+ * @param ipAddress the IP address
+ * @param isHashing the is hashing
+ *
+ * @return the sTORK authentication response
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ public STORKAuthnResponse generateSTORKAuthnResponseAfterQuery(
+ final STORKAuthnRequest request,
+ final STORKAuthnResponse responseAuthReq, final String ipAddress,
+ final boolean isHashing, List<STORKAttrQueryResponse> res) throws STORKSAMLEngineException {
+ LOG.info("generateSTORKAuthnResponse");
+
+ // Validate parameters
+ validateParamResponse(request, responseAuthReq);
+
+ // Mandatory SAML
+ LOG.debug("Generate StatusCode");
+ final StatusCode statusCode = SAMLEngineUtils
+ .generateStatusCode(StatusCode.SUCCESS_URI);
+
+ LOG.debug("Generate Status");
+ final Status status = SAMLEngineUtils.generateStatus(statusCode);
+
+ LOG.debug("Generate StatusMessage");
+ final StatusMessage statusMessage = (StatusMessage) SAMLEngineUtils
+ .generateStatusMessage(StatusCode.SUCCESS_URI);
+
+ status.setStatusMessage(statusMessage);
+
+ LOG.debug("Generate Response");
+
+ // RESPONSE
+ final Response response = genAuthnRespBase(status, request
+ .getAssertionConsumerServiceURL(), request.getSamlId());
+
+ DateTime notOnOrAfter = new DateTime();
+
+ notOnOrAfter = notOnOrAfter.plusSeconds(super.getSamlCoreProperties()
+ .getTimeNotOnOrAfter());
+
+ final Assertion assertion = this.generateAssertion(ipAddress, request
+ .getAssertionConsumerServiceURL(), request.getSamlId(), request
+ .getIssuer(), notOnOrAfter);
+
+ final AttributeStatement attrStatement = this
+ .generateAttributeStatement(responseAuthReq
+ .getPersonalAttributeList(), isHashing);
+
+ assertion.getAttributeStatements().add(attrStatement);
+
+ // Add assertions
+ response.getAssertions().add(assertion);
+ // Check for response queries
+ if (res != null && res.size() > 0)
+ {
+ //Iterate through them
+ for (int i = 0; i < res.size(); i++)
+ {
+ //If response contains multiple assertions iterate through them as well
+ if (res.get(i).getAssertions().size() > 1)
+ {
+ for (int j = 0; j < res.get(i).getAssertions().size(); j++)
+ {
+ Assertion tempAssertion = res.get(i).getAssertions().get(j);
+ tempAssertion.setParent(response);
+ response.getAssertions().add(tempAssertion);
+ }
+ } else {
+ Assertion tempAssertion = res.get(i).getAssertion();
+ tempAssertion.setParent(response);
+ response.getAssertions().add(tempAssertion);
+ }
+ }
+ }
+
+ final STORKAuthnResponse authresponse = new STORKAuthnResponse();
+
+ try {
+ authresponse.setTokenSaml(super.signAndMarshall(response));
+ authresponse.setSamlId(response.getID());
+ } catch (SAMLEngineException e) {
+ LOG.error("Sign and Marshall.", e);
+ throw new STORKSAMLEngineException(e);
+ }
+ return authresponse;
+ }
+
+ /**
+ * Generate stork authentication response fail.
+ *
+ * @param request the request
+ * @param response the response
+ * @param ipAddress the IP address
+ * @param isHashing the is hashing
+ *
+ * @return the sTORK authentication response
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ public STORKAuthnResponse generateSTORKAuthnResponseFail(
+ final STORKAuthnRequest request, final STORKAuthnResponse response,
+ final String ipAddress, final boolean isHashing)
+ throws STORKSAMLEngineException {
+ LOG.info("generateSTORKAuthnResponseFail");
+
+ validateParamResponseFail(request, response);
+
+ // Mandatory
+ final StatusCode statusCode = SAMLEngineUtils
+ .generateStatusCode(response.getStatusCode());
+
+ // Mandatory SAML
+ LOG.debug("Generate StatusCode.");
+ // Subordinate code it's optional in case not covered into next codes:
+ // - urn:oasis:names:tc:SAML:2.0:status:AuthnFailed
+ // - urn:oasis:names:tc:SAML:2.0:status:InvalidAttrNameOrValue
+ // - urn:oasis:names:tc:SAML:2.0:status:InvalidNameIDPolicy
+ // - urn:oasis:names:tc:SAML:2.0:status:RequestDenied
+ // - http://www.stork.gov.eu/saml20/statusCodes/QAANotSupported
+
+ if (StringUtils.isNotBlank(response.getSubStatusCode())) {
+ final StatusCode newStatusCode = SAMLEngineUtils
+ .generateStatusCode(response.getSubStatusCode());
+ statusCode.setStatusCode(newStatusCode);
+ }
+
+ LOG.debug("Generate Status.");
+ final Status status = SAMLEngineUtils.generateStatus(statusCode);
+
+ if (StringUtils.isNotBlank(response.getMessage())) {
+ final StatusMessage statusMessage = (StatusMessage) SAMLEngineUtils
+ .generateStatusMessage(response.getMessage());
+
+ status.setStatusMessage(statusMessage);
+ }
+
+ LOG.debug("Generate Response.");
+ // RESPONSE
+ final Response responseFail = genAuthnRespBase(status, request
+ .getAssertionConsumerServiceURL(), request.getSamlId());
+
+ DateTime notOnOrAfter = new DateTime();
+
+ notOnOrAfter = notOnOrAfter.plusSeconds(super.getSamlCoreProperties()
+ .getTimeNotOnOrAfter());
+
+ final Assertion assertion = this.generateAssertion(ipAddress, request
+ .getAssertionConsumerServiceURL(), request.getSamlId(), request
+ .getIssuer(), notOnOrAfter);
+
+ responseFail.getAssertions().add(assertion);
+
+ LOG.debug("Sign and Marshall ResponseFail.");
+
+ final STORKAuthnResponse storkResponse = new STORKAuthnResponse();
+
+ try {
+ storkResponse.setTokenSaml(super.signAndMarshall(responseFail));
+ storkResponse.setSamlId(responseFail.getID());
+ } catch (SAMLEngineException e) {
+ LOG.error("SAMLEngineException.", e);
+ throw new STORKSAMLEngineException(e);
+ }
+ return storkResponse;
+ }
+
+ /**
+ * Generate stork attribute query request.
+ *
+ * @param request the request that contain all parameters for generate an
+ * attribute query request.
+ *
+ * @return the STORK attribute query request that has been processed.
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ public STORKAttrQueryRequest generateSTORKAttrQueryRequest(
+ final STORKAttrQueryRequest request) throws STORKSAMLEngineException {
+ LOG.info("Generate STORKAttrQueryRequest.");
+
+ // Validate Parameters mandatories
+ validateParamAttrQueryReq(request);
+
+ //final AttributeQuery attrQueryRequestAux = SAMLEngineUtils
+ final CustomAttributeQuery attrQueryRequestAux = SAMLEngineUtils
+ .generateSAMLAttrQueryRequest(SAMLEngineUtils.generateNCName(),
+ SAMLVersion.VERSION_20, SAMLEngineUtils
+ .getCurrentTime());
+
+ // Set name spaces.
+ setNameSpaces(attrQueryRequestAux);
+
+
+ // Add parameter optional STORK
+ // Destination is mandatory if the destination is a C-PEPS
+ // The application must to know if the destination is a C-PEPS.
+ if (StringUtils.isNotBlank(request.getDestination())) {
+ attrQueryRequestAux.setDestination(request.getDestination());
+ }
+
+ // Add parameter optional STORK
+ // Consumer URL is needed if using HTTP-Post
+ if (StringUtils.isNotBlank(request.getAssertionConsumerServiceURL())) {
+ attrQueryRequestAux.setAssertionConsumerServiceURL(request.getAssertionConsumerServiceURL());
+ }
+
+ // Consent is optional. Set from SAMLEngine.xml - consent.
+ attrQueryRequestAux.setConsent(super.getSamlCoreProperties()
+ .getConsentAuthnRequest());
+
+ final Issuer issuer = SAMLEngineUtils.generateIssuer();
+
+ //Set the subject - needed for attribute query validation
+ Subject subject = SAMLEngineUtils.generateSubject();
+ SubjectConfirmationBuilder builder = new SubjectConfirmationBuilder();
+ SubjectConfirmation subjectConfirmation = builder.buildObject();
+ subjectConfirmation.setMethod("urn:oasis:names:tc:SAML:2.0:cm:bearer");
+ subject.getSubjectConfirmations().add(subjectConfirmation);
+ attrQueryRequestAux.setSubject(subject);
+
+ if(request.getIssuer()!=null){
+ issuer.setValue(request.getIssuer());
+ } else {
+ issuer.setValue(super.getSamlCoreProperties().getRequester());
+ }
+
+ // Optional STORK
+ final String formatEntity = super.getSamlCoreProperties()
+ .getFormatEntity();
+ if (StringUtils.isNotBlank(formatEntity)) {
+ issuer.setFormat(formatEntity);
+ }
+
+ attrQueryRequestAux.setIssuer(issuer);
+
+ // Generate stork extensions.
+ final Extensions storkExtensions = this
+ .generateSTORKAttrExtensions(request);
+ // add the extensions to the SAMLAuthnRequest
+ attrQueryRequestAux.setExtensions(storkExtensions);
+
+ // the result contains an authentication request token (byte[]),
+ // identifier of the token, and all parameters from the request.
+ final STORKAttrQueryRequest attrQueryRequest = processAttrExtensions(attrQueryRequestAux
+ .getExtensions());
+
+ try {
+ attrQueryRequest.setTokenSaml(super.signAndMarshall(attrQueryRequestAux));
+ } catch (SAMLEngineException e) {
+ LOG.error("Sign and Marshall.", e);
+ throw new STORKSAMLEngineException(e);
+ }
+
+ attrQueryRequest.setSamlId(attrQueryRequestAux.getID());
+ attrQueryRequest.setDestination(attrQueryRequestAux.getDestination());
+ attrQueryRequest.setAssertionConsumerServiceURL(attrQueryRequestAux.getAssertionConsumerServiceURL());
+ attrQueryRequest.setIssuer(attrQueryRequestAux.getIssuer().getValue());
+
+ return attrQueryRequest;
+ }
+
+ /**
+ * Generate stork attribute query response.
+ *
+ * @param request the request
+ * @param responseAttrQueryRes the response authentication request
+ * @param ipAddress the IP address
+ * @param isHashing the hashing of values
+ *
+ * @return the sTORK authentication response
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ public STORKAttrQueryResponse generateSTORKAttrQueryResponse(
+ final STORKAttrQueryRequest request,
+ final STORKAttrQueryResponse responseAttrQueryRes, final String ipAddress,
+ final String destinationUrl, final boolean isHashing) throws STORKSAMLEngineException {
+ LOG.info("generateSTORKAttrQueryResponse");
+
+ // Validate parameters
+ validateParamAttrQueryResponse(request, responseAttrQueryRes);
+
+ // Mandatory SAML
+ LOG.debug("Generate StatusCode");
+ final StatusCode statusCode = SAMLEngineUtils
+ .generateStatusCode(StatusCode.SUCCESS_URI);
+
+ LOG.debug("Generate Status");
+ final Status status = SAMLEngineUtils.generateStatus(statusCode);
+
+ LOG.debug("Generate StatusMessage");
+ final StatusMessage statusMessage = (StatusMessage) SAMLEngineUtils
+ .generateStatusMessage(StatusCode.SUCCESS_URI);
+
+ status.setStatusMessage(statusMessage);
+
+ LOG.debug("Generate Response");
+
+ // RESPONSE
+ final Response response = genAuthnRespBase(status, destinationUrl,
+ request.getSamlId());
+
+ DateTime notOnOrAfter = new DateTime();
+
+ notOnOrAfter = notOnOrAfter.plusSeconds(super.getSamlCoreProperties()
+ .getTimeNotOnOrAfter());
+
+ final Assertion assertion = this.generateAssertion(ipAddress, ""
+ ,request.getSamlId(), request.getIssuer(), notOnOrAfter);
+
+ final AttributeStatement attrStatement = this
+ .generateAttributeStatement(responseAttrQueryRes
+ .getPersonalAttributeList(), isHashing);
+
+ assertion.getAttributeStatements().add(attrStatement);
+
+ // Add assertions
+ response.getAssertions().add(assertion);
+
+ final STORKAttrQueryResponse attrQueryResponse = new STORKAttrQueryResponse();
+
+ try {
+ attrQueryResponse.setTokenSaml(super.signAndMarshall(response));
+ attrQueryResponse.setSamlId(response.getID());
+ } catch (SAMLEngineException e) {
+ LOG.error("Sign and Marshall.", e);
+ throw new STORKSAMLEngineException(e);
+ }
+ return attrQueryResponse;
+ }
+
+ /**
+ * Generate stork attribute query response from multiple assertions
+ *
+ * @param request the request
+ * @param responseAttrQueryRes the response to the query request
+ * @param responses the responses to include in the response (aggregation)
+ * @param ipAddress the IP address
+ * @param isHashing the hashing of values
+ *
+ * @return the sTORK attribute query response
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ public STORKAttrQueryResponse generateSTORKAttrQueryResponseWithAssertions(
+ final STORKAttrQueryRequest request, final STORKAttrQueryResponse responseAttrQueryRes,
+ final List<STORKAttrQueryResponse> responses, final String ipAddress,
+ final String destinationUrl, final boolean isHashing) throws STORKSAMLEngineException {
+ LOG.info("generateSTORKAttrQueryResponse");
+
+ // Validate parameters
+ validateParamAttrQueryResponse(request, responseAttrQueryRes);
+
+ // Mandatory SAML
+ LOG.debug("Generate StatusCode");
+ final StatusCode statusCode = SAMLEngineUtils
+ .generateStatusCode(StatusCode.SUCCESS_URI);
+
+ LOG.debug("Generate Status");
+ final Status status = SAMLEngineUtils.generateStatus(statusCode);
+
+ LOG.debug("Generate StatusMessage");
+ final StatusMessage statusMessage = (StatusMessage) SAMLEngineUtils
+ .generateStatusMessage(StatusCode.SUCCESS_URI);
+
+ status.setStatusMessage(statusMessage);
+
+ LOG.debug("Generate Response");
+
+ // RESPONSE
+ final Response response = genAuthnRespBase(status, destinationUrl,
+ request.getSamlId());
+
+ DateTime notOnOrAfter = new DateTime();
+
+ notOnOrAfter = notOnOrAfter.plusSeconds(super.getSamlCoreProperties()
+ .getTimeNotOnOrAfter());
+
+ final Assertion assertion = this.generateAssertion(ipAddress, ""
+ ,request.getSamlId(), request.getIssuer(), notOnOrAfter);
+
+ final AttributeStatement attrStatement = this
+ .generateAttributeStatement(responseAttrQueryRes
+ .getPersonalAttributeList(), isHashing);
+
+ assertion.getAttributeStatements().add(attrStatement);
+
+ // Add the assertions from the former Query responses
+ response.getAssertions().add(assertion);
+ if (responses != null && responses.size() > 0)
+ {
+ for (int i = 0; i < responses.size(); i++)
+ {
+ Assertion tempAssertion = responses.get(i).getAssertion();
+ tempAssertion.setParent(response);
+ response.getAssertions().add(tempAssertion);
+ }
+ }
+
+ final STORKAttrQueryResponse attrQueryResponse = new STORKAttrQueryResponse();
+
+ try {
+ attrQueryResponse.setTokenSaml(super.signAndMarshall(response));
+ attrQueryResponse.setSamlId(response.getID());
+ } catch (SAMLEngineException e) {
+ LOG.error("Sign and Marshall.", e);
+ throw new STORKSAMLEngineException(e);
+ }
+ return attrQueryResponse;
+ }
+
+ /**
+ * Generate stork attribute query response fail.
+ *
+ * @param request the request
+ * @param response the response
+ * @param ipAddress the IP address
+ * @param isHashing the is hashing
+ *
+ * @return the STORK attribute query response
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ public STORKAttrQueryResponse generateSTORKAttrQueryResponseFail(
+ final STORKAttrQueryRequest request, final STORKAttrQueryResponse response,
+ final String ipAddress, final String destinationUrl, final boolean isHashing)
+ throws STORKSAMLEngineException {
+ LOG.info("generateSTORKAttrQueryResponseFail");
+
+ validateParamAttrQueryResponseFail(request, response);
+
+ // Mandatory
+ final StatusCode statusCode = SAMLEngineUtils
+ .generateStatusCode(response.getStatusCode());
+
+ // Mandatory SAML
+ LOG.debug("Generate StatusCode.");
+ // Subordinate code it's optional in case not covered into next codes:
+ // - urn:oasis:names:tc:SAML:2.0:status:AuthnFailed
+ // - urn:oasis:names:tc:SAML:2.0:status:InvalidAttrNameOrValue
+ // - urn:oasis:names:tc:SAML:2.0:status:InvalidNameIDPolicy
+ // - urn:oasis:names:tc:SAML:2.0:status:RequestDenied
+ // - http://www.stork.gov.eu/saml20/statusCodes/QAANotSupported
+
+ if (StringUtils.isNotBlank(response.getSubStatusCode())) {
+ final StatusCode newStatusCode = SAMLEngineUtils
+ .generateStatusCode(response.getSubStatusCode());
+ statusCode.setStatusCode(newStatusCode);
+ }
+
+ LOG.debug("Generate Status.");
+ final Status status = SAMLEngineUtils.generateStatus(statusCode);
+
+ if (StringUtils.isNotBlank(response.getMessage())) {
+ final StatusMessage statusMessage = (StatusMessage) SAMLEngineUtils
+ .generateStatusMessage(response.getMessage());
+
+ status.setStatusMessage(statusMessage);
+ }
+
+ LOG.debug("Generate Response.");
+ // RESPONSE
+ final Response responseFail = genAuthnRespBase(status, destinationUrl,
+ request.getSamlId());
+
+ DateTime notOnOrAfter = new DateTime();
+
+ notOnOrAfter = notOnOrAfter.plusSeconds(super.getSamlCoreProperties()
+ .getTimeNotOnOrAfter());
+
+ final Assertion assertion = this.generateAssertion(ipAddress, "",
+ request.getSamlId(), request
+ .getIssuer(), notOnOrAfter);
+
+ responseFail.getAssertions().add(assertion);
+
+ LOG.debug("Sign and Marshall ResponseFail.");
+
+ final STORKAttrQueryResponse storkResponse = new STORKAttrQueryResponse();
+
+ try {
+ storkResponse.setTokenSaml(super.signAndMarshall(responseFail));
+ storkResponse.setSamlId(responseFail.getID());
+ } catch (SAMLEngineException e) {
+ LOG.error("SAMLEngineException.", e);
+ throw new STORKSAMLEngineException(e);
+ }
+ return storkResponse;
+ }
+
+ /**
+ * Generate stork logout request.
+ *
+ * @param request the request that contain all parameters for generate an
+ * logout request.
+ *
+ * @return the STORK logout request that has been processed.
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ public STORKLogoutRequest generateSTORKLogoutRequest(
+ final STORKLogoutRequest request) throws STORKSAMLEngineException {
+ LOG.info("Generate STORKLogoutRequest.");
+
+ // Validate Parameters mandatories
+ validateParamLogoutReq(request);
+
+ final LogoutRequest logoutRequestAux = SAMLEngineUtils
+ .generateSAMLLogoutRequest(SAMLEngineUtils.generateNCName(),
+ SAMLVersion.VERSION_20, SAMLEngineUtils
+ .getCurrentTime());
+
+ // Set name spaces.
+ setNameSpaces(logoutRequestAux);
+
+
+ // Add parameter optional STORK
+ // Destination is mandatory if the destination is a C-PEPS
+ // The application must to know if the destination is a C-PEPS.
+ if (StringUtils.isNotBlank(request.getDestination())) {
+ logoutRequestAux.setDestination(request.getDestination());
+ }
+
+ // Consent is optional. Set from SAMLEngine.xml - consent.
+ logoutRequestAux.setConsent(super.getSamlCoreProperties()
+ .getConsentAuthnRequest());
+
+ final Issuer issuer = SAMLEngineUtils.generateIssuer();
+
+
+ if(request.getIssuer()!=null){
+ issuer.setValue(request.getIssuer());
+ } else {
+ issuer.setValue(super.getSamlCoreProperties().getRequester());
+ }
+
+ // Optional STORK
+ final String formatEntity = super.getSamlCoreProperties()
+ .getFormatEntity();
+ if (StringUtils.isNotBlank(formatEntity)) {
+ issuer.setFormat(formatEntity);
+ }
+
+ logoutRequestAux.setIssuer(issuer);
+
+ // Set the name ID
+ final NameID newNameID = SAMLEngineUtils.generateNameID();
+ newNameID.setValue(request.getSpProvidedId());
+ logoutRequestAux.setNameID(newNameID);
+
+
+ // the result contains an authentication request token (byte[]),
+ // identifier of the token, and all parameters from the request.
+ final STORKLogoutRequest logoutRequest = new STORKLogoutRequest();
+
+ try {
+ logoutRequest.setTokenSaml(super.signAndMarshall(logoutRequestAux));
+ } catch (SAMLEngineException e) {
+ LOG.error("Sign and Marshall.", e);
+ throw new STORKSAMLEngineException(e);
+ }
+
+ logoutRequest.setSamlId(logoutRequestAux.getID());
+ logoutRequest.setDestination(logoutRequestAux.getDestination());
+ logoutRequest.setIssuer(logoutRequestAux.getIssuer().getValue());
+ logoutRequest.setSpProvidedId(logoutRequestAux.getNameID().getValue());
+
+ return logoutRequest;
+ }
+
+
+ /**
+ * Generate stork logout response.
+ * @param request the request thats being responded to
+ * @param response the tesponse that contain all parameters for generate an
+ * logout request.
+ *
+ * @return the STORK logout response that has been processed.
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ public STORKLogoutResponse generateSTORKLogoutResponse(
+ final STORKLogoutRequest request,
+ final STORKLogoutResponse response) throws STORKSAMLEngineException {
+ LOG.info("Generate STORKLogoutResponse.");
+
+ // Validate Parameters mandatories
+ validateParamLogoutRes(request, response);
+
+ // Mandatory SAML
+ LOG.debug("Generate StatusCode");
+ final StatusCode statusCode = SAMLEngineUtils
+ .generateStatusCode(StatusCode.SUCCESS_URI);
+
+ LOG.debug("Generate Status");
+ final Status status = SAMLEngineUtils.generateStatus(statusCode);
+
+ LOG.debug("Generate StatusMessage");
+ final StatusMessage statusMessage = (StatusMessage) SAMLEngineUtils
+ .generateStatusMessage(StatusCode.SUCCESS_URI);
+
+ status.setStatusMessage(statusMessage);
+
+ final LogoutResponse logoutResponseAux= SAMLEngineUtils
+ .generateSAMLLogoutResponse(SAMLEngineUtils.generateNCName(),
+ SAMLVersion.VERSION_20, SAMLEngineUtils
+ .getCurrentTime(), status, request.getSamlId());
+
+ // Set name spaces.
+ setNameSpaces(logoutResponseAux);
+
+
+ // Add parameter optional STORK
+ // Destination is mandatory if the destination is a C-PEPS
+ // The application must to know if the destination is a C-PEPS.
+ if (StringUtils.isNotBlank(response.getDestination())) {
+ logoutResponseAux.setDestination(response.getDestination());
+ }
+
+ // Consent is optional. Set from SAMLEngine.xml - consent.
+ logoutResponseAux.setConsent(super.getSamlCoreProperties()
+ .getConsentAuthnRequest());
+
+ final Issuer issuer = SAMLEngineUtils.generateIssuer();
+
+
+ if(response.getIssuer()!=null){
+ issuer.setValue(response.getIssuer());
+ } else {
+ issuer.setValue(super.getSamlCoreProperties().getRequester());
+ }
+
+ // Optional STORK
+ final String formatEntity = super.getSamlCoreProperties()
+ .getFormatEntity();
+ if (StringUtils.isNotBlank(formatEntity)) {
+ issuer.setFormat(formatEntity);
+ }
+
+ logoutResponseAux.setIssuer(issuer);
+
+
+ // the result contains an authentication request token (byte[]),
+ // identifier of the token, and all parameters from the request.
+ final STORKLogoutResponse logoutResponse = new STORKLogoutResponse();
+
+ try {
+ logoutResponse.setTokenSaml(super.signAndMarshall(logoutResponseAux));
+ } catch (SAMLEngineException e) {
+ LOG.error("Sign and Marshall.", e);
+ throw new STORKSAMLEngineException(e);
+ }
+
+ logoutResponse.setSamlId(logoutResponseAux.getID());
+ logoutResponse.setDestination(logoutResponseAux.getDestination());
+ logoutResponse.setIssuer(logoutResponseAux.getIssuer().getValue());
+ logoutResponse.setStatusCode(logoutResponseAux.getStatus().getStatusCode().toString());
+ logoutResponse.setStatusMessage(logoutResponseAux.getStatus().getStatusMessage().toString());
+
+ return logoutResponse;
+ }
+
+ /**
+ * Generate failed stork logout response.
+ *
+ * @param response the response that contain all parameters for generate an
+ * logout request.
+ *
+ * @return the STORK logout response that has been processed.
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ public STORKLogoutResponse generateSTORKLogoutResponseFail(
+ final STORKLogoutRequest request,
+ final STORKLogoutResponse response ) throws STORKSAMLEngineException {
+ LOG.info("Generate STORKLogoutResponse.");
+
+ // Validate Parameters mandatories
+ validateParamLogoutResFail(request, response);
+
+ // Mandatory
+ final StatusCode statusCode = SAMLEngineUtils
+ .generateStatusCode(response.getStatusCode());
+
+ // Mandatory SAML
+ LOG.debug("Generate StatusCode.");
+ // Subordinate code it's optional in case not covered into next codes:
+ // - urn:oasis:names:tc:SAML:2.0:status:AuthnFailed
+ // - urn:oasis:names:tc:SAML:2.0:status:InvalidAttrNameOrValue
+ // - urn:oasis:names:tc:SAML:2.0:status:InvalidNameIDPolicy
+ // - urn:oasis:names:tc:SAML:2.0:status:RequestDenied
+ // - http://www.stork.gov.eu/saml20/statusCodes/QAANotSupported
+
+ if (StringUtils.isNotBlank(response.getSubStatusCode())) {
+ final StatusCode newStatusCode = SAMLEngineUtils
+ .generateStatusCode(response.getSubStatusCode());
+ statusCode.setStatusCode(newStatusCode);
+ }
+
+ LOG.debug("Generate Status.");
+ final Status status = SAMLEngineUtils.generateStatus(statusCode);
+
+ if (StringUtils.isNotBlank(response.getStatusMessage())) {
+ final StatusMessage statusMessage = (StatusMessage) SAMLEngineUtils
+ .generateStatusMessage(response.getStatusMessage());
+
+ status.setStatusMessage(statusMessage);
+ }
+
+ final LogoutResponse logoutResponseAux= SAMLEngineUtils
+ .generateSAMLLogoutResponse(SAMLEngineUtils.generateNCName(),
+ SAMLVersion.VERSION_20, SAMLEngineUtils
+ .getCurrentTime(), status, request.getSamlId());
+
+ // Set name spaces.
+ setNameSpaces(logoutResponseAux);
+
+
+ // Add parameter optional STORK
+ // Destination is mandatory if the destination is a C-PEPS
+ // The application must to know if the destination is a C-PEPS.
+ if (StringUtils.isNotBlank(response.getDestination())) {
+ logoutResponseAux.setDestination(response.getDestination());
+ }
+
+ // Consent is optional. Set from SAMLEngine.xml - consent.
+ logoutResponseAux.setConsent(super.getSamlCoreProperties()
+ .getConsentAuthnRequest());
+
+ final Issuer issuer = SAMLEngineUtils.generateIssuer();
+
+
+ if(response.getIssuer()!=null){
+ issuer.setValue(response.getIssuer());
+ } else {
+ issuer.setValue(super.getSamlCoreProperties().getRequester());
+ }
+
+ // Optional STORK
+ final String formatEntity = super.getSamlCoreProperties()
+ .getFormatEntity();
+ if (StringUtils.isNotBlank(formatEntity)) {
+ issuer.setFormat(formatEntity);
+ }
+
+ logoutResponseAux.setIssuer(issuer);
+
+
+ // the result contains an authentication request token (byte[]),
+ // identifier of the token, and all parameters from the request.
+ final STORKLogoutResponse logoutResponse = new STORKLogoutResponse();
+
+ try {
+ logoutResponse.setTokenSaml(super.signAndMarshall(logoutResponseAux));
+ } catch (SAMLEngineException e) {
+ LOG.error("Sign and Marshall.", e);
+ throw new STORKSAMLEngineException(e);
+ }
+
+ logoutResponse.setSamlId(logoutResponseAux.getID());
+ logoutResponse.setDestination(logoutResponseAux.getDestination());
+ logoutResponse.setIssuer(logoutResponseAux.getIssuer().getValue());
+ logoutResponse.setStatusCode(logoutResponseAux.getStatus().getStatusCode().toString());
+ logoutResponse.setStatusMessage(logoutResponseAux.getStatus().getStatusMessage().toString());
+
+ return logoutResponse;
+ }
+
+ /**
+ * Generate stork authentication statement for the authentication statement.
+ *
+ * @param ipAddress the IP address
+ *
+ * @return the authentication statement
+ */
+ private AuthnStatement generateStorkAuthStatement(final String ipAddress) {
+ LOG.debug("Generate stork authenticate statement.");
+ final SubjectLocality subjectLocality = SAMLEngineUtils
+ .generateSubjectLocality(ipAddress);
+
+ final AuthnContext authnContext = (AuthnContext) SAMLEngineUtils
+ .createSamlObject(AuthnContext.DEFAULT_ELEMENT_NAME);
+
+ final AuthnContextDecl authnContextDecl = (AuthnContextDecl) SAMLEngineUtils
+ .createSamlObject(AuthnContextDecl.DEFAULT_ELEMENT_NAME);
+
+ authnContext.setAuthnContextDecl(authnContextDecl);
+
+ final AuthnStatement authnStatement = SAMLEngineUtils
+ .generateAthnStatement(new DateTime(), authnContext);
+
+ // Optional STORK
+ authnStatement.setSessionIndex(null);
+ authnStatement.setSubjectLocality(subjectLocality);
+
+ return authnStatement;
+ }
+
+ /**
+ * Generate stork extensions.
+ *
+ * @param request the request
+ *
+ * @return the extensions
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ private Extensions generateSTORKExtensions(final STORKAuthnRequest request)
+ throws STORKSAMLEngineException {
+ LOG.debug("Generate STORKExtensions");
+
+ final Extensions extensions = SAMLEngineUtils.generateExtension();
+
+ LOG.debug("Generate QAAAttribute");
+ final QAAAttribute qaaAttribute = SAMLEngineUtils
+ .generateQAAAttribute(request.getQaa());
+ extensions.getUnknownXMLObjects().add(qaaAttribute);
+
+
+ if (StringUtils.isNotEmpty(request
+ .getSpSector())) {
+ // Add information about service provider.
+ LOG.debug("Generate SPSector");
+ final SPSector sector = SAMLEngineUtils.generateSPSector(request
+ .getSpSector());
+ extensions.getUnknownXMLObjects().add(sector);
+ }
+
+ //Delete from specification. Kept for compatibility with Provider Name value
+ LOG.debug("Generate SPInstitution");
+ final SPInstitution institution = SAMLEngineUtils
+ .generateSPInstitution(request.getProviderName());
+ extensions.getUnknownXMLObjects().add(institution);
+
+
+ if (StringUtils.isNotEmpty(request.getSpApplication())) {
+ LOG.debug("Generate SPApplication");
+ final SPApplication application = SAMLEngineUtils
+ .generateSPApplication(request.getSpApplication());
+ extensions.getUnknownXMLObjects().add(application);
+ }
+
+ if (StringUtils.isNotEmpty(request.getSpCountry())) {
+ LOG.debug("Generate SPCountry");
+ final SPCountry country = SAMLEngineUtils.generateSPCountry(request
+ .getSpCountry());
+ extensions.getUnknownXMLObjects().add(country);
+ }
+
+ //eIDSectorShare: optional; default value: false.
+ String valueSectorShare = super.getSamlCoreProperties()
+ .iseIDSectorShare();
+
+ if (StringUtils.isNotEmpty(valueSectorShare)) {
+ // Add information about the use of the SAML message.
+ LOG.debug("Generate EIDSectorShare");
+ final EIDSectorShare eIdSectorShare = (EIDSectorShare) SAMLEngineUtils
+ .createSamlObject(EIDSectorShare.DEF_ELEMENT_NAME);
+
+ eIdSectorShare.setEIDSectorShare(String.valueOf(Boolean.valueOf(valueSectorShare)));
+
+ extensions.getUnknownXMLObjects().add(eIdSectorShare);
+ }
+
+ String valueCrossSectorShare = super.getSamlCoreProperties()
+ .iseIDCrossSectorShare();
+
+ if (StringUtils.isNotEmpty(valueCrossSectorShare)) {
+ LOG.debug("Generate EIDCrossSectorShare");
+ final EIDCrossSectorShare eIdCrossSecShare = (EIDCrossSectorShare) SAMLEngineUtils
+ .createSamlObject(EIDCrossSectorShare.DEF_ELEMENT_NAME);
+ eIdCrossSecShare.setEIDCrossSectorShare(String.valueOf(Boolean.valueOf(valueCrossSectorShare)));
+ extensions.getUnknownXMLObjects().add(eIdCrossSecShare);
+ }
+
+
+ String valueCrossBorderShare = super.getSamlCoreProperties()
+ .iseIDCrossBorderShare();
+
+ if (StringUtils.isNotEmpty(valueCrossBorderShare)) {
+ LOG.debug("Generate EIDCrossBorderShare");
+ final EIDCrossBorderShare eIdCrossBordShare = (EIDCrossBorderShare) SAMLEngineUtils
+ .createSamlObject(EIDCrossBorderShare.DEF_ELEMENT_NAME);
+ eIdCrossBordShare.setEIDCrossBorderShare(String.valueOf(Boolean.valueOf(valueCrossBorderShare)));
+ extensions.getUnknownXMLObjects().add(eIdCrossBordShare);
+ }
+
+
+ // Add information about requested attributes.
+ LOG.debug("Generate RequestedAttributes.");
+ final RequestedAttributes reqAttributes = (RequestedAttributes) SAMLEngineUtils
+ .createSamlObject(RequestedAttributes.DEF_ELEMENT_NAME);
+
+ LOG.debug("SAML Engine configuration properties load.");
+ final Iterator<PersonalAttribute> iterator = request
+ .getPersonalAttributeList().iterator();
+
+ while (iterator.hasNext()) {
+
+ final PersonalAttribute attribute = iterator.next();
+
+ if (attribute == null || StringUtils.isBlank(attribute.getName())) {
+ LOG.error(ATTRIBUTE_EMPTY_LITERAL);
+ throw new STORKSAMLEngineException(ATTRIBUTE_EMPTY_LITERAL);
+ }
+
+ // Verified if exits the attribute name.
+ final String attributeName = super.getSamlCoreProperties()
+ .getProperty(attribute.getName());
+
+ if (StringUtils.isBlank(attributeName)) {
+ LOG.debug("Attribute name: {} was not found.", attribute
+ .getName());
+ throw new STORKSAMLEngineException("Attribute name: "
+ + attribute.getName() + " was not found.");
+ }
+
+ // Friendly name it's an optional attribute.
+ String friendlyName = null;
+
+ if (super.getSamlCoreProperties().isFriendlyName()) {
+ friendlyName = attribute.getName();
+ }
+
+
+ String isRequired = null;
+ if (super.getSamlCoreProperties().isRequired()) {
+ isRequired = String.valueOf(attribute.isRequired());
+ }
+
+
+ LOG.debug("Generate requested attribute: " + attributeName);
+ final RequestedAttribute requestedAttr = SAMLEngineUtils
+ .generateReqAuthnAttributeSimple(attributeName,
+ friendlyName, isRequired, attribute
+ .getValue());
+
+ // Add requested attribute.
+ reqAttributes.getAttributes().add(requestedAttr);
+ }
+
+ // Add requested attributes.
+ extensions.getUnknownXMLObjects().add(reqAttributes);
+
+ CitizenCountryCode citizenCountryCode = null;
+ if (request.getCitizenCountryCode() != null && StringUtils.isNotBlank(request.getCitizenCountryCode())){
+ LOG.debug("Generate CitizenCountryCode");
+ citizenCountryCode = (CitizenCountryCode) SAMLEngineUtils
+ .createSamlObject(CitizenCountryCode.DEF_ELEMENT_NAME);
+
+ citizenCountryCode.setCitizenCountryCode(request
+ .getCitizenCountryCode().toUpperCase());
+ }
+
+ SPID spid = null;
+ if(request.getSPID()!=null && StringUtils.isNotBlank(request.getSPID())) {
+ LOG.debug("Generate SPID");
+ spid = (SPID) SAMLEngineUtils
+ .createSamlObject(SPID.DEF_ELEMENT_NAME);
+
+ spid.setSPID(request.getSPID().toUpperCase());
+ }
+
+ AuthenticationAttributes authenticationAttr = (AuthenticationAttributes) SAMLEngineUtils
+ .createSamlObject(AuthenticationAttributes.DEF_ELEMENT_NAME);
+
+ final VIDPAuthenticationAttributes vIDPauthenticationAttr = (VIDPAuthenticationAttributes) SAMLEngineUtils
+ .createSamlObject(VIDPAuthenticationAttributes.DEF_ELEMENT_NAME);
+
+ final SPInformation spInformation = (SPInformation) SAMLEngineUtils
+ .createSamlObject(SPInformation.DEF_ELEMENT_NAME);
+
+ if(citizenCountryCode!=null){
+ vIDPauthenticationAttr.setCitizenCountryCode(citizenCountryCode);
+ }
+
+ if(spid!=null){
+ spInformation.setSPID(spid);
+ }
+
+ vIDPauthenticationAttr.setSPInformation(spInformation);
+
+ authenticationAttr
+ .setVIDPAuthenticationAttributes(vIDPauthenticationAttr);
+ extensions.getUnknownXMLObjects().add(authenticationAttr);
+
+
+ return extensions;
+
+ }
+
+ /**
+ * Generate stork extensions.
+ *
+ * @param request the attribute query request
+ *
+ * @return the extensions
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ private Extensions generateSTORKAttrExtensions(final STORKAttrQueryRequest request)
+ throws STORKSAMLEngineException {
+ LOG.debug("Generate STORKExtensions");
+
+ final Extensions extensions = SAMLEngineUtils.generateExtension();
+
+ LOG.debug("Generate QAAAttribute");
+ final QAAAttribute qaaAttribute = SAMLEngineUtils
+ .generateQAAAttribute(request.getQaa());
+ extensions.getUnknownXMLObjects().add(qaaAttribute);
+
+
+ if (StringUtils.isNotEmpty(request
+ .getSpSector())) {
+ // Add information about service provider.
+ LOG.debug("Generate SPSector");
+ final SPSector sector = SAMLEngineUtils.generateSPSector(request
+ .getSpSector());
+ extensions.getUnknownXMLObjects().add(sector);
+ }
+
+
+ if (StringUtils.isNotEmpty(request.getSpApplication())) {
+ LOG.debug("Generate SPApplication");
+ final SPApplication application = SAMLEngineUtils
+ .generateSPApplication(request.getSpApplication());
+ extensions.getUnknownXMLObjects().add(application);
+ }
+
+ if (StringUtils.isNotEmpty(request.getSpCountry())) {
+ LOG.debug("Generate SPCountry");
+ final SPCountry country = SAMLEngineUtils.generateSPCountry(request
+ .getSpCountry());
+ extensions.getUnknownXMLObjects().add(country);
+ }
+
+ final EIDSectorShare eIdSectorShare = (EIDSectorShare) SAMLEngineUtils
+ .createSamlObject(EIDSectorShare.DEF_ELEMENT_NAME);
+
+ eIdSectorShare.setEIDSectorShare(String.valueOf(request.isEIDSectorShare()));
+
+ extensions.getUnknownXMLObjects().add(eIdSectorShare);
+
+ final EIDCrossSectorShare eIdCrossSecShare = (EIDCrossSectorShare) SAMLEngineUtils
+ .createSamlObject(EIDCrossSectorShare.DEF_ELEMENT_NAME);
+ eIdCrossSecShare.setEIDCrossSectorShare(String.valueOf(request.isEIDCrossSectorShare()));
+ extensions.getUnknownXMLObjects().add(eIdCrossSecShare);
+
+ final EIDCrossBorderShare eIdCrossBordShare = (EIDCrossBorderShare) SAMLEngineUtils
+ .createSamlObject(EIDCrossBorderShare.DEF_ELEMENT_NAME);
+ eIdCrossBordShare.setEIDCrossBorderShare(String.valueOf(request.isEIDCrossBorderShare()));
+ extensions.getUnknownXMLObjects().add(eIdCrossBordShare);
+
+
+ // Add information about requested attributes.
+ LOG.debug("Generate RequestedAttributes.");
+ final RequestedAttributes reqAttributes = (RequestedAttributes) SAMLEngineUtils
+ .createSamlObject(RequestedAttributes.DEF_ELEMENT_NAME);
+
+ LOG.debug("SAML Engine configuration properties load.");
+ final Iterator<PersonalAttribute> iterator = request
+ .getPersonalAttributeList().iterator();
+
+ while (iterator.hasNext()) {
+
+ final PersonalAttribute attribute = iterator.next();
+
+ if (attribute == null || StringUtils.isBlank(attribute.getName())) {
+ LOG.error(ATTRIBUTE_EMPTY_LITERAL);
+ throw new STORKSAMLEngineException(ATTRIBUTE_EMPTY_LITERAL);
+ }
+
+ // Verified if exits the attribute name.
+ final String attributeName = super.getSamlCoreProperties()
+ .getProperty(attribute.getName());
+
+ if (StringUtils.isBlank(attributeName)) {
+ LOG.debug("Attribute name: {} was not found.", attribute
+ .getName());
+ throw new STORKSAMLEngineException("Attribute name: "
+ + attribute.getName() + " was not found.");
+ }
+
+ // Friendly name it's an optional attribute.
+ String friendlyName = null;
+
+ if (super.getSamlCoreProperties().isFriendlyName()) {
+ friendlyName = attribute.getName();
+ }
+
+
+ String isRequired = null;
+ if (super.getSamlCoreProperties().isRequired()) {
+ isRequired = String.valueOf(attribute.isRequired());
+ }
+
+
+ LOG.debug("Generate requested attribute: " + attributeName);
+ final RequestedAttribute requestedAttr = SAMLEngineUtils
+ .generateReqAuthnAttributeSimple(attributeName,
+ friendlyName, isRequired, attribute
+ .getValue());
+
+ // Add requested attribute.
+ reqAttributes.getAttributes().add(requestedAttr);
+ }
+
+ // Add requested attributes.
+ extensions.getUnknownXMLObjects().add(reqAttributes);
+
+ CitizenCountryCode citizenCountryCode = null;
+ if (request.getCitizenCountryCode() != null && StringUtils.isNotBlank(request.getCitizenCountryCode())){
+ LOG.debug("Generate CitizenCountryCode");
+ citizenCountryCode = (CitizenCountryCode) SAMLEngineUtils
+ .createSamlObject(CitizenCountryCode.DEF_ELEMENT_NAME);
+
+ citizenCountryCode.setCitizenCountryCode(request
+ .getCitizenCountryCode().toUpperCase());
+ }
+
+ SPID spid = null;
+ if(request.getSPID()!=null && StringUtils.isNotBlank(request.getSPID())) {
+ LOG.debug("Generate SPID");
+ spid = (SPID) SAMLEngineUtils
+ .createSamlObject(SPID.DEF_ELEMENT_NAME);
+
+ spid.setSPID(request.getSPID().toUpperCase());
+ }
+
+
+ return extensions;
+
+ }
+
+ /**
+ * Gets the alias from X.509 Certificate at keystore.
+ *
+ * @param keyInfo the key info
+ * @param storkOwnKeyStore
+ * @param storkOwnKeyStore
+ *
+ * @return the alias
+ */
+ private String getAlias(final KeyInfo keyInfo, KeyStore storkOwnKeyStore) {
+
+ LOG.debug("Recover alias information");
+
+ String alias = null;
+ try {
+ final org.opensaml.xml.signature.X509Certificate xmlCert = keyInfo
+ .getX509Datas().get(0).getX509Certificates().get(0);
+
+ // Transform the KeyInfo to X509Certificate.
+ CertificateFactory certFact;
+ certFact = CertificateFactory.getInstance("X.509");
+
+ final ByteArrayInputStream bis = new ByteArrayInputStream(Base64
+ .decode(xmlCert.getValue()));
+
+ final X509Certificate cert = (X509Certificate) certFact
+ .generateCertificate(bis);
+
+ final String tokenSerialNumber = cert.getSerialNumber().toString(16);
+ final X509Principal tokenIssuerDN = new X509Principal(cert.getIssuerDN().getName());
+
+
+ String aliasCert;
+ X509Certificate certificate;
+ boolean find = false;
+
+ for (final Enumeration<String> e = storkOwnKeyStore.aliases(); e
+ .hasMoreElements()
+ && !find; ) {
+ aliasCert = e.nextElement();
+ certificate = (X509Certificate) storkOwnKeyStore
+ .getCertificate(aliasCert);
+
+ final String serialNum = certificate.getSerialNumber()
+ .toString(16);
+
+ X509Principal issuerDN = new X509Principal(certificate
+ .getIssuerDN().getName());
+
+ if(serialNum.equalsIgnoreCase(tokenSerialNumber)
+ && X509PrincipalUtil.equals2(issuerDN, tokenIssuerDN)){
+ alias = aliasCert;
+ find = true;
+ }
+
+ }
+
+ } catch (KeyStoreException e) {
+ LOG.error("Procces getAlias from certificate associated into the signing keystore..", e);
+ } catch (CertificateException e) {
+ LOG.error("Procces getAlias from certificate associated into the signing keystore..", e);
+ } catch (RuntimeException e) {
+ LOG.error("Procces getAlias from certificate associated into the signing keystore..", e);
+ }
+ return alias;
+ }
+
+ /**
+ * Gets the country from X.509 Certificate.
+ *
+ * @param keyInfo the key info
+ *
+ * @return the country
+ */
+ private String getCountry(final KeyInfo keyInfo) {
+ LOG.debug("Recover country information.");
+
+ String result = "";
+ try {
+ final org.opensaml.xml.signature.X509Certificate xmlCert = keyInfo
+ .getX509Datas().get(0).getX509Certificates().get(0);
+
+ // Transform the KeyInfo to X509Certificate.
+ CertificateFactory certFact;
+ certFact = CertificateFactory.getInstance("X.509");
+
+ final ByteArrayInputStream bis = new ByteArrayInputStream(Base64
+ .decode(xmlCert.getValue()));
+
+ final X509Certificate cert = (X509Certificate) certFact
+ .generateCertificate(bis);
+
+ String distName = cert.getSubjectDN().toString();
+
+ distName = StringUtils.deleteWhitespace(StringUtils
+ .upperCase(distName));
+
+ final String countryCode = "C=";
+ final int init = distName.indexOf(countryCode);
+
+ if (init > StringUtils.INDEX_NOT_FOUND) { // Exist country code.
+ int end = distName.indexOf(',', init);
+
+ if (end <= StringUtils.INDEX_NOT_FOUND) {
+ end = distName.length();
+ }
+
+ if (init < end && end > StringUtils.INDEX_NOT_FOUND) {
+ result = distName.substring(init + countryCode.length(),
+ end);
+ //It must be a two characters value
+ if(result.length()>2){
+ result = result.substring(0, 2);
+ }
+ }
+ }
+
+ } catch (CertificateException e) {
+ LOG.error("Procces getCountry from certificate.");
+ }
+ return result.trim();
+ }
+
+ /**
+ * Process all elements XMLObjects from the extensions.
+ *
+ * @param extensions the extensions from the authentication request.
+ *
+ * @return the STORK authentication request
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ private STORKAuthnRequest processExtensions(final Extensions extensions)
+ throws STORKSAMLEngineException {
+ LOG.debug("Procces the extensions.");
+
+ final STORKAuthnRequest request = new STORKAuthnRequest();
+
+ final QAAAttribute qaa = (QAAAttribute) extensions
+ .getUnknownXMLObjects(QAAAttribute.DEF_ELEMENT_NAME).get(0);
+ request.setQaa(Integer.parseInt(qaa.getQaaLevel()));
+
+ List optionalElements = extensions.getUnknownXMLObjects(
+ SPSector.DEF_ELEMENT_NAME);
+
+ if (!optionalElements.isEmpty()) {
+ final SPSector sector = (SPSector) extensions.getUnknownXMLObjects(
+ SPSector.DEF_ELEMENT_NAME).get(0);
+ request.setSpSector(sector.getSPSector());
+ }
+
+ optionalElements = extensions.getUnknownXMLObjects(SPApplication.DEF_ELEMENT_NAME);
+
+ if (!optionalElements.isEmpty()) {
+ final SPApplication application = (SPApplication) extensions
+ .getUnknownXMLObjects(SPApplication.DEF_ELEMENT_NAME).get(0);
+ request.setSpApplication(application.getSPApplication());
+ }
+
+ optionalElements = extensions.getUnknownXMLObjects(SPCountry.DEF_ELEMENT_NAME);
+
+ if (!optionalElements.isEmpty()) {
+ final SPCountry application = (SPCountry) extensions
+ .getUnknownXMLObjects(SPCountry.DEF_ELEMENT_NAME).get(0);
+ request.setSpCountry(application.getSPCountry());
+ }
+
+
+ List listCrossBorderShare = extensions
+ .getUnknownXMLObjects(EIDCrossBorderShare.DEF_ELEMENT_NAME);
+
+ if (!listCrossBorderShare .isEmpty()) {
+ final EIDCrossBorderShare crossBorderShare = (EIDCrossBorderShare) listCrossBorderShare.get(0);
+ request.setEIDCrossBorderShare(Boolean.parseBoolean(crossBorderShare
+ .getEIDCrossBorderShare()));
+ }
+
+
+ List listCrosSectorShare = extensions
+ .getUnknownXMLObjects(EIDCrossSectorShare.DEF_ELEMENT_NAME);
+
+ if (!listCrosSectorShare.isEmpty()) {
+ final EIDCrossSectorShare crossSectorShare = (EIDCrossSectorShare) listCrosSectorShare.get(0);
+ request.setEIDCrossSectorShare(Boolean.parseBoolean(crossSectorShare
+ .getEIDCrossSectorShare()));
+ }
+
+ List listSectorShareExtension = extensions
+ .getUnknownXMLObjects(EIDSectorShare.DEF_ELEMENT_NAME);
+ if (!listSectorShareExtension.isEmpty()) {
+ final EIDSectorShare sectorShare = (EIDSectorShare) listSectorShareExtension.get(0);
+ request.setEIDSectorShare(Boolean.parseBoolean(sectorShare.getEIDSectorShare()));
+ }
+
+
+
+ List<XMLObject> authAttrs = extensions
+ .getUnknownXMLObjects(AuthenticationAttributes.DEF_ELEMENT_NAME);
+
+ if (authAttrs != null && !authAttrs.isEmpty()) {
+
+ final AuthenticationAttributes authnAttr = (AuthenticationAttributes) authAttrs
+ .get(0);
+
+ VIDPAuthenticationAttributes vidpAuthnAttr = null;
+ if (authnAttr != null && !authAttrs.isEmpty()){
+ vidpAuthnAttr = authnAttr.getVIDPAuthenticationAttributes();
+ }
+
+ CitizenCountryCode citizenCountryCodeElement = null;
+ SPInformation spInformation = null;
+ if (vidpAuthnAttr != null){
+ citizenCountryCodeElement = vidpAuthnAttr.getCitizenCountryCode();
+ spInformation = vidpAuthnAttr.getSPInformation();
+ }
+
+ String citizenCountryCode = null;
+ if(citizenCountryCodeElement!=null){
+ citizenCountryCode = citizenCountryCodeElement.getCitizenCountryCode();
+ }
+
+ if(citizenCountryCode!= null && StringUtils.isNotBlank(citizenCountryCode)){
+ request.setCitizenCountryCode(citizenCountryCode);
+ }
+
+ SPID spidElement = null;
+ if (spInformation != null){
+ spidElement = spInformation.getSPID();
+ }
+
+ String spid = null;
+ if(spidElement!=null){
+ spid = spidElement.getSPID();
+ }
+
+ if (spid != null && StringUtils.isNotBlank(spid)) {
+ request.setSPID(spid);
+ }
+ }
+
+ if (extensions
+ .getUnknownXMLObjects(RequestedAttributes.DEF_ELEMENT_NAME) == null) {
+ LOG.error("Extensions not contains any requested attribute.");
+ throw new STORKSAMLEngineException(
+ "Extensions not contains any requested attribute.");
+ }
+
+ final RequestedAttributes requestedAttr = (RequestedAttributes) extensions
+ .getUnknownXMLObjects(RequestedAttributes.DEF_ELEMENT_NAME)
+ .get(0);
+
+ final List<RequestedAttribute> reqAttrs = requestedAttr.getAttributes();
+
+ final IPersonalAttributeList personalAttrList = new PersonalAttributeList();
+
+ String attributeName;
+ for (int nextAttribute = 0; nextAttribute < reqAttrs.size(); nextAttribute++) {
+ final RequestedAttribute attribute = reqAttrs.get(nextAttribute);
+ final PersonalAttribute personalAttribute = new PersonalAttribute();
+ personalAttribute.setIsRequired(Boolean.valueOf(attribute.isRequired()));
+ personalAttribute.setFriendlyName(attribute.getFriendlyName());
+ attributeName = attribute.getName();
+
+ // recover the last name from the string.
+ personalAttribute.setName(attributeName.substring(attributeName
+ .lastIndexOf('/') + 1));
+
+ final ArrayList<String> valores = new ArrayList<String>();
+ final List<XMLObject> values = attribute.getOrderedChildren();
+
+ for (int nextSimpleValue = 0; nextSimpleValue < values.size(); nextSimpleValue++) {
+
+ // Process attributes simples. An AuthenticationRequest only
+ // must contains simple values.
+
+ final XMLObject xmlObject = values.get(nextSimpleValue);
+
+ if(xmlObject instanceof XSStringImpl){
+
+ final XSStringImpl xmlString = (XSStringImpl) values
+ .get(nextSimpleValue);
+ valores.add(xmlString.getValue());
+
+ }else{
+
+ if (attributeName.equals("http://www.stork.gov.eu/1.0/signedDoc")) {
+
+ final XSAnyImpl xmlString = (XSAnyImpl) values
+ .get(nextSimpleValue);
+
+ TransformerFactory transFactory = TransformerFactory.newInstance();
+ Transformer transformer = null;
+ try {
+ transformer = transFactory.newTransformer();
+ transformer.setOutputProperty(OutputKeys.OMIT_XML_DECLARATION, "yes");
+ } catch (TransformerConfigurationException e) {
+ LOG.error("Error transformer configuration exception", e);
+ }
+ StringWriter buffer = new StringWriter();
+ try {
+ if (xmlString != null && xmlString.getUnknownXMLObjects() != null && xmlString.getUnknownXMLObjects().size() > 0 ){
+ transformer.transform(new DOMSource(xmlString.getUnknownXMLObjects().get(0).getDOM()),
+ new StreamResult(buffer));
+ }
+ } catch (TransformerException e) {
+ LOG.error("Error transformer exception", e);
+ }
+ String str = buffer.toString();
+
+ valores.add(str);
+
+ }else{
+
+ final XSAnyImpl xmlString = (XSAnyImpl) values
+ .get(nextSimpleValue);
+ valores.add(xmlString.getTextContent());
+ }
+
+
+
+ }
+ }
+ personalAttribute.setValue(valores);
+ personalAttrList.add(personalAttribute);
+ }
+
+ request.setPersonalAttributeList(personalAttrList);
+
+ return request;
+ }
+
+
+ /**
+ * Process all elements XMLObjects from the extensions.
+ *
+ * @param extensions the extensions from the authentication request.
+ *
+ * @return the STORK authentication request
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ private STORKAttrQueryRequest processAttrExtensions(final Extensions extensions)
+ throws STORKSAMLEngineException {
+ LOG.debug("Procces the atribute query extensions.");
+
+ final STORKAttrQueryRequest request = new STORKAttrQueryRequest();
+
+ final QAAAttribute qaa = (QAAAttribute) extensions
+ .getUnknownXMLObjects(QAAAttribute.DEF_ELEMENT_NAME).get(0);
+ request.setQaa(Integer.parseInt(qaa.getQaaLevel()));
+
+ List optionalElements = extensions.getUnknownXMLObjects(
+ SPSector.DEF_ELEMENT_NAME);
+
+ if (!optionalElements.isEmpty()) {
+ final SPSector sector = (SPSector) extensions.getUnknownXMLObjects(
+ SPSector.DEF_ELEMENT_NAME).get(0);
+ request.setSpSector(sector.getSPSector());
+ }
+
+ optionalElements = extensions.getUnknownXMLObjects(SPApplication.DEF_ELEMENT_NAME);
+
+ if (!optionalElements.isEmpty()) {
+ final SPApplication application = (SPApplication) extensions
+ .getUnknownXMLObjects(SPApplication.DEF_ELEMENT_NAME).get(0);
+ request.setSpApplication(application.getSPApplication());
+ }
+
+ optionalElements = extensions.getUnknownXMLObjects(SPCountry.DEF_ELEMENT_NAME);
+
+ if (!optionalElements.isEmpty()) {
+ final SPCountry application = (SPCountry) extensions
+ .getUnknownXMLObjects(SPCountry.DEF_ELEMENT_NAME).get(0);
+ request.setSpCountry(application.getSPCountry());
+ }
+
+
+ List listCrossBorderShare = extensions
+ .getUnknownXMLObjects(EIDCrossBorderShare.DEF_ELEMENT_NAME);
+
+ if (!listCrossBorderShare .isEmpty()) {
+ final EIDCrossBorderShare crossBorderShare = (EIDCrossBorderShare) listCrossBorderShare.get(0);
+ request.setEIDCrossBorderShare(Boolean.parseBoolean(crossBorderShare
+ .getEIDCrossBorderShare()));
+ }
+
+
+ List listCrosSectorShare = extensions
+ .getUnknownXMLObjects(EIDCrossSectorShare.DEF_ELEMENT_NAME);
+
+ if (!listCrosSectorShare.isEmpty()) {
+ final EIDCrossSectorShare crossSectorShare = (EIDCrossSectorShare) listCrosSectorShare.get(0);
+ request.setEIDCrossSectorShare(Boolean.parseBoolean(crossSectorShare
+ .getEIDCrossSectorShare()));
+ }
+
+ List listSectorShareExtension = extensions
+ .getUnknownXMLObjects(EIDSectorShare.DEF_ELEMENT_NAME);
+ if (!listSectorShareExtension.isEmpty()) {
+ final EIDSectorShare sectorShare = (EIDSectorShare) listSectorShareExtension.get(0);
+ request.setEIDSectorShare(Boolean.parseBoolean(sectorShare.getEIDSectorShare()));
+ }
+
+
+
+ List<XMLObject> authAttrs = extensions
+ .getUnknownXMLObjects(AuthenticationAttributes.DEF_ELEMENT_NAME);
+
+ if (authAttrs != null && !authAttrs.isEmpty()) {
+
+ final AuthenticationAttributes authnAttr = (AuthenticationAttributes) authAttrs
+ .get(0);
+
+ VIDPAuthenticationAttributes vidpAuthnAttr = null;
+ if (authnAttr != null && !authAttrs.isEmpty()){
+ vidpAuthnAttr = authnAttr.getVIDPAuthenticationAttributes();
+ }
+
+ CitizenCountryCode citizenCountryCodeElement = null;
+ SPInformation spInformation = null;
+ if (vidpAuthnAttr != null){
+ citizenCountryCodeElement = vidpAuthnAttr.getCitizenCountryCode();
+ spInformation = vidpAuthnAttr.getSPInformation();
+ }
+
+ String citizenCountryCode = null;
+ if(citizenCountryCodeElement!=null){
+ citizenCountryCode = citizenCountryCodeElement.getCitizenCountryCode();
+ }
+
+ if(citizenCountryCode!= null && StringUtils.isNotBlank(citizenCountryCode)){
+ request.setCitizenCountryCode(citizenCountryCode);
+ }
+
+ SPID spidElement = null;
+ if (spInformation != null){
+ spidElement = spInformation.getSPID();
+ }
+
+ String spid = null;
+ if(spidElement!=null){
+ spid = spidElement.getSPID();
+ }
+
+ if (spid != null && StringUtils.isNotBlank(spid)) {
+ request.setSPID(spid);
+ }
+ }
+
+ if (extensions
+ .getUnknownXMLObjects(RequestedAttributes.DEF_ELEMENT_NAME) == null) {
+ LOG.error("Extensions not contains any requested attribute.");
+ throw new STORKSAMLEngineException(
+ "Extensions not contains any requested attribute.");
+ }
+
+ final RequestedAttributes requestedAttr = (RequestedAttributes) extensions
+ .getUnknownXMLObjects(RequestedAttributes.DEF_ELEMENT_NAME)
+ .get(0);
+
+ final List<RequestedAttribute> reqAttrs = requestedAttr.getAttributes();
+
+ final IPersonalAttributeList personalAttrList = new PersonalAttributeList();
+
+ String attributeName;
+ for (int nextAttribute = 0; nextAttribute < reqAttrs.size(); nextAttribute++) {
+ final RequestedAttribute attribute = reqAttrs.get(nextAttribute);
+ final PersonalAttribute personalAttribute = new PersonalAttribute();
+ personalAttribute.setIsRequired(Boolean.valueOf(attribute.isRequired()));
+ personalAttribute.setFriendlyName(attribute.getFriendlyName());
+ attributeName = attribute.getName();
+
+ // recover the last name from the string.
+ personalAttribute.setName(attributeName.substring(attributeName
+ .lastIndexOf('/') + 1));
+
+ final ArrayList<String> valores = new ArrayList<String>();
+ final List<XMLObject> values = attribute.getOrderedChildren();
+
+ for (int nextSimpleValue = 0; nextSimpleValue < values.size(); nextSimpleValue++) {
+
+ // Process attributes simples. An AuthenticationRequest only
+ // must contains simple values.
+
+ final XMLObject xmlObject = values.get(nextSimpleValue);
+
+ if(xmlObject instanceof XSStringImpl){
+
+ final XSStringImpl xmlString = (XSStringImpl) values
+ .get(nextSimpleValue);
+ valores.add(xmlString.getValue());
+
+ }else{
+
+ if (attributeName.equals("http://www.stork.gov.eu/1.0/signedDoc")) {
+
+ final XSAnyImpl xmlString = (XSAnyImpl) values
+ .get(nextSimpleValue);
+
+ TransformerFactory transFactory = TransformerFactory.newInstance();
+ Transformer transformer = null;
+ try {
+ transformer = transFactory.newTransformer();
+ transformer.setOutputProperty(OutputKeys.OMIT_XML_DECLARATION, "yes");
+ } catch (TransformerConfigurationException e) {
+ LOG.error("Error transformer configuration exception", e);
+ }
+ StringWriter buffer = new StringWriter();
+ try {
+ if (xmlString != null && xmlString.getUnknownXMLObjects() != null && xmlString.getUnknownXMLObjects().size() > 0 ){
+ transformer.transform(new DOMSource(xmlString.getUnknownXMLObjects().get(0).getDOM()),
+ new StreamResult(buffer));
+ }
+ } catch (TransformerException e) {
+ LOG.error("Error transformer exception", e);
+ }
+ String str = buffer.toString();
+
+ valores.add(str);
+
+ }else{
+
+ final XSAnyImpl xmlString = (XSAnyImpl) values
+ .get(nextSimpleValue);
+ valores.add(xmlString.getTextContent());
+ }
+
+
+
+ }
+ }
+ personalAttribute.setValue(valores);
+ personalAttrList.add(personalAttribute);
+ }
+
+ request.setPersonalAttributeList(personalAttrList);
+
+ return request;
+ }
+
+ /**
+ * Sets the name spaces.
+ *
+ * @param tokenSaml the new name spaces
+ */
+ private void setNameSpaces(final XMLObject tokenSaml) {
+ LOG.debug("Set namespaces.");
+
+ final Namespace saml2 = new Namespace(SAMLConstants.SAML20_NS,
+ SAMLConstants.SAML20_PREFIX);
+ tokenSaml.addNamespace(saml2);
+
+ final Namespace digSig = new Namespace(
+ "http://www.w3.org/2000/09/xmldsig#", "ds");
+ tokenSaml.addNamespace(digSig);
+
+ final Namespace storkp = new Namespace(SAMLCore.STORK10P_NS.getValue(),
+ SAMLCore.STORK10P_PREFIX.getValue());
+ tokenSaml.addNamespace(storkp);
+
+ final Namespace stork = new Namespace(SAMLCore.STORK10_NS.getValue(),
+ SAMLCore.STORK10_PREFIX.getValue());
+
+ tokenSaml.addNamespace(stork);
+ }
+
+ /**
+ * Validate parameters from authentication request.
+ *
+ * @param request the request.
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ private void validateParamAuthnReq(final STORKAuthnRequest request)
+ throws STORKSAMLEngineException {
+ LOG.info("Validate parameters from authentication request.");
+
+ // URL to which Authentication Response must be sent.
+ if (StringUtils.isBlank(request.getAssertionConsumerServiceURL())) {
+ throw new STORKSAMLEngineException(
+ "StorkSamlEngine: Assertion Consumer Service URL it's mandatory.");
+ }
+
+ // the name of the original service provider requesting the
+ // authentication.
+ if (StringUtils.isBlank(request.getProviderName())) {
+ throw new STORKSAMLEngineException(
+ "StorkSamlEngine: Service Provider it's mandatory.");
+ }
+
+ // object that contain all attributes requesting.
+ if (request.getPersonalAttributeList() == null
+ || request.getPersonalAttributeList().isEmpty()) {
+ throw new STORKSAMLEngineException(
+ "attributeQueries is null or empty.");
+ }
+
+ // Quality authentication assurance level.
+ if ((request.getQaa() < QAAAttribute.MIN_VALUE)
+ || (request.getQaa() > QAAAttribute.MAX_VALUE)) {
+ throw new STORKSAMLEngineException("Qaal: " + request.getQaa()
+ + ", is invalid.");
+ }
+
+ }
+
+ /**
+ * Validate parameters from attribute query request.
+ *
+ * @param request the request.
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ private void validateParamAttrQueryReq(final STORKAttrQueryRequest request)
+ throws STORKSAMLEngineException {
+ LOG.info("Validate parameters from attribute query request.");
+
+ // URL to which AP Response must be sent.
+ if (StringUtils.isBlank(request.getAssertionConsumerServiceURL())) {
+ throw new STORKSAMLEngineException(
+ "StorkSamlEngine: Assertion Consumer Service URL it's mandatory.");
+ }
+
+ // Destination of the request - not mandatory
+ /*if (StringUtils.isBlank(request.getDestination())) {
+ throw new STORKSAMLEngineException(
+ "StorkSamlEngine: Destination is mandatory.");
+ }*/
+
+ // SP country is empty
+ if (StringUtils.isBlank(request.getSpCountry())) {
+ throw new STORKSAMLEngineException(
+ "StorkSamlEngine: SP country is mandatory.");
+ }
+
+ // object that contain all attributes requesting.
+ if (request.getPersonalAttributeList() == null
+ || request.getPersonalAttributeList().isEmpty()) {
+ throw new STORKSAMLEngineException(
+ "attributeQueries is null or empty.");
+ }
+
+ // Quality authentication assurance level.
+ if ((request.getQaa() < QAAAttribute.MIN_VALUE)
+ || (request.getQaa() > QAAAttribute.MAX_VALUE)) {
+ throw new STORKSAMLEngineException("Qaal: " + request.getQaa()
+ + ", is invalid.");
+ }
+ }
+
+ /**
+ * Validate parameters from logout request.
+ *
+ * @param request the request.
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ private void validateParamLogoutReq(final STORKLogoutRequest request)
+ throws STORKSAMLEngineException {
+ LOG.info("Validate parameters from logout request.");
+
+ // URL to which AP Response must be sent.
+ /*if (StringUtils.isBlank(request.get())) {
+ throw new STORKSAMLEngineException(
+ "StorkSamlEngine: Assertion Consumer Service URL it's mandatory.");
+ }*/
+
+ // Destination of the request
+ if (StringUtils.isBlank(request.getDestination())) {
+ throw new STORKSAMLEngineException(
+ "StorkSamlEngine: Destination is mandatory.");
+ }
+
+ // SP Provided Id
+ if (StringUtils.isBlank(request.getSpProvidedId())) {
+ throw new STORKSAMLEngineException(
+ "StorkSamlEngine: SP provided Id is mandatory.");
+ }
+ }
+
+ /**
+ * Validate parameters from logout response.
+ *
+ * @param response the response.
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ private void validateParamLogoutRes(final STORKLogoutRequest request,
+ final STORKLogoutResponse response) throws STORKSAMLEngineException {
+ LOG.info("Validate parameters from logout request.");
+
+ // Issuer is mandatory
+ if (StringUtils.isBlank(request.getIssuer())) {
+ throw new STORKSAMLEngineException(
+ "Issuer must be not empty or null.");
+ }
+
+ // Destination of the request
+ if (StringUtils.isBlank(response.getDestination())) {
+ throw new STORKSAMLEngineException(
+ "StorkSamlEngine: Destination is mandatory.");
+ }
+
+ // SP Provided Id
+ if (StringUtils.isBlank(request.getSpProvidedId())) {
+ throw new STORKSAMLEngineException(
+ "StorkSamlEngine: SP provided Id is mandatory.");
+ }
+
+ if (StringUtils.isBlank(request.getSamlId())) {
+ throw new STORKSAMLEngineException("request ID is null or empty.");
+ }
+ }
+
+
+ /**
+ * Validate parameters from response.
+ *
+ * @param request the request
+ * @param responseAuthReq the response authentication request
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ private void validateParamResponse(final STORKAuthnRequest request,
+ final STORKAuthnResponse responseAuthReq)
+ throws STORKSAMLEngineException {
+ LOG.info("Validate parameters response.");
+ if (StringUtils.isBlank(request.getIssuer())) {
+ throw new STORKSAMLEngineException(
+ "Issuer must be not empty or null.");
+ }
+
+ if (responseAuthReq.getPersonalAttributeList() == null
+ || responseAuthReq.getPersonalAttributeList().isEmpty()) {
+ LOG.error("PersonalAttributeList is null or empty.");
+ throw new STORKSAMLEngineException(
+ "PersonalAttributeList is null or empty.");
+ }
+
+ if (StringUtils.isBlank(request.getAssertionConsumerServiceURL())) {
+ throw new STORKSAMLEngineException(
+ "assertionConsumerServiceURL is null or empty.");
+ }
+
+ if (StringUtils.isBlank(request.getSamlId())) {
+ throw new STORKSAMLEngineException("request ID is null or empty.");
+ }
+ }
+
+ /**
+ * Validate parameters from response.
+ *
+ * @param request the request
+ * @param responseAttrQueryReq the response authentication request
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ private void validateParamAttrQueryResponse(final STORKAttrQueryRequest request,
+ final STORKAttrQueryResponse responseAttrQueryReq)
+ throws STORKSAMLEngineException {
+ LOG.info("Validate attribute querey parameters response.");
+ if (StringUtils.isBlank(request.getIssuer())) {
+ throw new STORKSAMLEngineException(
+ "Issuer must be not empty or null.");
+ }
+
+ if (responseAttrQueryReq.getPersonalAttributeList() == null
+ || responseAttrQueryReq.getPersonalAttributeList().isEmpty()) {
+ LOG.error("PersonalAttributeList is null or empty.");
+ throw new STORKSAMLEngineException(
+ "PersonalAttributeList is null or empty.");
+ }
+
+ /*if (StringUtils.isBlank(request.getAssertionConsumerServiceURL())) {
+ throw new STORKSAMLEngineException(
+ "assertionConsumerServiceURL is null or empty.");
+ }*/
+
+ if (StringUtils.isBlank(request.getSamlId())) {
+ throw new STORKSAMLEngineException("request ID is null or empty.");
+ }
+ }
+
+ /**
+ * Validate parameter from response fail.
+ *
+ * @param request the request
+ * @param response the response
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ private void validateParamResponseFail(final STORKAuthnRequest request,
+ final STORKAuthnResponse response) throws STORKSAMLEngineException {
+ LOG.info("Validate parameters response fail.");
+ if (StringUtils.isBlank(response.getStatusCode())) {
+ throw new STORKSAMLEngineException("Code error it's null or empty.");
+ }
+
+ if (StringUtils.isBlank(request.getAssertionConsumerServiceURL())) {
+ throw new STORKSAMLEngineException(
+ "assertionConsumerServiceURL is null or empty.");
+ }
+
+ if (StringUtils.isBlank(request.getSamlId())) {
+ throw new STORKSAMLEngineException("request ID is null or empty.");
+ }
+ }
+
+ /**
+ * Validate parameter from response fail.
+ *
+ * @param request the request
+ * @param response the response
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ private void validateParamAttrQueryResponseFail(final STORKAttrQueryRequest request,
+ final STORKAttrQueryResponse response) throws STORKSAMLEngineException {
+ LOG.info("Validate parameters response fail.");
+ if (StringUtils.isBlank(response.getStatusCode())) {
+ throw new STORKSAMLEngineException("Code error it's null or empty.");
+ }
+
+ if (StringUtils.isBlank(request.getSamlId())) {
+ throw new STORKSAMLEngineException("request ID is null or empty.");
+ }
+ }
+
+ /**
+ * Validate parameter from response fail.
+ *
+ * @param request the request
+ * @param response the response
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ private void validateParamLogoutResFail(final STORKLogoutRequest request,
+ final STORKLogoutResponse response) throws STORKSAMLEngineException {
+ LOG.info("Validate parameters response fail.");
+
+ if (StringUtils.isBlank(request.getIssuer())) {
+ throw new STORKSAMLEngineException(
+ "Issuer must be not empty or null.");
+ }
+
+ if (StringUtils.isBlank(response.getStatusCode())) {
+ throw new STORKSAMLEngineException("Code error it's null or empty.");
+ }
+
+ if (StringUtils.isBlank(request.getSamlId())) {
+ throw new STORKSAMLEngineException("request ID is null or empty.");
+ }
+ }
+
+ /**
+ * Validate stork authentication request.
+ *
+ * @param tokenSaml the token SAML
+ *
+ * @return the sTORK authentication request
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ public STORKAuthnRequest validateSTORKAuthnRequest(final byte[] tokenSaml)
+ throws STORKSAMLEngineException {
+ LOG.info("validateSTORKAuthnRequest");
+
+ final AuthnRequest samlRequest = (AuthnRequest) validateStorkSaml(tokenSaml);
+
+ LOG.debug("Validate Extensions.");
+ final Validator<Extensions> validatorExt = new ExtensionsSchemaValidator();
+ try {
+ validatorExt.validate(samlRequest.getExtensions());
+ } catch (ValidationException e) {
+ LOG.error("ValidationException: validate Extensions.", e);
+ throw new STORKSAMLEngineException(e);
+ }
+
+ LOG.debug("Generate STORKAuthnRequest.");
+ final STORKAuthnRequest authnRequest = processExtensions(samlRequest
+ .getExtensions());
+
+ authnRequest.setCountry(this.getCountry(samlRequest.getSignature()
+ .getKeyInfo()));
+
+ authnRequest.setAlias(this.getAlias(samlRequest.getSignature()
+ .getKeyInfo(), super.getSigner().getTrustStore()));
+
+ authnRequest.setSamlId(samlRequest.getID());
+ authnRequest.setDestination(samlRequest.getDestination());
+ authnRequest.setAssertionConsumerServiceURL(samlRequest
+ .getAssertionConsumerServiceURL());
+
+ authnRequest.setProviderName(samlRequest.getProviderName());
+ authnRequest.setIssuer(samlRequest.getIssuer().getValue());
+
+ //Delete unknown elements from requested ones
+ final Iterator<PersonalAttribute> iterator = authnRequest.getPersonalAttributeList().iterator();
+ IPersonalAttributeList cleanPerAttrList = (PersonalAttributeList) authnRequest.getPersonalAttributeList();
+ while (iterator.hasNext()) {
+
+ final PersonalAttribute attribute = iterator.next();
+
+ // Verify if the attribute name exits.
+ final String attributeName = super.getSamlCoreProperties()
+ .getProperty(attribute.getName());
+
+ if (StringUtils.isBlank(attributeName)) {
+ LOG.info("Attribute name: {} was not found. It will be removed from the request object", attribute.getName());
+ cleanPerAttrList.remove(attribute.getName());
+ }
+
+ }
+ authnRequest.setPersonalAttributeList(cleanPerAttrList);
+
+ return authnRequest;
+
+ }
+
+ /**
+ * Validate stork attribute query request.
+ *
+ * @param tokenSaml the token SAML
+ *
+ * @return the STORK attribute query request
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ public STORKAttrQueryRequest validateSTORKAttrQueryRequest(final byte[] tokenSaml)
+ throws STORKSAMLEngineException {
+ LOG.info("validateSTORKAttrQueryRequest");
+
+ //final AttributeQuery samlRequest = (AttributeQuery) validateStorkSaml(tokenSaml);
+ final CustomRequestAbstractType samlRequest = (CustomRequestAbstractType) validateStorkSaml(tokenSaml);
+
+ LOG.debug("Validate Extensions.");
+ final Validator<Extensions> validatorExt = new ExtensionsSchemaValidator();
+ try {
+ validatorExt.validate(samlRequest.getExtensions());
+ } catch (ValidationException e) {
+ LOG.error("ValidationException: validate Extensions.", e);
+ throw new STORKSAMLEngineException(e);
+ }
+
+ LOG.debug("Generate STORKAttrQueryRequest.");
+ final STORKAttrQueryRequest attrRequest = processAttrExtensions(samlRequest
+ .getExtensions());
+
+ attrRequest.setCountry(this.getCountry(samlRequest.getSignature()
+ .getKeyInfo()));
+
+ attrRequest.setAlias(this.getAlias(samlRequest.getSignature()
+ .getKeyInfo(), super.getSigner().getTrustStore()));
+
+ attrRequest.setSamlId(samlRequest.getID());
+ attrRequest.setDestination(samlRequest.getDestination());
+ attrRequest.setAssertionConsumerServiceURL(samlRequest
+ .getAssertionConsumerServiceURL());
+
+ /*authnRequest.setProviderName(samlRequest.getProviderName());*/
+ attrRequest.setIssuer(samlRequest.getIssuer().getValue());
+
+ //Delete unknown elements from requested ones
+ final Iterator<PersonalAttribute> iterator = attrRequest.getPersonalAttributeList().iterator();
+ IPersonalAttributeList cleanPerAttrList = (PersonalAttributeList) attrRequest.getPersonalAttributeList();
+ while (iterator.hasNext()) {
+
+ final PersonalAttribute attribute = iterator.next();
+
+ // Verify if the attribute name exits.
+ final String attributeName = super.getSamlCoreProperties()
+ .getProperty(attribute.getName());
+
+ if (StringUtils.isBlank(attributeName)) {
+ LOG.info("Attribute name: {} was not found. It will be removed from the request object", attribute.getName());
+ cleanPerAttrList.remove(attribute.getName());
+ }
+
+ }
+ attrRequest.setPersonalAttributeList(cleanPerAttrList);
+
+ return attrRequest;
+
+ }
+
+ /**
+ * Validate stork logout request.
+ *
+ * @param tokenSaml the token SAML
+ *
+ * @return the STORK logout request
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ public STORKLogoutRequest validateSTORKLogoutRequest(final byte[] tokenSaml)
+ throws STORKSAMLEngineException {
+ LOG.info("validateSTORKLogoutRequest");
+
+ final LogoutRequest samlRequest = (LogoutRequest)validateStorkSaml(tokenSaml);
+
+ LOG.debug("Validate Extensions.");
+ final Validator<Extensions> validatorExt = new ExtensionsSchemaValidator();
+ try {
+ validatorExt.validate(samlRequest.getExtensions());
+ } catch (ValidationException e) {
+ LOG.error("ValidationException: validate Extensions.", e);
+ throw new STORKSAMLEngineException(e);
+ }
+
+ LOG.debug("Generate STORKLogoutRequest.");
+ final STORKLogoutRequest logoutRequest = new STORKLogoutRequest();
+
+ logoutRequest.setCountry(this.getCountry(samlRequest.getSignature()
+ .getKeyInfo()));
+
+ logoutRequest.setAlias(this.getAlias(samlRequest.getSignature()
+ .getKeyInfo(), super.getSigner().getTrustStore()));
+
+ logoutRequest.setSamlId(samlRequest.getID());
+ logoutRequest.setDestination(samlRequest.getDestination());
+
+ logoutRequest.setIssuer(samlRequest.getIssuer().getValue());
+
+ logoutRequest.setSpProvidedId(samlRequest.getNameID().getValue());
+
+ return logoutRequest;
+
+ }
+
+ /**
+ * Validate stork authentication response.
+ *
+ * @param tokenSaml the token SAML
+ * @param userIP the user IP
+ *
+ * @return the Stork authentication response
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ public STORKAuthnResponse validateSTORKAuthnResponse(
+ final byte[] tokenSaml, final String userIP)
+ throws STORKSAMLEngineException {
+
+ LOG.info("validateSTORKAuthnResponse");
+ final Response samlResponse = (Response) validateStorkSaml(tokenSaml);
+
+ LOG.debug("Create StorkAuthResponse.");
+ final STORKAuthnResponse authnResponse = new STORKAuthnResponse();
+
+ authnResponse.setCountry(this.getCountry(samlResponse.getSignature()
+ .getKeyInfo()));
+
+ LOG.debug("Set ID.");
+ authnResponse.setSamlId(samlResponse.getID());
+ LOG.debug("Set InResponseTo.");
+ authnResponse.setInResponseTo(samlResponse.getInResponseTo());
+ LOG.debug("Set statusCode.");
+ authnResponse.setStatusCode(samlResponse.getStatus().getStatusCode()
+ .getValue());
+
+ // Subordinate code.
+ if (samlResponse.getStatus().getStatusCode().getStatusCode() != null) {
+ authnResponse.setSubStatusCode(samlResponse.getStatus()
+ .getStatusCode().getStatusCode().getValue());
+ }
+
+ if (samlResponse.getStatus().getStatusMessage() != null) {
+ LOG.debug("Set statusMessage.");
+ authnResponse.setMessage(samlResponse.getStatus()
+ .getStatusMessage().getMessage());
+ }
+
+ LOG.debug("validateStorkResponse");
+ final Assertion assertion = (Assertion) validateStorkResponse(
+ samlResponse, userIP);
+
+ if(assertion!=null){
+ final DateTime serverDate = new DateTime();
+
+ if (assertion.getConditions().getNotOnOrAfter().isBefore(serverDate)) {
+ LOG.error("Token date expired (getNotOnOrAfter = "
+ + assertion.getConditions().getNotOnOrAfter()
+ + ", server_date: " + serverDate + ")");
+ throw new STORKSAMLEngineException(
+ "Token date expired (getNotOnOrAfter = "
+ + assertion.getConditions().getNotOnOrAfter()
+ + " ), server_date: " + serverDate);
+ }
+
+ LOG.debug("Set notOnOrAfter.");
+ authnResponse.setNotOnOrAfter(assertion.getConditions()
+ .getNotOnOrAfter());
+
+ LOG.debug("Set notBefore.");
+ authnResponse.setNotBefore(assertion.getConditions().getNotBefore());
+
+ authnResponse.setNotBefore(assertion.getConditions().getNotBefore());
+
+ authnResponse.setAudienceRestriction(((AudienceRestriction) assertion
+ .getConditions().getAudienceRestrictions().get(0))
+ .getAudiences().get(0).getAudienceURI());
+ authnResponse.setAssertions(samlResponse.getAssertions());
+ }
+
+ // Case no error.
+ if (assertion!=null && StatusCode.SUCCESS_URI.equalsIgnoreCase(authnResponse
+ .getStatusCode())) {
+ LOG.debug("Status Success. Set PersonalAttributeList.");
+ authnResponse
+ .setPersonalAttributeList(generatePersonalAttributeList(assertion));
+ authnResponse.setFail(false);
+ } else {
+ LOG.debug("Status Fail.");
+ authnResponse.setFail(true);
+ }
+ LOG.debug("Return result.");
+ return authnResponse;
+
+ }
+
+ /**
+ * Validate stork authentication response.
+ *
+ * @param tokenSaml the token SAML
+ * @param userIP the user IP
+ *
+ * @return the Stork authentication response
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ public STORKAuthnResponse validateSTORKAuthnResponseWithQuery(
+ final byte[] tokenSaml, final String userIP)
+ throws STORKSAMLEngineException {
+
+ LOG.info("validateSTORKAuthnResponse");
+ final Response samlResponse = (Response) validateStorkSaml(tokenSaml);
+
+ LOG.debug("Create StorkAuthResponse.");
+ final STORKAuthnResponse authnResponse = new STORKAuthnResponse();
+
+ authnResponse.setCountry(this.getCountry(samlResponse.getSignature()
+ .getKeyInfo()));
+
+ LOG.debug("Set ID.");
+ authnResponse.setSamlId(samlResponse.getID());
+ LOG.debug("Set InResponseTo.");
+ authnResponse.setInResponseTo(samlResponse.getInResponseTo());
+ LOG.debug("Set statusCode.");
+ authnResponse.setStatusCode(samlResponse.getStatus().getStatusCode()
+ .getValue());
+
+ // Subordinate code.
+ if (samlResponse.getStatus().getStatusCode().getStatusCode() != null) {
+ authnResponse.setSubStatusCode(samlResponse.getStatus()
+ .getStatusCode().getStatusCode().getValue());
+ }
+
+ if (samlResponse.getStatus().getStatusMessage() != null) {
+ LOG.debug("Set statusMessage.");
+ authnResponse.setMessage(samlResponse.getStatus()
+ .getStatusMessage().getMessage());
+ }
+
+ LOG.debug("validateStorkResponse");
+ final Assertion assertion = (Assertion) validateStorkResponse(
+ samlResponse, userIP);
+
+ if(assertion!=null){
+ final DateTime serverDate = new DateTime();
+
+ if (assertion.getConditions().getNotOnOrAfter().isBefore(serverDate)) {
+ LOG.error("Token date expired (getNotOnOrAfter = "
+ + assertion.getConditions().getNotOnOrAfter()
+ + ", server_date: " + serverDate + ")");
+ throw new STORKSAMLEngineException(
+ "Token date expired (getNotOnOrAfter = "
+ + assertion.getConditions().getNotOnOrAfter()
+ + " ), server_date: " + serverDate);
+ }
+
+ LOG.debug("Set notOnOrAfter.");
+ authnResponse.setNotOnOrAfter(assertion.getConditions()
+ .getNotOnOrAfter());
+
+ LOG.debug("Set notBefore.");
+ authnResponse.setNotBefore(assertion.getConditions().getNotBefore());
+
+ authnResponse.setNotBefore(assertion.getConditions().getNotBefore());
+
+ authnResponse.setAudienceRestriction(((AudienceRestriction) assertion
+ .getConditions().getAudienceRestrictions().get(0))
+ .getAudiences().get(0).getAudienceURI());
+ }
+
+ // Case no error.
+ if (assertion!=null && StatusCode.SUCCESS_URI.equalsIgnoreCase(authnResponse
+ .getStatusCode())) {
+ LOG.debug("Status Success. Set PersonalAttributeList.");
+ authnResponse
+ .setPersonalAttributeList(generatePersonalAttributeList(assertion));
+ authnResponse.setFail(false);
+ } else {
+ LOG.debug("Status Fail.");
+ authnResponse.setFail(true);
+ }
+
+ authnResponse.setAssertions(samlResponse.getAssertions());
+ if (samlResponse.getAssertions().size() > 1)
+ {
+ PersonalAttributeList total = new PersonalAttributeList();
+ List<IPersonalAttributeList> attrList = new ArrayList();
+ for (int i = 0; i < samlResponse.getAssertions().size(); i++)
+ {
+ Assertion tempAssertion = (Assertion)samlResponse.getAssertions().get(i);
+ IPersonalAttributeList temp = generatePersonalAttributeList(tempAssertion);
+ if (temp != null)
+ {
+ attrList.add(temp);
+ for (PersonalAttribute attribute : temp) {
+ PersonalAttribute attr = (PersonalAttribute)attribute.clone();
+ attr.setName(attr.getName()+tempAssertion.getID());
+ total.add(attr);
+ }
+ }
+ }
+ authnResponse.setPersonalAttributeLists(attrList);
+ authnResponse.setTotalPersonalAttributeList(total);
+ }
+
+ LOG.debug("Return result.");
+ return authnResponse;
+
+ }
+
+ /**
+ * Validate stork attribute query response.
+ *
+ * @param tokenSaml the token SAML
+ * @param userIP the user IP
+ *
+ * @return the Stork attribute query response
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ public STORKAttrQueryResponse validateSTORKAttrQueryResponse(
+ final byte[] tokenSaml, final String userIP)
+ throws STORKSAMLEngineException {
+
+ LOG.info("validateSTORKAttrQueryResponse");
+ final Response samlResponse = (Response) validateStorkSaml(tokenSaml);
+
+ LOG.debug("Create StorkAttrQueryResponse.");
+ final STORKAttrQueryResponse attrQueryResponse = new STORKAttrQueryResponse();
+
+ attrQueryResponse.setCountry(this.getCountry(samlResponse.getSignature()
+ .getKeyInfo()));
+
+ LOG.debug("Set ID.");
+ attrQueryResponse.setSamlId(samlResponse.getID());
+ LOG.debug("Set InResponseTo.");
+ attrQueryResponse.setInResponseTo(samlResponse.getInResponseTo());
+ LOG.debug("Set statusCode.");
+ attrQueryResponse.setStatusCode(samlResponse.getStatus().getStatusCode()
+ .getValue());
+
+
+ // Subordinate code.
+ if (samlResponse.getStatus().getStatusCode().getStatusCode() != null) {
+ attrQueryResponse.setSubStatusCode(samlResponse.getStatus()
+ .getStatusCode().getStatusCode().getValue());
+ }
+
+ if (samlResponse.getStatus().getStatusMessage() != null) {
+ LOG.debug("Set statusMessage.");
+ attrQueryResponse.setMessage(samlResponse.getStatus()
+ .getStatusMessage().getMessage());
+ }
+
+ LOG.debug("validateStorkResponse");
+ final Assertion assertion = (Assertion) validateStorkResponse(
+ samlResponse, userIP);
+
+ if(assertion!=null){
+ final DateTime serverDate = new DateTime();
+
+ attrQueryResponse.setAssertion(assertion);
+
+ if (assertion.getConditions().getNotOnOrAfter().isBefore(serverDate)) {
+ LOG.error("Token date expired (getNotOnOrAfter = "
+ + assertion.getConditions().getNotOnOrAfter()
+ + ", server_date: " + serverDate + ")");
+ throw new STORKSAMLEngineException(
+ "Token date expired (getNotOnOrAfter = "
+ + assertion.getConditions().getNotOnOrAfter()
+ + " ), server_date: " + serverDate);
+ }
+
+ LOG.debug("Set notOnOrAfter.");
+ attrQueryResponse.setNotOnOrAfter(assertion.getConditions()
+ .getNotOnOrAfter());
+
+ LOG.debug("Set notBefore.");
+ attrQueryResponse.setNotBefore(assertion.getConditions().getNotBefore());
+
+ attrQueryResponse.setNotBefore(assertion.getConditions().getNotBefore());
+
+ attrQueryResponse.setAudienceRestriction(((AudienceRestriction) assertion
+ .getConditions().getAudienceRestrictions().get(0))
+ .getAudiences().get(0).getAudienceURI());
+ }
+
+ // Case no error.
+ if (assertion!=null && StatusCode.SUCCESS_URI.equalsIgnoreCase(attrQueryResponse
+ .getStatusCode())) {
+ LOG.debug("Status Success. Set PersonalAttributeList.");
+ attrQueryResponse
+ .setPersonalAttributeList(generatePersonalAttributeList(assertion));
+ attrQueryResponse.setFail(false);
+ } else {
+ LOG.debug("Status Fail.");
+ attrQueryResponse.setFail(true);
+ }
+
+ attrQueryResponse.setAssertions(samlResponse.getAssertions());
+ if (samlResponse.getAssertions().size() > 1)
+ {
+ PersonalAttributeList total = new PersonalAttributeList();
+ List<IPersonalAttributeList> attrList = new ArrayList();
+ for (int i = 0; i < samlResponse.getAssertions().size(); i++)
+ {
+ Assertion tempAssertion = (Assertion)samlResponse.getAssertions().get(i);
+ IPersonalAttributeList temp = generatePersonalAttributeList(tempAssertion);
+ if (temp != null)
+ {
+ attrList.add(temp);
+ for (PersonalAttribute attribute : temp) {
+ PersonalAttribute attr = (PersonalAttribute)attribute.clone();
+ attr.setName(attr.getName()+tempAssertion.getID());
+ total.add(attr);
+ }
+ }
+ }
+ attrQueryResponse.setPersonalAttributeLists(attrList);
+ attrQueryResponse.setTotalPersonalAttributeList(total);
+ }
+
+ LOG.debug("Return result.");
+ return attrQueryResponse;
+
+ }
+
+ /**
+ * Validate stork response.
+ *
+ * @param samlResponse the SAML response
+ * @param userIP the user IP
+ *
+ * @return the assertion
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ private Assertion validateStorkResponse(final Response samlResponse,
+ final String userIP) throws STORKSAMLEngineException {
+ // Exist only one Assertion
+
+ if (samlResponse.getAssertions() == null
+ || samlResponse.getAssertions().isEmpty()) {
+ LOG.info("Assertion is null or empty."); //in replace of throw new STORKSAMLEngineException("Assertion is null or empty.")
+ return null;
+ }
+
+ final Assertion assertion = (Assertion) samlResponse.getAssertions()
+ .get(0);
+
+ LOG.debug("Verified method Bearer");
+ for (final Iterator<SubjectConfirmation> iter = assertion.getSubject()
+ .getSubjectConfirmations().iterator(); iter.hasNext();) {
+ final SubjectConfirmation element = iter.next();
+ final boolean isBearer = SubjectConfirmation.METHOD_BEARER
+ .equals(element.getMethod());
+
+ final boolean ipValidate = super.getSamlCoreProperties()
+ .isIpValidation();
+
+ if (ipValidate) {
+ if (isBearer) {
+ if (StringUtils.isBlank(userIP)) {
+ LOG.error("browser_ip is null or empty.");
+ throw new STORKSAMLEngineException(
+ "browser_ip is null or empty.");
+ } else if (StringUtils.isBlank(element
+ .getSubjectConfirmationData().getAddress())) {
+ LOG.error("token_ip attribute is null or empty.");
+ throw new STORKSAMLEngineException(
+ "token_ip attribute is null or empty.");
+ }
+ }
+
+ final boolean ipEqual = element.getSubjectConfirmationData()
+ .getAddress().equals(userIP);
+
+ // Validation ipUser
+ if (!ipEqual && ipValidate) {
+ LOG.error("SubjectConfirmation BEARER: ");
+ throw new STORKSAMLEngineException(
+ "IPs doesn't match : token_ip ("
+ + element.getSubjectConfirmationData()
+ .getAddress() + ") browser_ip ("
+ + userIP + ")");
+ }
+ }
+
+ }
+ return assertion;
+ }
+
+ /**
+ * Validate stork SAML.
+ *
+ * @param tokenSaml the token SAML
+ *
+ * @return the signable SAML object
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ private SignableSAMLObject validateStorkSaml(final byte[] tokenSaml)
+ throws STORKSAMLEngineException {
+
+ LOG.info("Validate StorkSaml message.");
+
+ if (tokenSaml == null) {
+ LOG.error("Saml authentication request is null.");
+ throw new STORKSAMLEngineException(
+ "Saml authentication request is null.");
+ }
+
+ LOG.debug("Generate AuthnRequest from request.");
+ SignableSAMLObject samlObject;
+
+ try {
+ samlObject = (SignableSAMLObject) super.unmarshall(tokenSaml);
+ } catch (SAMLEngineException e) {
+ LOG.error("SAMLEngineException unmarshall.", e);
+ throw new STORKSAMLEngineException(e);
+ }
+
+ boolean validateSign = true;
+
+ if (StringUtils.isNotBlank(super.getSamlCoreProperties().getProperty(
+ "validateSignature"))) {
+ validateSign = Boolean.valueOf(super.getSamlCoreProperties()
+ .getProperty("validateSignature"));
+ }
+
+ if (validateSign) {
+ LOG.debug("Validate Signature.");
+ try {
+ super.validateSignature(samlObject);
+ } catch (SAMLEngineException e) {
+ LOG.error("SAMLEngineException validateSignature.", e);
+ throw new STORKSAMLEngineException(e);
+ }
+ }
+
+ LOG.debug("Validate Schema.");
+ final ValidatorSuite validatorSuite = Configuration
+ .getValidatorSuite("saml2-core-schema-validator");
+ try {
+ if (samlObject.getElementQName().toString().endsWith(CustomAttributeQuery.DEFAULT_ELEMENT_LOCAL_NAME))
+ {
+ CustomAttributeQueryValidator val =
+ new CustomAttributeQueryValidator();
+ val.validate((CustomAttributeQuery)samlObject);
+ }
+ else
+ validatorSuite.validate(samlObject);
+ } catch (ValidationException e) {
+ LOG.error("ValidationException.", e);
+ throw new STORKSAMLEngineException(e);
+ }
+
+ return samlObject;
+ }
+
+ private boolean isComplex(XMLObject xmlObject)
+ {
+ boolean isComplex = false;
+
+ final XSAnyImpl complexValue = (XSAnyImpl) xmlObject;
+
+ for (int nextComplexValue = 0; nextComplexValue < complexValue
+ .getUnknownXMLObjects().size(); nextComplexValue++) {
+
+ final XSAnyImpl simple = (XSAnyImpl) complexValue
+ .getUnknownXMLObjects().get(
+ nextComplexValue);
+
+ if (simple.getElementQName().getLocalPart() != null)
+ {
+ isComplex = true;
+ break;
+ }
+ }
+
+ return isComplex;
+ }
+}
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/X509PrincipalUtil.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/X509PrincipalUtil.java
new file mode 100644
index 000000000..e38cc5f0b
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/X509PrincipalUtil.java
@@ -0,0 +1,69 @@
+package eu.stork.peps.auth.engine;
+
+import org.bouncycastle.asn1.DERObjectIdentifier;
+import org.bouncycastle.jce.X509Principal;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+/**
+ * Utility class used to decrease complexity of comparison of 2 X509principal
+ *
+ * @author vanegdi
+ * @version $Revision: 1.00 $, $Date: 2013-05-24 20:53:51 $
+ */
+public final class X509PrincipalUtil{
+
+ private static final DERObjectIdentifier[] DER_OBJECT_IDENTIFIERS_ARRAY= {
+ X509Principal.CN,
+ X509Principal.OU,
+ X509Principal.O,
+ X509Principal.L,
+ X509Principal.ST,
+ X509Principal.C,
+ X509Principal.E
+ };
+
+ private static final Logger LOG = LoggerFactory.getLogger(eu.stork.peps.auth.engine.X509PrincipalUtil.class);
+
+ /**
+ * Compares 2 X509Principals to detect if they equals
+ * @param principal1
+ * @param principal2
+ * @return true if arguments are not null and equals
+ */
+ public static boolean equals(X509Principal principal1, X509Principal principal2) {
+ boolean continueProcess = true;
+ if (principal1 == null || principal2 == null){
+ return false;
+ }
+
+ int cpt = 0;
+ while(continueProcess && cpt < DER_OBJECT_IDENTIFIERS_ARRAY.length){
+ continueProcess = continueProcess && x509ValuesByIdentifierEquals(principal1, principal2, DER_OBJECT_IDENTIFIERS_ARRAY[cpt]);
+ cpt++;
+ }
+ return continueProcess;
+ }
+
+ public static boolean equals2(X509Principal principal1, X509Principal principal2) {
+
+ if (principal1 == null || principal2 == null){
+ return false;
+ }
+
+ if (principal1.getName().equals(principal2.getName()))
+ return true;
+ else
+ return false;
+
+ }
+
+ private static boolean x509ValuesByIdentifierEquals(X509Principal principal1, X509Principal principal2, DERObjectIdentifier identifier){
+ return principal1.getValues(identifier).equals(principal2.getValues(identifier));
+ }
+
+ private X509PrincipalUtil(){
+ // default contructor
+ LOG.error("Fake X509PrincipalUtil : never be called");
+ }
+}
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/AuthenticationAttributes.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/AuthenticationAttributes.java
new file mode 100644
index 000000000..07157073c
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/AuthenticationAttributes.java
@@ -0,0 +1,57 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.auth.engine.core;
+
+import javax.xml.namespace.QName;
+
+import org.opensaml.common.SAMLObject;
+
+/**
+ * The Interface AuthenticationAttributes.
+ * @author fjquevedo
+ */
+public interface AuthenticationAttributes extends SAMLObject {
+
+ /** The Constant DEFAULT_ELEMENT_LOCAL_NAME. */
+ String DEF_LOCAL_NAME = "AuthenticationAttributes";
+
+ /** Default element name. */
+ QName DEF_ELEMENT_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), DEF_LOCAL_NAME,
+ SAMLCore.STORK10P_PREFIX.getValue());
+
+ /** Local name of the XSI type. */
+ String TYPE_LOCAL_NAME = "AuthenticationAttributesType";
+
+ /** QName of the XSI type. */
+ QName TYPE_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), TYPE_LOCAL_NAME,
+ SAMLCore.STORK10P_PREFIX.getValue());
+
+
+ /**
+ * Gets the citizen country code.
+ *
+ * @return the citizen country code
+ */
+ VIDPAuthenticationAttributes getVIDPAuthenticationAttributes();
+
+
+ /**
+ * Sets the vIDP authentication attributes.
+ *
+ * @param newVIDPAuthenticationAttr the new vIDP authentication attributes
+ */
+ void setVIDPAuthenticationAttributes(VIDPAuthenticationAttributes newVIDPAuthenticationAttr);
+}
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/CitizenCountryCode.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/CitizenCountryCode.java
new file mode 100644
index 000000000..859d37feb
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/CitizenCountryCode.java
@@ -0,0 +1,56 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.auth.engine.core;
+
+import javax.xml.namespace.QName;
+
+import org.opensaml.common.SAMLObject;
+
+/**
+ * The Interface EIDCrossBorderShare.
+ * @author fjquevedo
+ */
+public interface CitizenCountryCode extends SAMLObject {
+
+ /** The Constant DEFAULT_ELEMENT_LOCAL_NAME. */
+ String DEF_LOCAL_NAME = "CitizenCountryCode";
+
+ /** The Constant DEFAULT_ELEMENT_NAME. */
+ QName DEF_ELEMENT_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), DEF_LOCAL_NAME,
+ SAMLCore.STORK10P_PREFIX.getValue());
+
+ /** The Constant TYPE_LOCAL_NAME. */
+ String TYPE_LOCAL_NAME = "CitizenCountryCodeType";
+
+ /** The Constant TYPE_NAME. */
+ QName TYPE_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), TYPE_LOCAL_NAME,
+ SAMLCore.STORK10P_PREFIX.getValue());
+
+ /**
+ * Gets the SP country.
+ *
+ * @return the sP country
+ */
+ String getCitizenCountryCode();
+
+
+ /**
+ * Sets the citizen country code.
+ *
+ * @param citizenCountryCode the new citizen country code
+ */
+ void setCitizenCountryCode(String citizenCountryCode);
+}
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/CustomAttributeQuery.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/CustomAttributeQuery.java
new file mode 100644
index 000000000..c326ae8d9
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/CustomAttributeQuery.java
@@ -0,0 +1,51 @@
+package eu.stork.peps.auth.engine.core;
+
+import java.util.List;
+import javax.xml.namespace.QName;
+
+import org.opensaml.common.xml.SAMLConstants;
+import org.opensaml.saml2.core.Attribute;
+import org.opensaml.saml2.core.Subject;
+import org.opensaml.saml2.core.SubjectQuery;
+
+public interface CustomAttributeQuery extends CustomRequestAbstractType {
+ /** Element local name. */
+ public static final String DEFAULT_ELEMENT_LOCAL_NAME = "AttributeQuery";
+
+ /** Default element name. */
+ public static final QName DEFAULT_ELEMENT_NAME = new QName(SAMLConstants.SAML20P_NS, DEFAULT_ELEMENT_LOCAL_NAME,
+ SAMLConstants.SAML20P_PREFIX);
+
+ /** Local name of the XSI type. */
+ public static final String TYPE_LOCAL_NAME = "CustomAttributeQueryType";
+
+ /** QName of the XSI type. */
+ public static final QName TYPE_NAME = new QName(SAMLConstants.SAML20P_NS, TYPE_LOCAL_NAME,
+ SAMLConstants.SAML20P_PREFIX);
+
+ /** AssertionConsumerServiceURL attribute name. */
+ public static final String ASSERTION_CONSUMER_SERVICE_URL_ATTRIB_NAME
+ = "AssertionConsumerServiceURL";
+
+ /**
+ * Gets the Attributes of this query.
+ *
+ * @return the list of Attributes of this query
+ */
+ public List<Attribute> getAttributes();
+
+ /**
+ * Gets the Subject of this request.
+ *
+ * @return the Subject of this request
+ */
+ public Subject getSubject();
+
+ /**
+ * Sets the Subject of this request.
+ *
+ * @param newSubject the Subject of this request
+ */
+ public void setSubject(Subject newSubject);
+
+}
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/CustomRequestAbstractType.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/CustomRequestAbstractType.java
new file mode 100644
index 000000000..fa847378b
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/CustomRequestAbstractType.java
@@ -0,0 +1,176 @@
+package eu.stork.peps.auth.engine.core;
+
+import javax.xml.namespace.QName;
+
+import org.joda.time.DateTime;
+import org.opensaml.common.SAMLVersion;
+import org.opensaml.common.SignableSAMLObject;
+import org.opensaml.common.xml.SAMLConstants;
+import org.opensaml.saml2.common.Extensions;
+import org.opensaml.saml2.core.Issuer;
+
+public interface CustomRequestAbstractType extends SignableSAMLObject {
+
+ /** Local name of the XSI type. */
+ public static final String TYPE_LOCAL_NAME = "RequestAbstractType";
+
+ /** QName of the XSI type. */
+ public static final QName TYPE_NAME = new QName(SAMLConstants.SAML20P_NS, TYPE_LOCAL_NAME,
+ SAMLConstants.SAML20P_PREFIX);
+
+ /** ID attribute name. */
+ public static final String ID_ATTRIB_NAME = "ID";
+
+ /** Version attribute name. */
+ public static final String VERSION_ATTRIB_NAME = "Version";
+
+ /** IssueInstant attribute name. */
+ public static final String ISSUE_INSTANT_ATTRIB_NAME = "IssueInstant";
+
+ /** Destination attribute name. */
+ public static final String DESTINATION_ATTRIB_NAME = "Destination";
+
+ /** Destination attribute name. */
+ public static final String ASSERTION_CONSUMER_SERVICE_URL_ATTRIB_NAME = "AssertionConsumerServiceURL";
+
+ /** Consent attribute name. */
+ public static final String CONSENT_ATTRIB_NAME = "Consent";
+
+ /** Unspecified consent URI. */
+ public static final String UNSPECIFIED_CONSENT = "urn:oasis:names:tc:SAML:2.0:consent:unspecified";
+
+ /** Obtained consent URI. */
+ public static final String OBTAINED_CONSENT = "urn:oasis:names:tc:SAML:2.0:consent:obtained";
+
+ /** Prior consent URI. */
+ public static final String PRIOR_CONSENT = "urn:oasis:names:tc:SAML:2.0:consent:prior";
+
+ /** Implicit consent URI. */
+ public static final String IMPLICIT_CONSENT = "urn:oasis:names:tc:SAML:2.0:consent:current-implicit";
+
+ /** Explicit consent URI. */
+ public static final String EXPLICIT_CONSENT = "urn:oasis:names:tc:SAML:2.0:consent:current-explicit";
+
+ /** Unavailable consent URI. */
+ public static final String UNAVAILABLE_CONSENT = "urn:oasis:names:tc:SAML:2.0:consent:unavailable";
+
+ /** Inapplicable consent URI. */
+ public static final String INAPPLICABLE_CONSENT = "urn:oasis:names:tc:SAML:2.0:consent:inapplicable";
+
+ /**
+ * Gets the SAML Version of this request.
+ *
+ * @return the SAML Version of this request.
+ */
+ public SAMLVersion getVersion();
+
+ /**
+ * Sets the SAML Version of this request.
+ *
+ * @param newVersion the SAML Version of this request
+ */
+ public void setVersion(SAMLVersion newVersion);
+
+ /**
+ * Gets the unique identifier of the request.
+ *
+ * @return the unique identifier of the request
+ */
+ public String getID();
+
+ /**
+ * Sets the unique identifier of the request.
+ *
+ * @param newID the unique identifier of the request
+ */
+
+ public void setID(String newID);
+
+ /**
+ * Gets the date/time the request was issued.
+ *
+ * @return the date/time the request was issued
+ */
+
+ public DateTime getIssueInstant();
+
+ /**
+ * Sets the date/time the request was issued.
+ *
+ * @param newIssueInstant the date/time the request was issued
+ */
+ public void setIssueInstant(DateTime newIssueInstant);
+
+ /**
+ * Gets the URI of the destination of the request.
+ *
+ * @return the URI of the destination of the request
+ */
+ public String getDestination();
+
+ /**
+ * Sets the URI of the destination of the request.
+ *
+ * @param newDestination the URI of the destination of the request
+ */
+ public void setDestination(String newDestination);
+
+ /**
+ * Sets the index of the particular Assertion Consumer Service to which the response to this request should be
+ * delivered.
+ *
+ * @param newAssertionConsumerServiceIndex the new value of the AssertionConsumerServiceIndex attribute
+ */
+ public void setAssertionConsumerServiceURL(String newServiceUrl);
+
+ /**
+ * Gets the URL of the particular Assertion Consumer Service to which the response to this request should be
+ * delivered.
+ *
+ * @return the value of the AssertionConsumerServiceURL attribute
+ */
+ public String getAssertionConsumerServiceURL();
+
+ /**
+ * Gets the consent obtained from the principal for sending this request.
+ *
+ * @return the consent obtained from the principal for sending this request
+ */
+ public String getConsent();
+
+ /**
+ * Sets the consent obtained from the principal for sending this request.
+ *
+ * @param newConsent the new consent obtained from the principal for sending this request
+ */
+ public void setConsent(String newConsent);
+
+ /**
+ * Gets the issuer of this request.
+ *
+ * @return the issuer of this request
+ */
+ public Issuer getIssuer();
+
+ /**
+ * Sets the issuer of this request.
+ *
+ * @param newIssuer the issuer of this request
+ */
+ public void setIssuer(Issuer newIssuer);
+
+ /**
+ * Gets the Extensions of this request.
+ *
+ * @return the Status of this request
+ */
+ public Extensions getExtensions();
+
+ /**
+ * Sets the Extensions of this request.
+ *
+ * @param newExtensions the Extensions of this request
+ */
+ public void setExtensions(Extensions newExtensions);
+
+}
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/EIDCrossBorderShare.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/EIDCrossBorderShare.java
new file mode 100644
index 000000000..c892eae78
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/EIDCrossBorderShare.java
@@ -0,0 +1,58 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.auth.engine.core;
+
+import javax.xml.namespace.QName;
+
+import org.opensaml.common.SAMLObject;
+
+/**
+ * The Interface EIDCrossBorderShare.
+ * @author fjquevedo
+ */
+public interface EIDCrossBorderShare extends SAMLObject {
+
+ /** The Constant DEFAULT_ELEMENT_LOCAL_NAME. */
+ String DEF_LOCAL_NAME = "eIDCrossBorderShare";
+
+ /** The Constant DEFAULT_ELEMENT_NAME. */
+ QName DEF_ELEMENT_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), DEF_LOCAL_NAME,
+ SAMLCore.STORK10P_PREFIX.getValue());
+
+ /** The Constant TYPE_LOCAL_NAME. */
+ String TYPE_LOCAL_NAME = "eIDCrossBorderShareType";
+
+ /** The Constant TYPE_NAME. */
+ QName TYPE_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), TYPE_LOCAL_NAME,
+ SAMLCore.STORK10P_PREFIX.getValue());
+
+
+ /**
+ * Gets the eID cross border share.
+ *
+ * @return the eID cross border share
+ */
+ String getEIDCrossBorderShare();
+
+
+ /**
+ * Sets the eID cross border share.
+ *
+ * @param eIDCrossBorderShare the new eID cross border share
+ */
+ void setEIDCrossBorderShare(String eIDCrossBorderShare);
+
+}
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/EIDCrossSectorShare.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/EIDCrossSectorShare.java
new file mode 100644
index 000000000..f879914f9
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/EIDCrossSectorShare.java
@@ -0,0 +1,56 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.auth.engine.core;
+
+import javax.xml.namespace.QName;
+
+import org.opensaml.common.SAMLObject;
+
+/**
+ * The Interface EIDCrossSectorShare.
+ * @author fjquevedo
+ */
+public interface EIDCrossSectorShare extends SAMLObject {
+
+ /** The Constant DEFAULT_ELEMENT_LOCAL_NAME. */
+ String ELEM_LOCAL_NAME = "eIDCrossSectorShare";
+
+ /** The Constant DEFAULT_ELEMENT_NAME. */
+ QName DEF_ELEMENT_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), ELEM_LOCAL_NAME,
+ SAMLCore.STORK10P_PREFIX.getValue());
+
+ /** The Constant TYPE_LOCAL_NAME. */
+ String TYPE_LOCAL_NAME = "eIDCrossSectorShareType";
+
+ /** The Constant TYPE_NAME. */
+ QName TYPE_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), TYPE_LOCAL_NAME,
+ SAMLCore.STORK10P_PREFIX.getValue());
+
+ /**
+ * Gets the eID cross sector share.
+ *
+ * @return the eID cross sector share
+ */
+ String getEIDCrossSectorShare();
+
+ /**
+ * Sets the eID cross sector share.
+ *
+ * @param eIDCrossSectorShare the new eID cross sector share
+ */
+ void setEIDCrossSectorShare(String eIDCrossSectorShare);
+
+}
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/EIDSectorShare.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/EIDSectorShare.java
new file mode 100644
index 000000000..dc88f3318
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/EIDSectorShare.java
@@ -0,0 +1,57 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.auth.engine.core;
+
+import javax.xml.namespace.QName;
+
+import org.opensaml.common.SAMLObject;
+
+/**
+ * The Interface EIDSectorShare.
+ * @author fjquevedo
+ */
+public interface EIDSectorShare extends SAMLObject {
+
+ /** The Constant DEFAULT_ELEMENT_LOCAL_NAME. */
+ String DEF_LOCAL_NAME = "eIDSectorShare";
+
+ /** The Constant DEFAULT_ELEMENT_NAME. */
+ QName DEF_ELEMENT_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), DEF_LOCAL_NAME,
+ SAMLCore.STORK10P_PREFIX.getValue());
+
+ /** The Constant TYPE_LOCAL_NAME. */
+ String TYPE_LOCAL_NAME = "eIDSectorShare";
+
+ /** The Constant TYPE_NAME. */
+ QName TYPE_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), TYPE_LOCAL_NAME,
+ SAMLCore.STORK10P_PREFIX.getValue());
+
+
+ /**
+ * Gets the eID sector share.
+ *
+ * @return the eID sector share
+ */
+ String getEIDSectorShare();
+
+ /**
+ * Sets the eID sector share.
+ *
+ * @param eIDSectorShare the new eID sector share
+ */
+ void setEIDSectorShare(String eIDSectorShare);
+
+}
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/QAAAttribute.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/QAAAttribute.java
new file mode 100644
index 000000000..2c09cf85b
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/QAAAttribute.java
@@ -0,0 +1,63 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.auth.engine.core;
+
+import javax.xml.namespace.QName;
+
+import org.opensaml.common.SAMLObject;
+
+/**
+ * STORK Quality Authentication Assurance Level Attribute Interface.
+ *
+ * @author fjquevedo
+ */
+public interface QAAAttribute extends SAMLObject {
+
+ /** Element local name. */
+ String DEF_LOCAL_NAME = "QualityAuthenticationAssuranceLevel";
+
+ /** Default element name. */
+ QName DEF_ELEMENT_NAME = new QName(SAMLCore.STORK10_NS.getValue(), DEF_LOCAL_NAME,
+ SAMLCore.STORK10_PREFIX.getValue());
+
+ /** Local name of the XSI type. */
+ String TYPE_LOCAL_NAME = "QualityAuthenticationAssuranceLevelAbstractType";
+
+ /** QName of the XSI type. */
+ QName TYPE_NAME = new QName(SAMLCore.STORK10_NS.getValue(), TYPE_LOCAL_NAME,
+ SAMLCore.STORK10_PREFIX.getValue());
+
+ /** The minimum value allowed. */
+ int MIN_VALUE = 1;
+
+ /** The Max value allowed. */
+ int MAX_VALUE = 4;
+
+ /**
+ * Gets the qAA level.
+ *
+ * @return the qAA level
+ */
+ String getQaaLevel();
+
+ /**
+ * Sets the qAA level.
+ *
+ * @param qaaLevel the new qAA level
+ *
+ */
+ void setQaaLevel(String qaaLevel);
+}
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/RequestedAttribute.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/RequestedAttribute.java
new file mode 100644
index 000000000..02be9e104
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/RequestedAttribute.java
@@ -0,0 +1,140 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.auth.engine.core;
+
+import java.util.List;
+
+import javax.xml.namespace.QName;
+
+import org.opensaml.common.SAMLObject;
+import org.opensaml.xml.AttributeExtensibleXMLObject;
+import org.opensaml.xml.schema.XSBooleanValue;
+import org.opensaml.xml.XMLObject;
+
+/**
+ * The Interface RequestedAttribute.
+ *
+ * @author fjquevedo
+ */
+public interface RequestedAttribute extends SAMLObject,
+ AttributeExtensibleXMLObject {
+
+ /** Element local name. */
+ String DEF_LOCAL_NAME = "RequestedAttribute";
+
+ /** Default element name. */
+ QName DEF_ELEMENT_NAME = new QName(SAMLCore.STORK10_NS.getValue(), DEF_LOCAL_NAME,
+ SAMLCore.STORK10_PREFIX.getValue());
+
+ /** Local name of the XSI type. */
+ String TYPE_LOCAL_NAME = "RequestedAttributeAbstractType";
+
+ /** QName of the XSI type. */
+ QName TYPE_NAME = new QName(SAMLCore.STORK10_NS.getValue(), TYPE_LOCAL_NAME,
+ SAMLCore.STORK10_PREFIX.getValue());
+
+ /** NAME_ATTRIB_NAME attribute name. */
+ String NAME_ATTRIB_NAME = "Name";
+
+ /** NAME_FORMAT_ATTRIB_NAME attribute name. */
+ String NAME_FORMAT_ATTR = "NameFormat";
+
+ /** IS_REQUIRED_ATTRIB_NAME attribute name. */
+ String IS_REQUIRED_ATTR = "isRequired";
+
+ /** FRIENDLY_NAME_ATTRIB_NAME attribute name. */
+ String FRIENDLY_NAME_ATT = "FriendlyName";
+
+ /** Unspecified attribute format ID. */
+ String UNSPECIFIED = "urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified";
+
+ /** URI reference attribute format ID. */
+ String URI_REFERENCE = "urn:oasis:names:tc:SAML:2.0:attrname-format:uri";
+
+ /** Basic attribute format ID. */
+ String BASIC = "urn:oasis:names:tc:SAML:2.0:attrname-format:basic";
+
+ /**
+ * Gets the name.
+ *
+ * @return the name
+ */
+ String getName();
+
+ /**
+ * Sets the name.
+ *
+ * @param name the new name
+ */
+ void setName(String name);
+
+ /**
+ * Gets the name format.
+ *
+ * @return the name format
+ */
+ String getNameFormat();
+
+ /**
+ * Sets the name format.
+ *
+ * @param nameFormat the new name format
+ */
+ void setNameFormat(String nameFormat);
+
+ /**
+ * Gets the friendly name.
+ *
+ * @return the friendly name
+ */
+ String getFriendlyName();
+
+ /**
+ * Sets the friendly name.
+ *
+ * @param friendlyName the new friendly name
+ */
+ void setFriendlyName(String friendlyName);
+
+ /**
+ * Gets the checks if is required.
+ *
+ * @return the checks if is required
+ */
+ String isRequired();
+
+ /**
+ * Gets the checks if is required xs boolean.
+ *
+ * @return the checks if is required xs boolean
+ */
+ String getIsRequiredXSBoolean();
+
+ /**
+ * Sets the checks if is required.
+ *
+ * @param newIsRequired the new checks if is required
+ */
+ void setIsRequired(String newIsRequired);
+
+ /**
+ * Gets the attribute values.
+ *
+ * @return the attribute values
+ */
+ List<XMLObject> getAttributeValues();
+
+}
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/RequestedAttributes.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/RequestedAttributes.java
new file mode 100644
index 000000000..9004b10f4
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/RequestedAttributes.java
@@ -0,0 +1,51 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.auth.engine.core;
+
+import java.util.List;
+
+import javax.xml.namespace.QName;
+
+import org.opensaml.common.SAMLObject;
+
+/**
+ * The Interface RequestedAttributes.
+ *
+ * @author fjquevedo
+ */
+public interface RequestedAttributes extends SAMLObject {
+
+ /** The Constant DEFAULT_ELEMENT_LOCAL_NAME. */
+ String DEF_LOCAL_NAME = "RequestedAttributes";
+
+ /** Default element name. */
+ QName DEF_ELEMENT_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), DEF_LOCAL_NAME,
+ SAMLCore.STORK10P_PREFIX.getValue());
+
+ /** Local name of the XSI type. */
+ String TYPE_LOCAL_NAME = "RequestedAttributesType";
+
+ /** QName of the XSI type. */
+ QName TYPE_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), TYPE_LOCAL_NAME,
+ SAMLCore.STORK10P_PREFIX.getValue());
+
+ /**
+ * Gets the attributes.
+ *
+ * @return the attributes
+ */
+ List<RequestedAttribute> getAttributes();
+}
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SAMLCore.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SAMLCore.java
new file mode 100644
index 000000000..e511bbaeb
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SAMLCore.java
@@ -0,0 +1,98 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.auth.engine.core;
+
+/**
+ * The Enumeration SAMLCore.
+ *
+ * @author fjquevedo
+ */
+
+public enum SAMLCore {
+
+ /** The consent authentication request. */
+ CONSENT_AUTHN_REQ("consentAuthnRequest"),
+
+ /** The consent authentication response. */
+ CONSENT_AUTHN_RES("consentAuthnResponse"),
+
+ /** The FORC e_ auth n_ tag. */
+ FORCE_AUTHN_TAG("forceAuthN"),
+
+ /** The I s_ passiv e_ tag. */
+ IS_PASSIVE_TAG("isPassive"),
+
+ /** The FORMA t_ entity. */
+ FORMAT_ENTITY("formatEntity"),
+
+ /** The FRIENDLY name. */
+ FRIENDLY_NAME("friendlyName"),
+
+ /** The IS_REQUIRED AN ATTRIBUTE */
+ IS_REQUIRED("isRequired"),
+
+ /** The PRO t_ bindin g_ tag. */
+ PROT_BINDING_TAG("protocolBinding"),
+
+ /** The ASSER t_ con s_ tag. */
+ ASSERT_CONS_TAG("assertionConsumerServiceURL"),
+
+ /** The REQUESTE r_ tag. */
+ REQUESTER_TAG("requester"),
+
+ /** The RESPONDE r_ tag. */
+ RESPONDER_TAG("responder"),
+
+ /** The STOR k10_ ns. */
+ STORK10_NS("urn:eu:stork:names:tc:STORK:1.0:assertion"),
+
+ /** The STOR k10 p_ ns. */
+ STORK10P_NS("urn:eu:stork:names:tc:STORK:1.0:protocol"),
+
+ /** The STOR k10_ prefix. */
+ STORK10_PREFIX("stork"),
+
+ /** The STOR k10 p_ prefix. */
+ STORK10P_PREFIX("storkp"),
+
+ /** The STOR k10_ bas e_ uri. */
+ STORK10_BASE_URI("http://www.stork.gov.eu/1.0/"),
+
+ /** The ON e_ tim e_ use. */
+ ONE_TIME_USE("oneTimeUse");
+
+ /** The value. */
+ private String value;
+
+ /**
+ * Instantiates a new sAML core.
+ *
+ * @param fullName the full name
+ */
+ private SAMLCore(final String fullName) {
+ this.value = fullName;
+ }
+
+ /**
+ * Gets the value.
+ *
+ * @return the value
+ */
+ public String getValue() {
+ return value;
+ }
+
+}
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SAMLEngineSignI.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SAMLEngineSignI.java
new file mode 100644
index 000000000..b382646be
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SAMLEngineSignI.java
@@ -0,0 +1,88 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.auth.engine.core;
+
+import java.security.KeyStore;
+import java.security.cert.X509Certificate;
+
+import org.opensaml.common.SAMLObject;
+import org.opensaml.common.SignableSAMLObject;
+
+import eu.stork.peps.exceptions.SAMLEngineException;
+
+/**
+ * The Interface SAMLEngineSignI.
+ *
+ * @author fjquevedo
+ */
+public interface SAMLEngineSignI {
+
+ /**
+ * Sign.
+ *
+ * @param tokenSaml the token SAML
+ *
+ * @return the sAML object
+ *
+ * @throws SAMLEngineException the SAML engine exception
+ */
+ SAMLObject sign(SignableSAMLObject tokenSaml) throws SAMLEngineException;
+
+ /**
+ * Gets the certificate.
+ *
+ * @return the certificate
+ */
+ X509Certificate getCertificate();
+
+ /**
+ * Gets the trustStore used when validating SAMLTokens
+ *
+ * @return the trustStore
+ *
+ */
+ KeyStore getTrustStore();
+
+ /**
+ * Validate signature.
+ *
+ * @param tokenSaml the token SAML
+ *
+ * @return the sAML object
+ *
+ * @throws SAMLEngineException the SAML engine exception
+ */
+ SAMLObject validateSignature(SignableSAMLObject tokenSaml)
+ throws SAMLEngineException;
+
+ /**
+ * Initialize the signature module.
+ *
+ * @param fileConf the configuration file.
+ *
+ * @throws SAMLEngineException the STORKSAML engine runtime
+ * exception
+ */
+ void init(String fileConf) throws SAMLEngineException;
+
+ /**
+ * Load cryptographic service provider.
+ *
+ * @throws SAMLEngineException the SAML engine exception
+ */
+ void loadCryptServiceProvider() throws SAMLEngineException;
+
+}
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SPApplication.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SPApplication.java
new file mode 100644
index 000000000..9ace6d37c
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SPApplication.java
@@ -0,0 +1,56 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.auth.engine.core;
+
+import javax.xml.namespace.QName;
+
+import org.opensaml.common.SAMLObject;
+
+/**
+ * The Interface SPApplication.
+ *
+ * @author fjquevedo
+ */
+public interface SPApplication extends SAMLObject {
+
+ /** The Constant DEFAULT_ELEMENT_LOCAL_NAME. */
+ String DEF_LOCAL_NAME = "spApplication";
+
+ /** The Constant DEFAULT_ELEMENT_NAME. */
+ QName DEF_ELEMENT_NAME = new QName(SAMLCore.STORK10_NS.getValue(), DEF_LOCAL_NAME,
+ SAMLCore.STORK10_PREFIX.getValue());
+
+ /** The Constant TYPE_LOCAL_NAME. */
+ String TYPE_LOCAL_NAME = "spApplicationType";
+
+ /** The Constant TYPE_NAME. */
+ QName TYPE_NAME = new QName(SAMLCore.STORK10_NS.getValue(), TYPE_LOCAL_NAME,
+ SAMLCore.STORK10_PREFIX.getValue());
+
+ /**
+ * Gets the service provider application.
+ *
+ * @return the service provider application
+ */
+ String getSPApplication();
+
+ /**
+ * Sets the service provider application.
+ *
+ * @param spApplication the new service provider application
+ */
+ void setSPApplication(String spApplication);
+}
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SPCountry.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SPCountry.java
new file mode 100644
index 000000000..569ea48c2
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SPCountry.java
@@ -0,0 +1,56 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.auth.engine.core;
+
+import javax.xml.namespace.QName;
+
+import org.opensaml.common.SAMLObject;
+
+/**
+ * The Interface SPCountry.
+ *
+ * @author fjquevedo
+ */
+public interface SPCountry extends SAMLObject {
+
+ /** The Constant DEFAULT_ELEMENT_LOCAL_NAME. */
+ String DEF_LOCAL_NAME = "spCountry";
+
+ /** The Constant DEFAULT_ELEMENT_NAME. */
+ QName DEF_ELEMENT_NAME = new QName(SAMLCore.STORK10_NS.getValue(), DEF_LOCAL_NAME,
+ SAMLCore.STORK10_PREFIX.getValue());
+
+ /** The Constant TYPE_LOCAL_NAME. */
+ String TYPE_LOCAL_NAME = "spCountryType";
+
+ /** The Constant TYPE_NAME. */
+ QName TYPE_NAME = new QName(SAMLCore.STORK10_NS.getValue(), TYPE_LOCAL_NAME,
+ SAMLCore.STORK10_PREFIX.getValue());
+
+ /**
+ * Gets the service provider country.
+ *
+ * @return the service provider country
+ */
+ String getSPCountry();
+
+ /**
+ * Sets the service provider country.
+ *
+ * @param spCountry the new service provider country
+ */
+ void setSPCountry(String spCountry);
+}
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SPID.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SPID.java
new file mode 100644
index 000000000..c0cf02ad0
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SPID.java
@@ -0,0 +1,56 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.auth.engine.core;
+
+import javax.xml.namespace.QName;
+
+import org.opensaml.common.SAMLObject;
+
+/**
+ * The Interface EIDCrossBorderShare.
+ * @author iinigo
+ */
+public interface SPID extends SAMLObject {
+
+ /** The Constant DEFAULT_ELEMENT_LOCAL_NAME. */
+ String DEF_LOCAL_NAME = "SPID";
+
+ /** The Constant DEFAULT_ELEMENT_NAME. */
+ QName DEF_ELEMENT_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), DEF_LOCAL_NAME,
+ SAMLCore.STORK10P_PREFIX.getValue());
+
+ /** The Constant TYPE_LOCAL_NAME. */
+ String TYPE_LOCAL_NAME = "SPIDType";
+
+ /** The Constant TYPE_NAME. */
+ QName TYPE_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), TYPE_LOCAL_NAME,
+ SAMLCore.STORK10P_PREFIX.getValue());
+
+ /**
+ * Gets the SP ID.
+ *
+ * @return the SP ID
+ */
+ String getSPID();
+
+
+ /**
+ * Sets the SP ID.
+ *
+ * @param SPID the new SP ID
+ */
+ void setSPID(String newSPID);
+}
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SPInformation.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SPInformation.java
new file mode 100644
index 000000000..34ba9c9c5
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SPInformation.java
@@ -0,0 +1,56 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.auth.engine.core;
+
+import javax.xml.namespace.QName;
+
+import org.opensaml.common.SAMLObject;
+
+/**
+ * The Interface EIDCrossBorderShare.
+ * @author iinigo
+ */
+public interface SPInformation extends SAMLObject {
+
+ /** The Constant DEFAULT_ELEMENT_LOCAL_NAME. */
+ String DEF_LOCAL_NAME = "SPInformation";
+
+ /** The Constant DEFAULT_ELEMENT_NAME. */
+ QName DEF_ELEMENT_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), DEF_LOCAL_NAME,
+ SAMLCore.STORK10P_PREFIX.getValue());
+
+ /** The Constant TYPE_LOCAL_NAME. */
+ String TYPE_LOCAL_NAME = "SPInformationType";
+
+ /** The Constant TYPE_NAME. */
+ QName TYPE_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), TYPE_LOCAL_NAME,
+ SAMLCore.STORK10P_PREFIX.getValue());
+
+ /**
+ * Gets the SP Id.
+ *
+ * @return the SP Id
+ */
+ SPID getSPID();
+
+
+ /**
+ * Sets the SP Id.
+ *
+ * @param newSPId the new SP Id
+ */
+ void setSPID(SPID newSPID);
+}
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SPInstitution.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SPInstitution.java
new file mode 100644
index 000000000..33dad474b
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SPInstitution.java
@@ -0,0 +1,56 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.auth.engine.core;
+
+import javax.xml.namespace.QName;
+
+import org.opensaml.common.SAMLObject;
+
+/**
+ * The Interface EIDCrossBorderShare.
+ *
+ * @author fjquevedo
+ */
+public interface SPInstitution extends SAMLObject {
+
+ /** The Constant DEFAULT_ELEMENT_LOCAL_NAME. */
+ String DEF_LOCAL_NAME = "spInstitution";
+
+ /** The Constant DEFAULT_ELEMENT_NAME. */
+ QName DEF_ELEMENT_NAME = new QName(SAMLCore.STORK10_NS.getValue(), DEF_LOCAL_NAME,
+ SAMLCore.STORK10_PREFIX.getValue());
+
+ /** The Constant TYPE_LOCAL_NAME. */
+ String TYPE_LOCAL_NAME = "spInstitutionType";
+
+ /** The Constant TYPE_NAME. */
+ QName TYPE_NAME = new QName(SAMLCore.STORK10_NS.getValue(), TYPE_LOCAL_NAME,
+ SAMLCore.STORK10_PREFIX.getValue());
+
+ /**
+ * Gets the service provider institution.
+ *
+ * @return the service provider institution
+ */
+ String getSPInstitution();
+
+ /**
+ * Sets the service provider institution.
+ *
+ * @param spInstitution the new service provider institution
+ */
+ void setSPInstitution(String spInstitution);
+}
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SPSector.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SPSector.java
new file mode 100644
index 000000000..1f49a4015
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SPSector.java
@@ -0,0 +1,56 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.auth.engine.core;
+
+import javax.xml.namespace.QName;
+
+import org.opensaml.common.SAMLObject;
+
+/**
+ * The Interface SPSector.
+ *
+ * @author fjquevedo
+ */
+public interface SPSector extends SAMLObject {
+
+ /** The Constant DEFAULT_ELEMENT_LOCAL_NAME. */
+ String DEF_LOCAL_NAME = "spSector";
+
+ /** The Constant DEFAULT_ELEMENT_NAME. */
+ QName DEF_ELEMENT_NAME = new QName(SAMLCore.STORK10_NS.getValue(), DEF_LOCAL_NAME,
+ SAMLCore.STORK10_PREFIX.getValue());
+
+ /** The Constant TYPE_LOCAL_NAME. */
+ String TYPE_LOCAL_NAME = "spSectorType";
+
+ /** The Constant TYPE_NAME. */
+ QName TYPE_NAME = new QName(SAMLCore.STORK10_NS.getValue(), TYPE_LOCAL_NAME,
+ SAMLCore.STORK10_PREFIX.getValue());
+
+ /**
+ * Gets the service provider sector.
+ *
+ * @return the service provider sector
+ */
+ String getSPSector();
+
+ /**
+ * Sets the service provider sector.
+ *
+ * @param spSector the new service provider sector
+ */
+ void setSPSector(String spSector);
+}
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/STORKSAMLCore.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/STORKSAMLCore.java
new file mode 100644
index 000000000..19c71dd74
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/STORKSAMLCore.java
@@ -0,0 +1,508 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.auth.engine.core;
+
+import java.util.Properties;
+
+import org.apache.commons.lang.StringUtils;
+import org.opensaml.common.xml.SAMLConstants;
+import org.opensaml.saml2.core.NameIDType;
+import org.opensaml.saml2.core.RequestAbstractType;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import eu.stork.peps.exceptions.SAMLEngineException;
+import eu.stork.peps.exceptions.STORKSAMLEngineRuntimeException;
+
+/**
+ * The Class SAMLCore.
+ *
+ * @author fjquevedo
+ */
+public final class STORKSAMLCore {
+
+ /** The Constant LOGGER. */
+ private static final Logger LOGGER = LoggerFactory
+ .getLogger(STORKSAMLCore.class.getName());
+
+ /** The consent authentication request. */
+ private String consentAuthnReq = null;
+
+ /** The consent authentication response. */
+ private String consentAuthnResp = null;
+
+ /** The id cross border share. */
+ private String eIDCrossBordShare = null;
+
+ /** The e id cross sect share. */
+ private String eIDCrossSectShare = null;
+
+ /** The e id sector share. */
+ private String eIDSectorShare = null;
+
+ /** The format entity. */
+ private String formatEntity = null;
+
+ /** The friendly name. */
+ private boolean friendlyName = false;
+
+ /** The IP validation. */
+ private boolean ipValidation = false;
+
+ /** The one time use. */
+ private boolean oneTimeUse = true;
+
+ /** The protocol binding. */
+ private String protocolBinding = null;
+
+ /** The requester. */
+ private String requester = null;
+
+
+ /** The responder. */
+ private String responder = null;
+
+ /** The SAML core properties. */
+ private Properties samlCoreProp = null;
+
+ /** The time not on or after. */
+ private Integer timeNotOnOrAfter = null;
+
+ /** The is required parameter. */
+ private boolean isRequired = true;
+
+ private static final String SAML_ENGINE_LITERAL = "SamlEngine.xml: ";
+
+ /**
+ * Gets the isRequired.
+ *
+ * @return the isRequired
+ */
+ public boolean isRequired() {
+ return isRequired;
+ }
+
+ /**
+ * Sets the isRequired.
+ *
+ * @param isRequired the required.
+ */
+ public void setRequired(boolean isRequired) {
+ this.isRequired = isRequired;
+ }
+
+ /**
+ * Instantiates a new sAML core.
+ *
+ * @param instance the instance
+ */
+ public STORKSAMLCore(final Properties instance) {
+ loadConfiguration(instance);
+ }
+
+ /**
+ * Gets the consent.
+ *
+ * @return the consent
+ */
+ public String getConsentAuthnRequest() {
+ return consentAuthnReq;
+ }
+
+ /**
+ * Gets the consent authentication response.
+ *
+ * @return the consent authentication response.
+ */
+ public String getConsentAuthnResp() {
+ return consentAuthnResp;
+ }
+
+ /**
+ * Gets the consent authentication response.
+ *
+ * @return the consent authentication response
+ */
+ public String getConsentAuthnResponse() {
+ return consentAuthnResp;
+ }
+
+ /**
+ * Gets the format entity.
+ *
+ * @return the format entity
+ */
+ public String getFormatEntity() {
+ return formatEntity;
+ }
+
+ /**
+ * Gets the property.
+ *
+ * @param key the key
+ *
+ * @return the property
+ */
+ public String getProperty(final String key) {
+ return samlCoreProp.getProperty(key);
+ }
+
+ /**
+ * Gets the protocol binding.
+ *
+ * @return the protocol binding
+ */
+ public String getProtocolBinding() {
+ return protocolBinding;
+ }
+
+ /**
+ * Gets the requester.
+ *
+ * @return the requester
+ */
+ public String getRequester() {
+ return requester;
+ }
+
+ /**
+ * Gets the responder.
+ *
+ * @return the responder
+ */
+ public String getResponder() {
+ return responder;
+ }
+
+ /**
+ * Gets the time not on or after.
+ *
+ * @return the time not on or after
+ */
+ public Integer getTimeNotOnOrAfter() {
+ return timeNotOnOrAfter;
+ }
+
+ /**
+ * Checks if is e id cross border share.
+ *
+ * @return true, if is e id cross border share
+ */
+ public String iseIDCrossBorderShare() {
+ return eIDCrossBordShare;
+ }
+
+ /**
+ * Checks if is e id cross border share.
+ *
+ * @return true, if is e id cross border share
+ */
+ public String iseIDCrossBordShare() {
+ return eIDCrossBordShare;
+ }
+
+ /**
+ * Checks if is e id cross sector share.
+ *
+ * @return true, if is e id cross sector share
+ */
+ public String iseIDCrossSectorShare() {
+ return eIDCrossSectShare;
+ }
+
+ /**
+ * Checks if is e id cross sect share.
+ *
+ * @return true, if is e id cross sect share
+ */
+ public String iseIDCrossSectShare() {
+ return eIDCrossSectShare;
+ }
+
+ /**
+ * Checks if is e id sector share.
+ *
+ * @return true, if is e id sector share
+ */
+ public String iseIDSectorShare() {
+ return eIDSectorShare;
+ }
+
+ /**
+ * Checks if is friendly name.
+ *
+ * @return true, if checks if is friendly name
+ */
+ public boolean isFriendlyName() {
+ return friendlyName;
+ }
+
+ /**
+ * Checks if is IP validation.
+ *
+ * @return true, if is IP validation
+ */
+ public boolean isIpValidation() {
+ return ipValidation;
+ }
+
+ /**
+ * Checks if is one time use.
+ *
+ * @return true, if is one time use
+ */
+ public boolean isOneTimeUse() {
+ return oneTimeUse;
+ }
+
+ /**
+ * Method that loads the configuration file for the SAML Engine.
+ *
+ * @param instance the instance of the Engine properties.
+ */
+ private void loadConfiguration(final Properties instance) {
+
+ try {
+ LOGGER.info("SAMLCore: Loading SAMLEngine properties.");
+
+ samlCoreProp = instance;
+
+ final String parameter = samlCoreProp
+ .getProperty(SAMLCore.FORMAT_ENTITY.getValue());
+
+ if ("entity".equalsIgnoreCase(parameter)) {
+ formatEntity = NameIDType.ENTITY;
+ }
+
+ friendlyName = Boolean.valueOf(samlCoreProp
+ .getProperty(SAMLCore.FRIENDLY_NAME.getValue()));
+
+ String isRequiredValue = samlCoreProp.
+ getProperty(SAMLCore.IS_REQUIRED.getValue());
+ if (isRequiredValue != null) {
+ isRequired = Boolean.valueOf(isRequiredValue);
+ }
+
+ eIDSectorShare = samlCoreProp
+ .getProperty("eIDSectorShare");
+ eIDCrossSectShare = samlCoreProp
+ .getProperty("eIDCrossSectorShare");
+ eIDCrossBordShare = samlCoreProp
+ .getProperty("eIDCrossBorderShare");
+
+ ipValidation = Boolean.valueOf(samlCoreProp
+ .getProperty("ipAddrValidation"));
+
+ final String oneTimeUseProp = samlCoreProp
+ .getProperty(SAMLCore.ONE_TIME_USE.getValue());
+
+ if (StringUtils.isNotBlank(oneTimeUseProp)) {
+ oneTimeUse = Boolean.valueOf(oneTimeUseProp);
+ }
+
+ // Protocol Binding
+ loadProtocolBiding();
+
+ // Consent Authentication Request
+ consentAuthnReq = samlCoreProp
+ .getProperty(SAMLCore.CONSENT_AUTHN_REQ.getValue());
+
+ if ("unspecified".equalsIgnoreCase(consentAuthnReq)) {
+ consentAuthnReq = RequestAbstractType.UNSPECIFIED_CONSENT;
+ }
+
+ loadConsentAuthResp();
+
+ timeNotOnOrAfter = Integer.valueOf(samlCoreProp
+ .getProperty("timeNotOnOrAfter"));
+
+ if (timeNotOnOrAfter.intValue() < 0) {
+ LOGGER.error(SAML_ENGINE_LITERAL + "timeNotOnOrAfter"
+ + " is negative number.");
+
+ throw new SAMLEngineException(SAML_ENGINE_LITERAL
+ + "timeNotOnOrAfter" + " is negative number.");
+ }
+
+ requester = samlCoreProp.getProperty(SAMLCore.REQUESTER_TAG.getValue());
+ responder = samlCoreProp.getProperty(SAMLCore.RESPONDER_TAG.getValue());
+
+ } catch (SAMLEngineException e) {
+ LOGGER.error("SAMLCore: error loadConfiguration. ", e);
+ throw new STORKSAMLEngineRuntimeException(e);
+ } catch (RuntimeException e) {
+ LOGGER.error("SAMLCore: error loadConfiguration. ", e);
+ throw new STORKSAMLEngineRuntimeException(e);
+ }
+ }
+
+ /**
+ * Load consent authentication response.
+ */
+ private void loadConsentAuthResp() {
+ // Consent Authentication Response
+ consentAuthnResp = samlCoreProp
+ .getProperty(SAMLCore.CONSENT_AUTHN_RES.getValue());
+
+ if ("obtained".equalsIgnoreCase(consentAuthnResp)) {
+ consentAuthnResp = RequestAbstractType.OBTAINED_CONSENT;
+ } else if ("prior".equalsIgnoreCase(consentAuthnResp)) {
+ consentAuthnResp = RequestAbstractType.PRIOR_CONSENT;
+ } else if ("curent-implicit".equalsIgnoreCase(consentAuthnResp)) {
+ consentAuthnResp =
+ "urn:oasis:names:tc:SAML:2.0:consent:current-implicit";
+ } else if ("curent-explicit".equalsIgnoreCase(consentAuthnResp)) {
+ consentAuthnResp =
+ "urn:oasis:names:tc:SAML:2.0:consent:current-explicit";
+ } else if ("unspecified".equalsIgnoreCase(consentAuthnResp)) {
+ consentAuthnResp = RequestAbstractType.UNSPECIFIED_CONSENT;
+ }
+ }
+
+ /**
+ * Load protocol biding.
+ *
+ * @throws SAMLEngineException the SAML engine exception
+ */
+ private void loadProtocolBiding() throws SAMLEngineException {
+ // Protocol Binding
+ protocolBinding = samlCoreProp.getProperty(SAMLCore.PROT_BINDING_TAG.getValue());
+
+ if (StringUtils.isBlank(protocolBinding)) {
+ LOGGER.error(SAML_ENGINE_LITERAL + SAMLCore.PROT_BINDING_TAG
+ + " it's mandatory.");
+ throw new SAMLEngineException(SAML_ENGINE_LITERAL
+ + SAMLCore.PROT_BINDING_TAG + " it's mandatory.");
+ } else if (protocolBinding.equalsIgnoreCase("HTTP-POST")) {
+ protocolBinding = SAMLConstants.SAML2_POST_BINDING_URI;
+ } else {
+ LOGGER.error(SAML_ENGINE_LITERAL + SAMLCore.PROT_BINDING_TAG
+ + " it's not supporting.");
+
+ throw new SAMLEngineException(SAML_ENGINE_LITERAL
+ + SAMLCore.PROT_BINDING_TAG + " it's not supporting.");
+ }
+ }
+
+ /**
+ * Sets the consent authentication response.
+ *
+ * @param newConsAuthnResp the new consent authentication response
+ */
+ public void setConsentAuthnResp(final String newConsAuthnResp) {
+ this.consentAuthnResp = newConsAuthnResp;
+ }
+
+ /**
+ * Sets an eID that can be shared outside of the Service Provider’s member state.
+ *
+ * @param newEIDCrossBord the new eid cross border share
+ */
+ public void setEIDCrossBordShare(final String newEIDCrossBord) {
+ this.eIDCrossBordShare = newEIDCrossBord;
+ }
+
+ /**
+ * Sets an eID that can be shared outside of the Service Provider’s sector.
+ *
+ * @param newEIDCrossSect the new eid cross sect share
+ */
+ public void setEIDCrossSectShare(final String newEIDCrossSect) {
+ this.eIDCrossSectShare = newEIDCrossSect;
+ }
+
+ /**
+ * Sets an eID that can be shared within the Service Provider’s sector.
+ *
+ * @param newEIDSectorShare the new eid sector share
+ */
+ public void seteIDSectorShare(final String newEIDSectorShare) {
+ this.eIDSectorShare = newEIDSectorShare;
+ }
+
+ /**
+ * Sets the format entity.
+ *
+ * @param newFormatEntity the new format entity
+ */
+ public void setFormatEntity(final String newFormatEntity) {
+ this.formatEntity = newFormatEntity;
+ }
+
+ /**
+ * Sets the friendly name.
+ *
+ * @param newFriendlyName the new friendly name
+ */
+ public void setFriendlyName(final boolean newFriendlyName) {
+ this.friendlyName = newFriendlyName;
+ }
+
+ /**
+ * Sets the IP validation.
+ *
+ * @param newIpValidation the new IP validation
+ */
+ public void setIpValidation(final boolean newIpValidation) {
+ this.ipValidation = newIpValidation;
+ }
+
+ /**
+ * Sets the one time use.
+ *
+ * @param newOneTimeUse the new one time use
+ */
+ public void setOneTimeUse(final boolean newOneTimeUse) {
+ this.oneTimeUse = newOneTimeUse;
+ }
+
+ /**
+ * Sets the protocol binding.
+ *
+ * @param newProtBinding the new protocol binding
+ */
+ public void setProtocolBinding(final String newProtBinding) {
+ this.protocolBinding = newProtBinding;
+ }
+
+ /**
+ * Sets the requester.
+ *
+ * @param newRequester the new requester
+ */
+ public void setRequester(final String newRequester) {
+ this.requester = newRequester;
+ }
+
+ /**
+ * Sets the responder.
+ *
+ * @param newResponder the new responder
+ */
+ public void setResponder(final String newResponder) {
+ this.responder = newResponder;
+ }
+
+ /**
+ * Sets the time not on or after.
+ *
+ * @param newTimeNotOnOrAft the new time not on or after
+ */
+ public void setTimeNotOnOrAfter(final Integer newTimeNotOnOrAft) {
+ this.timeNotOnOrAfter = newTimeNotOnOrAft;
+ }
+
+}
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/VIDPAuthenticationAttributes.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/VIDPAuthenticationAttributes.java
new file mode 100644
index 000000000..3f812393e
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/VIDPAuthenticationAttributes.java
@@ -0,0 +1,72 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.auth.engine.core;
+
+import javax.xml.namespace.QName;
+
+import org.opensaml.common.SAMLObject;
+
+/**
+ * The Interface VIDPAuthenticationAttributes.
+ *
+ * @author fjquevedo
+ */
+public interface VIDPAuthenticationAttributes extends SAMLObject {
+
+ /** The Constant DEFAULT_ELEMENT_LOCAL_NAME. */
+ String DEF_LOCAL_NAME = "VIDPAuthenticationAttributes";
+
+ /** Default element name. */
+ QName DEF_ELEMENT_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), DEF_LOCAL_NAME,
+ SAMLCore.STORK10P_PREFIX.getValue());
+
+ /** Local name of the XSI type. */
+ String TYPE_LOCAL_NAME = "VIDPAuthenticationAttributesType";
+
+ /** QName of the XSI type. */
+ QName TYPE_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), TYPE_LOCAL_NAME,
+ SAMLCore.STORK10P_PREFIX.getValue());
+
+
+ /**
+ * Gets the citizen country code.
+ *
+ * @return the citizen country code
+ */
+ CitizenCountryCode getCitizenCountryCode();
+
+ /**
+ * Sets the citizen country code.
+ *
+ * @param newCitizenCountryCode the new citizen country code
+ */
+ void setCitizenCountryCode(CitizenCountryCode newCitizenCountryCode);
+
+ /**
+ * Gets the SP information
+ *
+ * @return the SP information
+ */
+ SPInformation getSPInformation();
+
+ /**
+ * Sets the SP information
+ *
+ * @param newSPInformation the new SPInformation
+ */
+ void setSPInformation(SPInformation newSPInformation);
+
+}
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/AuthenticationAttributesBuilder.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/AuthenticationAttributesBuilder.java
new file mode 100644
index 000000000..74840e135
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/AuthenticationAttributesBuilder.java
@@ -0,0 +1,56 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.auth.engine.core.impl;
+
+import org.opensaml.common.impl.AbstractSAMLObjectBuilder;
+
+import eu.stork.peps.auth.engine.core.AuthenticationAttributes;
+
+/**
+ * The Class AuthenticationAttributesBuilder.
+ *
+ * @author fjquevedo
+ */
+public class AuthenticationAttributesBuilder extends
+ AbstractSAMLObjectBuilder<AuthenticationAttributes> {
+
+
+
+ /**
+ * Builds the object.
+ *
+ * @return the authentication attributes
+ */
+ public final AuthenticationAttributes buildObject() {
+ return buildObject(AuthenticationAttributes.DEF_ELEMENT_NAME);
+ }
+
+ /**
+ * Builds the object.
+ *
+ * @param namespaceURI the namespace URI
+ * @param localName the local name
+ * @param namespacePrefix the namespace prefix
+ *
+ * @return the authentication attributes
+ */
+ public final AuthenticationAttributes buildObject(final String namespaceURI,
+ final String localName, final String namespacePrefix) {
+ return new AuthenticationAttributesImpl(namespaceURI, localName,
+ namespacePrefix);
+ }
+
+}
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/AuthenticationAttributesImpl.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/AuthenticationAttributesImpl.java
new file mode 100644
index 000000000..1e43e7ec3
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/AuthenticationAttributesImpl.java
@@ -0,0 +1,109 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.auth.engine.core.impl;
+
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.List;
+
+import org.opensaml.common.impl.AbstractSignableSAMLObject;
+import org.opensaml.xml.XMLObject;
+
+import eu.stork.peps.auth.engine.core.AuthenticationAttributes;
+import eu.stork.peps.auth.engine.core.VIDPAuthenticationAttributes;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+/**
+ * The Class AuthenticationAttributesImpl.
+ *
+ * @author fjquevedo
+ */
+public final class AuthenticationAttributesImpl extends AbstractSignableSAMLObject implements
+AuthenticationAttributes {
+
+ private static final Logger LOGGER = LoggerFactory.getLogger(AuthenticationAttributesImpl.class.getName());
+
+ /** The indexed children. */
+ private VIDPAuthenticationAttributes vIDPAuthenAttr;
+
+ /**
+ * Instantiates a new authentication attributes implementation.
+ *
+ * @param namespaceURI the namespace uri
+ * @param elementLocalName the element local name
+ * @param namespacePrefix the namespace prefix
+ */
+ protected AuthenticationAttributesImpl(final String namespaceURI,
+ final String elementLocalName, final String namespacePrefix) {
+ super(namespaceURI, elementLocalName, namespacePrefix);
+ }
+
+ /**
+ * Gets the ordered children.
+ *
+ * @return the ordered children
+ *
+ */
+ public List<XMLObject> getOrderedChildren() {
+ final ArrayList<XMLObject> children = new ArrayList<XMLObject>();
+
+ children.add(vIDPAuthenAttr);
+
+ if (getSignature() != null) {
+ children.add(getSignature());
+ }
+
+ return Collections.unmodifiableList(children);
+ }
+
+ /**
+ * Gets the signature reference id.
+ *
+ * @return the signature reference id
+ *
+ */
+ public String getSignatureReferenceID() {
+ return null;
+ }
+
+ /**
+ * Gets the vidp authentication attributes.
+ *
+ * @return the VIDP authentication attributes
+ *
+ */
+ public VIDPAuthenticationAttributes getVIDPAuthenticationAttributes() {
+ return vIDPAuthenAttr;
+ }
+
+ /**
+ * Sets the vidp authentication attributes.
+ *
+ * @param newVIDPAuthenAttr the new vidp authen attr
+ *
+ */
+ public void setVIDPAuthenticationAttributes(
+ final VIDPAuthenticationAttributes newVIDPAuthenAttr) {
+ vIDPAuthenAttr = prepareForAssignment(this.vIDPAuthenAttr, newVIDPAuthenAttr);
+ }
+
+ @Override
+ public int hashCode() {
+ LOGGER.warn("Hashcode has been called, passed to super. Nothing foreseen here");
+ return super.hashCode();
+ }
+}
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/AuthenticationAttributesMarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/AuthenticationAttributesMarshaller.java
new file mode 100644
index 000000000..698bf56b9
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/AuthenticationAttributesMarshaller.java
@@ -0,0 +1,30 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.auth.engine.core.impl;
+
+import org.opensaml.common.impl.AbstractSAMLObjectMarshaller;
+
+/**
+ * The Class AuthenticationAttributesMarshaller.
+ *
+ * @author fjquevedo
+ */
+public class AuthenticationAttributesMarshaller extends AbstractSAMLObjectMarshaller {
+
+
+
+
+}
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/AuthenticationAttributesUnmarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/AuthenticationAttributesUnmarshaller.java
new file mode 100644
index 000000000..af3e5c234
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/AuthenticationAttributesUnmarshaller.java
@@ -0,0 +1,54 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.auth.engine.core.impl;
+
+import org.opensaml.common.impl.AbstractSAMLObjectUnmarshaller;
+import org.opensaml.xml.XMLObject;
+import org.opensaml.xml.io.UnmarshallingException;
+
+import eu.stork.peps.auth.engine.core.VIDPAuthenticationAttributes;
+
+import eu.stork.peps.auth.engine.core.AuthenticationAttributes;
+
+/**
+ * The Class AuthenticationAttributesUnmarshaller.
+ *
+ * @author fjquevedo
+ */
+public class AuthenticationAttributesUnmarshaller extends
+ AbstractSAMLObjectUnmarshaller {
+
+ /**
+ * Process child element.
+ *
+ * @param parentObject the parent object
+ * @param childObject the child object
+ *
+ * @throws UnmarshallingException the unmarshalling exception
+ *
+ */
+ protected final void processChildElement(final XMLObject parentObject,
+ final XMLObject childObject) throws UnmarshallingException {
+ final AuthenticationAttributes attrStatement = (AuthenticationAttributes) parentObject;
+
+ if (childObject instanceof VIDPAuthenticationAttributes) {
+ attrStatement.setVIDPAuthenticationAttributes((VIDPAuthenticationAttributes) childObject);
+ } else {
+ super.processChildElement(parentObject, childObject);
+ }
+ }
+
+}
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CitizenCountryCodeBuilder.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CitizenCountryCodeBuilder.java
new file mode 100644
index 000000000..64651691f
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CitizenCountryCodeBuilder.java
@@ -0,0 +1,50 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.auth.engine.core.impl;
+
+import org.opensaml.common.impl.AbstractSAMLObjectBuilder;
+
+import eu.stork.peps.auth.engine.core.CitizenCountryCode;
+
+/**
+ * The Class CitizenCountryCodeBuilder.
+ *
+ * @author fjquevedo
+ */
+public class CitizenCountryCodeBuilder extends AbstractSAMLObjectBuilder<CitizenCountryCode> {
+
+ /**
+ * Builds the object.
+ *
+ * @return the citizen country code
+ */
+ public final CitizenCountryCode buildObject() {
+ return buildObject(CitizenCountryCode.DEF_ELEMENT_NAME);
+ }
+
+ /**
+ * Builds the object.
+ *
+ * @param namespaceURI the namespace uri
+ * @param localName the local name
+ * @param namespacePrefix the namespace prefix
+ * @return the citizen country code
+ */
+ public final CitizenCountryCode buildObject(final String namespaceURI,
+ final String localName, final String namespacePrefix) {
+ return new CitizenCountryCodeImpl(namespaceURI, localName, namespacePrefix);
+ }
+} \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CitizenCountryCodeImpl.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CitizenCountryCodeImpl.java
new file mode 100644
index 000000000..4df8084a9
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CitizenCountryCodeImpl.java
@@ -0,0 +1,82 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.auth.engine.core.impl;
+
+import java.util.List;
+
+import org.opensaml.common.impl.AbstractSAMLObject;
+import org.opensaml.xml.XMLObject;
+
+import eu.stork.peps.auth.engine.core.CitizenCountryCode;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+/**
+ * The Class CitizenCountryCodeImpl.
+ *
+ * @author fjquevedo
+ */
+public class CitizenCountryCodeImpl extends AbstractSAMLObject implements CitizenCountryCode {
+
+ private static final Logger LOGGER = LoggerFactory.getLogger(CitizenCountryCodeImpl.class.getName());
+ /** The citizen country code. */
+ private String citizenCountryCode;
+
+ /**
+ * Instantiates a new sP country impl.
+ *
+ * @param namespaceURI the namespace uri
+ * @param elementLocalName the element local name
+ * @param namespacePrefix the namespace prefix
+ */
+ protected CitizenCountryCodeImpl(final String namespaceURI,
+ final String elementLocalName, final String namespacePrefix) {
+ super(namespaceURI, elementLocalName, namespacePrefix);
+ }
+
+ /**
+ * Gets the citizen country code.
+ *
+ * @return the citizen country code
+ */
+ public final String getCitizenCountryCode() {
+ return citizenCountryCode;
+ }
+
+ /**
+ * Sets the citizen country code.
+ *
+ * @param newCitizenCountryCode the new citizen country code
+ */
+ public final void setCitizenCountryCode(final String newCitizenCountryCode) {
+ this.citizenCountryCode = prepareForAssignment(this.citizenCountryCode, newCitizenCountryCode);
+ }
+
+ /**
+ * Gets the ordered children.
+ *
+ * @return the ordered children
+ */
+ public final List<XMLObject> getOrderedChildren() {
+ return null;
+ }
+
+ @Override
+ public int hashCode() {
+ LOGGER.warn("Hashcode has been called, passed to super. Nothing foreseen here");
+ return super.hashCode();
+ }
+}
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CitizenCountryCodeMarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CitizenCountryCodeMarshaller.java
new file mode 100644
index 000000000..decae04c5
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CitizenCountryCodeMarshaller.java
@@ -0,0 +1,45 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.auth.engine.core.impl;
+
+import org.opensaml.common.impl.AbstractSAMLObjectMarshaller;
+import org.opensaml.xml.XMLObject;
+import org.opensaml.xml.io.MarshallingException;
+import org.opensaml.xml.util.XMLHelper;
+import org.w3c.dom.Element;
+
+import eu.stork.peps.auth.engine.core.CitizenCountryCode;
+
+/**
+ * The Class SPCountryMarshaller.
+ *
+ * @author fjquevedo
+ */
+public class CitizenCountryCodeMarshaller extends AbstractSAMLObjectMarshaller {
+
+ /**
+ * Marshall element content.
+ *
+ * @param samlObject the SAML object
+ * @param domElement the DOM element
+ * @throws MarshallingException the marshalling exception
+ */
+ protected final void marshallElementContent(final XMLObject samlObject,
+ final Element domElement) throws MarshallingException {
+ final CitizenCountryCode citizenCountryCode = (CitizenCountryCode) samlObject;
+ XMLHelper.appendTextContent(domElement, citizenCountryCode.getCitizenCountryCode());
+ }
+} \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CitizenCountryCodeUnmarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CitizenCountryCodeUnmarshaller.java
new file mode 100644
index 000000000..93132b508
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CitizenCountryCodeUnmarshaller.java
@@ -0,0 +1,41 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.auth.engine.core.impl;
+
+import org.opensaml.common.impl.AbstractSAMLObjectUnmarshaller;
+import org.opensaml.xml.XMLObject;
+
+import eu.stork.peps.auth.engine.core.CitizenCountryCode;
+
+/**
+ * The Class CitizenCountryCodeUnmarshaller.
+ *
+ * @author fjquevedo
+ */
+public class CitizenCountryCodeUnmarshaller extends AbstractSAMLObjectUnmarshaller {
+
+ /**
+ * Process element content.
+ *
+ * @param samlObject the SAML object
+ * @param elementContent the element content
+ */
+ protected final void processElementContent(final XMLObject samlObject,
+ final String elementContent) {
+ final CitizenCountryCode citizenCountryCode = (CitizenCountryCode) samlObject;
+ citizenCountryCode.setCitizenCountryCode(elementContent);
+ }
+} \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CustomAttributeQueryBuilder.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CustomAttributeQueryBuilder.java
new file mode 100644
index 000000000..ca529d283
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CustomAttributeQueryBuilder.java
@@ -0,0 +1,26 @@
+package eu.stork.peps.auth.engine.core.impl;
+
+import org.opensaml.common.impl.AbstractSAMLObjectBuilder;
+import org.opensaml.common.xml.SAMLConstants;
+import eu.stork.peps.auth.engine.core.CustomAttributeQuery;
+
+public class CustomAttributeQueryBuilder extends AbstractSAMLObjectBuilder<CustomAttributeQuery> {
+ /**
+ * Constructor.
+ */
+ public CustomAttributeQueryBuilder() {
+
+ }
+
+ /** {@inheritDoc} */
+ public CustomAttributeQuery buildObject() {
+ return buildObject(SAMLConstants.SAML20P_NS, CustomAttributeQuery.DEFAULT_ELEMENT_LOCAL_NAME,
+ SAMLConstants.SAML20P_PREFIX);
+ }
+
+ /** {@inheritDoc} */
+ public CustomAttributeQuery buildObject(String namespaceURI, String localName, String namespacePrefix) {
+ return new CustomAttributeQueryImpl(namespaceURI, localName, namespacePrefix);
+ }
+
+}
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CustomAttributeQueryImpl.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CustomAttributeQueryImpl.java
new file mode 100644
index 000000000..e485827c8
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CustomAttributeQueryImpl.java
@@ -0,0 +1,65 @@
+package eu.stork.peps.auth.engine.core.impl;
+
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.List;
+
+import org.opensaml.saml2.core.Attribute;
+import org.opensaml.saml2.core.impl.SubjectQueryImpl;
+import org.opensaml.xml.XMLObject;
+import org.opensaml.xml.util.XMLObjectChildrenList;
+
+import eu.stork.peps.auth.engine.core.CustomAttributeQuery;
+
+
+public class CustomAttributeQueryImpl extends SubjectQueryImpl implements CustomAttributeQuery {
+ /** Attribute child elements. */
+ private final XMLObjectChildrenList<Attribute> attributes;
+ private String serviceURL;
+
+ /**
+ * Constructor.
+ *
+ * @param namespaceURI the namespace the element is in
+ * @param elementLocalName the local name of the XML element this Object represents
+ * @param namespacePrefix the prefix for the given namespace
+ */
+ protected CustomAttributeQueryImpl(String namespaceURI, String elementLocalName, String namespacePrefix) {
+ super(namespaceURI, elementLocalName, namespacePrefix);
+ attributes = new XMLObjectChildrenList<Attribute>(this);
+ }
+
+ /** {@inheritDoc} */
+ public List<Attribute> getAttributes() {
+ return attributes;
+ }
+
+ /** {@inheritDoc} */
+ public List<XMLObject> getOrderedChildren() {
+ ArrayList<XMLObject> children = new ArrayList<XMLObject>();
+
+ if (super.getOrderedChildren() != null) {
+ children.addAll(super.getOrderedChildren());
+ }
+ children.addAll(attributes);
+
+ if (children.size() == 0) {
+ return null;
+ }
+
+ return Collections.unmodifiableList(children);
+ }
+
+ @Override
+ public String getAssertionConsumerServiceURL() {
+ // TODO Auto-generated method stub
+ return this.serviceURL;
+ }
+
+ @Override
+ public void setAssertionConsumerServiceURL(String newServiceUrl) {
+ // TODO Auto-generated method stub
+ this.serviceURL = newServiceUrl;
+ }
+
+}
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CustomAttributeQueryMarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CustomAttributeQueryMarshaller.java
new file mode 100644
index 000000000..51b6a20f8
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CustomAttributeQueryMarshaller.java
@@ -0,0 +1,50 @@
+package eu.stork.peps.auth.engine.core.impl;
+
+import org.opensaml.Configuration;
+import org.opensaml.saml2.core.RequestAbstractType;
+import org.opensaml.saml2.core.impl.SubjectQueryMarshaller;
+import org.opensaml.xml.XMLObject;
+import org.opensaml.xml.io.MarshallingException;
+import org.w3c.dom.Element;
+
+import eu.stork.peps.auth.engine.core.CustomRequestAbstractType;
+
+public class CustomAttributeQueryMarshaller extends SubjectQueryMarshaller {
+
+ /** {@inheritDoc} */
+ protected void marshallAttributes(XMLObject samlObject, Element domElement) throws MarshallingException {
+ CustomRequestAbstractType req = (CustomRequestAbstractType) samlObject;
+
+ if (req.getVersion() != null) {
+ domElement.setAttributeNS(null, RequestAbstractType.VERSION_ATTRIB_NAME, req.getVersion().toString());
+ }
+
+ if (req.getID() != null) {
+ domElement.setAttributeNS(null, RequestAbstractType.ID_ATTRIB_NAME, req.getID());
+ domElement.setIdAttributeNS(null, RequestAbstractType.ID_ATTRIB_NAME, true);
+ }
+
+ if (req.getVersion() != null) {
+ domElement.setAttributeNS(null, RequestAbstractType.VERSION_ATTRIB_NAME, req.getVersion().toString());
+ }
+
+ if (req.getIssueInstant() != null) {
+ String iiStr = Configuration.getSAMLDateFormatter().print(req.getIssueInstant());
+ domElement.setAttributeNS(null, RequestAbstractType.ISSUE_INSTANT_ATTRIB_NAME, iiStr);
+ }
+
+ if (req.getDestination() != null) {
+ domElement.setAttributeNS(null, RequestAbstractType.DESTINATION_ATTRIB_NAME, req.getDestination());
+ }
+
+ if (req.getAssertionConsumerServiceURL() != null) {
+ domElement.setAttributeNS(null, CustomRequestAbstractType.ASSERTION_CONSUMER_SERVICE_URL_ATTRIB_NAME, req.getAssertionConsumerServiceURL());
+ }
+
+ if (req.getConsent() != null) {
+ domElement.setAttributeNS(null, RequestAbstractType.CONSENT_ATTRIB_NAME, req.getConsent());
+ }
+ }
+
+
+}
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CustomAttributeQueryUnmarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CustomAttributeQueryUnmarshaller.java
new file mode 100644
index 000000000..f28ec1fef
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CustomAttributeQueryUnmarshaller.java
@@ -0,0 +1,114 @@
+package eu.stork.peps.auth.engine.core.impl;
+
+import org.joda.time.DateTime;
+import org.joda.time.chrono.ISOChronology;
+import org.opensaml.common.SAMLVersion;
+import org.opensaml.common.xml.SAMLConstants;
+import org.opensaml.saml2.core.Attribute;
+import org.opensaml.saml2.core.RequestAbstractType;
+import org.opensaml.saml2.core.impl.SubjectQueryUnmarshaller;
+import org.opensaml.xml.XMLObject;
+import org.opensaml.xml.io.AbstractXMLObjectUnmarshaller;
+import org.opensaml.xml.io.UnmarshallingException;
+import org.opensaml.xml.util.DatatypeHelper;
+import org.opensaml.xml.util.XMLHelper;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.w3c.dom.Attr;
+import org.w3c.dom.Element;
+import org.w3c.dom.NamedNodeMap;
+import org.w3c.dom.Node;
+import org.w3c.dom.Text;
+
+import eu.stork.peps.auth.engine.core.CustomAttributeQuery;
+import eu.stork.peps.auth.engine.core.CustomRequestAbstractType;
+
+public class CustomAttributeQueryUnmarshaller extends SubjectQueryUnmarshaller {
+
+ private final Logger log = LoggerFactory.getLogger(AbstractXMLObjectUnmarshaller.class);
+ /** {@inheritDoc} */
+ protected void processChildElement(XMLObject parentSAMLObject, XMLObject childSAMLObject)
+ throws UnmarshallingException {
+ CustomAttributeQuery query = (CustomAttributeQuery) parentSAMLObject;
+
+ if (childSAMLObject instanceof Attribute) {
+ query.getAttributes().add((Attribute) childSAMLObject);
+ } else {
+ super.processChildElement(parentSAMLObject, childSAMLObject);
+ }
+ }
+
+ /** {@inheritDoc} */
+ public XMLObject unmarshall(Element domElement) throws UnmarshallingException {
+ if (log.isTraceEnabled()) {
+ log.trace("Starting to unmarshall DOM element {}", XMLHelper.getNodeQName(domElement));
+ }
+
+ checkElementIsTarget(domElement);
+
+ //String namespaceURI, String elementLocalName, String namespacePrefix
+ XMLObject xmlObject = new CustomAttributeQueryImpl(SAMLConstants.SAML20P_NS, CustomAttributeQuery.DEFAULT_ELEMENT_LOCAL_NAME,
+ SAMLConstants.SAML20P_PREFIX);
+
+ if (log.isTraceEnabled()) {
+ log.trace("Unmarshalling attributes of DOM Element {}", XMLHelper.getNodeQName(domElement));
+ }
+
+ NamedNodeMap attributes = domElement.getAttributes();
+ Node attribute;
+ for (int i = 0; i < attributes.getLength(); i++) {
+ attribute = attributes.item(i);
+
+ // These should allows be attribute nodes, but just in case...
+ if (attribute.getNodeType() == Node.ATTRIBUTE_NODE) {
+ unmarshallAttribute(xmlObject, (Attr) attribute);
+ }
+ }
+
+ if (log.isTraceEnabled()) {
+ log.trace("Unmarshalling other child nodes of DOM Element {}", XMLHelper.getNodeQName(domElement));
+ }
+
+ Node childNode = domElement.getFirstChild();
+ while (childNode != null) {
+
+ if (childNode.getNodeType() == Node.ATTRIBUTE_NODE) {
+ unmarshallAttribute(xmlObject, (Attr) childNode);
+ } else if (childNode.getNodeType() == Node.ELEMENT_NODE) {
+ unmarshallChildElement(xmlObject, (Element) childNode);
+ } else if (childNode.getNodeType() == Node.TEXT_NODE
+ || childNode.getNodeType() == Node.CDATA_SECTION_NODE) {
+ unmarshallTextContent(xmlObject, (Text) childNode);
+ }
+
+ childNode = childNode.getNextSibling();
+ }
+
+ xmlObject.setDOM(domElement);
+ return xmlObject;
+ }
+
+ /** {@inheritDoc} */
+ protected void processAttribute(XMLObject samlObject, Attr attribute) throws UnmarshallingException {
+ CustomRequestAbstractType req = (CustomRequestAbstractType) samlObject;
+
+ if (attribute.getLocalName().equals(RequestAbstractType.VERSION_ATTRIB_NAME)) {
+ req.setVersion(SAMLVersion.valueOf(attribute.getValue()));
+ } else if (attribute.getLocalName().equals(RequestAbstractType.ID_ATTRIB_NAME)) {
+ req.setID(attribute.getValue());
+ attribute.getOwnerElement().setIdAttributeNode(attribute, true);
+ } else if (attribute.getLocalName().equals(RequestAbstractType.ISSUE_INSTANT_ATTRIB_NAME)
+ && !DatatypeHelper.isEmpty(attribute.getValue())) {
+ req.setIssueInstant(new DateTime(attribute.getValue(), ISOChronology.getInstanceUTC()));
+ } else if (attribute.getLocalName().equals(RequestAbstractType.DESTINATION_ATTRIB_NAME)) {
+ req.setDestination(attribute.getValue());
+ } else if (attribute.getLocalName().equals(RequestAbstractType.CONSENT_ATTRIB_NAME)) {
+ req.setConsent(attribute.getValue());
+ } else if (attribute.getLocalName().equals(CustomRequestAbstractType.ASSERTION_CONSUMER_SERVICE_URL_ATTRIB_NAME)) {
+ req.setAssertionConsumerServiceURL(attribute.getValue());
+ }else {
+ super.processAttribute(samlObject, attribute);
+ }
+ }
+
+}
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossBorderShareBuilder.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossBorderShareBuilder.java
new file mode 100644
index 000000000..b939da776
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossBorderShareBuilder.java
@@ -0,0 +1,52 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.auth.engine.core.impl;
+
+import org.opensaml.common.impl.AbstractSAMLObjectBuilder;
+
+import eu.stork.peps.auth.engine.core.EIDCrossBorderShare;
+
+/**
+ * The Class EIDCrossBorderShareBuilder.
+ *
+ * @author fjquevedo
+ */
+public class EIDCrossBorderShareBuilder extends AbstractSAMLObjectBuilder<EIDCrossBorderShare> {
+
+
+ /**
+ * Builds the object.
+ *
+ * @return the identifier cross border share
+ */
+ public final EIDCrossBorderShare buildObject() {
+ return buildObject(EIDCrossBorderShare.DEF_ELEMENT_NAME);
+ }
+
+
+ /**
+ * Builds the object.
+ *
+ * @param namespaceURI the namespace uri
+ * @param localName the local name
+ * @param namespacePrefix the namespace prefix
+ * @return the eID cross border share
+ */
+ public final EIDCrossBorderShare buildObject(final String namespaceURI,
+ final String localName, final String namespacePrefix) {
+ return new EIDCrossBorderShareImpl(namespaceURI, localName, namespacePrefix);
+ }
+} \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossBorderShareImpl.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossBorderShareImpl.java
new file mode 100644
index 000000000..50a997031
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossBorderShareImpl.java
@@ -0,0 +1,87 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.auth.engine.core.impl;
+
+import java.util.List;
+
+import org.opensaml.common.impl.AbstractSAMLObject;
+import org.opensaml.xml.XMLObject;
+
+import eu.stork.peps.auth.engine.core.EIDCrossBorderShare;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+/**
+ * The Class EIDCrossBorderShareImpl.
+ *
+ * @author fjquevedo
+ */
+public class EIDCrossBorderShareImpl extends AbstractSAMLObject implements
+ EIDCrossBorderShare {
+
+ private static final Logger LOGGER = LoggerFactory.getLogger(EIDCrossBorderShareImpl.class.getName());
+ /** The citizen country code. */
+ private String eIDCrossBorderShare;
+
+ /**
+ * Instantiates a new eID cross border share implementation.
+ *
+ * @param namespaceURI the namespace URI
+ * @param elementLocalName the element local name
+ * @param namespacePrefix the namespace prefix
+ */
+ protected EIDCrossBorderShareImpl(final String namespaceURI,
+ final String elementLocalName, final String namespacePrefix) {
+ super(namespaceURI, elementLocalName, namespacePrefix);
+ }
+
+
+
+ /**
+ * Gets the eID cross border share.
+ *
+ * @return the eID cross border share
+ */
+ public final String getEIDCrossBorderShare() {
+ return eIDCrossBorderShare;
+ }
+
+
+ /**
+ * Sets the eID cross border share.
+ *
+ * @param newEIDCrossBorderShare the new eID cross border share
+ */
+ public final void setEIDCrossBorderShare(String newEIDCrossBorderShare) {
+ this.eIDCrossBorderShare = prepareForAssignment(this.eIDCrossBorderShare, newEIDCrossBorderShare);
+ }
+
+ /**
+ * Gets the ordered children.
+ *
+ * @return the ordered children
+ * {@inheritDoc}
+ */
+ public final List<XMLObject> getOrderedChildren() {
+ return null;
+ }
+
+ @Override
+ public int hashCode() {
+ LOGGER.warn("Hashcode has been called, passed to super. Nothing foreseen here");
+ return super.hashCode();
+ }
+} \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossBorderShareMarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossBorderShareMarshaller.java
new file mode 100644
index 000000000..58fa8af65
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossBorderShareMarshaller.java
@@ -0,0 +1,47 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.auth.engine.core.impl;
+
+import org.opensaml.common.impl.AbstractSAMLObjectMarshaller;
+import org.opensaml.xml.XMLObject;
+import org.opensaml.xml.io.MarshallingException;
+import org.opensaml.xml.util.XMLHelper;
+import org.w3c.dom.Element;
+
+import eu.stork.peps.auth.engine.core.EIDCrossBorderShare;
+
+
+/**
+ * The Class EIDCrossBorderShareMarshaller.
+ *
+ * @author fjquevedo
+ */
+public class EIDCrossBorderShareMarshaller extends AbstractSAMLObjectMarshaller {
+
+
+ /**
+ * Marshall element content.
+ *
+ * @param samlObject the SAML object
+ * @param domElement the DOM element
+ * @throws MarshallingException the marshalling exception
+ */
+ protected final void marshallElementContent(final XMLObject samlObject,
+ final Element domElement) throws MarshallingException {
+ final EIDCrossBorderShare crossBorderShare = (EIDCrossBorderShare) samlObject;
+ XMLHelper.appendTextContent(domElement, crossBorderShare.getEIDCrossBorderShare());
+ }
+}
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossBorderShareUnmarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossBorderShareUnmarshaller.java
new file mode 100644
index 000000000..457e70c23
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossBorderShareUnmarshaller.java
@@ -0,0 +1,43 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.auth.engine.core.impl;
+
+import org.opensaml.common.impl.AbstractSAMLObjectUnmarshaller;
+import org.opensaml.xml.XMLObject;
+
+import eu.stork.peps.auth.engine.core.EIDCrossBorderShare;
+
+/**
+ * The Class EIDCrossBorderShareUnmarshaller.
+ *
+ * @author fjquevedo
+ */
+public class EIDCrossBorderShareUnmarshaller extends
+ AbstractSAMLObjectUnmarshaller {
+
+
+ /**
+ * Process element content.
+ *
+ * @param samlObject the SAML object
+ * @param elementContent the element content
+ */
+ protected final void processElementContent(final XMLObject samlObject,
+ final String elementContent) {
+ final EIDCrossBorderShare crossBorderShare = (EIDCrossBorderShare) samlObject;
+ crossBorderShare.setEIDCrossBorderShare(elementContent);
+ }
+}
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossSectorShareBuilder.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossSectorShareBuilder.java
new file mode 100644
index 000000000..9683d2ad8
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossSectorShareBuilder.java
@@ -0,0 +1,52 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.auth.engine.core.impl;
+
+import org.opensaml.common.impl.AbstractSAMLObjectBuilder;
+
+import eu.stork.peps.auth.engine.core.EIDCrossSectorShare;
+
+/**
+ * The Class EIDCrossSectorShareBuilder.
+ *
+ * @author fjquevedo
+ */
+public class EIDCrossSectorShareBuilder extends
+ AbstractSAMLObjectBuilder<EIDCrossSectorShare> {
+
+ /**
+ * Builds the object.
+ *
+ * @return the eID cross sector share
+ */
+ public final EIDCrossSectorShare buildObject() {
+ return buildObject(EIDCrossSectorShare.DEF_ELEMENT_NAME);
+ }
+
+ /**
+ * Builds the object.
+ *
+ * @param namespaceURI the namespace uri
+ * @param localName the local name
+ * @param namespacePrefix the namespace prefix
+ * @return the eID cross sector share implementation
+ */
+ public final EIDCrossSectorShareImpl buildObject(final String namespaceURI,
+ final String localName, final String namespacePrefix) {
+ return new EIDCrossSectorShareImpl(namespaceURI, localName,
+ namespacePrefix);
+ }
+} \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossSectorShareImpl.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossSectorShareImpl.java
new file mode 100644
index 000000000..30502f429
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossSectorShareImpl.java
@@ -0,0 +1,89 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.auth.engine.core.impl;
+
+import java.util.List;
+
+import org.opensaml.common.impl.AbstractSAMLObject;
+
+import org.opensaml.xml.XMLObject;
+
+import eu.stork.peps.auth.engine.core.EIDCrossSectorShare;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+
+/**
+ * The Class EIDCrossSectorShareImpl.
+ *
+ * @author fjquevedo
+ */
+public class EIDCrossSectorShareImpl extends AbstractSAMLObject implements
+ EIDCrossSectorShare {
+
+ private static final Logger LOGGER = LoggerFactory.getLogger(EIDCrossSectorShareImpl.class.getName());
+ /** The citizen country code. */
+ private String eIDCrossSectorShare;
+
+
+ /**
+ * Instantiates a new eID cross sector share implementation.
+ *
+ * @param namespaceURI the namespace URI
+ * @param elementLocalName the element local name
+ * @param namespacePrefix the namespace prefix
+ */
+ protected EIDCrossSectorShareImpl(final String namespaceURI,
+ final String elementLocalName, final String namespacePrefix) {
+ super(namespaceURI, elementLocalName, namespacePrefix);
+ }
+
+
+
+ /**
+ * Gets the eID cross sector share.
+ *
+ * @return the eID cross sector share
+ */
+ public final String getEIDCrossSectorShare() {
+ return eIDCrossSectorShare;
+ }
+
+
+ /**
+ * Sets the eID cross sector share.
+ *
+ * @param newEIDCrossSectorShare the new eID cross sector share
+ */
+ public final void setEIDCrossSectorShare(String newEIDCrossSectorShare) {
+ this.eIDCrossSectorShare = prepareForAssignment(this.eIDCrossSectorShare, newEIDCrossSectorShare);
+ }
+
+ /**
+ * Gets the ordered children.
+ *
+ * @return the ordered children
+ */
+ public final List<XMLObject> getOrderedChildren() {
+ return null;
+ }
+
+ @Override
+ public int hashCode() {
+ LOGGER.warn("Hashcode has been called, passed to super. Nothing foreseen here");
+ return super.hashCode();
+ }
+} \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossSectorShareMarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossSectorShareMarshaller.java
new file mode 100644
index 000000000..dfd2b81dc
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossSectorShareMarshaller.java
@@ -0,0 +1,46 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.auth.engine.core.impl;
+
+import org.opensaml.common.impl.AbstractSAMLObjectMarshaller;
+import org.opensaml.xml.XMLObject;
+import org.opensaml.xml.io.MarshallingException;
+import org.opensaml.xml.util.XMLHelper;
+import org.w3c.dom.Element;
+
+import eu.stork.peps.auth.engine.core.EIDCrossSectorShare;
+
+
+/**
+ * The Class EIDCrossSectorShareMarshaller.
+ *
+ * @author fjquevedo
+ */
+public class EIDCrossSectorShareMarshaller extends AbstractSAMLObjectMarshaller {
+
+ /**
+ * Marshall element content.
+ *
+ * @param samlObject the SAML object
+ * @param domElement the DOM element
+ * @throws MarshallingException the marshalling exception
+ */
+ protected final void marshallElementContent(final XMLObject samlObject,
+ final Element domElement) throws MarshallingException {
+ final EIDCrossSectorShare crossSectorShare = (EIDCrossSectorShare) samlObject;
+ XMLHelper.appendTextContent(domElement, crossSectorShare.getEIDCrossSectorShare());
+ }
+}
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossSectorShareUnmarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossSectorShareUnmarshaller.java
new file mode 100644
index 000000000..6a9711ca2
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossSectorShareUnmarshaller.java
@@ -0,0 +1,47 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.auth.engine.core.impl;
+
+import org.opensaml.common.impl.AbstractSAMLObjectUnmarshaller;
+import org.opensaml.xml.XMLObject;
+import org.opensaml.xml.io.MarshallingException;
+import org.opensaml.xml.util.XMLHelper;
+import org.w3c.dom.Element;
+
+import eu.stork.peps.auth.engine.core.EIDCrossSectorShare;
+
+/**
+ * The Class EIDCrossSectorShareUnmarshaller.
+ *
+ * @author fjquevedo
+ */
+public class EIDCrossSectorShareUnmarshaller extends
+ AbstractSAMLObjectUnmarshaller {
+
+ /**
+ * Process element content.
+ *
+ * @param samlObject the SAML object
+ * @param domElement the DOM element
+ * @throws MarshallingException the marshalling exception
+ */
+ protected final void processElementContent(final XMLObject samlObject,
+ final String domElement) {
+
+ final EIDCrossSectorShare crossSectorShare = (EIDCrossSectorShare) samlObject;
+ crossSectorShare.setEIDCrossSectorShare(domElement);
+ }
+}
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDSectorShareBuilder.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDSectorShareBuilder.java
new file mode 100644
index 000000000..75062dc69
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDSectorShareBuilder.java
@@ -0,0 +1,51 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.auth.engine.core.impl;
+
+import org.opensaml.common.impl.AbstractSAMLObjectBuilder;
+
+import eu.stork.peps.auth.engine.core.EIDSectorShare;
+
+/**
+ * The Class EIDSectorShareBuilder.
+ *
+ * @author fjquevedo
+ */
+public class EIDSectorShareBuilder extends
+ AbstractSAMLObjectBuilder<EIDSectorShare> {
+
+ /**
+ * Builds the object.
+ *
+ * @return the eID sector share
+ */
+ public final EIDSectorShare buildObject() {
+ return buildObject(EIDSectorShare.DEF_ELEMENT_NAME);
+ }
+
+ /**
+ * Builds the object.
+ *
+ * @param namespaceURI the namespace uri
+ * @param localName the local name
+ * @param namespacePrefix the namespace prefix
+ * @return the eID sector share
+ */
+ public final EIDSectorShare buildObject(final String namespaceURI,
+ final String localName, final String namespacePrefix) {
+ return new EIDSectorShareImpl(namespaceURI, localName, namespacePrefix);
+ }
+} \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDSectorShareImpl.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDSectorShareImpl.java
new file mode 100644
index 000000000..c548841f7
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDSectorShareImpl.java
@@ -0,0 +1,85 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.auth.engine.core.impl;
+
+import java.util.List;
+
+import org.opensaml.common.impl.AbstractSAMLObject;
+import org.opensaml.xml.XMLObject;
+
+import eu.stork.peps.auth.engine.core.EIDSectorShare;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+// TODO: Auto-generated Javadoc
+/**
+ * The Class EIDSectorShareImpl.
+ *
+ * @author fjquevedo
+ */
+public class EIDSectorShareImpl extends AbstractSAMLObject implements
+ EIDSectorShare {
+
+ private static final Logger LOGGER = LoggerFactory.getLogger(EIDSectorShareImpl.class.getName());
+
+ /** The e id sector share. */
+ private String eIDSectorShare;
+ /**
+ * Instantiates a new eID sector share implementation.
+ *
+ * @param namespaceURI the namespace URI
+ * @param elementLocalName the element local name
+ * @param namespacePrefix the namespace prefix
+ */
+ protected EIDSectorShareImpl(final String namespaceURI,
+ final String elementLocalName, final String namespacePrefix) {
+ super(namespaceURI, elementLocalName, namespacePrefix);
+ }
+
+
+ /**
+ * Gets the eID sector share.
+ *
+ * @return the eID sector share
+ */
+ public final String getEIDSectorShare() {
+ return eIDSectorShare;
+ }
+
+ /**
+ * Sets the eID sector share.
+ *
+ * @param newEIDSectorShare the new eID sector share
+ */
+ public final void setEIDSectorShare(String newEIDSectorShare) {
+ this.eIDSectorShare = prepareForAssignment(this.eIDSectorShare, newEIDSectorShare);
+ }
+
+ /**
+ * Gets the ordered children.
+ *
+ * @return the ordered children
+ */
+ public final List<XMLObject> getOrderedChildren() {
+ return null;
+ }
+
+ @Override
+ public int hashCode() {
+ LOGGER.warn("Hashcode has been called, passed to super. Nothing foreseen here");
+ return super.hashCode();
+ }
+} \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDSectorShareMarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDSectorShareMarshaller.java
new file mode 100644
index 000000000..87ab23660
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDSectorShareMarshaller.java
@@ -0,0 +1,46 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.auth.engine.core.impl;
+
+import org.opensaml.common.impl.AbstractSAMLObjectMarshaller;
+import org.opensaml.saml2.core.impl.AbstractNameIDTypeMarshaller;
+import org.opensaml.xml.XMLObject;
+import org.opensaml.xml.io.MarshallingException;
+import org.opensaml.xml.util.XMLHelper;
+import org.w3c.dom.Element;
+
+import eu.stork.peps.auth.engine.core.EIDSectorShare;
+
+/**
+ * The Class EIDSectorShareMarshaller.
+ *
+ * @author fjquevedo
+ */
+public class EIDSectorShareMarshaller extends AbstractSAMLObjectMarshaller {
+
+ /**
+ * Marshall element content.
+ *
+ * @param samlObject the SAML object
+ * @param domElement the DOM element
+ * @throws MarshallingException the marshalling exception
+ */
+ protected final void marshallElementContent(final XMLObject samlObject,
+ final Element domElement) throws MarshallingException {
+ final EIDSectorShare sectorShare = (EIDSectorShare) samlObject;
+ XMLHelper.appendTextContent(domElement, sectorShare.getEIDSectorShare());
+ }
+}
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDSectorShareUnmarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDSectorShareUnmarshaller.java
new file mode 100644
index 000000000..9c661813f
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDSectorShareUnmarshaller.java
@@ -0,0 +1,47 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.auth.engine.core.impl;
+
+import org.opensaml.common.impl.AbstractSAMLObjectUnmarshaller;
+import org.opensaml.xml.XMLObject;
+import org.opensaml.xml.io.MarshallingException;
+import org.opensaml.xml.util.XMLHelper;
+import org.w3c.dom.Element;
+
+import eu.stork.peps.auth.engine.core.EIDSectorShare;
+
+
+/**
+ * The Class EIDSectorShareUnmarshaller.
+ *
+ * @author fjquevedo
+ */
+public class EIDSectorShareUnmarshaller extends AbstractSAMLObjectUnmarshaller {
+
+
+ /**
+ * Process element content.
+ *
+ * @param samlObject the SAML object
+ * @param domElement the DOM element
+ * @throws MarshallingException the marshalling exception
+ */
+ protected final void processElementContent(final XMLObject samlObject,
+ final String domElement) {
+ final EIDSectorShare sectorShare = (EIDSectorShare) samlObject;
+ sectorShare.setEIDSectorShare(domElement);
+ }
+}
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/QAAAttributeBuilder.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/QAAAttributeBuilder.java
new file mode 100644
index 000000000..41676931b
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/QAAAttributeBuilder.java
@@ -0,0 +1,52 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.auth.engine.core.impl;
+
+import org.opensaml.common.impl.AbstractSAMLObjectBuilder;
+
+import eu.stork.peps.auth.engine.core.QAAAttribute;
+
+/**
+ * The Class QAAAttributeBuilder.
+ *
+ * @author fjquevedo
+ */
+public class QAAAttributeBuilder extends
+ AbstractSAMLObjectBuilder<QAAAttribute> {
+
+ /**
+ * Builds the object.
+ *
+ * @return the quality authentication assurance object
+ */
+ public final QAAAttribute buildObject() {
+ return buildObject(QAAAttribute.DEF_ELEMENT_NAME);
+ }
+
+ /**
+ * Builds the object.
+ *
+ * @param namespaceURI the namespace uri
+ * @param localName the local name
+ * @param namespacePrefix the namespace prefix
+ * @return the quality authentication assurance object
+
+ */
+ public final QAAAttribute buildObject(final String namespaceURI,
+ final String localName, final String namespacePrefix) {
+ return new QAAAttributeImpl(namespaceURI, localName, namespacePrefix);
+ }
+} \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/QAAAttributeImpl.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/QAAAttributeImpl.java
new file mode 100644
index 000000000..c08986026
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/QAAAttributeImpl.java
@@ -0,0 +1,84 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.auth.engine.core.impl;
+
+import java.util.List;
+
+import org.opensaml.common.impl.AbstractSAMLObject;
+import org.opensaml.xml.XMLObject;
+
+import eu.stork.peps.auth.engine.core.QAAAttribute;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+/**
+ * The Class QAAAttributeImpl.
+ *
+ * @author fjquevedo
+ */
+public class QAAAttributeImpl extends AbstractSAMLObject implements
+ QAAAttribute {
+
+ private static final Logger LOGGER = LoggerFactory.getLogger(QAAAttributeImpl.class.getName());
+ /** The quality authentication assurance level. */
+ private String qaaLevel;
+
+ /**
+ * Constructor.
+ *
+ * @param namespaceURI the namespace the element is in
+ * @param elementLocalName the local name of the XML element this Object
+ * represents
+ * @param namespacePrefix the prefix for the given namespace
+ */
+ protected QAAAttributeImpl(final String namespaceURI,
+ final String elementLocalName, final String namespacePrefix) {
+ super(namespaceURI, elementLocalName, namespacePrefix);
+ }
+
+ /**
+ * Gets the quality authentication assurance level.
+ *
+ * @return the quality authentication assurance level
+ */
+ public final String getQaaLevel() {
+ return qaaLevel;
+ }
+
+ /**
+ * Sets the quality authentication assurance level.
+ *
+ * @param newQaaLevel the new quality authentication assurance level
+ */
+ public final void setQaaLevel(final String newQaaLevel) {
+ this.qaaLevel = prepareForAssignment(this.qaaLevel, newQaaLevel);
+ }
+
+ /**
+ * Gets the ordered children.
+ *
+ * @return the ordered children
+ */
+ public final List<XMLObject> getOrderedChildren() {
+ return null;
+ }
+
+ @Override
+ public int hashCode() {
+ LOGGER.warn("Hashcode has been called, passed to super. Nothing foreseen here");
+ return super.hashCode();
+ }
+}
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/QAAAttributeMarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/QAAAttributeMarshaller.java
new file mode 100644
index 000000000..000879368
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/QAAAttributeMarshaller.java
@@ -0,0 +1,45 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.auth.engine.core.impl;
+
+import org.opensaml.common.impl.AbstractSAMLObjectMarshaller;
+import org.opensaml.xml.XMLObject;
+import org.opensaml.xml.io.MarshallingException;
+import org.opensaml.xml.util.XMLHelper;
+import org.w3c.dom.Element;
+
+import eu.stork.peps.auth.engine.core.QAAAttribute;
+
+/**
+ * The Class QAAAttributeMarshaller.
+ *
+ * @author fjquevedo
+ */
+public class QAAAttributeMarshaller extends AbstractSAMLObjectMarshaller {
+
+ /**
+ * Marshall element content.
+ *
+ * @param samlObject the SAML object
+ * @param domElement the DOM element
+ * @throws MarshallingException the marshalling exception
+ */
+ protected final void marshallElementContent(final XMLObject samlObject,
+ final Element domElement) throws MarshallingException {
+ final QAAAttribute qaaAttribute = (QAAAttribute) samlObject;
+ XMLHelper.appendTextContent(domElement, qaaAttribute.getQaaLevel());
+ }
+} \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/QAAAttributeUnmarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/QAAAttributeUnmarshaller.java
new file mode 100644
index 000000000..8445e4eeb
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/QAAAttributeUnmarshaller.java
@@ -0,0 +1,41 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.auth.engine.core.impl;
+
+import org.opensaml.common.impl.AbstractSAMLObjectUnmarshaller;
+import org.opensaml.xml.XMLObject;
+
+import eu.stork.peps.auth.engine.core.QAAAttribute;
+
+/**
+ * The Class QAAAttributeUnmarshaller.
+ *
+ * @author fjquevedo
+ */
+public class QAAAttributeUnmarshaller extends AbstractSAMLObjectUnmarshaller {
+
+ /**
+ * Process element content.
+ *
+ * @param samlObject the SAML object
+ * @param elementContent the element content
+ */
+ protected final void processElementContent(final XMLObject samlObject,
+ final String elementContent) {
+ final QAAAttribute qaaLevel = (QAAAttribute) samlObject;
+ qaaLevel.setQaaLevel(elementContent);
+ }
+} \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributeBuilder.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributeBuilder.java
new file mode 100644
index 000000000..70bd6ac1f
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributeBuilder.java
@@ -0,0 +1,54 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.auth.engine.core.impl;
+
+import org.opensaml.common.impl.AbstractSAMLObjectBuilder;
+
+import eu.stork.peps.auth.engine.core.RequestedAttribute;
+
+/**
+ * The Class RequestedAttributeBuilder.
+ *
+ * @author fjquevedo
+ */
+public class RequestedAttributeBuilder extends
+ AbstractSAMLObjectBuilder<RequestedAttribute> {
+
+
+ /**
+ * Builds the object.
+ *
+ * @return the requested attribute
+ */
+ public final RequestedAttribute buildObject() {
+ return buildObject(RequestedAttribute.DEF_ELEMENT_NAME);
+ }
+
+ /**
+ * Builds the object.
+ *
+ * @param namespaceURI the namespace uri
+ * @param localName the local name
+ * @param namespacePrefix the namespace prefix
+ * @return the requested attribute
+ */
+ public final RequestedAttribute buildObject(final String namespaceURI,
+ final String localName, final String namespacePrefix) {
+ return new RequestedAttributeImpl(namespaceURI, localName,
+ namespacePrefix);
+ }
+
+}
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributeImpl.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributeImpl.java
new file mode 100644
index 000000000..ad759230a
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributeImpl.java
@@ -0,0 +1,220 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.auth.engine.core.impl;
+
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.List;
+
+import org.opensaml.common.impl.AbstractSAMLObject;
+import org.opensaml.xml.XMLObject;
+import org.opensaml.xml.schema.XSBooleanValue;
+import org.opensaml.xml.util.AttributeMap;
+import org.opensaml.xml.util.XMLObjectChildrenList;
+
+import eu.stork.peps.auth.engine.core.RequestedAttribute;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+// TODO: Auto-generated Javadoc
+/**
+ * The Class RequestedAttributeImpl.
+ *
+ * @author fjquevedo
+ */
+public class RequestedAttributeImpl extends AbstractSAMLObject implements
+ RequestedAttribute {
+
+ private static final Logger LOGGER = LoggerFactory.getLogger(RequestedAttributeImpl.class.getName());
+ /**
+ * The attribute values.
+ */
+ private final XMLObjectChildrenList<XMLObject> attributeValues;
+
+ /**
+ * The friendly name.
+ *
+ */
+ private String friendlyName;
+
+ /**
+ * The is required.
+ */
+ private String isRequired;
+
+ /**
+ * The name.
+ *
+ */
+ private String name;
+
+ /**
+ * The name format.
+ *
+ */
+ private String nameFormat;
+
+ /**
+ * The unknown attributes.
+ *
+ */
+ private AttributeMap unknownAttributes;
+
+ /**
+ * Instantiates a new requested attribute impl.
+ *
+ * @param namespaceURI the namespace uri
+ * @param elementLocalName the element local name
+ * @param namespacePrefix the namespace prefix
+ */
+ protected RequestedAttributeImpl(final String namespaceURI,
+ final String elementLocalName, final String namespacePrefix) {
+ super(namespaceURI, elementLocalName, namespacePrefix);
+ unknownAttributes = new AttributeMap(this);
+ attributeValues = new XMLObjectChildrenList<XMLObject>(this);
+ }
+
+
+ /**
+ * Gets the attribute values.
+ *
+ * @return the attribute values
+ */
+ public final List<XMLObject> getAttributeValues() {
+ return attributeValues;
+ }
+
+ /**
+ * Gets the friendly name.
+ *
+ * @return the friendly name.
+ */
+ public final String getFriendlyName() {
+ return friendlyName;
+ }
+
+
+ /**
+ * Gets the checks if is required.
+ *
+ * @return the boolean if it's required.
+ */
+ public final String isRequired() {
+ return isRequired;
+ }
+
+
+ /**
+ * Gets the is required xs boolean.
+ *
+ * @return the XSBoolean if it's required.
+ */
+ public final String getIsRequiredXSBoolean() {
+ return isRequired;
+ }
+
+
+ /**
+ * Gets the name.
+ *
+ * @return the name
+ */
+ public final String getName() {
+ return name;
+ }
+
+
+ /**
+ * Gets the name format.
+ *
+ * @return the name format.
+ */
+ public final String getNameFormat() {
+ return nameFormat;
+ }
+
+ /**
+ * Gets the ordered children.
+ *
+ * @return the list of XMLObject.
+ */
+ public final List<XMLObject> getOrderedChildren() {
+ final ArrayList<XMLObject> children = new ArrayList<XMLObject>();
+ children.addAll(attributeValues);
+ return Collections.unmodifiableList(children);
+ }
+
+ /**
+ * Gets the unknown attributes.
+ *
+ * @return the attribute map
+ */
+ public final AttributeMap getUnknownAttributes() {
+ return unknownAttributes;
+ }
+
+ /**
+ * Sets the friendly name.
+ *
+ * @param newFriendlyName the new friendly name format
+ */
+ public final void setFriendlyName(final String newFriendlyName) {
+ this.friendlyName = prepareForAssignment(this.friendlyName,
+ newFriendlyName);
+ }
+
+ /**
+ * Set new boolean value isRequired.
+ * @param newIsRequired then new value
+ */
+ public final void setIsRequired(final String newIsRequired) {
+ isRequired = prepareForAssignment(this.isRequired, newIsRequired);
+
+ }
+
+ /**
+ * Sets the name.
+ *
+ * @param newName the new name
+ */
+ public final void setName(final String newName) {
+ this.name = prepareForAssignment(this.name, newName);
+ }
+
+ /**
+ * Sets the name format.
+ *
+ * @param newNameFormat the new name format
+ */
+ public final void setNameFormat(final String newNameFormat) {
+ this.nameFormat = prepareForAssignment(this.nameFormat, newNameFormat);
+ }
+
+ /**
+ * Sets the unknown attributes.
+ *
+ * @param newUnknownAttr the new unknown attributes
+ */
+ public final void setUnknownAttributes(final AttributeMap newUnknownAttr) {
+ this.unknownAttributes = newUnknownAttr;
+ }
+
+ @Override
+ public int hashCode() {
+ LOGGER.warn("Hashcode has been called, passed to super. Nothing foreseen here");
+ return super.hashCode();
+ }
+}
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributeMarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributeMarshaller.java
new file mode 100644
index 000000000..6d0669241
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributeMarshaller.java
@@ -0,0 +1,89 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.auth.engine.core.impl;
+
+import java.util.Map.Entry;
+
+import javax.xml.namespace.QName;
+
+import org.opensaml.Configuration;
+import org.opensaml.common.impl.AbstractSAMLObjectMarshaller;
+import org.opensaml.xml.XMLObject;
+import org.opensaml.xml.io.MarshallingException;
+import org.opensaml.xml.util.XMLHelper;
+import org.w3c.dom.Attr;
+import org.w3c.dom.Element;
+
+import eu.stork.peps.auth.engine.core.RequestedAttribute;
+
+/**
+ * The Class RequestedAttributeMarshaller.
+ *
+ * @author fjquevedo
+ */
+public class RequestedAttributeMarshaller extends AbstractSAMLObjectMarshaller {
+
+ /**
+ * Marshall attributes.
+ *
+ * @param samlElement the SAML element
+ * @param domElement the DOM element
+ * @throws MarshallingException the marshalling exception
+ */
+ protected final void marshallAttributes(final XMLObject samlElement,
+ final Element domElement) throws MarshallingException {
+ final RequestedAttribute requestedAttr = (RequestedAttribute) samlElement;
+
+ if (requestedAttr.getName() != null) {
+ domElement.setAttributeNS(null,
+ RequestedAttribute.NAME_ATTRIB_NAME, requestedAttr
+ .getName());
+ }
+
+ if (requestedAttr.getNameFormat() != null) {
+ domElement.setAttributeNS(null,
+ RequestedAttribute.NAME_FORMAT_ATTR, requestedAttr
+ .getNameFormat());
+ }
+
+ if (requestedAttr.getFriendlyName() != null) {
+ domElement.setAttributeNS(null,
+ RequestedAttribute.FRIENDLY_NAME_ATT, requestedAttr
+ .getFriendlyName());
+ }
+
+ if (requestedAttr.getIsRequiredXSBoolean() != null) {
+ domElement.setAttributeNS(null,
+ RequestedAttribute.IS_REQUIRED_ATTR, requestedAttr
+ .getIsRequiredXSBoolean().toString());
+ }
+
+ Attr attr;
+ for (Entry<QName, String> entry : requestedAttr.getUnknownAttributes()
+ .entrySet()) {
+ attr = XMLHelper.constructAttribute(domElement.getOwnerDocument(),
+ entry.getKey());
+ attr.setValue(entry.getValue());
+ domElement.setAttributeNodeNS(attr);
+ if (Configuration.isIDAttribute(entry.getKey())
+ || requestedAttr.getUnknownAttributes().isIDAttribute(
+ entry.getKey())) {
+ attr.getOwnerElement().setIdAttributeNode(attr, true);
+ }
+ }
+ }
+
+}
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributeUnmarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributeUnmarshaller.java
new file mode 100644
index 000000000..551f4239d
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributeUnmarshaller.java
@@ -0,0 +1,96 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.auth.engine.core.impl;
+
+import javax.xml.namespace.QName;
+
+import org.opensaml.common.impl.AbstractSAMLObjectUnmarshaller;
+
+import org.opensaml.xml.XMLObject;
+import org.opensaml.xml.io.UnmarshallingException;
+import org.opensaml.xml.schema.XSBooleanValue;
+import org.opensaml.xml.util.XMLHelper;
+import org.w3c.dom.Attr;
+
+import eu.stork.peps.auth.engine.core.RequestedAttribute;
+import eu.stork.peps.auth.engine.core.SAMLCore;
+
+/**
+ * The Class RequestedAttributeUnmarshaller.
+ *
+ * @author fjquevedo
+ */
+public class RequestedAttributeUnmarshaller extends
+ AbstractSAMLObjectUnmarshaller {
+
+ /**
+ * Process child element.
+ *
+ * @param parentSAMLObject parent SAMLObject
+ * @param childSAMLObject child SAMLObject
+ *
+ * @throws UnmarshallingException error at unmarshall XML object
+ */
+ protected final void processChildElement(final XMLObject parentSAMLObject,
+ final XMLObject childSAMLObject) throws UnmarshallingException {
+
+ final RequestedAttribute requestedAttr = (RequestedAttribute) parentSAMLObject;
+
+ final QName childQName = childSAMLObject.getElementQName();
+ if (childQName.getLocalPart().equals("AttributeValue")
+ && childQName.getNamespaceURI().equals(SAMLCore.STORK10_NS.getValue())) {
+ requestedAttr.getAttributeValues().add(childSAMLObject);
+ } else {
+ super.processChildElement(parentSAMLObject, childSAMLObject);
+ }
+ }
+
+ /**
+ * Process attribute.
+ *
+ * @param samlObject the SAML object
+ * @param attribute the attribute
+ * @throws UnmarshallingException the unmarshalling exception
+ */
+ protected final void processAttribute(final XMLObject samlObject,
+ final Attr attribute) throws UnmarshallingException {
+
+ final RequestedAttribute requestedAttr = (RequestedAttribute) samlObject;
+
+ if (attribute.getLocalName()
+ .equals(RequestedAttribute.NAME_ATTRIB_NAME)) {
+ requestedAttr.setName(attribute.getValue());
+ } else if (attribute.getLocalName().equals(
+ RequestedAttribute.NAME_FORMAT_ATTR)) {
+ requestedAttr.setNameFormat(attribute.getValue());
+ } else if (attribute.getLocalName().equals(
+ RequestedAttribute.FRIENDLY_NAME_ATT)) {
+ requestedAttr.setFriendlyName(attribute.getValue());
+ } else if (attribute.getLocalName().equals(
+ RequestedAttribute.IS_REQUIRED_ATTR)) {
+ requestedAttr.setIsRequired(attribute
+ .getValue());
+
+ } else {
+ final QName attribQName = XMLHelper.getNodeQName(attribute);
+ if (attribute.isId()) {
+ requestedAttr.getUnknownAttributes().registerID(attribQName);
+ }
+ requestedAttr.getUnknownAttributes().put(attribQName,
+ attribute.getValue());
+ }
+ }
+}
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributesBuilder.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributesBuilder.java
new file mode 100644
index 000000000..138177995
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributesBuilder.java
@@ -0,0 +1,54 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.auth.engine.core.impl;
+
+import org.opensaml.common.impl.AbstractSAMLObjectBuilder;
+
+import eu.stork.peps.auth.engine.core.RequestedAttributes;
+
+/**
+ * The Class RequestedAttributesBuilder.
+ *
+ * @author fjquevedo
+ */
+public class RequestedAttributesBuilder extends
+ AbstractSAMLObjectBuilder<RequestedAttributes> {
+
+
+ /**
+ * Builds the object.
+ *
+ * @return the requested attributes
+ */
+ public final RequestedAttributes buildObject() {
+ return buildObject(RequestedAttributes.DEF_ELEMENT_NAME);
+ }
+
+ /**
+ * Builds the object.
+ *
+ * @param namespaceURI the namespace uri
+ * @param localName the local name
+ * @param namespacePrefix the namespace prefix
+ * @return the requested attributes
+ */
+ public final RequestedAttributes buildObject(final String namespaceURI,
+ final String localName, final String namespacePrefix) {
+ return new RequestedAttributesImpl(namespaceURI, localName,
+ namespacePrefix);
+ }
+
+}
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributesImpl.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributesImpl.java
new file mode 100644
index 000000000..a58a08a05
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributesImpl.java
@@ -0,0 +1,95 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.auth.engine.core.impl;
+
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.List;
+
+import org.opensaml.common.impl.AbstractSAMLObject;
+import org.opensaml.xml.XMLObject;
+import org.opensaml.xml.util.IndexedXMLObjectChildrenList;
+
+import eu.stork.peps.auth.engine.core.RequestedAttribute;
+import eu.stork.peps.auth.engine.core.RequestedAttributes;
+
+/**
+ * The Class RequestedAttributesImpl.
+ *
+ * @author fjquevedo
+ */
+public class RequestedAttributesImpl extends AbstractSAMLObject implements
+ RequestedAttributes {
+
+ /**
+ * Instantiates a new requested attributes implement.
+ *
+ * @param namespaceURI the namespace URI
+ * @param elementLocalName the element local name
+ * @param namespacePrefix the namespace prefix
+ */
+ protected RequestedAttributesImpl(final String namespaceURI,
+ final String elementLocalName, final String namespacePrefix) {
+ super(namespaceURI, elementLocalName, namespacePrefix);
+ indexedChildren = new IndexedXMLObjectChildrenList<XMLObject>(this);
+ }
+
+ /** The indexed children. */
+ private final IndexedXMLObjectChildrenList<XMLObject> indexedChildren;
+
+ /**
+ * Gets the indexed children.
+ *
+ * @return the indexed children
+ */
+ public final IndexedXMLObjectChildrenList<XMLObject> getIndexedChildren() {
+ return indexedChildren;
+ }
+
+
+ /**
+ * Gets the ordered children.
+ *
+ * @return the ordered children
+ */
+ public final List<XMLObject> getOrderedChildren() {
+
+ final ArrayList<XMLObject> children = new ArrayList<XMLObject>();
+
+ children.addAll(indexedChildren);
+
+ return Collections.unmodifiableList(children);
+
+ }
+
+ /**
+ * Gets the attributes.
+ *
+ * @return the attributes
+ *
+ * @see eu.stork.peps.auth.engine.core.RequestedAttributes#getAttributes()
+ */
+ @SuppressWarnings("unchecked")
+ public final List<RequestedAttribute> getAttributes() {
+ return (List<RequestedAttribute>) indexedChildren
+ .subList(RequestedAttribute.DEF_ELEMENT_NAME);
+ }
+
+ @Override
+ public int hashCode() {
+ throw new UnsupportedOperationException("hashCode method not implemented");
+ }
+}
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributesMarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributesMarshaller.java
new file mode 100644
index 000000000..955fe0318
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributesMarshaller.java
@@ -0,0 +1,33 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.auth.engine.core.impl;
+
+import org.opensaml.common.impl.AbstractSAMLObjectMarshaller;
+
+/**
+ * The Class RequestedAttributesMarshaller.
+ *
+ * @author fjquevedo
+ */
+public class RequestedAttributesMarshaller extends AbstractSAMLObjectMarshaller {
+
+ /**
+ * Instantiates a new requested attributes marshaller.
+ */
+ public RequestedAttributesMarshaller() {
+ super();
+ }
+}
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributesUnmarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributesUnmarshaller.java
new file mode 100644
index 000000000..132d6cc59
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributesUnmarshaller.java
@@ -0,0 +1,52 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.auth.engine.core.impl;
+
+import org.opensaml.common.impl.AbstractSAMLObjectUnmarshaller;
+import org.opensaml.xml.XMLObject;
+import org.opensaml.xml.io.UnmarshallingException;
+
+import eu.stork.peps.auth.engine.core.RequestedAttribute;
+import eu.stork.peps.auth.engine.core.RequestedAttributes;
+
+/**
+ * The Class RequestedAttributesUnmarshaller.
+ *
+ * @author fjquevedo
+ */
+public class RequestedAttributesUnmarshaller extends
+ AbstractSAMLObjectUnmarshaller {
+
+ /**
+ * Process child element.
+ *
+ * @param parentObject the parent object
+ * @param childObject the child object
+ *
+ * @throws UnmarshallingException error in unmarshall
+ */
+ protected final void processChildElement(final XMLObject parentObject,
+ final XMLObject childObject) throws UnmarshallingException {
+ final RequestedAttributes attrStatement = (RequestedAttributes) parentObject;
+
+ if (childObject instanceof RequestedAttribute) {
+ attrStatement.getAttributes().add((RequestedAttribute) childObject);
+ } else {
+ super.processChildElement(parentObject, childObject);
+ }
+ }
+
+}
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPApplicationBuilder.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPApplicationBuilder.java
new file mode 100644
index 000000000..a35c77936
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPApplicationBuilder.java
@@ -0,0 +1,51 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.auth.engine.core.impl;
+
+import org.opensaml.common.impl.AbstractSAMLObjectBuilder;
+
+import eu.stork.peps.auth.engine.core.SPApplication;
+
+/**
+ * The Class SPApplicationBuilder.
+ *
+ * @author fjquevedo
+ */
+public class SPApplicationBuilder extends
+ AbstractSAMLObjectBuilder<SPApplication> {
+
+ /**
+ * Builds the object.
+ *
+ * @return the service provider application
+ */
+ public final SPApplication buildObject() {
+ return buildObject(SPApplication.DEF_ELEMENT_NAME);
+ }
+
+ /**
+ * Builds the object.
+ *
+ * @param namespaceURI the namespace uri
+ * @param localName the local name
+ * @param namespacePrefix the namespace prefix
+ * @return the service provider application
+ */
+ public final SPApplication buildObject(final String namespaceURI,
+ final String localName, final String namespacePrefix) {
+ return new SPApplicationImpl(namespaceURI, localName, namespacePrefix);
+ }
+} \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPApplicationImpl.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPApplicationImpl.java
new file mode 100644
index 000000000..6bb631a74
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPApplicationImpl.java
@@ -0,0 +1,84 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.auth.engine.core.impl;
+
+import java.util.List;
+
+import org.opensaml.common.impl.AbstractSAMLObject;
+import org.opensaml.xml.XMLObject;
+
+import eu.stork.peps.auth.engine.core.SPApplication;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+/**
+ * The Class SPApplicationImpl.
+ *
+ * @author fjquevedo
+ */
+public class SPApplicationImpl extends AbstractSAMLObject implements
+ SPApplication {
+
+ private static final Logger LOGGER = LoggerFactory.getLogger(SPApplicationImpl.class.getName());
+ /** The service provider application. */
+ private String spApplication;
+
+ /**
+ * Instantiates a new service provider application.
+ *
+ * @param namespaceURI the namespace uri
+ * @param elementLocalName the element local name
+ * @param namespacePrefix the namespace prefix
+ */
+ protected SPApplicationImpl(final String namespaceURI,
+ final String elementLocalName, final String namespacePrefix) {
+ super(namespaceURI, elementLocalName, namespacePrefix);
+ }
+
+ /**
+ * Gets the service provider application.
+ *
+ * @return the service provider application
+ */
+ public final String getSPApplication() {
+ return spApplication;
+ }
+
+ /**
+ * Sets the service provider application.
+ *
+ * @param newSpApplication the new service provider application
+ */
+ public final void setSPApplication(final String newSpApplication) {
+ this.spApplication = prepareForAssignment(this.spApplication,
+ newSpApplication);
+ }
+
+ /**
+ * Gets the ordered children.
+ *
+ * @return the ordered children
+ */
+ public final List<XMLObject> getOrderedChildren() {
+ return null;
+ }
+
+ @Override
+ public int hashCode() {
+ LOGGER.warn("Hashcode has been called, passed to super. Nothing foreseen here");
+ return super.hashCode();
+ }
+}
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPApplicationMarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPApplicationMarshaller.java
new file mode 100644
index 000000000..4866c3535
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPApplicationMarshaller.java
@@ -0,0 +1,46 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.auth.engine.core.impl;
+
+import org.opensaml.common.impl.AbstractSAMLObjectMarshaller;
+import org.opensaml.xml.XMLObject;
+import org.opensaml.xml.io.MarshallingException;
+import org.opensaml.xml.util.XMLHelper;
+import org.w3c.dom.Element;
+
+import eu.stork.peps.auth.engine.core.SPApplication;
+
+/**
+ * The Class SPApplicationMarshaller.
+ *
+ * @author fjquevedo
+ */
+public class SPApplicationMarshaller extends AbstractSAMLObjectMarshaller {
+
+ /**
+ * Marshall element content.
+ *
+ * @param samlObject the SAML object
+ * @param domElement the DOM element
+ * @throws MarshallingException the marshalling exception
+ */
+ protected final void marshallElementContent(final XMLObject samlObject,
+ final Element domElement) throws MarshallingException {
+ final SPApplication spApplication = (SPApplication) samlObject;
+ XMLHelper.appendTextContent(domElement, spApplication
+ .getSPApplication());
+ }
+} \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPApplicationUnmarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPApplicationUnmarshaller.java
new file mode 100644
index 000000000..a28432a13
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPApplicationUnmarshaller.java
@@ -0,0 +1,42 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.auth.engine.core.impl;
+
+import org.opensaml.common.impl.AbstractSAMLObjectUnmarshaller;
+import org.opensaml.xml.XMLObject;
+
+import eu.stork.peps.auth.engine.core.SPApplication;
+
+
+/**
+ * The Class SPApplicationUnmarshaller.
+ *
+ * @author fjquevedo
+ */
+public class SPApplicationUnmarshaller extends AbstractSAMLObjectUnmarshaller {
+
+ /**
+ * Process element content.
+ *
+ * @param samlObject the SAML object
+ * @param elementContent the element content
+ */
+ protected final void processElementContent(final XMLObject samlObject,
+ final String elementContent) {
+ final SPApplication spApplication = (SPApplication) samlObject;
+ spApplication.setSPApplication(elementContent);
+ }
+} \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPCountryBuilder.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPCountryBuilder.java
new file mode 100644
index 000000000..48ec92f49
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPCountryBuilder.java
@@ -0,0 +1,52 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.auth.engine.core.impl;
+
+import org.opensaml.common.impl.AbstractSAMLObjectBuilder;
+
+import eu.stork.peps.auth.engine.core.SPCountry;
+
+/**
+ * The Class SPCountryBuilder.
+ *
+ * @author fjquevedo
+ */
+public class SPCountryBuilder extends AbstractSAMLObjectBuilder<SPCountry> {
+
+
+ /**
+ * Builds the object SPCountry.
+ *
+ * @return the service provider country
+ */
+ public final SPCountry buildObject() {
+ return buildObject(SPCountry.DEF_ELEMENT_NAME);
+ }
+
+
+ /**
+ * Builds the object SPCountry.
+ *
+ * @param namespaceURI the namespace uri
+ * @param localName the local name
+ * @param namespacePrefix the namespace prefix
+ * @return the service provider country
+ */
+ public final SPCountry buildObject(final String namespaceURI,
+ final String localName, final String namespacePrefix) {
+ return new SPCountryImpl(namespaceURI, localName, namespacePrefix);
+ }
+} \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPCountryImpl.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPCountryImpl.java
new file mode 100644
index 000000000..db58fb8be
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPCountryImpl.java
@@ -0,0 +1,82 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.auth.engine.core.impl;
+
+import java.util.List;
+
+import org.opensaml.common.impl.AbstractSAMLObject;
+import org.opensaml.xml.XMLObject;
+
+import eu.stork.peps.auth.engine.core.SPCountry;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+/**
+ * The Class SPCountryImpl.
+ *
+ * @author fjquevedo
+ */
+public class SPCountryImpl extends AbstractSAMLObject implements SPCountry {
+
+ private static final Logger LOGGER = LoggerFactory.getLogger(SPCountryImpl.class.getName());
+ /** The service provider country. */
+ private String spCountry;
+
+ /**
+ * Instantiates a new service provider country.
+ *
+ * @param namespaceURI the namespace uri
+ * @param elementLocalName the element local name
+ * @param namespacePrefix the namespace prefix
+ */
+ protected SPCountryImpl(final String namespaceURI,
+ final String elementLocalName, final String namespacePrefix) {
+ super(namespaceURI, elementLocalName, namespacePrefix);
+ }
+
+ /**
+ * Gets the service provider country.
+ *
+ * @return the service provider country
+ */
+ public final String getSPCountry() {
+ return spCountry;
+ }
+
+ /**
+ * Sets the service provider country.
+ *
+ * @param newSpCountry the new service provider country
+ */
+ public final void setSPCountry(final String newSpCountry) {
+ this.spCountry = prepareForAssignment(this.spCountry, newSpCountry);
+ }
+
+ /**
+ * Gets the ordered children.
+ *
+ * @return the ordered children
+ */
+ public final List<XMLObject> getOrderedChildren() {
+ return null;
+ }
+
+ @Override
+ public int hashCode() {
+ LOGGER.warn("Hashcode has been called, passed to super. Nothing foreseen here");
+ return super.hashCode();
+ }
+}
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPCountryMarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPCountryMarshaller.java
new file mode 100644
index 000000000..e82634749
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPCountryMarshaller.java
@@ -0,0 +1,45 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.auth.engine.core.impl;
+
+import org.opensaml.common.impl.AbstractSAMLObjectMarshaller;
+import org.opensaml.xml.XMLObject;
+import org.opensaml.xml.io.MarshallingException;
+import org.opensaml.xml.util.XMLHelper;
+import org.w3c.dom.Element;
+
+import eu.stork.peps.auth.engine.core.SPCountry;
+
+/**
+ * The Class SPCountryMarshaller.
+ *
+ * @author fjquevedo
+ */
+public class SPCountryMarshaller extends AbstractSAMLObjectMarshaller {
+
+ /**
+ * Marshall element content.
+ *
+ * @param samlObject the SAML object
+ * @param domElement the DOM element
+ * @throws MarshallingException the marshalling exception
+ */
+ protected final void marshallElementContent(final XMLObject samlObject,
+ final Element domElement) throws MarshallingException {
+ final SPCountry spCountry = (SPCountry) samlObject;
+ XMLHelper.appendTextContent(domElement, spCountry.getSPCountry());
+ }
+} \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPCountryUnmarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPCountryUnmarshaller.java
new file mode 100644
index 000000000..deb695ac6
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPCountryUnmarshaller.java
@@ -0,0 +1,42 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.auth.engine.core.impl;
+
+import org.opensaml.common.impl.AbstractSAMLObjectUnmarshaller;
+import org.opensaml.xml.XMLObject;
+
+import eu.stork.peps.auth.engine.core.SPCountry;
+
+
+/**
+ * The Class SPCountryUnmarshaller.
+ *
+ * @author fjquevedo
+ */
+public class SPCountryUnmarshaller extends AbstractSAMLObjectUnmarshaller {
+
+ /**
+ * Process element content.
+ *
+ * @param samlObject the SAML object
+ * @param elementContent the element content
+ */
+ protected final void processElementContent(final XMLObject samlObject,
+ final String elementContent) {
+ final SPCountry spCountry = (SPCountry) samlObject;
+ spCountry.setSPCountry(elementContent);
+ }
+} \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPIDBuilder.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPIDBuilder.java
new file mode 100644
index 000000000..b3640947b
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPIDBuilder.java
@@ -0,0 +1,50 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.auth.engine.core.impl;
+
+import org.opensaml.common.impl.AbstractSAMLObjectBuilder;
+
+import eu.stork.peps.auth.engine.core.SPID;
+
+/**
+ * The Class SPIDBuilder.
+ *
+ * @author iinigo
+ */
+public class SPIDBuilder extends AbstractSAMLObjectBuilder<SPID> {
+
+ /**
+ * Builds the object.
+ *
+ * @return the SP ID
+ */
+ public final SPID buildObject() {
+ return buildObject(SPID.DEF_ELEMENT_NAME);
+ }
+
+ /**
+ * Builds the object.
+ *
+ * @param namespaceURI the namespace uri
+ * @param localName the local name
+ * @param namespacePrefix the namespace prefix
+ * @return the citizen country code
+ */
+ public final SPID buildObject(final String namespaceURI,
+ final String localName, final String namespacePrefix) {
+ return new SPIDImpl(namespaceURI, localName, namespacePrefix);
+ }
+} \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPIDImpl.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPIDImpl.java
new file mode 100644
index 000000000..0c7127273
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPIDImpl.java
@@ -0,0 +1,82 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.auth.engine.core.impl;
+
+import java.util.List;
+
+import org.opensaml.common.impl.AbstractSAMLObject;
+import org.opensaml.xml.XMLObject;
+
+import eu.stork.peps.auth.engine.core.SPID;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+/**
+ * The Class SPIDImpl.
+ *
+ * @author iinigo
+ */
+public class SPIDImpl extends AbstractSAMLObject implements SPID {
+
+ private static final Logger LOGGER = LoggerFactory.getLogger(SPIDImpl.class.getName());
+ /** The citizen country code. */
+ private String spId;
+
+ /**
+ * Instantiates a new sP country impl.
+ *
+ * @param namespaceURI the namespace uri
+ * @param elementLocalName the element local name
+ * @param namespacePrefix the namespace prefix
+ */
+ protected SPIDImpl(final String namespaceURI,
+ final String elementLocalName, final String namespacePrefix) {
+ super(namespaceURI, elementLocalName, namespacePrefix);
+ }
+
+ /**
+ * Gets the SP ID.
+ *
+ * @return the SP ID
+ */
+ public final String getSPID() {
+ return spId;
+ }
+
+ /**
+ * Sets the SP ID.
+ *
+ * @param newSPID the new SP ID
+ */
+ public final void setSPID(final String newSPID) {
+ this.spId = prepareForAssignment(this.spId, newSPID);
+ }
+
+ /**
+ * Gets the ordered children.
+ *
+ * @return the ordered children
+ */
+ public final List<XMLObject> getOrderedChildren() {
+ return null;
+ }
+
+ @Override
+ public int hashCode() {
+ LOGGER.warn("Hashcode has been called, passed to super. Nothing foreseen here");
+ return super.hashCode();
+ }
+}
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPIDMarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPIDMarshaller.java
new file mode 100644
index 000000000..24389522e
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPIDMarshaller.java
@@ -0,0 +1,45 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.auth.engine.core.impl;
+
+import org.opensaml.common.impl.AbstractSAMLObjectMarshaller;
+import org.opensaml.xml.XMLObject;
+import org.opensaml.xml.io.MarshallingException;
+import org.opensaml.xml.util.XMLHelper;
+import org.w3c.dom.Element;
+
+import eu.stork.peps.auth.engine.core.SPID;
+
+/**
+ * The Class SPIDMarshaller.
+ *
+ * @author iinigo
+ */
+public class SPIDMarshaller extends AbstractSAMLObjectMarshaller {
+
+ /**
+ * Marshall element content.
+ *
+ * @param samlObject the SAML object
+ * @param domElement the DOM element
+ * @throws MarshallingException the marshalling exception
+ */
+ protected final void marshallElementContent(final XMLObject samlObject,
+ final Element domElement) throws MarshallingException {
+ final SPID spid = (SPID) samlObject;
+ XMLHelper.appendTextContent(domElement, spid.getSPID());
+ }
+} \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPIDUnmarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPIDUnmarshaller.java
new file mode 100644
index 000000000..e4d230b94
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPIDUnmarshaller.java
@@ -0,0 +1,41 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.auth.engine.core.impl;
+
+import org.opensaml.common.impl.AbstractSAMLObjectUnmarshaller;
+import org.opensaml.xml.XMLObject;
+
+import eu.stork.peps.auth.engine.core.SPID;
+
+/**
+ * The Class SPIDUnmarshaller.
+ *
+ * @author iinigo
+ */
+public class SPIDUnmarshaller extends AbstractSAMLObjectUnmarshaller {
+
+ /**
+ * Process element content.
+ *
+ * @param samlObject the SAML object
+ * @param elementContent the element content
+ */
+ protected final void processElementContent(final XMLObject samlObject,
+ final String elementContent) {
+ final SPID spid = (SPID) samlObject;
+ spid.setSPID(elementContent);
+ }
+} \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInformationBuilder.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInformationBuilder.java
new file mode 100644
index 000000000..a6e1fe686
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInformationBuilder.java
@@ -0,0 +1,41 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.auth.engine.core.impl;
+
+import org.opensaml.common.impl.AbstractSAMLObjectBuilder;
+
+import eu.stork.peps.auth.engine.core.SAMLCore;
+import eu.stork.peps.auth.engine.core.SPInformation;
+
+/**
+ * The Class SPInformation.
+ *
+ * @author iinigo
+ */
+public final class SPInformationBuilder extends AbstractSAMLObjectBuilder<SPInformation> {
+
+
+ /** {@inheritDoc} */
+ public SPInformation buildObject() {
+ return buildObject(SAMLCore.STORK10P_NS.getValue(), SPInformation.DEF_LOCAL_NAME, SAMLCore.STORK10P_PREFIX.getValue());
+ }
+
+ /** {@inheritDoc} */
+ public SPInformation buildObject(final String namespaceURI, final String localName, final String namespacePrefix) {
+ return new SPInformationImpl(namespaceURI, localName, namespacePrefix);
+ }
+
+} \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInformationImpl.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInformationImpl.java
new file mode 100644
index 000000000..b5609600d
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInformationImpl.java
@@ -0,0 +1,110 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.auth.engine.core.impl;
+
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.List;
+
+import org.opensaml.common.impl.AbstractSignableSAMLObject;
+import org.opensaml.xml.XMLObject;
+
+import eu.stork.peps.auth.engine.core.SPID;
+import eu.stork.peps.auth.engine.core.SPInformation;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+
+/**
+ * The Class SPInformationImpl.
+ *
+ * @author iinigo
+ */
+public final class SPInformationImpl extends AbstractSignableSAMLObject implements
+SPInformation {
+
+ private static final Logger LOGGER = LoggerFactory.getLogger(SPInformationImpl.class.getName());
+ /** The citizen country code. */
+ private SPID spId;
+
+
+ /**
+ * Instantiates a new requested attributes implement.
+ *
+ * @param namespaceURI the namespace URI
+ * @param elementLocalName the element local name
+ * @param namespacePrefix the namespace prefix
+ */
+ protected SPInformationImpl(final String namespaceURI,
+ final String elementLocalName, final String namespacePrefix) {
+ super(namespaceURI, elementLocalName, namespacePrefix);
+ }
+
+
+ /**
+ * getSPId.
+ *
+ * @return the SP ID
+ */
+ public SPID getSPID() {
+ return spId;
+ }
+
+ /**
+ * Gets the ordered children.
+ *
+ * @return the ordered children
+ *
+ */
+ public List<XMLObject> getOrderedChildren() {
+ final ArrayList<XMLObject> children = new ArrayList<XMLObject>();
+
+ children.add(spId);
+
+ if (getSignature() != null) {
+ children.add(getSignature());
+ }
+
+ return Collections.unmodifiableList(children);
+
+ }
+
+ /**
+ * Gets the signature reference id.
+ *
+ * @return the signature reference id
+ *
+ */
+ public String getSignatureReferenceID() {
+ return null;
+ }
+
+ /**
+ * Sets the SP Id.
+ *
+ * @param newSPId the new SP Id
+ *
+ */
+ public void setSPID(SPID newSPId) {
+ this.spId = prepareForAssignment(this.spId, newSPId);
+ }
+
+ @Override
+ public int hashCode() {
+ LOGGER.warn("Hashcode has been called, passed to super. Nothing foreseen here");
+ return super.hashCode();
+ }
+}
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInformationMarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInformationMarshaller.java
new file mode 100644
index 000000000..44845948c
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInformationMarshaller.java
@@ -0,0 +1,33 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.auth.engine.core.impl;
+
+import org.opensaml.common.impl.AbstractSAMLObjectMarshaller;
+
+/**
+ * The Class SPInformationMarshaller.
+ *
+ * @author iinigo
+ */
+public class SPInformationMarshaller extends AbstractSAMLObjectMarshaller {
+
+ /**
+ * Instantiates a new SP Information marshaller.
+ */
+ public SPInformationMarshaller() {
+ super();
+ }
+} \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInformationUnmarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInformationUnmarshaller.java
new file mode 100644
index 000000000..79b0b0f35
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInformationUnmarshaller.java
@@ -0,0 +1,52 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.auth.engine.core.impl;
+
+import org.opensaml.common.impl.AbstractSAMLObjectUnmarshaller;
+import org.opensaml.xml.XMLObject;
+import org.opensaml.xml.io.UnmarshallingException;
+
+import eu.stork.peps.auth.engine.core.SPID;
+import eu.stork.peps.auth.engine.core.SPInformation;
+
+/**
+ * The Class SPInformationUnmarshaller.
+ *
+ * @author iinigo
+ */
+public class SPInformationUnmarshaller extends
+ AbstractSAMLObjectUnmarshaller {
+
+ /**
+ * Process child element.
+ *
+ * @param parentObject the parent object
+ * @param childObject the child object
+ *
+ * @throws UnmarshallingException the unmarshalling exception
+ *
+ */
+ protected final void processChildElement(final XMLObject parentObject,
+ final XMLObject childObject) throws UnmarshallingException {
+ final SPInformation spInformation = (SPInformation) parentObject;
+
+ if (childObject instanceof SPID) {
+ spInformation.setSPID((SPID) childObject);
+ } else {
+ super.processChildElement(parentObject, childObject);
+ }
+ }
+}
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInstitutionBuilder.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInstitutionBuilder.java
new file mode 100644
index 000000000..fe47cf99c
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInstitutionBuilder.java
@@ -0,0 +1,51 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.auth.engine.core.impl;
+
+import org.opensaml.common.impl.AbstractSAMLObjectBuilder;
+
+import eu.stork.peps.auth.engine.core.SPInstitution;
+
+/**
+ * The Class SPInstitutionBuilder.
+ *
+ * @author fjquevedo
+ */
+public class SPInstitutionBuilder extends
+ AbstractSAMLObjectBuilder<SPInstitution> {
+
+ /**
+ * Builds the object.
+ *
+ * @return the service provider institution
+ */
+ public final SPInstitution buildObject() {
+ return buildObject(SPInstitution.DEF_ELEMENT_NAME);
+ }
+
+ /**
+ * Builds the object SPInstitution.
+ *
+ * @param namespaceURI the namespace uri
+ * @param localName the local name
+ * @param namespacePrefix the namespace prefix
+ * @return the service provider institution
+ */
+ public final SPInstitution buildObject(final String namespaceURI,
+ final String localName, final String namespacePrefix) {
+ return new SPInstitutionImpl(namespaceURI, localName, namespacePrefix);
+ }
+} \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInstitutionImpl.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInstitutionImpl.java
new file mode 100644
index 000000000..cf1760446
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInstitutionImpl.java
@@ -0,0 +1,84 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.auth.engine.core.impl;
+
+import java.util.List;
+
+import org.opensaml.common.impl.AbstractSAMLObject;
+import org.opensaml.xml.XMLObject;
+
+import eu.stork.peps.auth.engine.core.SPInstitution;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+/**
+ * The Class SPInstitutionImpl.
+ *
+ * @author fjquevedo
+ */
+public class SPInstitutionImpl extends AbstractSAMLObject implements
+ SPInstitution {
+
+ private static final Logger LOGGER = LoggerFactory.getLogger(SPInstitutionImpl.class.getName());
+ /** The service provider institution. */
+ private String spInstitution;
+
+ /**
+ * Instantiates a new service provider institution.
+ *
+ * @param namespaceURI the namespace uri
+ * @param elementLocalName the element local name
+ * @param namespacePrefix the namespace prefix
+ */
+ protected SPInstitutionImpl(final String namespaceURI,
+ final String elementLocalName, final String namespacePrefix) {
+ super(namespaceURI, elementLocalName, namespacePrefix);
+ }
+
+ /**
+ * Gets the service provider institution.
+ *
+ * @return the service provider institution
+ */
+ public final String getSPInstitution() {
+ return spInstitution;
+ }
+
+ /**
+ * Sets the service provider institution.
+ *
+ * @param newSpInstitution the new service provider institution
+ */
+ public final void setSPInstitution(final String newSpInstitution) {
+ this.spInstitution = prepareForAssignment(this.spInstitution,
+ newSpInstitution);
+ }
+
+ /**
+ * Gets the ordered children.
+ *
+ * @return the ordered children
+ */
+ public final List<XMLObject> getOrderedChildren() {
+ return null;
+ }
+
+ @Override
+ public int hashCode() {
+ LOGGER.warn("Hashcode has been called, passed to super. Nothing foreseen here");
+ return super.hashCode();
+ }
+ }
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInstitutionMarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInstitutionMarshaller.java
new file mode 100644
index 000000000..504a1f035
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInstitutionMarshaller.java
@@ -0,0 +1,46 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.auth.engine.core.impl;
+
+import org.opensaml.common.impl.AbstractSAMLObjectMarshaller;
+import org.opensaml.xml.XMLObject;
+import org.opensaml.xml.io.MarshallingException;
+import org.opensaml.xml.util.XMLHelper;
+import org.w3c.dom.Element;
+
+import eu.stork.peps.auth.engine.core.SPInstitution;
+
+/**
+ * The Class SPInstitutionMarshaller.
+ *
+ * @author fjquevedo
+ */
+public class SPInstitutionMarshaller extends AbstractSAMLObjectMarshaller {
+
+ /**
+ * Marshall element content.
+ *
+ * @param samlObject the SAML object
+ * @param domElement the DOM element
+ * @throws MarshallingException the marshalling exception
+ */
+ protected final void marshallElementContent(final XMLObject samlObject,
+ final Element domElement) throws MarshallingException {
+ final SPInstitution spInstitution = (SPInstitution) samlObject;
+ XMLHelper.appendTextContent(domElement, spInstitution
+ .getSPInstitution());
+ }
+} \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInstitutionUnmarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInstitutionUnmarshaller.java
new file mode 100644
index 000000000..103d5f2b2
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInstitutionUnmarshaller.java
@@ -0,0 +1,41 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.auth.engine.core.impl;
+
+import org.opensaml.common.impl.AbstractSAMLObjectUnmarshaller;
+import org.opensaml.xml.XMLObject;
+
+import eu.stork.peps.auth.engine.core.SPInstitution;
+
+/**
+ * The Class SPInstitutionUnmarshaller.
+ *
+ * @author fjquevedo
+ */
+public class SPInstitutionUnmarshaller extends AbstractSAMLObjectUnmarshaller {
+
+ /**
+ * Process element content.
+ *
+ * @param samlObject the SAML object
+ * @param elementContent the element content
+ */
+ protected final void processElementContent(final XMLObject samlObject,
+ final String elementContent) {
+ final SPInstitution spInstitution = (SPInstitution) samlObject;
+ spInstitution.setSPInstitution(elementContent);
+ }
+} \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPSectorBuilder.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPSectorBuilder.java
new file mode 100644
index 000000000..a691b9008
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPSectorBuilder.java
@@ -0,0 +1,50 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.auth.engine.core.impl;
+
+import org.opensaml.common.impl.AbstractSAMLObjectBuilder;
+
+import eu.stork.peps.auth.engine.core.SPSector;
+
+/**
+ * The Class SPSectorBuilder.
+ *
+ * @author fjquevedo
+ */
+public class SPSectorBuilder extends AbstractSAMLObjectBuilder<SPSector> {
+
+ /**
+ * Builds the object SPSector.
+ *
+ * @return the service provider sector.
+ */
+ public final SPSector buildObject() {
+ return buildObject(SPSector.DEF_ELEMENT_NAME);
+ }
+
+ /**
+ * Builds the object SPSector.
+ *
+ * @param namespaceURI the namespace uri
+ * @param localName the local name
+ * @param namespacePrefix the namespace prefix
+ * @return the service provider sector
+ */
+ public final SPSector buildObject(final String namespaceURI,
+ final String localName, final String namespacePrefix) {
+ return new SPSectorImpl(namespaceURI, localName, namespacePrefix);
+ }
+} \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPSectorImpl.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPSectorImpl.java
new file mode 100644
index 000000000..a29810dd4
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPSectorImpl.java
@@ -0,0 +1,84 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.auth.engine.core.impl;
+
+import java.util.List;
+
+import org.opensaml.common.impl.AbstractSAMLObject;
+import org.opensaml.xml.XMLObject;
+
+import eu.stork.peps.auth.engine.core.SPSector;
+
+
+/**
+ * The Class SPSectorImpl.
+ *
+ * @author fjquevedo
+ */
+public class SPSectorImpl extends AbstractSAMLObject implements SPSector {
+
+ /** The service provider sector. */
+ private String spSector;
+
+ /**
+ * Instantiates a new Service provider sector implementation.
+ *
+ * @param namespaceURI the namespace URI
+ * @param elementLocalName the element local name
+ * @param namespacePrefix the namespace prefix
+ */
+ protected SPSectorImpl(final String namespaceURI,
+ final String elementLocalName, final String namespacePrefix) {
+ super(namespaceURI, elementLocalName, namespacePrefix);
+ }
+
+
+ /**
+ * Gets the service provider sector.
+ *
+ * @return the SP sector
+ *
+ * @see eu.stork.peps.auth.engine.core.SPSector#getSPSector()
+ */
+ public final String getSPSector() {
+ return spSector;
+ }
+
+
+ /**
+ * Sets the service provider sector.
+ *
+ * @param newSpSector the new service provider sector
+ */
+ public final void setSPSector(final String newSpSector) {
+ this.spSector = prepareForAssignment(this.spSector, newSpSector);
+ }
+
+
+ /**
+ * Gets the ordered children.
+ *
+ * @return the ordered children
+ */
+ public final List<XMLObject> getOrderedChildren() {
+ return null;
+ }
+
+ @Override
+ public int hashCode() {
+ throw new UnsupportedOperationException("hashCode method not implemented");
+ }
+}
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPSectorMarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPSectorMarshaller.java
new file mode 100644
index 000000000..c5331e8f4
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPSectorMarshaller.java
@@ -0,0 +1,45 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.auth.engine.core.impl;
+
+import org.opensaml.common.impl.AbstractSAMLObjectMarshaller;
+import org.opensaml.xml.XMLObject;
+import org.opensaml.xml.io.MarshallingException;
+import org.opensaml.xml.util.XMLHelper;
+import org.w3c.dom.Element;
+
+import eu.stork.peps.auth.engine.core.SPSector;
+
+/**
+ * The Class SPSectorMarshaller.
+ *
+ * @author fjquevedo
+ */
+public class SPSectorMarshaller extends AbstractSAMLObjectMarshaller {
+
+ /**
+ * Marshall element content.
+ *
+ * @param samlObject the SAML object
+ * @param domElement the DOM element
+ * @throws MarshallingException the marshalling exception
+ */
+ protected final void marshallElementContent(final XMLObject samlObject,
+ final Element domElement) throws MarshallingException {
+ final SPSector spSector = (SPSector) samlObject;
+ XMLHelper.appendTextContent(domElement, spSector.getSPSector());
+ }
+} \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPSectorUnmarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPSectorUnmarshaller.java
new file mode 100644
index 000000000..cbb05c6e5
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPSectorUnmarshaller.java
@@ -0,0 +1,42 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.auth.engine.core.impl;
+
+import org.opensaml.common.impl.AbstractSAMLObjectUnmarshaller;
+import org.opensaml.xml.XMLObject;
+
+import eu.stork.peps.auth.engine.core.SPSector;
+
+/**
+ * The Class SPSectorUnmarshaller.
+ *
+ * @author fjquevedo
+ */
+public class SPSectorUnmarshaller extends AbstractSAMLObjectUnmarshaller {
+
+
+ /**
+ * Process element content.
+ *
+ * @param samlObject the SAML object
+ * @param elementContent the element content
+ */
+ protected final void processElementContent(final XMLObject samlObject,
+ final String elementContent) {
+ final SPSector spSector = (SPSector) samlObject;
+ spSector.setSPSector(elementContent);
+ }
+} \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SignHW.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SignHW.java
new file mode 100644
index 000000000..5e9c753ae
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SignHW.java
@@ -0,0 +1,468 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.auth.engine.core.impl;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.security.KeyStore;
+import java.security.KeyStoreException;
+import java.security.NoSuchAlgorithmException;
+import java.security.PrivateKey;
+import java.security.Provider;
+import java.security.Security;
+import java.security.UnrecoverableKeyException;
+import java.security.cert.CertificateException;
+import java.security.cert.X509Certificate;
+import java.util.ArrayList;
+import java.util.Enumeration;
+import java.util.InvalidPropertiesFormatException;
+import java.util.List;
+import java.util.Properties;
+
+import eu.stork.peps.auth.engine.X509PrincipalUtil;
+import org.apache.commons.io.IOUtils;
+import org.apache.commons.lang.NotImplementedException;
+import org.bouncycastle.jce.X509Principal;
+import org.opensaml.Configuration;
+import org.opensaml.common.SAMLObject;
+import org.opensaml.common.SignableSAMLObject;
+import org.opensaml.saml2.core.Assertion;
+import org.opensaml.saml2.core.LogoutResponse;
+import org.opensaml.saml2.core.Response;
+import org.opensaml.security.SAMLSignatureProfileValidator;
+import org.opensaml.xml.io.MarshallingException;
+import org.opensaml.xml.security.SecurityConfiguration;
+import org.opensaml.xml.security.SecurityException;
+import org.opensaml.xml.security.credential.Credential;
+import org.opensaml.xml.security.keyinfo.KeyInfoGenerator;
+import org.opensaml.xml.security.keyinfo.KeyInfoGeneratorFactory;
+import org.opensaml.xml.security.keyinfo.KeyInfoGeneratorManager;
+import org.opensaml.xml.security.keyinfo.KeyInfoHelper;
+import org.opensaml.xml.security.keyinfo.NamedKeyInfoGeneratorManager;
+import org.opensaml.xml.security.trust.ExplicitKeyTrustEvaluator;
+import org.opensaml.xml.security.x509.BasicX509Credential;
+import org.opensaml.xml.signature.KeyInfo;
+import org.opensaml.xml.signature.Signature;
+import org.opensaml.xml.signature.SignatureConstants;
+import org.opensaml.xml.signature.SignatureException;
+import org.opensaml.xml.signature.SignatureValidator;
+import org.opensaml.xml.signature.Signer;
+import org.opensaml.xml.validation.ValidationException;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+
+
+import eu.stork.peps.auth.engine.core.CustomAttributeQuery;
+import eu.stork.peps.auth.engine.core.SAMLEngineSignI;
+import eu.stork.peps.exceptions.SAMLEngineException;
+
+/**
+ * The Class HWSign. Module of sign.
+ *
+ * @author fjquevedo
+ */
+public final class SignHW implements SAMLEngineSignI {
+
+ /** The Constant CONFIGURATION_FILE. */
+ private static final String CONF_FILE = "configurationFile";
+
+ /** The Constant KEYSTORE_TYPE.
+ private static final String KEYSTORE_TYPE = "keystoreType" */
+
+ /** The logger. */
+ private static final Logger LOG = LoggerFactory.getLogger(SignHW.class
+ .getName());
+
+ /** The stork own key store. */
+ private KeyStore storkOwnKeyStore = null;
+
+ /**
+ * Gets the stork own key store.
+ *
+ * @return the stork own key store
+ */
+ public KeyStore getStorkOwnKeyStore() {
+ return storkOwnKeyStore;
+ }
+
+ /**
+ * Gets the stork trustStore.
+ *
+ * @return the stork own key store
+ */
+ public KeyStore getTrustStore() {
+ return storkOwnKeyStore;
+ }
+
+ /**
+ * Sets the stork own key store.
+ *
+ * @param newkOwnKeyStore the new stork own key store
+ */
+ public void setStorkOwnKeyStore(final KeyStore newkOwnKeyStore) {
+ this.storkOwnKeyStore = newkOwnKeyStore;
+ }
+
+ /**
+ * Gets the properties.
+ *
+ * @return the properties
+ */
+ public Properties getProperties() {
+ return properties;
+ }
+
+ /**
+ * Sets the properties.
+ *
+ * @param newProperties the new properties
+ */
+ public void setProperties(final Properties newProperties) {
+ this.properties = newProperties;
+ }
+
+ /** The HW sign prop. */
+ private Properties properties = null;
+
+ /**
+ * @see
+ * eu.stork.peps.auth.engine.core.SAMLEngineSignI#init(java.lang.String)
+ * @param fileConf file of configuration
+ * @throws SAMLEngineException error in read file
+ */
+ public void init(final String fileConf)
+ throws SAMLEngineException {
+ InputStream inputStr = null;
+ try {
+ inputStr = SignHW.class.getResourceAsStream("/"
+ + fileConf);
+ properties = new Properties();
+
+ properties.loadFromXML(inputStr);
+ } catch (final InvalidPropertiesFormatException e) {
+ LOG.info("Exception: invalid properties format.");
+ throw new SAMLEngineException(e);
+ } catch (IOException e) {
+ LOG.info("Exception: invalid file: " + fileConf);
+ throw new SAMLEngineException(e);
+ } finally {
+ IOUtils.closeQuietly(inputStr);
+ }
+ }
+
+
+ /**
+ * @see eu.stork.peps.auth.engine.core.SAMLEngineSignI#getCertificate()
+ * @return the X509Certificate.
+ */
+ public X509Certificate getCertificate() {
+ throw new NotImplementedException();
+ }
+
+ /**
+ * @see
+ * eu.stork.peps.auth.engine.core.SAMLEngineSignI#sign(SignableSAMLObject tokenSaml)
+ * @param tokenSaml signable SAML Object
+ * @return the SAMLObject signed.
+ * @throws SAMLEngineException error in sign token saml
+ */
+ public SAMLObject sign(final SignableSAMLObject tokenSaml) throws SAMLEngineException {
+
+ try {
+ LOG.info("Star procces of sign");
+ final char[] pin = properties.getProperty("keyPassword")
+ .toCharArray();
+
+ storkOwnKeyStore.load(null, pin);
+
+ final String serialNumber = properties.getProperty("serialNumber");
+ final String issuer = properties.getProperty("issuer");
+
+ String alias = null;
+ String aliasCert;
+ X509Certificate certificate;
+
+ boolean find = false;
+ for (final Enumeration<String> e = storkOwnKeyStore.aliases(); e
+ .hasMoreElements() && !find;) {
+ aliasCert = e.nextElement();
+ certificate = (X509Certificate) storkOwnKeyStore
+ .getCertificate(aliasCert);
+ // Verified serial number, issuer
+
+ final String serialNum = certificate.getSerialNumber()
+ .toString(16);
+ X509Principal issuerDN = new X509Principal(certificate.getIssuerDN().getName());
+ X509Principal issuerDNConf = new X509Principal(issuer);
+
+ if(serialNum.equalsIgnoreCase(serialNumber)
+ && X509PrincipalUtil.equals(issuerDN, issuerDNConf)){
+ alias = aliasCert;
+ find = true;
+ }
+
+ }
+
+ if (!find) {
+ throw new SAMLEngineException("Certificate cannot be found in keystore ");
+ }
+ certificate = (X509Certificate) storkOwnKeyStore.getCertificate(alias);
+ final PrivateKey privateKey = (PrivateKey) storkOwnKeyStore.getKey(
+ alias, pin);
+
+ LOG.info("Recover BasicX509Credential.");
+ final BasicX509Credential credential = new BasicX509Credential();
+
+ LOG.debug("Load certificate");
+ credential.setEntityCertificate(certificate);
+
+ LOG.debug("Load privateKey");
+ credential.setPrivateKey(privateKey);
+
+ LOG.info("Star procces of sign");
+ final Signature signature = (Signature) org.opensaml.xml.Configuration
+ .getBuilderFactory().getBuilder(
+ Signature.DEFAULT_ELEMENT_NAME).buildObject(
+ Signature.DEFAULT_ELEMENT_NAME);
+
+ LOG.debug("Begin signature with openSaml");
+ signature.setSigningCredential(credential);
+
+ /*signature.setSignatureAlgorithm(
+ SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA1);*/
+ signature.setSignatureAlgorithm(
+ SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA256);
+
+
+
+ final SecurityConfiguration securityConf =
+ org.opensaml.xml.Configuration.getGlobalSecurityConfiguration();
+ final NamedKeyInfoGeneratorManager keyInfoManager = securityConf
+ .getKeyInfoGeneratorManager();
+ final KeyInfoGeneratorManager keyInfoGenManager = keyInfoManager
+ .getDefaultManager();
+ final KeyInfoGeneratorFactory keyInfoGenFac = keyInfoGenManager
+ .getFactory(credential);
+ final KeyInfoGenerator keyInfoGenerator = keyInfoGenFac
+ .newInstance();
+
+ final KeyInfo keyInfo = keyInfoGenerator.generate(credential);
+
+ signature.setKeyInfo(keyInfo);
+
+ LOG.debug("Set Canonicalization Algorithm");
+ signature.setCanonicalizationAlgorithm(
+ SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS);
+
+ //Create a second signature which will be used when signing assertion and response
+ final Signature signature2 = (Signature) Configuration
+ .getBuilderFactory().getBuilder(
+ Signature.DEFAULT_ELEMENT_NAME).buildObject(
+ Signature.DEFAULT_ELEMENT_NAME);
+ final SecurityConfiguration secConfiguration2 = Configuration
+ .getGlobalSecurityConfiguration();
+ final NamedKeyInfoGeneratorManager keyInfoManager2 = secConfiguration2
+ .getKeyInfoGeneratorManager();
+ final KeyInfoGeneratorManager keyInfoGenManager2 = keyInfoManager2
+ .getDefaultManager();
+ final KeyInfoGeneratorFactory keyInfoGenFac2 = keyInfoGenManager2
+ .getFactory(credential);
+ final KeyInfoGenerator keyInfoGenerator2 = keyInfoGenFac2
+ .newInstance();
+
+ KeyInfo keyInfo2 = keyInfoGenerator2.generate(credential);
+ signature2.setSigningCredential(credential);
+ signature2.setSignatureAlgorithm(
+ SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA256);
+ signature2.setKeyInfo(keyInfo2);
+ signature2.setCanonicalizationAlgorithm(
+ SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS);
+
+
+ LOG.info("Marshall samlToken.");
+ String qn = tokenSaml.getElementQName().toString();
+
+ if (qn.endsWith(CustomAttributeQuery.DEFAULT_ELEMENT_LOCAL_NAME))
+ {
+ tokenSaml.setSignature(signature);
+ CustomAttributeQueryMarshaller mars = new CustomAttributeQueryMarshaller();
+ mars.marshall(tokenSaml);
+ Signer.signObject(signature);
+ }
+ else if (qn.endsWith(Response.DEFAULT_ELEMENT_LOCAL_NAME) && !qn.contains(LogoutResponse.DEFAULT_ELEMENT_LOCAL_NAME))
+ {
+ Response res = (Response)tokenSaml;
+ List<Assertion> asserts = res.getAssertions();
+ //If multiple assertions we just sign the response and not the assertion
+ if (asserts.size() > 1)
+ {
+ tokenSaml.setSignature(signature);
+ Configuration.getMarshallerFactory().getMarshaller(tokenSaml)
+ .marshall(tokenSaml);
+ LOG.info("Sign samlToken.");
+ Signer.signObject(signature);
+ }
+ //If single assertion we sign the assertion and response
+ else
+ {
+ Assertion assertion = (Assertion)asserts.get(0);
+ assertion.setSignature(signature);
+ tokenSaml.setSignature(signature2);
+ Configuration.getMarshallerFactory().getMarshaller(tokenSaml)
+ .marshall(tokenSaml);
+ LOG.info("Sign samlToken.");
+ Signer.signObject(signature);
+ Signer.signObject(signature2);
+ }
+ }
+ //Normally we just sign the total saml response
+ else
+ {
+ tokenSaml.setSignature(signature);
+ Configuration.getMarshallerFactory().getMarshaller(tokenSaml)
+ .marshall(tokenSaml);
+ LOG.info("Sign samlToken.");
+ Signer.signObject(signature);
+ }
+
+ } catch (final MarshallingException e) {
+ LOG.error("MarshallingException");
+ throw new SAMLEngineException(e);
+ } catch (final NoSuchAlgorithmException e) {
+ LOG.error("A 'xmldsig#rsa-sha1' cryptographic algorithm is requested but is not available in the environment.");
+ throw new SAMLEngineException(e);
+ } catch (final KeyStoreException e) {
+ LOG.error("Generic KeyStore exception.");
+ throw new SAMLEngineException(e);
+ } catch (final SignatureException e) {
+ LOG.error("Signature exception.");
+ throw new SAMLEngineException(e);
+ } catch (final SecurityException e) {
+ LOG.error("Security exception.");
+ throw new SAMLEngineException(e);
+ } catch (final CertificateException e) {
+ LOG.error("Certificate exception.");
+ throw new SAMLEngineException(e);
+ } catch (final IOException e) {
+ LOG.error("IO exception.");
+ throw new SAMLEngineException(e);
+ } catch (final UnrecoverableKeyException e) {
+ LOG.error("UnrecoverableKeyException exception.");
+ throw new SAMLEngineException(e);
+ }
+
+ return tokenSaml;
+ }
+
+ /**
+ * @see
+ * eu.stork.peps.auth.engine.core.SAMLEngineSignI#validateSignature(SignableSAMLObject)
+ * @param tokenSaml the token saml
+ * @return the SAMLObject validated.
+ * @throws SAMLEngineException exception in validate signature
+ */
+ public SAMLObject validateSignature(final SignableSAMLObject tokenSaml)
+ throws SAMLEngineException {
+ LOG.info("Start signature validation.");
+ try {
+
+ // Validate structure signature
+ final SAMLSignatureProfileValidator signProfValidator =
+ new SAMLSignatureProfileValidator();
+
+ // Indicates signature id conform to SAML Signature profile
+ signProfValidator.validate(tokenSaml.getSignature());
+
+ String aliasCert;
+ X509Certificate certificate;
+
+ final List<Credential> trustedCred = new ArrayList<Credential>();
+
+ for (final Enumeration<String> e = storkOwnKeyStore.aliases(); e
+ .hasMoreElements();) {
+ aliasCert = e.nextElement();
+ final BasicX509Credential credential = new BasicX509Credential();
+ certificate = (X509Certificate) storkOwnKeyStore
+ .getCertificate(aliasCert);
+ credential.setEntityCertificate(certificate);
+ trustedCred.add(credential);
+ }
+
+ final KeyInfo keyInfo = tokenSaml.getSignature().getKeyInfo();
+ final List<X509Certificate> listCertificates = KeyInfoHelper
+ .getCertificates(keyInfo);
+
+ if (listCertificates.size() != 1) {
+ throw new SAMLEngineException("Only must be one certificate");
+ }
+
+ // Exist only one certificate
+ final BasicX509Credential entityX509Cred = new BasicX509Credential();
+ entityX509Cred.setEntityCertificate(listCertificates.get(0));
+
+ final ExplicitKeyTrustEvaluator keyTrustEvaluator =
+ new ExplicitKeyTrustEvaluator();
+ if (!keyTrustEvaluator.validate(entityX509Cred, trustedCred)) {
+ throw new SAMLEngineException("Certificate it is not trusted.");
+ }
+
+ final SignatureValidator sigValidator = new SignatureValidator(
+ entityX509Cred);
+
+ sigValidator.validate(tokenSaml.getSignature());
+
+ } catch (final ValidationException e) {
+ LOG.error("ValidationException.", e);
+ throw new SAMLEngineException(e);
+ } catch (final KeyStoreException e) {
+ LOG.error("ValidationException.", e);
+ throw new SAMLEngineException(e);
+ } catch (final CertificateException e) {
+ LOG.error("CertificateException.", e);
+ throw new SAMLEngineException(e);
+ }
+ return tokenSaml;
+ }
+
+ /**
+ * load cryptographic service provider.
+ *
+ * @throws SAMLEngineException the SAML engine exception
+ * Note this class was using pkcs11Provider
+ * final Provider pkcs11Provider = new sun.security.pkcs11.SunPKCS11(inputStream)
+ * if (Security.getProperty(pkcs11Provider.getName()) == null) {
+ * Security.insertProviderAt(pkcs11Provider, Security .getProviders().length)
+ * }
+ * storkOwnKeyStore = KeyStore.getInstance(properties.getProperty(KEYSTORE_TYPE))
+ */
+ public void loadCryptServiceProvider() throws SAMLEngineException {
+ LOG.info("Load Cryptographic Service Provider");
+ InputStream inputStream = null;
+
+ try {
+ inputStream = SignHW.class.getResourceAsStream("/"
+ + properties.getProperty(CONF_FILE));
+
+ } catch (final Exception e) {
+ throw new SAMLEngineException(
+ "Error loading CryptographicServiceProvider", e);
+ } finally {
+ IOUtils.closeQuietly(inputStream);
+ }
+ }
+
+}
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SignModuleFactory.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SignModuleFactory.java
new file mode 100644
index 000000000..2adefddbd
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SignModuleFactory.java
@@ -0,0 +1,64 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.auth.engine.core.impl;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import eu.stork.peps.auth.engine.core.SAMLEngineSignI;
+import eu.stork.peps.exceptions.STORKSAMLEngineException;
+
+/**
+ * The Class ModuleSignFactory.
+ *
+ * @author fjquevedo
+ *
+ */
+
+public final class SignModuleFactory {
+
+ /** The Constant LOG. */
+ private static final Logger LOG = LoggerFactory
+ .getLogger(SignModuleFactory.class.getName());
+
+ /**
+ * Instantiates a new module sign factory.
+ */
+ private SignModuleFactory() {
+
+ }
+
+ /**
+ * Gets the single instance of SignModuleFactory.
+ *
+ * @param className the class name
+ *
+ * @return single instance of SignModuleFactory
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ public static SAMLEngineSignI getInstance(final String className)
+ throws STORKSAMLEngineException {
+ LOG.info("[START]SignModuleFactory static");
+ try {
+ final Class cls = Class.forName(className);
+ return (SAMLEngineSignI) cls.newInstance();
+ } catch (Exception e) {
+ throw new STORKSAMLEngineException(e);
+ }
+
+ }
+}
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SignP12.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SignP12.java
new file mode 100644
index 000000000..50ad9936d
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SignP12.java
@@ -0,0 +1,556 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.auth.engine.core.impl;
+
+import java.io.ByteArrayInputStream;
+import java.io.FileInputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.net.URL;
+import java.security.GeneralSecurityException;
+import java.security.KeyStore;
+import java.security.KeyStoreException;
+import java.security.NoSuchAlgorithmException;
+import java.security.PrivateKey;
+import java.security.Provider;
+import java.security.Security;
+import java.security.UnrecoverableKeyException;
+import java.security.cert.CertificateFactory;
+import java.security.cert.X509Certificate;
+import java.util.ArrayList;
+import java.util.Enumeration;
+import java.util.InvalidPropertiesFormatException;
+import java.util.List;
+import java.util.Properties;
+
+import eu.stork.peps.auth.engine.X509PrincipalUtil;
+import org.apache.commons.io.IOUtils;
+import org.apache.commons.lang.NotImplementedException;
+import org.bouncycastle.jce.X509Principal;
+import org.bouncycastle.jce.provider.BouncyCastleProvider;
+import org.opensaml.Configuration;
+import org.opensaml.common.SAMLObject;
+import org.opensaml.common.SignableSAMLObject;
+import org.opensaml.saml2.core.Assertion;
+import org.opensaml.saml2.core.LogoutResponse;
+import org.opensaml.saml2.core.Response;
+import org.opensaml.security.SAMLSignatureProfileValidator;
+import org.opensaml.xml.io.MarshallingException;
+import org.opensaml.xml.security.SecurityConfiguration;
+import org.opensaml.xml.security.SecurityException;
+import org.opensaml.xml.security.credential.Credential;
+import org.opensaml.xml.security.keyinfo.KeyInfoGenerator;
+import org.opensaml.xml.security.keyinfo.KeyInfoGeneratorFactory;
+import org.opensaml.xml.security.keyinfo.KeyInfoGeneratorManager;
+import org.opensaml.xml.security.keyinfo.NamedKeyInfoGeneratorManager;
+import org.opensaml.xml.security.trust.ExplicitKeyTrustEvaluator;
+import org.opensaml.xml.security.x509.BasicX509Credential;
+import org.opensaml.xml.signature.KeyInfo;
+import org.opensaml.xml.signature.Signature;
+import org.opensaml.xml.signature.SignatureConstants;
+import org.opensaml.xml.signature.SignatureException;
+import org.opensaml.xml.signature.SignatureValidator;
+import org.opensaml.xml.signature.Signer;
+import org.opensaml.xml.util.Base64;
+import org.opensaml.xml.validation.ValidationException;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import eu.stork.peps.auth.engine.core.CustomAttributeQuery;
+import eu.stork.peps.auth.engine.core.SAMLEngineSignI;
+import eu.stork.peps.exceptions.SAMLEngineException;
+
+/**
+ * The Class SWSign. Class responsible for signing and validating of messages
+ * SAML with a certificate store software.
+ *
+ * @author fjquevedo
+ */
+public final class SignP12 implements SAMLEngineSignI {
+
+ /** The logger. */
+ private static final Logger LOG = LoggerFactory.getLogger(SignP12.class
+ .getName());
+
+
+ /** The p12 store. */
+ private KeyStore p12Store = null;
+
+
+ /** The trust store. */
+ private KeyStore trustStore = null;
+
+
+ /**
+ * Gets the trust store.
+ *
+ * @return the trust store
+ */
+ public KeyStore getTrustStore() {
+ return trustStore;
+ }
+
+ /**
+ * Sets the trust store.
+ *
+ * @param newTrustStore the new trust store
+ */
+ public void setTrustStore(final KeyStore newTrustStore) {
+ this.trustStore = newTrustStore;
+ }
+
+ /**
+ * The instance.
+ *
+ * @return the properties
+ */
+
+ public Properties getProperties() {
+ return properties;
+ }
+
+
+
+ /**
+ * Gets the p12 store.
+ *
+ * @return the p12 store
+ */
+ public KeyStore getP12Store() {
+ return p12Store;
+ }
+
+
+
+ /**
+ * Sets the p12 store.
+ *
+ * @param newP12Store the new p12 store
+ */
+ public void setP12Store(final KeyStore newP12Store) {
+ this.p12Store = newP12Store;
+ }
+
+
+
+ /**
+ * Sets the properties.
+ *
+ * @param newProperties the new properties
+ */
+ public void setProperties(final Properties newProperties) {
+ this.properties = newProperties;
+ }
+
+ /** The SW sign prop. */
+ private Properties properties = null;
+
+
+ /**
+ * Initialize the file configuration.
+ *
+ * @param fileConf name of the file configuration
+ *
+ * @throws SAMLEngineException error at the load from file configuration
+ */
+ public void init(final String fileConf) throws SAMLEngineException {
+ InputStream fileProperties = null;
+ properties = new Properties();
+ try {
+ try {
+ LOG.debug("Fichero a cargar " + fileConf);
+ fileProperties = new FileInputStream(fileConf);
+ properties.loadFromXML(fileProperties);
+ } catch (Exception e) {
+ LOG.error("Fallo al cargar el recurso externo. Se reintenta como fichero interno.");
+ fileProperties = SignP12.class.getResourceAsStream("/" + fileConf);
+ if (fileProperties == null) {
+ fileProperties = Thread.currentThread().getContextClassLoader().getResourceAsStream(fileConf);
+ if (fileProperties == null) {
+ Enumeration<URL> files = ClassLoader.getSystemClassLoader().getResources(fileConf);
+ if (files != null && files.hasMoreElements()) {
+ LOG.info("Se han encontrado recurso/s. Se toma el primero.");
+ fileProperties = ClassLoader.getSystemClassLoader().getResourceAsStream(files.nextElement().getFile());
+ } else {
+ throw new IOException("No se pudo recuperar el fichero: " + fileConf, e);
+ }
+ }
+ }
+ LOG.debug("Recuperados " + fileProperties.available() + " bytes");
+ properties.loadFromXML(fileProperties);
+ }
+ } catch (InvalidPropertiesFormatException e) {
+ LOG.info("Exception: invalid properties format.");
+ throw new SAMLEngineException(e);
+ } catch (IOException e) {
+ LOG.info("Exception: invalid file: " + fileConf);
+ throw new SAMLEngineException(e);
+ } finally {
+ IOUtils.closeQuietly(fileProperties);
+ }
+ }
+
+ /**
+ * Gets the certificate.
+ *
+ * @return the X509Certificate
+ *
+ */
+ public X509Certificate getCertificate() {
+ throw new NotImplementedException();
+ }
+
+ /**
+ * Sign the token SAML.
+ *
+ * @param tokenSaml token SAML
+ *
+ * @return the X509Certificate signed.
+ *
+ * @throws SAMLEngineException error at sign SAML token
+ *
+ */
+ public SAMLObject sign(final SignableSAMLObject tokenSaml)
+ throws SAMLEngineException {
+ LOG.info("Start Sign process");
+ try {
+
+ final String serialNumber = properties.getProperty("serialNumber");
+ final String issuer = properties.getProperty("issuer");
+
+ String alias = null;
+ String aliasCert;
+ X509Certificate certificate;
+
+ boolean find = false;
+ for (final Enumeration<String> e = p12Store.aliases(); e
+ .hasMoreElements() && !find;) {
+ aliasCert = e.nextElement();
+ certificate = (X509Certificate) p12Store
+ .getCertificate(aliasCert);
+
+ final String serialNum = certificate.getSerialNumber()
+ .toString(16);
+
+ X509Principal issuerDN = new X509Principal(certificate.getIssuerDN().getName());
+ X509Principal issuerDNConf = new X509Principal(issuer);
+
+ if(serialNum.equalsIgnoreCase(serialNumber)
+ && X509PrincipalUtil.equals(issuerDN, issuerDNConf)){
+ alias = aliasCert;
+ find = true;
+ }
+
+ }
+
+ certificate = (X509Certificate) p12Store
+ .getCertificate(alias);
+ final PrivateKey privateKey = (PrivateKey) p12Store.getKey(
+ alias, properties.getProperty("keyPassword").toCharArray());
+
+ LOG.info("Recover BasicX509Credential.");
+ final BasicX509Credential credential = new BasicX509Credential();
+
+ LOG.debug("Load certificate");
+ credential.setEntityCertificate(certificate);
+
+ LOG.debug("Load privateKey");
+ credential.setPrivateKey(privateKey);
+
+ LOG.debug("Begin signature with openSaml");
+ final Signature signature = (Signature) Configuration
+ .getBuilderFactory().getBuilder(
+ Signature.DEFAULT_ELEMENT_NAME).buildObject(
+ Signature.DEFAULT_ELEMENT_NAME);
+
+ signature.setSigningCredential(credential);
+
+ /*signature.setSignatureAlgorithm(
+ SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA1);*/
+ signature.setSignatureAlgorithm(
+ SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA256);
+
+ final SecurityConfiguration secConfiguration = Configuration
+ .getGlobalSecurityConfiguration();
+ final NamedKeyInfoGeneratorManager keyInfoManager = secConfiguration
+ .getKeyInfoGeneratorManager();
+ final KeyInfoGeneratorManager keyInfoGenManager = keyInfoManager
+ .getDefaultManager();
+ final KeyInfoGeneratorFactory keyInfoGenFac = keyInfoGenManager
+ .getFactory(credential);
+ final KeyInfoGenerator keyInfoGenerator = keyInfoGenFac
+ .newInstance();
+
+ final KeyInfo keyInfo = keyInfoGenerator.generate(credential);
+
+ signature.setKeyInfo(keyInfo);
+ signature.setCanonicalizationAlgorithm(
+ SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS);
+
+ //Create a second signature which will be used when signing assertion and response
+ final Signature signature2 = (Signature) Configuration
+ .getBuilderFactory().getBuilder(
+ Signature.DEFAULT_ELEMENT_NAME).buildObject(
+ Signature.DEFAULT_ELEMENT_NAME);
+ final SecurityConfiguration secConfiguration2 = Configuration
+ .getGlobalSecurityConfiguration();
+ final NamedKeyInfoGeneratorManager keyInfoManager2 = secConfiguration2
+ .getKeyInfoGeneratorManager();
+ final KeyInfoGeneratorManager keyInfoGenManager2 = keyInfoManager2
+ .getDefaultManager();
+ final KeyInfoGeneratorFactory keyInfoGenFac2 = keyInfoGenManager2
+ .getFactory(credential);
+ final KeyInfoGenerator keyInfoGenerator2 = keyInfoGenFac2
+ .newInstance();
+
+ KeyInfo keyInfo2 = keyInfoGenerator2.generate(credential);
+ signature2.setSigningCredential(credential);
+ signature2.setSignatureAlgorithm(
+ SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA256);
+ signature2.setKeyInfo(keyInfo2);
+ signature2.setCanonicalizationAlgorithm(
+ SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS);
+
+
+ LOG.info("Marshall samlToken.");
+ String qn = tokenSaml.getElementQName().toString();
+
+ if (qn.endsWith(CustomAttributeQuery.DEFAULT_ELEMENT_LOCAL_NAME))
+ {
+ tokenSaml.setSignature(signature);
+ CustomAttributeQueryMarshaller mars = new CustomAttributeQueryMarshaller();
+ mars.marshall(tokenSaml);
+ Signer.signObject(signature);
+ }
+ else if (qn.endsWith(Response.DEFAULT_ELEMENT_LOCAL_NAME) && !qn.contains(LogoutResponse.DEFAULT_ELEMENT_LOCAL_NAME))
+ {
+ Response res = (Response)tokenSaml;
+ List<Assertion> asserts = res.getAssertions();
+ //If multiple assertions we just sign the response and not the assertion
+ if (asserts.size() > 1)
+ {
+ tokenSaml.setSignature(signature);
+ Configuration.getMarshallerFactory().getMarshaller(tokenSaml)
+ .marshall(tokenSaml);
+ LOG.info("Sign samlToken.");
+ Signer.signObject(signature);
+ }
+ //If single assertion we sign the assertion and response
+ else
+ {
+ Assertion assertion = (Assertion)asserts.get(0);
+ assertion.setSignature(signature);
+ tokenSaml.setSignature(signature2);
+ Configuration.getMarshallerFactory().getMarshaller(tokenSaml)
+ .marshall(tokenSaml);
+ LOG.info("Sign samlToken.");
+ Signer.signObject(signature);
+ Signer.signObject(signature2);
+ }
+ }
+ //Normally we just sign the total saml response
+ else
+ {
+ tokenSaml.setSignature(signature);
+ Configuration.getMarshallerFactory().getMarshaller(tokenSaml)
+ .marshall(tokenSaml);
+ LOG.info("Sign samlToken.");
+ Signer.signObject(signature);
+ }
+
+ } catch (MarshallingException e) {
+ LOG.error("MarshallingException");
+ throw new SAMLEngineException(e);
+ } catch (NoSuchAlgorithmException e) {
+ LOG.error("A 'xmldsig#rsa-sha1' cryptographic algorithm is requested but is not available in the environment.");
+ throw new SAMLEngineException(e);
+ } catch (KeyStoreException e) {
+ LOG.error("Generic KeyStore exception.");
+ throw new SAMLEngineException(e);
+ } catch (SignatureException e) {
+ LOG.error("Signature exception.");
+ throw new SAMLEngineException(e);
+ } catch (SecurityException e) {
+ LOG.error("Security exception.");
+ throw new SAMLEngineException(e);
+ } catch (UnrecoverableKeyException e) {
+ LOG.error("UnrecoverableKey exception.");
+ throw new SAMLEngineException(e);
+ }
+
+ return tokenSaml;
+ }
+
+ /**
+ * Validate signature.
+ *
+ * @param tokenSaml token SAML
+ *
+ * @return the SAMLObject validated.
+ *
+ * @throws SAMLEngineException error validate signature
+ *
+ */
+ public SAMLObject validateSignature(final SignableSAMLObject tokenSaml)
+ throws SAMLEngineException {
+ LOG.info("Start signature validation.");
+ try {
+
+ // Validate structure signature
+ final SAMLSignatureProfileValidator sigProfValidator =
+ new SAMLSignatureProfileValidator();
+ try {
+ // Indicates signature id conform to SAML Signature profile
+ sigProfValidator.validate(tokenSaml.getSignature());
+ } catch (ValidationException e) {
+ LOG.error("ValidationException: signature isn't conform to SAML Signature profile.");
+ throw new SAMLEngineException(e);
+ }
+
+ String aliasCert = null;
+ X509Certificate certificate;
+
+ /*final List<Credential> trustCred = new ArrayList<Credential>();
+
+ for (final Enumeration<String> e = trustStore.aliases(); e
+ .hasMoreElements();) {
+ aliasCert = e.nextElement();
+ final BasicX509Credential credential = new BasicX509Credential();
+ certificate = (X509Certificate) trustStore
+ .getCertificate(aliasCert);
+ credential.setEntityCertificate(certificate);
+ trustCred.add(credential);
+ }*/
+
+ final KeyInfo keyInfo = tokenSaml.getSignature().getKeyInfo();
+
+ final org.opensaml.xml.signature.X509Certificate xmlCert = keyInfo
+ .getX509Datas().get(0).getX509Certificates().get(0);
+
+ final CertificateFactory certFact = CertificateFactory
+ .getInstance("X.509");
+ final ByteArrayInputStream bis = new ByteArrayInputStream(Base64
+ .decode(xmlCert.getValue()));
+ final X509Certificate cert = (X509Certificate) certFact
+ .generateCertificate(bis);
+
+ // Exist only one certificate
+ final BasicX509Credential entityX509Cred = new BasicX509Credential();
+ entityX509Cred.setEntityCertificate(cert);
+
+ boolean trusted = false;
+
+ for (final Enumeration<String> e = trustStore.aliases(); e.hasMoreElements();)
+ {
+ aliasCert = e.nextElement();
+ certificate = (X509Certificate) trustStore.getCertificate(aliasCert);
+ try {
+ cert.verify(certificate.getPublicKey());
+ trusted = true;
+ break;
+ }
+ catch (Exception ex) {
+ //Do nothing - cert not trusted yet
+ }
+ }
+
+ if (!trusted)
+ throw new SAMLEngineException("Certificate is not trusted.");
+
+ /*
+ // Validate trust certificates
+ final ExplicitKeyTrustEvaluator keyTrustEvaluator =
+ new ExplicitKeyTrustEvaluator();
+ if (!keyTrustEvaluator.validate(entityX509Cred, trustCred)) {
+ throw new SAMLEngineException("Certificate it is not trusted.");
+ }*/
+
+ // Validate signature
+ final SignatureValidator sigValidator = new SignatureValidator(
+ entityX509Cred);
+ sigValidator.validate(tokenSaml.getSignature());
+
+ } catch (ValidationException e) {
+ LOG.error("ValidationException.");
+ throw new SAMLEngineException(e);
+ } catch (KeyStoreException e) {
+ LOG.error("KeyStoreException.", e);
+ throw new SAMLEngineException(e);
+ } catch (GeneralSecurityException e) {
+ LOG.error("GeneralSecurityException.", e);
+ throw new SAMLEngineException(e);
+ }
+ return tokenSaml;
+ }
+
+
+ /**
+ * Load cryptographic service provider.
+ *
+ * @throws SAMLEngineException the SAML engine exception
+ */
+ public void loadCryptServiceProvider() throws SAMLEngineException {
+ LOG.info("Load Cryptographic Service Provider");
+
+ FileInputStream fis = null;
+ FileInputStream fisTrustStore = null;
+
+ try {
+ // Dynamically register Bouncy Castle provider.
+ boolean found = false;
+ // Check if BouncyCastle is already registered as a provider
+ final Provider[] providers = Security.getProviders();
+ for (int i = 0; i < providers.length; i++) {
+ if (providers[i].getName().equals(
+ BouncyCastleProvider.PROVIDER_NAME)) {
+ found = true;
+ }
+ }
+
+ // Register only if the provider has not been previously registered
+ if (!found) {
+ LOG.debug("SAMLCore: Register Bouncy Castle provider.");
+ Security.insertProviderAt(new BouncyCastleProvider(), Security
+ .getProviders().length);
+ }
+
+ p12Store = KeyStore.getInstance(properties
+ .getProperty("keystoreType"));
+
+ fis = new FileInputStream(properties
+ .getProperty("keystorePath"));
+
+ p12Store.load(fis, properties.getProperty(
+ "keyStorePassword").toCharArray());
+
+
+ trustStore = KeyStore.getInstance(properties
+ .getProperty("trustStoreType"));
+
+ fisTrustStore = new FileInputStream(properties
+ .getProperty("trustStorePath"));
+ trustStore.load(fisTrustStore, properties.getProperty(
+ "trustStorePassword").toCharArray());
+
+ } catch (Exception e) {
+ throw new SAMLEngineException(
+ "Error loading CryptographicServiceProvider", e);
+ } finally {
+ IOUtils.closeQuietly(fis);
+ IOUtils.closeQuietly(fisTrustStore);
+ }
+ }
+}
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SignSW.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SignSW.java
new file mode 100644
index 000000000..4554a9586
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SignSW.java
@@ -0,0 +1,538 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.auth.engine.core.impl;
+
+import java.io.ByteArrayInputStream;
+import java.io.FileInputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.security.GeneralSecurityException;
+import java.security.KeyStore;
+import java.security.KeyStoreException;
+import java.security.NoSuchAlgorithmException;
+import java.security.PrivateKey;
+import java.security.Provider;
+import java.security.Security;
+import java.security.UnrecoverableKeyException;
+import java.security.cert.CertificateExpiredException;
+import java.security.cert.CertificateFactory;
+import java.security.cert.CertificateNotYetValidException;
+import java.security.cert.X509Certificate;
+import java.util.ArrayList;
+import java.util.Enumeration;
+import java.util.InvalidPropertiesFormatException;
+import java.util.List;
+import java.util.Properties;
+
+import eu.stork.peps.auth.engine.SAMLEngineUtils;
+import eu.stork.peps.auth.engine.X509PrincipalUtil;
+import org.apache.commons.io.IOUtils;
+import org.apache.commons.lang.NotImplementedException;
+import org.bouncycastle.jce.X509Principal;
+import org.bouncycastle.jce.provider.BouncyCastleProvider;
+import org.opensaml.Configuration;
+import org.opensaml.common.SAMLObject;
+import org.opensaml.common.SignableSAMLObject;
+import org.opensaml.saml2.core.Assertion;
+import org.opensaml.saml2.core.LogoutResponse;
+import org.opensaml.saml2.core.Response;
+import org.opensaml.security.SAMLSignatureProfileValidator;
+import org.opensaml.xml.io.MarshallingException;
+import org.opensaml.xml.security.SecurityConfiguration;
+import org.opensaml.xml.security.SecurityException;
+import org.opensaml.xml.security.credential.Credential;
+import org.opensaml.xml.security.keyinfo.KeyInfoGenerator;
+import org.opensaml.xml.security.keyinfo.KeyInfoGeneratorFactory;
+import org.opensaml.xml.security.keyinfo.KeyInfoGeneratorManager;
+import org.opensaml.xml.security.keyinfo.NamedKeyInfoGeneratorManager;
+import org.opensaml.xml.security.trust.ExplicitKeyTrustEvaluator;
+import org.opensaml.xml.security.trust.ExplicitX509CertificateTrustEvaluator;
+import org.opensaml.xml.security.x509.BasicX509Credential;
+import org.opensaml.xml.signature.KeyInfo;
+import org.opensaml.xml.signature.Signature;
+import org.opensaml.xml.signature.SignatureConstants;
+import org.opensaml.xml.signature.SignatureException;
+import org.opensaml.xml.signature.SignatureValidator;
+import org.opensaml.xml.signature.Signer;
+import org.opensaml.xml.util.Base64;
+import org.opensaml.xml.validation.ValidationException;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import eu.stork.peps.auth.engine.core.CustomAttributeQuery;
+import eu.stork.peps.auth.engine.core.SAMLEngineSignI;
+import eu.stork.peps.configuration.ConfigurationReader;
+import eu.stork.peps.exceptions.SAMLEngineException;
+
+
+/**
+ * The Class SWSign. Class responsible for signing and validating of messages
+ * SAML with a certificate store software.
+ *
+ * @author fjquevedo
+ */
+public class SignSW implements SAMLEngineSignI {
+
+ /** The Constant KEYSTORE_TYPE. */
+ private static final String KEYSTORE_TYPE = "keystoreType";
+
+ /** The Constant KEY_STORE_PASSWORD. */
+ private static final String KEY_STORE_PASS = "keyStorePassword";
+
+ /** The logger. */
+ private static final Logger LOG = LoggerFactory.getLogger(SignSW.class
+ .getName());
+
+ /** The stork own key store. */
+ private KeyStore storkOwnKeyStore = null;
+
+ /**
+ * The instance.
+ *
+ * @return the properties
+ */
+
+ public final Properties getProperties() {
+ return properties;
+ }
+
+ /**
+ * Gets the stork own key store.
+ *
+ * @return the stork own key store
+ */
+ public final KeyStore getStorkOwnKeyStore() {
+ return storkOwnKeyStore;
+ }
+
+ /**
+ * Gets the stork trustStore.
+ *
+ * @return the stork own key store
+ */
+ public KeyStore getTrustStore() {
+ return storkOwnKeyStore;
+ }
+
+ /**
+ * Sets the stork own key store.
+ *
+ * @param newkOwnKeyStore the new stork own key store
+ */
+ public final void setStorkOwnKeyStore(final KeyStore newkOwnKeyStore) {
+ this.storkOwnKeyStore = newkOwnKeyStore;
+ }
+
+ /**
+ * Sets the properties.
+ *
+ * @param newProperties the new properties
+ */
+ public final void setProperties(final Properties newProperties) {
+ this.properties = newProperties;
+ }
+
+ /** The SW sign prop. */
+ private Properties properties = null;
+
+
+ /**
+ * Inits the file configuration.
+ *
+ * @param fileConf name of the file configuration
+ *
+ * @throws SAMLEngineException error at the load from file configuration
+ */
+ public final void init(final String fileConf)
+ throws SAMLEngineException {
+ InputStream fileProperties = null;
+ try {
+ // fetch base from system properties, give a default if there is nothing configured
+ String base = System.getProperty("eu.stork.samlengine.config.location");
+ if(null != base)
+ if(!base.endsWith("/"))
+ base += "/";
+
+ if(null != base)
+ fileProperties = new FileInputStream(base + fileConf);
+ else
+ fileProperties = SignSW.class.getResourceAsStream("/" + fileConf);
+ properties = new Properties();
+
+ properties.loadFromXML(fileProperties);
+ fileProperties.close();
+ } catch (InvalidPropertiesFormatException e) {
+ LOG.info("Exception: invalid properties format.");
+ throw new SAMLEngineException(e);
+ } catch (IOException e) {
+ LOG.info("Exception: invalid file: " + fileConf);
+ throw new SAMLEngineException(e);
+ } finally {
+ IOUtils.closeQuietly(fileProperties);
+ }
+ }
+
+ /**
+ * @see eu.stork.peps.auth.engine.core.SAMLEngineSignI#getCertificate()
+ * @return the X509Certificate
+ */
+ public final X509Certificate getCertificate() {
+ throw new NotImplementedException();
+ }
+
+
+ /**
+ * Sign the token SAML.
+ *
+ * @param tokenSaml the token SAML.
+ *
+ * @return the SAML object
+ *
+ * @throws SAMLEngineException the SAML engine exception
+ *
+ */
+ public final SAMLObject sign(final SignableSAMLObject tokenSaml)
+ throws SAMLEngineException {
+ LOG.info("Start Sign process.");
+ try {
+ final String serialNumber = properties.getProperty("serialNumber");
+ final String issuer = properties.getProperty("issuer");
+
+ String alias = null;
+ String aliasCert;
+ X509Certificate certificate;
+ boolean find = false;
+
+ for (final Enumeration<String> e = storkOwnKeyStore.aliases(); e
+ .hasMoreElements() && !find; ) {
+ aliasCert = e.nextElement();
+ certificate = (X509Certificate) storkOwnKeyStore
+ .getCertificate(aliasCert);
+
+ final String serialNum = certificate.getSerialNumber()
+ .toString(16);
+
+ X509Principal issuerDN = new X509Principal(certificate.getIssuerDN().getName());
+ X509Principal issuerDNConf = new X509Principal(issuer);
+
+ if(serialNum.equalsIgnoreCase(serialNumber)
+ && X509PrincipalUtil.equals(issuerDN, issuerDNConf)){
+ alias = aliasCert;
+ find = true;
+ }
+ }
+ if (!find) {
+ throw new SAMLEngineException("Certificate cannot be found in keystore ");
+ }
+ certificate = (X509Certificate) storkOwnKeyStore.getCertificate(alias);
+ final PrivateKey privateKey = (PrivateKey) storkOwnKeyStore.getKey(
+ alias, properties.getProperty("keyPassword").toCharArray());
+
+ LOG.info("Recover BasicX509Credential.");
+ final BasicX509Credential credential = new BasicX509Credential();
+
+ LOG.debug("Load certificate");
+ credential.setEntityCertificate(certificate);
+
+ LOG.debug("Load privateKey");
+ credential.setPrivateKey(privateKey);
+
+ LOG.debug("Begin signature with openSaml");
+ final Signature signature = (Signature) Configuration
+ .getBuilderFactory().getBuilder(
+ Signature.DEFAULT_ELEMENT_NAME).buildObject(
+ Signature.DEFAULT_ELEMENT_NAME);
+
+ signature.setSigningCredential(credential);
+ signature.setSignatureAlgorithm(
+ SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA256);
+
+
+ final SecurityConfiguration secConfiguration = Configuration
+ .getGlobalSecurityConfiguration();
+ final NamedKeyInfoGeneratorManager keyInfoManager = secConfiguration
+ .getKeyInfoGeneratorManager();
+ final KeyInfoGeneratorManager keyInfoGenManager = keyInfoManager
+ .getDefaultManager();
+ final KeyInfoGeneratorFactory keyInfoGenFac = keyInfoGenManager
+ .getFactory(credential);
+ final KeyInfoGenerator keyInfoGenerator = keyInfoGenFac
+ .newInstance();
+
+ KeyInfo keyInfo = keyInfoGenerator.generate(credential);
+
+ signature.setKeyInfo(keyInfo);
+ signature.setCanonicalizationAlgorithm(
+ SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS);
+
+ //Create a second signature which will be used when signing assertion and response
+ final Signature signature2 = (Signature) Configuration
+ .getBuilderFactory().getBuilder(
+ Signature.DEFAULT_ELEMENT_NAME).buildObject(
+ Signature.DEFAULT_ELEMENT_NAME);
+ final SecurityConfiguration secConfiguration2 = Configuration
+ .getGlobalSecurityConfiguration();
+ final NamedKeyInfoGeneratorManager keyInfoManager2 = secConfiguration2
+ .getKeyInfoGeneratorManager();
+ final KeyInfoGeneratorManager keyInfoGenManager2 = keyInfoManager2
+ .getDefaultManager();
+ final KeyInfoGeneratorFactory keyInfoGenFac2 = keyInfoGenManager2
+ .getFactory(credential);
+ final KeyInfoGenerator keyInfoGenerator2 = keyInfoGenFac2
+ .newInstance();
+
+ KeyInfo keyInfo2 = keyInfoGenerator2.generate(credential);
+ signature2.setSigningCredential(credential);
+ signature2.setSignatureAlgorithm(
+ SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA256);
+ signature2.setKeyInfo(keyInfo2);
+ signature2.setCanonicalizationAlgorithm(
+ SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS);
+
+
+ LOG.info("Marshall samlToken.");
+ String qn = tokenSaml.getElementQName().toString();
+
+ if (qn.endsWith(CustomAttributeQuery.DEFAULT_ELEMENT_LOCAL_NAME))
+ {
+ tokenSaml.setSignature(signature);
+ CustomAttributeQueryMarshaller mars = new CustomAttributeQueryMarshaller();
+ mars.marshall(tokenSaml);
+ Signer.signObject(signature);
+ }
+ else if (qn.endsWith(Response.DEFAULT_ELEMENT_LOCAL_NAME) && !qn.contains(LogoutResponse.DEFAULT_ELEMENT_LOCAL_NAME))
+ {
+ Response res = (Response)tokenSaml;
+ List<Assertion> asserts = res.getAssertions();
+ //If multiple assertions we just sign the response and not the assertion
+ if (asserts.size() > 1)
+ {
+ tokenSaml.setSignature(signature);
+ Configuration.getMarshallerFactory().getMarshaller(tokenSaml)
+ .marshall(tokenSaml);
+ LOG.info("Sign samlToken.");
+ Signer.signObject(signature);
+ }
+ //If single assertion we sign the assertion and response
+ else
+ {
+ Assertion assertion = (Assertion)asserts.get(0);
+ assertion.setSignature(signature);
+ tokenSaml.setSignature(signature2);
+ Configuration.getMarshallerFactory().getMarshaller(tokenSaml)
+ .marshall(tokenSaml);
+ LOG.info("Sign samlToken.");
+ Signer.signObject(signature);
+ Signer.signObject(signature2);
+ }
+ }
+ //Normally we just sign the total saml response
+ else
+ {
+ tokenSaml.setSignature(signature);
+ Configuration.getMarshallerFactory().getMarshaller(tokenSaml)
+ .marshall(tokenSaml);
+ LOG.info("Sign samlToken.");
+ Signer.signObject(signature);
+ }
+
+
+ } catch (MarshallingException e) {
+ LOG.error("MarshallingException");
+ throw new SAMLEngineException(e);
+ } catch (NoSuchAlgorithmException e) {
+ LOG.error("A 'xmldsig#rsa-sha1' cryptographic algorithm is requested but is not available in the environment.");
+ throw new SAMLEngineException(e);
+ } catch (KeyStoreException e) {
+ LOG.error("Generic KeyStore exception.");
+ throw new SAMLEngineException(e);
+ } catch (SignatureException e) {
+ LOG.error("Signature exception.");
+ throw new SAMLEngineException(e);
+ } catch (SecurityException e) {
+ LOG.error("Security exception.");
+ throw new SAMLEngineException(e);
+ } catch (UnrecoverableKeyException e) {
+ LOG.error("UnrecoverableKey exception.");
+ throw new SAMLEngineException(e);
+ }
+
+ return tokenSaml;
+ }
+
+ /**
+ * @see eu.stork.peps.auth.engine.core.SAMLEngineSignI#validateSignature(org.opensaml.common.SignableSAMLObject)
+ * @param tokenSaml token SAML
+ * @return the SAMLObject validated.
+ * @throws SAMLEngineException error validate signature
+ */
+ public final SAMLObject validateSignature(final SignableSAMLObject tokenSaml)
+ throws SAMLEngineException {
+ LOG.info("Start signature validation.");
+ try {
+
+ // Validate structure signature
+ final SAMLSignatureProfileValidator sigProfValidator =
+ new SAMLSignatureProfileValidator();
+ try {
+ // Indicates signature id conform to SAML Signature profile
+ sigProfValidator.validate(tokenSaml.getSignature());
+ } catch (ValidationException e) {
+ LOG.error("ValidationException: signature isn't conform to SAML Signature profile.");
+ throw new SAMLEngineException(e);
+ }
+
+ String aliasCert = null;
+ X509Certificate certificate;
+
+ /*final List<Credential> trustCred = new ArrayList<Credential>();
+
+ for (final Enumeration<String> e = storkOwnKeyStore.aliases(); e
+ .hasMoreElements();) {
+ aliasCert = e.nextElement();
+ final BasicX509Credential credential = new BasicX509Credential();
+ certificate = (X509Certificate) storkOwnKeyStore
+ .getCertificate(aliasCert);
+ credential.setEntityCertificate(certificate);
+ trustCred.add(credential);
+ }*/
+
+ final KeyInfo keyInfo = tokenSaml.getSignature().getKeyInfo();
+
+ final org.opensaml.xml.signature.X509Certificate xmlCert = keyInfo
+ .getX509Datas().get(0).getX509Certificates().get(0);
+
+ final CertificateFactory certFact = CertificateFactory
+ .getInstance("X.509");
+ final ByteArrayInputStream bis = new ByteArrayInputStream(Base64
+ .decode(xmlCert.getValue()));
+ final X509Certificate cert = (X509Certificate) certFact
+ .generateCertificate(bis);
+
+ // Exist only one certificate
+ final BasicX509Credential entityX509Cred = new BasicX509Credential();
+ entityX509Cred.setEntityCertificate(cert);
+
+ try {
+ cert.checkValidity();
+ }
+ catch (CertificateExpiredException exp) {
+ throw new SAMLEngineException("Certificate expired.");
+ }
+ catch (CertificateNotYetValidException exp) {
+ throw new SAMLEngineException("Certificate not yet valid.");
+ }
+
+ boolean trusted = false;
+
+ for (final Enumeration<String> e = storkOwnKeyStore.aliases(); e.hasMoreElements();)
+ {
+ aliasCert = e.nextElement();
+ certificate = (X509Certificate) storkOwnKeyStore.getCertificate(aliasCert);
+ try {
+ cert.verify(certificate.getPublicKey());
+ trusted = true;
+ break;
+ }
+ catch (Exception ex) {
+ //Do nothing - cert not trusted yet
+ }
+ }
+
+ if (!trusted)
+ throw new SAMLEngineException("Certificate is not trusted.");
+
+ /*
+ // Validate trust certificates
+ final ExplicitX509CertificateTrustEvaluator chainTrustEvaluator = new ExplicitX509CertificateTrustEvaluator();
+
+ if (!chainTrustEvaluator.validate(entityX509Cred, trustCred)) {
+ throw new SAMLEngineException("Certificate is not trusted.");
+ }
+ /*final ExplicitKeyTrustEvaluator keyTrustEvaluator =
+ new ExplicitKeyTrustEvaluator();
+
+ if (!keyTrustEvaluator.validate(entityX509Cred, trustCred)) {
+ throw new SAMLEngineException("Certificate is not trusted.");
+ }*/
+
+ // Validate signature
+ final SignatureValidator sigValidator = new SignatureValidator(
+ entityX509Cred);
+ sigValidator.validate(tokenSaml.getSignature());
+
+ } catch (ValidationException e) {
+ LOG.error("ValidationException.");
+ throw new SAMLEngineException(e);
+ } catch (KeyStoreException e) {
+ LOG.error("KeyStoreException.", e);
+ throw new SAMLEngineException(e);
+ } catch (GeneralSecurityException e) {
+ LOG.error("GeneralSecurityException.", e);
+ throw new SAMLEngineException(e);
+ }
+ LOG.info(tokenSaml.getSignatureReferenceID());
+ LOG.info("Start signature validation - END." );
+ return tokenSaml;
+ }
+
+
+ /**
+ * Load cryptographic service provider.
+ *
+ * @throws SAMLEngineException the SAML engine exception
+ */
+ public final void loadCryptServiceProvider() throws SAMLEngineException {
+ LOG.info("Load Cryptographic Service Provider");
+ FileInputStream fis = null;
+ try {
+ // Dynamically register Bouncy Castle provider.
+ boolean found = false;
+ // Check if BouncyCastle is already registered as a provider
+ final Provider[] providers = Security.getProviders();
+ for (int i = 0; i < providers.length; i++) {
+ if (providers[i].getName().equals(
+ BouncyCastleProvider.PROVIDER_NAME)) {
+ found = true;
+ }
+ }
+
+ // Register only if the provider has not been previously registered
+ if (!found) {
+ LOG.info("SAMLCore: Register Bouncy Castle provider.");
+ Security.insertProviderAt(new BouncyCastleProvider(), Security
+ .getProviders().length);
+ }
+
+ storkOwnKeyStore = KeyStore.getInstance(properties
+ .getProperty(KEYSTORE_TYPE));
+
+ LOG.info("Loading KeyInfo from keystore file " + properties.getProperty("keystorePath"));
+ fis = new FileInputStream(properties
+ .getProperty("keystorePath"));
+
+ storkOwnKeyStore.load(fis, properties.getProperty(
+ KEY_STORE_PASS).toCharArray());
+
+ } catch (Exception e) {
+ LOG.error("Error loading CryptographicServiceProvider", e);
+ throw new SAMLEngineException(
+ "Error loading CryptographicServiceProvider", e);
+ } finally {
+ IOUtils.closeQuietly(fis);
+ }
+ }
+}
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/VIDPAuthenticationAttributesBuilder.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/VIDPAuthenticationAttributesBuilder.java
new file mode 100644
index 000000000..a60515593
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/VIDPAuthenticationAttributesBuilder.java
@@ -0,0 +1,41 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.auth.engine.core.impl;
+
+import org.opensaml.common.impl.AbstractSAMLObjectBuilder;
+
+import eu.stork.peps.auth.engine.core.SAMLCore;
+import eu.stork.peps.auth.engine.core.VIDPAuthenticationAttributes;
+
+/**
+ * The Class VIDPAuthenticationAttributesBuilder.
+ *
+ * @author fjquevedo
+ */
+public final class VIDPAuthenticationAttributesBuilder extends AbstractSAMLObjectBuilder<VIDPAuthenticationAttributes> {
+
+
+ /** {@inheritDoc} */
+ public VIDPAuthenticationAttributes buildObject() {
+ return buildObject(SAMLCore.STORK10P_NS.getValue(), VIDPAuthenticationAttributes.DEF_LOCAL_NAME, SAMLCore.STORK10P_PREFIX.getValue());
+ }
+
+ /** {@inheritDoc} */
+ public VIDPAuthenticationAttributes buildObject(final String namespaceURI, final String localName, final String namespacePrefix) {
+ return new VIDPAuthenticationAttributesImpl(namespaceURI, localName, namespacePrefix);
+ }
+
+} \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/VIDPAuthenticationAttributesImpl.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/VIDPAuthenticationAttributesImpl.java
new file mode 100644
index 000000000..a6e7e7f60
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/VIDPAuthenticationAttributesImpl.java
@@ -0,0 +1,132 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.auth.engine.core.impl;
+
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.List;
+
+import org.opensaml.common.impl.AbstractSignableSAMLObject;
+import org.opensaml.xml.XMLObject;
+
+import eu.stork.peps.auth.engine.core.CitizenCountryCode;
+import eu.stork.peps.auth.engine.core.SPInformation;
+import eu.stork.peps.auth.engine.core.VIDPAuthenticationAttributes;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+/**
+ * The Class VIDPAuthenticationAttributesImpl.
+ *
+ * @author fjquevedo
+ */
+public final class VIDPAuthenticationAttributesImpl extends AbstractSignableSAMLObject implements
+VIDPAuthenticationAttributes {
+
+ private static final Logger LOGGER = LoggerFactory.getLogger(VIDPAuthenticationAttributesImpl.class.getName());
+ /** The citizen country code. */
+ private CitizenCountryCode citizenCountryCode;
+
+ /** The SP information. */
+ private SPInformation spInformation;
+
+ /**
+ * Instantiates a new requested attributes implement.
+ *
+ * @param namespaceURI the namespace URI
+ * @param elementLocalName the element local name
+ * @param namespacePrefix the namespace prefix
+ */
+ protected VIDPAuthenticationAttributesImpl(final String namespaceURI,
+ final String elementLocalName, final String namespacePrefix) {
+ super(namespaceURI, elementLocalName, namespacePrefix);
+ }
+
+
+ /**
+ * getCitizenCountryCode.
+ *
+ * @return the citizen country code
+ */
+ public CitizenCountryCode getCitizenCountryCode() {
+ return citizenCountryCode;
+ }
+
+ /**
+ * getSPInformation
+ *
+ * @return the SP information
+ */
+ public SPInformation getSPInformation() {
+ return spInformation;
+ }
+
+ /**
+ * Gets the ordered children.
+ *
+ * @return the ordered children
+ *
+ */
+ public List<XMLObject> getOrderedChildren() {
+ final ArrayList<XMLObject> children = new ArrayList<XMLObject>();
+
+ children.add(citizenCountryCode);
+ children.add(spInformation);
+
+ if (getSignature() != null) {
+ children.add(getSignature());
+ }
+
+ return Collections.unmodifiableList(children);
+
+ }
+
+ /**
+ * Gets the signature reference id.
+ *
+ * @return the signature reference id
+ *
+ */
+ public String getSignatureReferenceID() {
+ return null;
+ }
+
+ /**
+ * Sets the citizen country code.
+ *
+ * @param newCitizenCountryCode the new citizen country code
+ *
+ */
+ public void setCitizenCountryCode(CitizenCountryCode newCitizenCountryCode) {
+ this.citizenCountryCode = prepareForAssignment(this.citizenCountryCode, newCitizenCountryCode);
+ }
+
+ /**
+ * Sets the SP information.
+ *
+ * @param newSPInformation the new SP information
+ *
+ */
+ public void setSPInformation(SPInformation newSPInformation) {
+ this.spInformation = prepareForAssignment(this.spInformation, newSPInformation);
+ }
+
+ @Override
+ public int hashCode() {
+ LOGGER.warn("Hashcode has been called, passed to super. Nothing foreseen here");
+ return super.hashCode();
+ }
+}
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/VIDPAuthenticationAttributesMarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/VIDPAuthenticationAttributesMarshaller.java
new file mode 100644
index 000000000..5635ddd6b
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/VIDPAuthenticationAttributesMarshaller.java
@@ -0,0 +1,33 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.auth.engine.core.impl;
+
+import org.opensaml.common.impl.AbstractSAMLObjectMarshaller;
+
+/**
+ * The Class VIDPAuthenticationAttributesMarshaller.
+ *
+ * @author fjquevedo
+ */
+public class VIDPAuthenticationAttributesMarshaller extends AbstractSAMLObjectMarshaller {
+
+ /**
+ * Instantiates a new vIDP authentication attributes marshaller.
+ */
+ public VIDPAuthenticationAttributesMarshaller() {
+ super();
+ }
+}
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/VIDPAuthenticationAttributesUnmarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/VIDPAuthenticationAttributesUnmarshaller.java
new file mode 100644
index 000000000..1de300c03
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/VIDPAuthenticationAttributesUnmarshaller.java
@@ -0,0 +1,55 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.auth.engine.core.impl;
+
+import org.opensaml.common.impl.AbstractSAMLObjectUnmarshaller;
+import org.opensaml.xml.XMLObject;
+import org.opensaml.xml.io.UnmarshallingException;
+
+import eu.stork.peps.auth.engine.core.CitizenCountryCode;
+import eu.stork.peps.auth.engine.core.SPInformation;
+import eu.stork.peps.auth.engine.core.VIDPAuthenticationAttributes;
+
+/**
+ * The Class VIDPAuthenticationAttributesUnmarshaller.
+ *
+ * @author fjquevedo
+ */
+public class VIDPAuthenticationAttributesUnmarshaller extends
+ AbstractSAMLObjectUnmarshaller {
+
+ /**
+ * Process child element.
+ *
+ * @param parentObject the parent object
+ * @param childObject the child object
+ *
+ * @throws UnmarshallingException the unmarshalling exception
+ *
+ */
+ protected final void processChildElement(final XMLObject parentObject,
+ final XMLObject childObject) throws UnmarshallingException {
+ final VIDPAuthenticationAttributes vIDPAuthenticationAttr = (VIDPAuthenticationAttributes) parentObject;
+
+ if (childObject instanceof CitizenCountryCode) {
+ vIDPAuthenticationAttr.setCitizenCountryCode((CitizenCountryCode) childObject);
+ } else if (childObject instanceof SPInformation) {
+ vIDPAuthenticationAttr.setSPInformation((SPInformation) childObject);
+ } else {
+ super.processChildElement(parentObject, childObject);
+ }
+ }
+}
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/package-info.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/package-info.java
new file mode 100644
index 000000000..e26da6d04
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/package-info.java
@@ -0,0 +1,19 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+/**
+ * Implementations of STORK 1.0 core specification types and elements.
+ */
+package eu.stork.peps.auth.engine.core.impl; \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/package-info.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/package-info.java
new file mode 100644
index 000000000..3393dcf78
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/package-info.java
@@ -0,0 +1,19 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+/**
+ * Interfaces for STORK 1.0 core specification types and elements.
+ */
+package eu.stork.peps.auth.engine.core; \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/CustomAttributeQueryValidator.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/CustomAttributeQueryValidator.java
new file mode 100644
index 000000000..beceac57f
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/CustomAttributeQueryValidator.java
@@ -0,0 +1,57 @@
+package eu.stork.peps.auth.engine.core.validator;
+
+import java.util.List;
+
+import org.opensaml.saml2.common.Extensions;
+import org.opensaml.saml2.core.SubjectQuery;
+import org.opensaml.xml.XMLObject;
+import org.opensaml.xml.util.DatatypeHelper;
+import org.opensaml.xml.validation.ValidationException;
+import org.opensaml.xml.validation.Validator;
+
+import eu.stork.peps.auth.engine.core.CustomAttributeQuery;
+import eu.stork.peps.auth.engine.core.QAAAttribute;
+
+public class CustomAttributeQueryValidator implements Validator<CustomAttributeQuery> {
+
+ /*
+ * Validate action.
+ *
+ * @param qaa the quality authentication assurance level attribute
+ *
+ * @throws ValidationException the validation exception
+ */
+ public final void validate(final CustomAttributeQuery attrQuery) throws ValidationException {
+ validateAssertion(attrQuery);
+ validateSubject(attrQuery);
+ validateDestination(attrQuery);
+ }
+
+
+ /**
+ * Validate assertion.
+ *
+ * @param attrQuery the attribute query
+ *
+ * @throws ValidationException the validation exception
+ */
+ protected final void validateAssertion(final CustomAttributeQuery attrQuery)
+ throws ValidationException {
+ if (DatatypeHelper.isEmpty(attrQuery.getAssertionConsumerServiceURL())) {
+ throw new ValidationException("Consumer Service URL must be specified.");
+ }
+ }
+
+ //Validate subject
+ protected void validateSubject(CustomAttributeQuery query) throws ValidationException {
+ if (query.getSubject() == null)
+ throw new ValidationException("Subject is required");
+ }
+
+ //Validate destination
+ protected void validateDestination(CustomAttributeQuery query) throws ValidationException {
+ if (query.getDestination() == null)
+ throw new ValidationException("Destination is required");
+ }
+
+}
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/ExtensionsSchemaValidator.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/ExtensionsSchemaValidator.java
new file mode 100644
index 000000000..760d9c188
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/ExtensionsSchemaValidator.java
@@ -0,0 +1,61 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.auth.engine.core.validator;
+
+import java.util.List;
+
+import org.opensaml.saml2.common.Extensions;
+import org.opensaml.xml.XMLObject;
+import org.opensaml.xml.validation.ValidationException;
+import org.opensaml.xml.validation.Validator;
+
+import eu.stork.peps.auth.engine.core.QAAAttribute;
+
+/**
+ * The Class ExtensionsSchemaValidator.
+ *
+ * @author fjquevedo
+ */
+public class ExtensionsSchemaValidator implements Validator<Extensions> {
+
+
+ /**
+ * validate the extensions.
+ *
+ * @param extensions the extensions
+ *
+ * @throws ValidationException the validation exception
+ */
+ public final void validate(final Extensions extensions)
+ throws ValidationException {
+ if (extensions.getUnknownXMLObjects() == null
+ || extensions.getUnknownXMLObjects().size() <= 0) {
+ throw new ValidationException("Extension element is empty or not exist.");
+ }
+
+ List<XMLObject> qaa = extensions.getUnknownXMLObjects(QAAAttribute.DEF_ELEMENT_NAME);
+
+ if (qaa.size() == 1) {
+ final Validator<QAAAttribute> validatorQaa = new QAAAttributeSchemaValidator();
+ validatorQaa.validate((QAAAttribute) qaa.get(0));
+ } else {
+ throw new ValidationException(
+ "Extensions must contain only one element QAALevel.");
+ }
+
+ }
+
+}
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/QAAAttributeSchemaValidator.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/QAAAttributeSchemaValidator.java
new file mode 100644
index 000000000..be5dc8c34
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/QAAAttributeSchemaValidator.java
@@ -0,0 +1,65 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.auth.engine.core.validator;
+
+import org.opensaml.xml.util.DatatypeHelper;
+import org.opensaml.xml.validation.ValidationException;
+import org.opensaml.xml.validation.Validator;
+
+import eu.stork.peps.auth.engine.core.QAAAttribute;
+
+/**
+ * The Class QAAAttributeSchemaValidator.
+ *
+ * @author fjquevedo
+ */
+public class QAAAttributeSchemaValidator implements Validator<QAAAttribute> {
+
+
+ /**
+ * Validate action.
+ *
+ * @param qaa the quality authentication assurance level attribute
+ *
+ * @throws ValidationException the validation exception
+ */
+ public final void validate(final QAAAttribute qaa) throws ValidationException {
+ validateAction(qaa);
+ }
+
+
+ /**
+ * Validate action.
+ *
+ * @param qaaAttribute the quality authentication assurance level attribute.
+ *
+ * @throws ValidationException the validation exception
+ */
+ protected final void validateAction(final QAAAttribute qaaAttribute)
+ throws ValidationException {
+ if (DatatypeHelper.isEmpty(qaaAttribute.getQaaLevel())) {
+ throw new ValidationException("QAALevel label must be specified.");
+ }
+
+ final int qaa = Integer.valueOf(qaaAttribute.getQaaLevel());
+
+ if (qaa < QAAAttribute.MIN_VALUE || qaa > QAAAttribute.MAX_VALUE) {
+ throw new ValidationException(
+ "QAALevel label must be greater than 0.");
+ }
+ }
+
+}
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/package-info.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/package-info.java
new file mode 100644
index 000000000..b98cf7157
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/package-info.java
@@ -0,0 +1,19 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+/**
+ * Validation rules for STORK 1.0 core types and elements.
+ */
+package eu.stork.peps.auth.engine.core.validator; \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/package-info.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/package-info.java
new file mode 100644
index 000000000..d3e353e51
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/package-info.java
@@ -0,0 +1,19 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+/**
+ * Provides the classes necessary to create a SAML message.
+ */
+package eu.stork.peps.auth.engine; \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/ConfigurationCreator.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/ConfigurationCreator.java
new file mode 100644
index 000000000..b40e3f7dd
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/ConfigurationCreator.java
@@ -0,0 +1,136 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.configuration;
+
+import java.io.FileInputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.util.HashMap;
+import java.util.InvalidPropertiesFormatException;
+import java.util.Map;
+import java.util.Properties;
+
+import org.apache.commons.io.IOUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import eu.stork.peps.exceptions.STORKSAMLEngineException;
+
+/**
+ * The Class InstanceCreator.
+ *
+ * @author fjquevedo
+ */
+public final class ConfigurationCreator {
+
+ /** The Constant LOGGER. */
+ private static final Logger LOGGER = LoggerFactory
+ .getLogger(ConfigurationCreator.class.getName());
+
+ /**
+ * Creates the configuration.
+ *
+ * @param instanceConfs the instance configuration
+ *
+ * @return the map< string, map< string, object>>
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ public static Map<String, Map<String, Object>> createConfiguration(
+ final Map<String, InstanceEngine> instanceConfs) throws STORKSAMLEngineException {
+
+ final HashMap<String, Map<String, Object>> instances =
+ new HashMap<String, Map<String, Object>>();
+
+ LOGGER.info("Create configuration.");
+ try {
+ // Only create instances for SAMLEngine configuration.
+ // INSTANCE
+ for (Map.Entry<String, InstanceEngine> entry : instanceConfs
+ .entrySet()) {
+ final InstanceEngine iEngine = entry.getValue();
+
+ final Map<String, Object> intance = new HashMap<String, Object>();
+
+ // CONFIGURATION
+ for (ConfigurationEngine configuration : iEngine
+ .getConfiguration()) {
+ // Properties only for configuration SamlEngine.
+ if (configuration.getName().equalsIgnoreCase(
+ "SamlEngineConf")) {
+ intance.put(configuration.getName(),
+ getNewInstance(configuration.getParameters()
+ .get("fileConfiguration")));
+ } else {
+ intance.put(configuration.getName(), configuration
+ .getParameters());
+ }
+ }
+ instances.put(entry.getKey(), intance);
+ }
+ } catch (STORKSAMLEngineException ex) {
+ LOGGER.error("Can not create instance from file configuration.");
+ throw new STORKSAMLEngineException(ex);
+ }
+ return instances;
+ }
+
+
+ /**
+ * Gets the new instance.
+ *
+ * @param fileName the file name
+ *
+ * @return the properties from the new instance
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine
+ * runtime exception
+ */
+ private static Properties getNewInstance(final String fileName)
+ throws STORKSAMLEngineException {
+ LOGGER.info("Create file configuration properties to Stork Saml Engine.");
+ InputStream fileEngineProp = null;
+ try {
+ // fetch base from system properties, give a default if there is nothing configured
+ String base = System.getProperty("eu.stork.samlengine.config.location");
+ if(null != base)
+ if(!base.endsWith("/"))
+ base += "/";
+
+ if(null != base)
+ fileEngineProp = new FileInputStream(base + fileName);
+ else
+ fileEngineProp = ConfigurationCreator.class.getResourceAsStream("/" + fileName);
+ final Properties configuration = new Properties();
+ configuration.loadFromXML(fileEngineProp);
+ return configuration;
+ } catch (InvalidPropertiesFormatException e) {
+ LOGGER.error("Invalid properties format.");
+ throw new STORKSAMLEngineException(e);
+ } catch (IOException e) {
+ LOGGER.error("Error read file: " + fileName);
+ throw new STORKSAMLEngineException(e);
+ } finally {
+ IOUtils.closeQuietly(fileEngineProp);
+ }
+ }
+
+ /**
+ * Instantiates a new instance creator.
+ */
+ private ConfigurationCreator() {
+ }
+} \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/ConfigurationEngine.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/ConfigurationEngine.java
new file mode 100644
index 000000000..910f4398e
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/ConfigurationEngine.java
@@ -0,0 +1,69 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.configuration;
+
+import java.util.Map;
+
+/**
+ * The Class ConfigurationEngine.
+ *
+ * @author fjquevedo
+ */
+public class ConfigurationEngine {
+
+ /** The name of the configuration file. */
+ private String name;
+
+ /** The parameters. */
+ private Map<String, String> parameters;
+
+ /**
+ * Gets the name.
+ *
+ * @return the name
+ */
+ public final String getName() {
+ return name;
+ }
+
+ /**
+ * Gets the parameters.
+ *
+ * @return the parameters
+ */
+ public final Map<String, String> getParameters() {
+ return parameters;
+ }
+
+ /**
+ * Sets the name.
+ *
+ * @param newName the new name
+ */
+ public final void setName(final String newName) {
+ this.name = newName;
+ }
+
+ /**
+ * Sets the parameters.
+ *
+ * @param newParameters the parameters
+ */
+ public final void setParameters(final Map<String, String> newParameters) {
+ this.parameters = newParameters;
+ }
+
+}
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/ConfigurationReader.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/ConfigurationReader.java
new file mode 100644
index 000000000..e9b067e76
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/ConfigurationReader.java
@@ -0,0 +1,233 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.configuration;
+
+import java.io.FileInputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.util.HashMap;
+import java.util.Map;
+
+import javax.xml.XMLConstants;
+import javax.xml.parsers.DocumentBuilder;
+import javax.xml.parsers.DocumentBuilderFactory;
+import javax.xml.parsers.ParserConfigurationException;
+
+import org.apache.commons.io.IOUtils;
+import org.apache.commons.lang.StringUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import org.w3c.dom.Document;
+import org.w3c.dom.Element;
+import org.w3c.dom.NodeList;
+import org.xml.sax.SAXException;
+
+import eu.stork.peps.exceptions.SAMLEngineException;
+import eu.stork.peps.exceptions.STORKSAMLEngineRuntimeException;
+
+/**
+ * The Class ConfigurationReader.
+ *
+ * @author fjquevedo
+ */
+public final class ConfigurationReader {
+
+ /** The Constant SAML_ENGINE_CONFIGURATION_FILE. */
+ private static final String ENGINE_CONF_FILE = "SamlEngine.xml";
+
+ /** The Constant LOGGER. */
+ private static final Logger LOGGER = LoggerFactory
+ .getLogger(ConfigurationReader.class.getName());
+
+ /** The Constant NODE_CONFIGURATION. */
+ private static final String NODE_CONF = "configuration";
+
+ /** The Constant NODE_CONFIGURATION_NAME. */
+ private static final String NODE_CONF_NAME = "name";
+
+ /** The Constant NODE_INSTANCE_NAME. */
+ private static final String NODE_INST_NAME = "name";
+
+ /** The Constant NODE_INSTANCE. */
+ private static final String NODE_INSTANCE = "instance";
+
+ /** The Constant NODE_CONFIGURATION_NAME. */
+ private static final String NODE_PARAM_NAME = "name";
+
+ /** The Constant NODE_CONFIGURATION_NAME. */
+ private static final String NODE_PARAM_VALUE = "value";
+
+ /** The Constant NODE_CONFIGURATION_NAME. */
+ private static final String NODE_PARAMETER = "parameter";
+
+ /**
+ * Generate parameters.
+ *
+ * @param configurationNode the configuration node
+ *
+ * @return the map< string, string>
+ */
+ private static Map<String, String> generateParam(
+ final Element configurationNode) {
+
+ final HashMap<String, String> parameters = new HashMap<String, String>();
+
+ final NodeList parameterNodes = configurationNode
+ .getElementsByTagName(NODE_PARAMETER);
+
+ String parameterName;
+ String parameterValue;
+
+ for (int k = 0; k < parameterNodes.getLength(); ++k) {
+ // for every parameter find, process.
+ final Element parameterNode = (Element) parameterNodes.item(k);
+ parameterName = parameterNode.getAttribute(NODE_PARAM_NAME);
+ parameterValue = parameterNode.getAttribute(NODE_PARAM_VALUE);
+
+ // verified the content.
+ if (StringUtils.isBlank(parameterName)
+ || StringUtils.isBlank(parameterValue)) {
+ throw new STORKSAMLEngineRuntimeException(
+ "Error reader parameters (name - value).");
+ } else {
+ parameters.put(parameterName.trim(), parameterValue.trim());
+ }
+ }
+ return parameters;
+ }
+
+ /**
+ * Read configuration.
+ *
+ * @return the map< string, instance engine>
+ *
+ * @throws SAMLEngineException the STORKSAML engine runtime
+ * exception
+ */
+ public static Map<String, InstanceEngine> readConfiguration()
+ throws SAMLEngineException {
+
+ // fetch base from system properties, give a default if there is nothing configured
+ String base = System.getProperty("eu.stork.samlengine.config.location");
+ if(null != base)
+ if(!base.endsWith("/"))
+ base += "/";
+
+ LOGGER.info("Init reader: " + base + ENGINE_CONF_FILE);
+ final Map<String, InstanceEngine> instanceConfs =
+ new HashMap<String, InstanceEngine>();
+
+ Document document = null;
+ // Load configuration file
+ final DocumentBuilderFactory factory = DocumentBuilderFactory
+ .newInstance();
+ DocumentBuilder builder;
+
+ InputStream engineConf = null;
+ try {
+
+ factory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true);
+
+ builder = factory.newDocumentBuilder();
+
+ if(null != base)
+ engineConf = new FileInputStream(base + ENGINE_CONF_FILE);
+ else
+ engineConf = ConfigurationReader.class.getResourceAsStream("/" + ENGINE_CONF_FILE);
+
+ document = builder.parse(engineConf);
+
+ // Read instance
+ final NodeList list = document.getElementsByTagName(NODE_INSTANCE);
+
+ for (int indexElem = 0; indexElem < list.getLength(); ++indexElem) {
+ final Element element = (Element) list.item(indexElem);
+
+ final InstanceEngine instanceConf = new InstanceEngine();
+
+ // read every configuration.
+ final String instanceName = element
+ .getAttribute(NODE_INST_NAME);
+
+ if (StringUtils.isBlank(instanceName)) {
+ throw new STORKSAMLEngineRuntimeException(
+ "Error reader instance name.");
+ }
+ instanceConf.setName(instanceName.trim());
+
+ final NodeList confNodes = element
+ .getElementsByTagName(NODE_CONF);
+
+ for (int indexNode = 0; indexNode < confNodes.getLength(); ++indexNode) {
+
+ final Element configurationNode = (Element) confNodes
+ .item(indexNode);
+
+ final String configurationName = configurationNode
+ .getAttribute(NODE_CONF_NAME);
+
+ if (StringUtils.isBlank(configurationName)) {
+ throw new STORKSAMLEngineRuntimeException(
+ "Error reader configuration name.");
+ }
+
+ final ConfigurationEngine confSamlEngine =
+ new ConfigurationEngine();
+
+ // Set configuration name.
+ confSamlEngine.setName(configurationName.trim());
+
+ // Read every parameter for this configuration.
+ final Map<String, String> parameters =
+ generateParam(configurationNode);
+
+ // Set parameters
+ confSamlEngine.setParameters(parameters);
+
+ // Add parameters to the configuration.
+ instanceConf.getConfiguration().add(confSamlEngine);
+ }
+
+ // Add to the list of configurations.
+ instanceConfs.put(element.getAttribute(NODE_INST_NAME),
+ instanceConf);
+ }
+
+ } catch (SAXException e) {
+ LOGGER.error("Error: init library parser.");
+ throw new SAMLEngineException(e);
+ } catch (ParserConfigurationException e) {
+ LOGGER.error("Error: parser configuration file xml.");
+ throw new SAMLEngineException(e);
+ } catch (IOException e) {
+ LOGGER.error("Error: read configuration file.");
+ throw new SAMLEngineException(e);
+ } finally {
+ IOUtils.closeQuietly(engineConf);
+ }
+
+ return instanceConfs;
+ }
+
+ /**
+ * Instantiates a new configuration reader.
+ */
+ private ConfigurationReader() {
+
+ }
+
+}
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/ConfigurationSingleton.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/ConfigurationSingleton.java
new file mode 100644
index 000000000..53cea621d
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/ConfigurationSingleton.java
@@ -0,0 +1,74 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.configuration;
+
+import java.util.Map;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import eu.stork.peps.exceptions.SAMLEngineException;
+import eu.stork.peps.exceptions.STORKSAMLEngineException;
+import eu.stork.peps.exceptions.STORKSAMLEngineRuntimeException;
+
+/**
+ * The Class InstanceCreator.
+ *
+ * @author fjquevedo
+ */
+public final class ConfigurationSingleton {
+
+ /** The instance of every engine SAML. */
+ private static Map<String, InstanceEngine> instanceConfigs;
+
+ /** The instances of SAML engine. */
+ private static Map<String, Map<String, Object>> instances;
+
+ /** The Constant LOGGER. */
+ private static final Logger LOGGER = LoggerFactory
+ .getLogger(ConfigurationSingleton.class.getName());
+
+ static {
+ LOGGER.debug("Read all file configurations. (instances of SAMLEngine)");
+ try {
+ instanceConfigs = ConfigurationReader.readConfiguration();
+ } catch (SAMLEngineException e) {
+ LOGGER.error("Error read configuration file.");
+ throw new STORKSAMLEngineRuntimeException(e);
+ }
+ }
+
+ /**
+ * Gets the new instance.
+ *
+ * @param fileName the file name
+ *
+ * @return the properties from the new instance
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine runtime exception
+ */
+ private static Map<String, Map<String, Object>> getInstance(
+ final String fileName) throws STORKSAMLEngineException {
+ return ConfigurationCreator.createConfiguration(instanceConfigs);
+ }
+
+ /**
+ * Instantiates a new instance creator.
+ */
+ private ConfigurationSingleton() {
+ }
+
+} \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/InstanceEngine.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/InstanceEngine.java
new file mode 100644
index 000000000..e0e2d1965
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/InstanceEngine.java
@@ -0,0 +1,70 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.configuration;
+
+import java.util.ArrayList;
+import java.util.List;
+
+/**
+ * The Class InstanceConfiguration.
+ *
+ * @author fjquevedo
+ */
+public class InstanceEngine {
+
+ /** The configuration. */
+ private List<ConfigurationEngine> configuration = new ArrayList<ConfigurationEngine>();
+
+ /** The name. */
+ private String name;
+
+ /**
+ * Gets the parameters.
+ *
+ * @return the parameters
+ */
+ public final List<ConfigurationEngine> getConfiguration() {
+ return this.configuration;
+ }
+
+ /**
+ * Gets the name.
+ *
+ * @return the name
+ */
+ public final String getName() {
+ return name;
+ }
+
+ /**
+ * Sets the parameters.
+ *
+ * @param newConfiguration the new parameters
+ */
+ public final void setConfiguration(final List<ConfigurationEngine> newConfiguration) {
+ this.configuration = newConfiguration;
+ }
+
+ /**
+ * Sets the name.
+ *
+ * @param newName the new name
+ */
+ public final void setName(final String newName) {
+ this.name = newName;
+ }
+
+}
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/package-info.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/package-info.java
new file mode 100644
index 000000000..6d0b54297
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/package-info.java
@@ -0,0 +1,19 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+/**
+ * Provides the classes necessary to create a SAML message instance.
+ */
+package eu.stork.peps.configuration;
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/exceptions/SAMLEngineException.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/exceptions/SAMLEngineException.java
new file mode 100644
index 000000000..366379ad0
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/exceptions/SAMLEngineException.java
@@ -0,0 +1,57 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.exceptions;
+
+/**
+ * The Class SAMLEngineException.
+ *
+ * @author fjquevedo
+ */
+public class SAMLEngineException extends Exception {
+
+ /** The Constant serialVersionUID. */
+ private static final long serialVersionUID = 2611361164977849837L;
+
+ /**
+ * Instantiates a new SAMLEngine exception.
+ *
+ * @param wrappedException the wrapped exception
+ */
+ public SAMLEngineException(final Exception wrappedException) {
+ super(wrappedException);
+ }
+
+ /**
+ * Instantiates a new SAMLEngine exception.
+ *
+ * @param message the message
+ */
+ public SAMLEngineException(final String message) {
+ super(message);
+ }
+
+ /**
+ * Instantiates a new SAMLEngine exception.
+ *
+ * @param message the message
+ * @param wrappedException the wrapped exception
+ */
+ public SAMLEngineException(final String message,
+ final Exception wrappedException) {
+ super(message, wrappedException);
+ }
+
+}
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/exceptions/STORKSAMLEngineException.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/exceptions/STORKSAMLEngineException.java
new file mode 100644
index 000000000..bddcbd1b3
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/exceptions/STORKSAMLEngineException.java
@@ -0,0 +1,135 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.exceptions;
+
+/**
+ * The Class STORKSAMLEngineException.
+ *
+ * @author fjquevedo
+ */
+public class STORKSAMLEngineException extends Exception {
+
+ /** The Constant serialVersionUID. */
+ private static final long serialVersionUID = -8319723167019122930L;
+
+ /** The error code. */
+ private String errorCode;
+
+ /** The error detail. */
+ private String errorDetail;
+
+ /**
+ * Instantiates a new sTORKSAML engine exception.
+ *
+ * @param wrappedException the wrapped exception
+ */
+ public STORKSAMLEngineException(final Exception wrappedException) {
+ super(wrappedException);
+ }
+
+ /**
+ * Instantiates a new sTORKSAML engine exception.
+ *
+ * @param errorMessage the error message
+ */
+ public STORKSAMLEngineException(final String errorMessage) {
+ super(errorMessage);
+ }
+
+ /**
+ * Instantiates a new sTORKSAML engine exception.
+ *
+ * @param message the message
+ * @param wrappedException the wrapped exception
+ */
+ public STORKSAMLEngineException(final String message,
+ final Exception wrappedException) {
+ super(message, wrappedException);
+ }
+
+ /**
+ * Instantiates a new sTORKSAML engine exception.
+ *
+ * @param newErrorCode the error code
+ * @param errorMessage the error message
+ * @param newErrorDetail the error detail
+ */
+ public STORKSAMLEngineException(final String newErrorCode,
+ final String errorMessage, final String newErrorDetail) {
+ super(errorMessage);
+ this.errorCode = newErrorCode;
+ this.errorDetail = newErrorDetail;
+ }
+
+ /**
+ * Gets the error code.
+ *
+ * @return the error code
+ */
+ public final String getErrorCode() {
+ return this.errorCode;
+ }
+
+ /**
+ * Gets the error detail.
+ *
+ * @return the error detail
+ */
+ public final String getErrorDetail() {
+ return errorDetail;
+ }
+
+ /**
+ * Gets the error message.
+ *
+ * @return the error message
+ */
+ public final String getErrorMessage() {
+ return super.getMessage();
+ }
+
+
+ /**
+ * Gets the message.
+ *
+ * @return the message of the exception.
+ *
+ * @see java.lang.Throwable#getMessage()
+ */
+ public final String getMessage() {
+ return "Error (no. " + errorCode + ") processing request : "
+ + super.getMessage();
+ }
+
+ /**
+ * Sets the error code.
+ *
+ * @param newErrorCode the new error code
+ */
+ public final void setErrorCode(final String newErrorCode) {
+ this.errorCode = newErrorCode;
+ }
+
+ /**
+ * Sets the error detail.
+ *
+ * @param newErrorDetail the new error detail
+ */
+ public final void setErrorDetail(final String newErrorDetail) {
+ this.errorDetail = newErrorDetail;
+ }
+
+}
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/exceptions/STORKSAMLEngineRuntimeException.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/exceptions/STORKSAMLEngineRuntimeException.java
new file mode 100644
index 000000000..30b9b49b4
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/exceptions/STORKSAMLEngineRuntimeException.java
@@ -0,0 +1,56 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.exceptions;
+
+/**
+ * The Class STORKSAMLEngineRuntimeException.
+ *
+ * @author fjquevedo
+ */
+public class STORKSAMLEngineRuntimeException extends RuntimeException {
+
+ /** The Constant serialVersionUID. */
+ private static final long serialVersionUID = 5829810358581493517L;
+
+ /**
+ * Instantiates a new sTORKSAML engine runtime exception.
+ *
+ * @param wrappedException the wrapped exception
+ */
+ public STORKSAMLEngineRuntimeException(final Exception wrappedException) {
+ super(wrappedException);
+ }
+
+ /**
+ * Creates a new instance of application exception.
+ *
+ * @param cause the exception cause.
+ */
+ public STORKSAMLEngineRuntimeException(final String cause) {
+ super(cause);
+ }
+
+ /**
+ * Instantiates a new sTORKSAML engine runtime exception.
+ *
+ * @param message the message
+ * @param wrappedException the wrapped exception
+ */
+ public STORKSAMLEngineRuntimeException(final String message,
+ final Exception wrappedException) {
+ super(message, wrappedException);
+ }
+} \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/exceptions/package-info.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/exceptions/package-info.java
new file mode 100644
index 000000000..0c34528fc
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/exceptions/package-info.java
@@ -0,0 +1,19 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+/**
+ * Provides the classes for STORK exceptions management.
+ */
+package eu.stork.peps.exceptions; \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/test/resources/SamlEngine.xml b/id/server/stork2-saml-engine/src/test/resources/SamlEngine.xml
new file mode 100644
index 000000000..48fd9adff
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/test/resources/SamlEngine.xml
@@ -0,0 +1,21 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<instances>
+
+
+ <!-- Configuration name-->
+ <instance name="outgoing">
+ <!-- Configurations parameters StorkSamlEngine -->
+ <configuration name="SamlEngineConf">
+ <parameter name="fileConfiguration" value="StorkSamlEngine_outgoing.xml" />
+ </configuration>
+
+ <!-- Settings module signature-->
+ <configuration name="SignatureConf">
+ <!-- Specific signature module -->
+ <parameter name="class" value="eu.stork.peps.auth.engine.core.impl.SignSW" />
+ <!-- Settings specific module -->
+ <parameter name="fileConfiguration" value="SignModule_outgoing.xml" />
+ </configuration>
+ </instance>
+
+</instances> \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/test/resources/SignModule_Conf0.xml b/id/server/stork2-saml-engine/src/test/resources/SignModule_Conf0.xml
new file mode 100644
index 000000000..99c1b043d
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/test/resources/SignModule_Conf0.xml
@@ -0,0 +1,12 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd">
+
+<properties>
+ <comment>SWModule sign with JKS.</comment>
+ <entry key="keystorePath">projects/stork2/code/moa-idspss/id/server/stork2-saml-engine/src/test/resources/keyStoreCountry0.jks</entry>
+ <entry key="keyStorePassword">local-demo</entry>
+ <entry key="keyPassword">local-demo</entry>
+ <entry key="issuer">CN=saml-demo-cert,OU=STORK2,O=Advania,L=Reykjavik,ST=Reykjavik,C=IS</entry>
+ <entry key="serialNumber">529E05C8</entry>
+ <entry key="keystoreType">JKS</entry>
+</properties> \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/test/resources/SignModule_Conf1.xml b/id/server/stork2-saml-engine/src/test/resources/SignModule_Conf1.xml
new file mode 100644
index 000000000..af68d33aa
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/test/resources/SignModule_Conf1.xml
@@ -0,0 +1,12 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd">
+
+<properties>
+ <comment>SWModule sign with JKS.</comment>
+ <entry key="keystorePath">src/test/resources/keyStoreCountry1.jks</entry>
+ <entry key="keyStorePassword">local-demo</entry>
+ <entry key="keyPassword">local-demo</entry>
+ <entry key="issuer">CN=local-demo, O=Indra, L=Madrid, ST=Spain, C=ES</entry>
+ <entry key="serialNumber">529E04FF</entry>
+ <entry key="keystoreType">JKS</entry>
+</properties> \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/test/resources/SignModule_Conf2.xml b/id/server/stork2-saml-engine/src/test/resources/SignModule_Conf2.xml
new file mode 100644
index 000000000..b13cb390a
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/test/resources/SignModule_Conf2.xml
@@ -0,0 +1,12 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd">
+
+<properties>
+ <comment>SWModule sign with JKS.</comment>
+ <entry key="keystorePath">src/test/resources/keyStoreCountry2.jks</entry>
+ <entry key="keyStorePassword">local-demo</entry>
+ <entry key="keyPassword">local-demo</entry>
+ <entry key="issuer">CN=local-demo, O=Indra, L=Madrid, ST=Spain, C=ES</entry>
+ <entry key="serialNumber">529E04FF</entry>
+ <entry key="keystoreType">JKS</entry>
+</properties> \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/test/resources/SignModule_Conf3.xml b/id/server/stork2-saml-engine/src/test/resources/SignModule_Conf3.xml
new file mode 100644
index 000000000..ed933020a
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/test/resources/SignModule_Conf3.xml
@@ -0,0 +1,12 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd">
+
+<properties>
+ <comment>SWModule sign with JKS.</comment>
+ <entry key="keystorePath">src/test/resources/keyStoreCountry3.jks</entry>
+ <entry key="keyStorePassword">local-demo</entry>
+ <entry key="keyPassword">local-demo</entry>
+ <entry key="issuer">CN=local-demo, O=Indra, L=Madrid, ST=Spain, C=ES</entry>
+ <entry key="serialNumber">529E04FF</entry>
+ <entry key="keystoreType">JKS</entry>
+</properties> \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/test/resources/SignModule_P11.xml b/id/server/stork2-saml-engine/src/test/resources/SignModule_P11.xml
new file mode 100644
index 000000000..64eb426c8
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/test/resources/SignModule_P11.xml
@@ -0,0 +1,11 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd">
+
+<properties>
+ <comment>HWModule sign with interface PKCS11.</comment>
+ <entry key="configurationFile">p11Config.cfg</entry>
+ <entry key="keyPassword">*******</entry>
+ <entry key="issuer">CN=XXXXXXXXX</entry>
+ <entry key="serialNumber">xxxxxxxxxxxxxx</entry>
+ <entry key="keystoreType">PKCS11</entry>
+</properties> \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/test/resources/SignModule_outgoing.xml b/id/server/stork2-saml-engine/src/test/resources/SignModule_outgoing.xml
new file mode 100644
index 000000000..c7cee3af4
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/test/resources/SignModule_outgoing.xml
@@ -0,0 +1,12 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd">
+
+<properties>
+ <comment>SWModule sign with JKS.</comment>
+ <entry key="keystorePath">projects/stork2/code/moa-idspss/id/server/stork2-saml-engine/src/test/resources/storkDemoKeys.jks</entry>
+ <entry key="keyStorePassword">local-demo</entry>
+ <entry key="keyPassword">local-demo</entry>
+ <entry key="issuer">CN=local-demo-cert, O=Indra, L=Madrid, ST=Spain, C=ES</entry>
+ <entry key="serialNumber">4BA89DB2</entry>
+ <entry key="keystoreType">JKS</entry>
+</properties> \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf0.xml b/id/server/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf0.xml
new file mode 100644
index 000000000..0a28a5de8
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf0.xml
@@ -0,0 +1,91 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd">
+
+<properties>
+ <comment>SAML constants for AuthnRequests and Responses.</comment>
+
+ <!--
+ Types of consent obtained from the user for this authentication and
+ data transfer.
+ Allow values: 'unspecified'.
+ -->
+ <entry key="consentAuthnRequest">unspecified</entry>
+
+ <!--
+ Allow values: 'obtained', 'prior', 'current-implicit', 'current-explicit', 'unspecified'.
+ -->
+ <entry key="consentAuthnResponse">obtained</entry>
+
+ <!--URI representing the classification of the identifier
+ Allow values: 'entity'.
+ -->
+ <entry key="formatEntity">entity</entry>
+
+ <!--Only HTTP-POST binding is only supported for inter PEPS-->
+ <!--The SOAP binding is only supported for direct communication between SP-MW and VIdP-->
+ <entry key="protocolBinding">HTTP-POST</entry>
+
+
+
+
+ <!--URI representing the classification of the identifier
+ Allow values: 'entity'.
+ <entry key="eIDSectorShare">true</entry>
+ <entry key="eIDCrossSectorShare">true</entry>
+ <entry key="eIDCrossBorderShare">true</entry>
+ -->
+
+
+
+ <!-- A friendly name for the attribute that can be displayed to a user -->
+ <entry key="friendlyName">false</entry>
+
+ <!-- A friendly name for the attribute that can be displayed to a user -->
+ <entry key="isRequired">true</entry>
+
+ <!--PEPS in the Service Provider's country-->
+ <entry key="requester">http://S-PEPS.gov.xx</entry>
+
+ <!--PEPS in the citizen's origin country-->
+ <entry key="responder">http://C-PEPS.gov.xx</entry>
+
+ <!--Subject cannot be confirmed on or after this seconds time (positive number)-->
+ <entry key="timeNotOnOrAfter">300</entry>
+
+ <!--Validation IP of the response-->
+ <entry key="ipAddrValidation">false</entry>
+
+
+ <!--Subject Attribute Definitions-->
+ <entry key="eIdentifier">http://www.stork.gov.eu/1.0/eIdentifier</entry>
+ <entry key="givenName">http://www.stork.gov.eu/1.0/givenName</entry>
+ <entry key="surname">http://www.stork.gov.eu/1.0/surname</entry>
+ <entry key="inheritedFamilyName">http://www.stork.gov.eu/1.0/inheritedFamilyName</entry>
+ <entry key="adoptedFamilyName">http://www.stork.gov.eu/1.0/adoptedFamilyName</entry>
+ <entry key="gender">http://www.stork.gov.eu/1.0/gender</entry>
+ <entry key="dateOfBirth">http://www.stork.gov.eu/1.0/dateOfBirth</entry>
+ <entry key="countryCodeOfBirth">http://www.stork.gov.eu/1.0/countryCodeOfBirth</entry>
+ <entry key="nationalityCode">http://www.stork.gov.eu/1.0/nationalityCode</entry>
+ <entry key="maritalStatus">http://www.stork.gov.eu/1.0/maritalStatus</entry>
+ <entry key="residenceAddress">http://www.stork.gov.eu/1.0/residenceAddress</entry>
+ <entry key="eMail">http://www.stork.gov.eu/1.0/eMail</entry>
+ <entry key="academicTitle">http://www.stork.gov.eu/1.0/academicTitle</entry>
+ <entry key="pseudonym">http://www.stork.gov.eu/1.0/pseudonym</entry>
+ <entry key="age">http://www.stork.gov.eu/1.0/age</entry>
+ <entry key="isAgeOver">http://www.stork.gov.eu/1.0/isAgeOver</entry>
+
+ <entry key="textResidenceAddress">http://www.stork.gov.eu/1.0/textResidenceAddress</entry>
+ <entry key="canonicalResidenceAddress">http://www.stork.gov.eu/1.0/canonicalResidenceAddress</entry>
+
+ <entry key="title">http://www.stork.gov.eu/1.0/title</entry>
+ <entry key="residencePermit">http://www.stork.gov.eu/1.0/residencePermit</entry>
+
+ <entry key="signedDoc">http://www.stork.gov.eu/1.0/signedDoc</entry>
+ <entry key="citizen509Certificate">http://www.stork.gov.eu/1.0/citizen509Certificate</entry>
+
+ <entry key="newAttribute1">http://www.stork.gov.eu/1.0/newAttribute1</entry>
+ <entry key="newAttribute2">http://www.stork.gov.eu/1.0/newAttribute2</entry>
+ <entry key="hasDegree">http://www.stork.gov.eu/1.0/hasDegree</entry>
+ <entry key="mandateContent">http://www.stork.gov.eu/1.0/mandateContent</entry>
+
+</properties> \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf1.xml b/id/server/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf1.xml
new file mode 100644
index 000000000..0a28a5de8
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf1.xml
@@ -0,0 +1,91 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd">
+
+<properties>
+ <comment>SAML constants for AuthnRequests and Responses.</comment>
+
+ <!--
+ Types of consent obtained from the user for this authentication and
+ data transfer.
+ Allow values: 'unspecified'.
+ -->
+ <entry key="consentAuthnRequest">unspecified</entry>
+
+ <!--
+ Allow values: 'obtained', 'prior', 'current-implicit', 'current-explicit', 'unspecified'.
+ -->
+ <entry key="consentAuthnResponse">obtained</entry>
+
+ <!--URI representing the classification of the identifier
+ Allow values: 'entity'.
+ -->
+ <entry key="formatEntity">entity</entry>
+
+ <!--Only HTTP-POST binding is only supported for inter PEPS-->
+ <!--The SOAP binding is only supported for direct communication between SP-MW and VIdP-->
+ <entry key="protocolBinding">HTTP-POST</entry>
+
+
+
+
+ <!--URI representing the classification of the identifier
+ Allow values: 'entity'.
+ <entry key="eIDSectorShare">true</entry>
+ <entry key="eIDCrossSectorShare">true</entry>
+ <entry key="eIDCrossBorderShare">true</entry>
+ -->
+
+
+
+ <!-- A friendly name for the attribute that can be displayed to a user -->
+ <entry key="friendlyName">false</entry>
+
+ <!-- A friendly name for the attribute that can be displayed to a user -->
+ <entry key="isRequired">true</entry>
+
+ <!--PEPS in the Service Provider's country-->
+ <entry key="requester">http://S-PEPS.gov.xx</entry>
+
+ <!--PEPS in the citizen's origin country-->
+ <entry key="responder">http://C-PEPS.gov.xx</entry>
+
+ <!--Subject cannot be confirmed on or after this seconds time (positive number)-->
+ <entry key="timeNotOnOrAfter">300</entry>
+
+ <!--Validation IP of the response-->
+ <entry key="ipAddrValidation">false</entry>
+
+
+ <!--Subject Attribute Definitions-->
+ <entry key="eIdentifier">http://www.stork.gov.eu/1.0/eIdentifier</entry>
+ <entry key="givenName">http://www.stork.gov.eu/1.0/givenName</entry>
+ <entry key="surname">http://www.stork.gov.eu/1.0/surname</entry>
+ <entry key="inheritedFamilyName">http://www.stork.gov.eu/1.0/inheritedFamilyName</entry>
+ <entry key="adoptedFamilyName">http://www.stork.gov.eu/1.0/adoptedFamilyName</entry>
+ <entry key="gender">http://www.stork.gov.eu/1.0/gender</entry>
+ <entry key="dateOfBirth">http://www.stork.gov.eu/1.0/dateOfBirth</entry>
+ <entry key="countryCodeOfBirth">http://www.stork.gov.eu/1.0/countryCodeOfBirth</entry>
+ <entry key="nationalityCode">http://www.stork.gov.eu/1.0/nationalityCode</entry>
+ <entry key="maritalStatus">http://www.stork.gov.eu/1.0/maritalStatus</entry>
+ <entry key="residenceAddress">http://www.stork.gov.eu/1.0/residenceAddress</entry>
+ <entry key="eMail">http://www.stork.gov.eu/1.0/eMail</entry>
+ <entry key="academicTitle">http://www.stork.gov.eu/1.0/academicTitle</entry>
+ <entry key="pseudonym">http://www.stork.gov.eu/1.0/pseudonym</entry>
+ <entry key="age">http://www.stork.gov.eu/1.0/age</entry>
+ <entry key="isAgeOver">http://www.stork.gov.eu/1.0/isAgeOver</entry>
+
+ <entry key="textResidenceAddress">http://www.stork.gov.eu/1.0/textResidenceAddress</entry>
+ <entry key="canonicalResidenceAddress">http://www.stork.gov.eu/1.0/canonicalResidenceAddress</entry>
+
+ <entry key="title">http://www.stork.gov.eu/1.0/title</entry>
+ <entry key="residencePermit">http://www.stork.gov.eu/1.0/residencePermit</entry>
+
+ <entry key="signedDoc">http://www.stork.gov.eu/1.0/signedDoc</entry>
+ <entry key="citizen509Certificate">http://www.stork.gov.eu/1.0/citizen509Certificate</entry>
+
+ <entry key="newAttribute1">http://www.stork.gov.eu/1.0/newAttribute1</entry>
+ <entry key="newAttribute2">http://www.stork.gov.eu/1.0/newAttribute2</entry>
+ <entry key="hasDegree">http://www.stork.gov.eu/1.0/hasDegree</entry>
+ <entry key="mandateContent">http://www.stork.gov.eu/1.0/mandateContent</entry>
+
+</properties> \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf2.xml b/id/server/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf2.xml
new file mode 100644
index 000000000..435ef4b82
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf2.xml
@@ -0,0 +1,64 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd">
+
+<properties>
+ <comment>SAML constants for AuthnRequests and Responses.</comment>
+
+ <!--
+ Types of consent obtained from the user for this authentication and
+ data transfer.
+ Allow values: 'unspecified'.
+ -->
+ <entry key="consentAuthnRequest">unspecified</entry>
+ <!--
+ Allow values: 'obtained', 'prior', 'curent-implicit', 'curent-explicit', 'unspecified'.
+ -->
+ <entry key="consentAuthnResponse">obtained</entry>
+
+ <!--URI representing the classification of the identifier
+ Allow values: 'entity'.
+ -->
+ <entry key="formatEntity">entity</entry>
+
+ <!--Only HTTP-POST binding is only supported for inter PEPS-->
+ <!--The SOAP binding is only supported for direct communication between SP-MW and VIdP-->
+ <entry key="protocolBinding">HTTP-POST</entry>
+
+ <entry key="eIDSectorShare">false</entry>
+ <entry key="eIDCrossSectorShare">false</entry>
+ <entry key="eIDCrossBorderShare">false</entry>
+
+ <!--PEPS in the Service Provider's country-->
+ <entry key="requester">http://S-PEPS.gov.xx</entry>
+
+ <!--PEPS in the citizen's origin country-->
+ <entry key="responder">http://C-PEPS.gov.xx</entry>
+
+ <!--Subject cannot be confirmed on or after this seconds time-->
+ <entry key="timeNotOnOrAfter">300</entry>
+
+ <!--Validation IP of the response-->
+ <entry key="ipAddrValidation">false</entry>
+
+ <!-- A friendly name for the attribute that can be displayed to a user -->
+ <entry key="isRequired">false</entry>
+
+
+ <!--Subject Attribute Definitions-->
+ <entry key="eIdentifier">http://www.stork.gov.eu/1.0/eIdentifier</entry>
+ <entry key="givenName">http://www.stork.gov.eu/1.0/givenName</entry>
+ <entry key="surname">http://www.stork.gov.eu/1.0/surname</entry>
+ <entry key="inheritedFamilyName">http://www.stork.gov.eu/1.0/inheritedFamilyName</entry>
+ <entry key="adoptedFamilyName">http://www.stork.gov.eu/1.0/adoptedFamilyName</entry>
+ <entry key="gender">http://www.stork.gov.eu/1.0/gender</entry>
+ <entry key="dateOfBirth">http://www.stork.gov.eu/1.0/dateOfBirth</entry>
+ <entry key="countryCodeOfBirth">http://www.stork.gov.eu/1.0/countryCodeOfBirth</entry>
+ <entry key="nationalityCode">http://www.stork.gov.eu/1.0/nationalityCode</entry>
+ <entry key="maritalStatus">http://www.stork.gov.eu/1.0/maritalStatus</entry>
+ <entry key="residenceAddress">http://www.stork.gov.eu/1.0/residenceAddress</entry>
+ <entry key="eMail">http://www.stork.gov.eu/1.0/eMail</entry>
+ <entry key="academicTitle">http://www.stork.gov.eu/1.0/academicTitle</entry>
+ <entry key="pseudonym">http://www.stork.gov.eu/1.0/pseudonym</entry>
+ <entry key="age">http://www.stork.gov.eu/1.0/age</entry>
+ <entry key="isAgeOver">http://www.stork.gov.eu/1.0/isAgeOver</entry>
+</properties> \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf3.xml b/id/server/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf3.xml
new file mode 100644
index 000000000..bec8934f8
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf3.xml
@@ -0,0 +1,61 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd">
+
+<properties>
+ <comment>SAML constants for AuthnRequests and Responses.</comment>
+
+ <!--
+ Types of consent obtained from the user for this authentication and
+ data transfer.
+ Allow values: 'unspecified'.
+ -->
+ <entry key="consentAuthnRequest">unspecified</entry>
+ <!--
+ Allow values: 'obtained', 'prior', 'curent-implicit', 'curent-explicit', 'unspecified'.
+ -->
+ <entry key="consentAuthnResponse">obtained</entry>
+
+ <!--URI representing the classification of the identifier
+ Allow values: 'entity'.
+ -->
+ <entry key="formatEntity">entity</entry>
+
+ <!--Only HTTP-POST binding is only supported for inter PEPS-->
+ <!--The SOAP binding is only supported for direct communication between SP-MW and VIdP-->
+ <entry key="protocolBinding">HTTP-POST</entry>
+
+ <entry key="eIDSectorShare">false</entry>
+ <entry key="eIDCrossSectorShare">false</entry>
+ <entry key="eIDCrossBorderShare">false</entry>
+
+ <!--PEPS in the Service Provider's country-->
+ <entry key="requester">http://S-PEPS.gov.xx</entry>
+
+ <!--PEPS in the citizen's origin country-->
+ <entry key="responder">http://C-PEPS.gov.xx</entry>
+
+ <!--Subject cannot be confirmed on or after this seconds time-->
+ <entry key="timeNotOnOrAfter">300</entry>
+
+ <!--Validation IP of the response-->
+ <entry key="ipAddrValidation">false</entry>
+
+ <!--Subject Attribute Definitions-->
+ <entry key="eIdentifier">http://www.stork.gov.eu/1.0/eIdentifier</entry>
+ <entry key="givenName">http://www.stork.gov.eu/1.0/givenName</entry>
+ <entry key="surname">http://www.stork.gov.eu/1.0/surname</entry>
+ <entry key="inheritedFamilyName">http://www.stork.gov.eu/1.0/inheritedFamilyName</entry>
+ <entry key="adoptedFamilyName">http://www.stork.gov.eu/1.0/adoptedFamilyName</entry>
+ <entry key="gender">http://www.stork.gov.eu/1.0/gender</entry>
+ <entry key="dateOfBirth">http://www.stork.gov.eu/1.0/dateOfBirth</entry>
+ <entry key="countryCodeOfBirth">http://www.stork.gov.eu/1.0/countryCodeOfBirth</entry>
+ <entry key="nationalityCode">http://www.stork.gov.eu/1.0/nationalityCode</entry>
+ <entry key="maritalStatus">http://www.stork.gov.eu/1.0/maritalStatus</entry>
+ <entry key="residenceAddress">http://www.stork.gov.eu/1.0/residenceAddress</entry>
+ <entry key="eMail">http://www.stork.gov.eu/1.0/eMail</entry>
+ <entry key="academicTitle">http://www.stork.gov.eu/1.0/academicTitle</entry>
+ <entry key="pseudonym">http://www.stork.gov.eu/1.0/pseudonym</entry>
+ <entry key="age">http://www.stork.gov.eu/1.0/age</entry>
+ <entry key="isAgeOver">http://www.stork.gov.eu/1.0/isAgeOver</entry>
+ <entry key="unknown">http://www.stork.gov.eu/1.0/unknown</entry>
+</properties> \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/test/resources/StorkSamlEngine_outgoing.xml b/id/server/stork2-saml-engine/src/test/resources/StorkSamlEngine_outgoing.xml
new file mode 100644
index 000000000..f8fc4f91a
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/test/resources/StorkSamlEngine_outgoing.xml
@@ -0,0 +1,93 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd">
+
+<properties>
+ <comment>SAML constants for AuthnRequests and Responses.</comment>
+
+ <!--
+ Types of consent obtained from the user for this authentication and
+ data transfer.
+ Allow values: 'unspecified'.
+ -->
+ <entry key="consentAuthnRequest">unspecified</entry>
+
+ <!--
+ Allow values: 'obtained', 'prior', 'current-implicit', 'current-explicit', 'unspecified'.
+ -->
+ <entry key="consentAuthnResponse">obtained</entry>
+
+ <!--URI representing the classification of the identifier
+ Allow values: 'entity'.
+ -->
+ <entry key="formatEntity">entity</entry>
+
+ <!--Only HTTP-POST binding is only supported for inter PEPS-->
+ <!--The SOAP binding is only supported for direct communication between SP-MW and VIdP-->
+ <entry key="protocolBinding">HTTP-POST</entry>
+
+
+
+
+ <!--URI representing the classification of the identifier
+ Allow values: 'entity'.
+ <entry key="eIDSectorShare">true</entry>
+ <entry key="eIDCrossSectorShare">true</entry>
+ <entry key="eIDCrossBorderShare">true</entry>
+ -->
+
+
+
+ <!-- A friendly name for the attribute that can be displayed to a user -->
+ <entry key="friendlyName">false</entry>
+
+ <!-- A friendly name for the attribute that can be displayed to a user -->
+ <entry key="isRequired">true</entry>
+
+ <!--PEPS in the Service Provider's country-->
+ <entry key="requester">http://S-PEPS.gov.xx</entry>
+
+ <!--PEPS in the citizen's origin country-->
+ <entry key="responder">http://C-PEPS.gov.xx</entry>
+
+ <!--Subject cannot be confirmed on or after this seconds time (positive number)-->
+ <entry key="timeNotOnOrAfter">300</entry>
+
+ <!--Validation IP of the response-->
+ <entry key="ipAddrValidation">false</entry>
+
+
+ <!--Subject Attribute Definitions-->
+ <entry key="eIdentifier">http://www.stork.gov.eu/1.0/eIdentifier</entry>
+ <entry key="givenName">http://www.stork.gov.eu/1.0/givenName</entry>
+ <entry key="surname">http://www.stork.gov.eu/1.0/surname</entry>
+ <entry key="inheritedFamilyName">http://www.stork.gov.eu/1.0/inheritedFamilyName</entry>
+ <entry key="adoptedFamilyName">http://www.stork.gov.eu/1.0/adoptedFamilyName</entry>
+ <entry key="gender">http://www.stork.gov.eu/1.0/gender</entry>
+ <entry key="dateOfBirth">http://www.stork.gov.eu/1.0/dateOfBirth</entry>
+ <entry key="countryCodeOfBirth">http://www.stork.gov.eu/1.0/countryCodeOfBirth</entry>
+ <entry key="nationalityCode">http://www.stork.gov.eu/1.0/nationalityCode</entry>
+ <entry key="maritalStatus">http://www.stork.gov.eu/1.0/maritalStatus</entry>
+ <entry key="residenceAddress">http://www.stork.gov.eu/1.0/residenceAddress</entry>
+ <entry key="eMail">http://www.stork.gov.eu/1.0/eMail</entry>
+ <entry key="academicTitle">http://www.stork.gov.eu/1.0/academicTitle</entry>
+ <entry key="pseudonym">http://www.stork.gov.eu/1.0/pseudonym</entry>
+ <entry key="age">http://www.stork.gov.eu/1.0/age</entry>
+ <entry key="isAgeOver">http://www.stork.gov.eu/1.0/isAgeOver</entry>
+
+ <entry key="textResidenceAddress">http://www.stork.gov.eu/1.0/textResidenceAddress</entry>
+ <entry key="canonicalResidenceAddress">http://www.stork.gov.eu/1.0/canonicalResidenceAddress</entry>
+
+ <entry key="title">http://www.stork.gov.eu/1.0/title</entry>
+ <entry key="residencePermit">http://www.stork.gov.eu/1.0/residencePermit</entry>
+
+ <entry key="signedDoc">http://www.stork.gov.eu/1.0/signedDoc</entry>
+ <entry key="citizen509Certificate">http://www.stork.gov.eu/1.0/citizen509Certificate</entry>
+
+ <entry key="newAttribute1">http://www.stork.gov.eu/1.0/newAttribute1</entry>
+ <entry key="newAttribute2">http://www.stork.gov.eu/1.0/newAttribute2</entry>
+ <entry key="hasDegree">http://www.stork.gov.eu/1.0/hasDegree</entry>
+ <entry key="mandateContent">http://www.stork.gov.eu/1.0/mandateContent</entry>
+ <entry key="representative">http://www.stork.gov.eu/1.0/representative</entry>
+ <entry key="represented">http://www.stork.gov.eu/1.0/represented</entry>
+
+</properties> \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryRequest.xml b/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryRequest.xml
new file mode 100644
index 000000000..511919167
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryRequest.xml
@@ -0,0 +1,16 @@
+<?xml version="1.0" encoding="UTF-8"?><saml2p:AttributeQuery xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:stork="urn:eu:stork:names:tc:STORK:1.0:assertion" xmlns:storkp="urn:eu:stork:names:tc:STORK:1.0:protocol" xmlns:xs="http://www.w3.org/2001/XMLSchema" Consent="urn:oasis:names:tc:SAML:2.0:consent:unspecified" Destination="http://A-PEPS.gov.xx/PEPS/AttributeColleagueRequest" ID="_939726f0a02072f40b548de378612a50" IssueInstant="2013-10-04T16:57:55.547Z" Version="2.0"><saml2:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://S-PEPS.gov.xx</saml2:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/><ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/><ds:Reference URI="#_939726f0a02072f40b548de378612a50"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"><ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="xs"/></ds:Transform></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>BgPDTVCv7BhiWIs6HsC06jaHaag=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>dIC61bGi6Jqp1zSVojpjaVq9WaZcDtNImXgo1Dyze5/hJA07Sy4TaHu+/IuLEC99aLjM6rxh2UUNqpPaQCFlF5eVkVv/c4gHEZVyevhjJKTidqmnuhlI78PGMx2thfxFsHsPcqHqOzy1Z6w18K1ds6APQP+aXI9TNKis+pykn4nJititYuiSseD0VY0F4QnXx+U6k3raoi1CAFE5fe7EuI/KfxuhhQLAbLq90Vm8R94ITBjfSS25mXstXNe9zppTSjDB42ld1TjDovDwXAn5OxiZasIEb5m68sRlxgoQ/2/+ZdYNNINFLAwkCbb8MiCbGASd626Bme0Kx+ropeWdxw==</ds:SignatureValue><ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIIDXjCCAkagAwIBAgIEUk1MbDANBgkqhkiG9w0BAQUFADBxMQswCQYDVQQGEwJJUzESMBAGA1UE
+CAwJUmV5a2phdmlrMRIwEAYDVQQHDAlSZXlramF2aWsxEDAOBgNVBAoMB0FkdmFuaWExDzANBgNV
+BAsMBlNUT1JLMjEXMBUGA1UEAwwOc2FtbC1kZW1vLWNlcnQwHhcNMTMxMDAzMTA1MzEyWhcNMjMx
+MDAzMTA1MzEyWjBxMQswCQYDVQQGEwJJUzESMBAGA1UECAwJUmV5a2phdmlrMRIwEAYDVQQHDAlS
+ZXlramF2aWsxEDAOBgNVBAoMB0FkdmFuaWExDzANBgNVBAsMBlNUT1JLMjEXMBUGA1UEAwwOc2Ft
+bC1kZW1vLWNlcnQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkSgTxZkNRXZTKLB0c
+4oz7/8Dh56FX+0cYg7hjw4e8vn+ITXkxzrmUH57FtsvKln4mq1H0FHXL80u3IiWX8qY+QLgNeKeB
+m85lXuyOb3wWpKAaQvpLAkejGLCx22AN2L0WZkKZV2puwRQVsRHCq6U6vToJXDZ6Ui6ltKsAl/ZS
+8qUFpiIvqD5ea4ohz4JsFE/uApRc7pbJ4VbOmAAeH/tQTayptq2kPb2vvUVk+2cH5J7UD+GCI88E
+e+mS+C33tV9NmWUHL69mYEe8FXjumbKA5e9i1ejn9i0/BLUtHFonHnL9YFMim0foI7NNc5mNg9aw
+vm0PuByVU3kuibQkqGBLAgMBAAEwDQYJKoZIhvcNAQEFBQADggEBAA9X5B4NBmVuhjECi+KOnRRX
+5oUV+jbYKhGZODDPi+F4Uo7ZtPFQ6sS3tE54+8AoDl5zQ5q5fDDVXhB42IIIjDxHKo8cBXie5FZ6
+mJtErvWZWYWdO0uV2OQAUALq2LieidqSFDJ+Pjl8w1New8oi3migwyE0jZo4Q97lJGDfJTruV0A2
+JE/Gt6QAAcWhhN2hZl92pYkIi5OeqHXyzBUp5vg8LLfNmeyziCAiXDC1Sy/aQU/cllZ3zFJMrqZM
+s2xBpmB4sF1YRbIrr2OqEVE6M6DUx+pAQOd2uogV3AMT9D5MYpckI1jx/o/Tto7ju74nIVOskDiN
+K0FR8izxcT0HixM=</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature><saml2p:Extensions><stork:QualityAuthenticationAssuranceLevel>3</stork:QualityAuthenticationAssuranceLevel><storkp:eIDSectorShare>false</storkp:eIDSectorShare><storkp:eIDCrossSectorShare>false</storkp:eIDCrossSectorShare><storkp:eIDCrossBorderShare>false</storkp:eIDCrossBorderShare><storkp:RequestedAttributes><stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/dateOfBirth" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="false"/><stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/isAgeOver" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"><stork:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:anyType">16</stork:AttributeValue><stork:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:anyType">18</stork:AttributeValue></stork:RequestedAttribute><stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/givenName" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"><stork:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:anyType">Sveinbjorn</stork:AttributeValue></stork:RequestedAttribute><stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/eIdentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"><stork:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:anyType">ES/IS/1234567890</stork:AttributeValue></stork:RequestedAttribute></storkp:RequestedAttributes></saml2p:Extensions><saml2:Subject><saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer"/></saml2:Subject></saml2p:AttributeQuery> \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryRequestTagDelete.xml b/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryRequestTagDelete.xml
new file mode 100644
index 000000000..9f9fe5156
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryRequestTagDelete.xml
@@ -0,0 +1,15 @@
+<?xml version="1.0" encoding="UTF-8"?><saml2p:AttributeQuery xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:stork="urn:eu:stork:names:tc:STORK:1.0:assertion" xmlns:storkp="urn:eu:stork:names:tc:STORK:1.0:protocol" xmlns:xs="http://www.w3.org/2001/XMLSchema" Consent="urn:oasis:names:tc:SAML:2.0:consent:unspecified" Destination="http://C-PEPS.gov.xx/PEPS/ColleagueRequest" ID="_f6c8fc355b9f125cb5283f038e1b3cdf" IssueInstant="2013-10-03T10:28:15.449Z" Version="2.0"><saml2:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://S-PEPS.gov.xx</saml2:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><ds:SignatureValue>hhQXDKNrJJ3Yy/pkZNZF4GlWrA/Xsx4CH9chgVa5HK4qZQvFXvZwegdw6U7rm7qv0zmI4xaLTv/bpmqJzEPfY3sIvrDRu9EouEKwtjbMbcvVQsx7I+j0yy7/cBcQJe3lRwQwyvazfYVbnSeGFxBN6WOHPqv6uInaQO/hXkicT3tBtm8o3UgUDY6c8wIMuD5A0hWTkL6z6f893AbdN85OQYAdHItNsQWeLOIeiGC918X7qqTfhFtBAB2oGVjlsSEqWox1jNqrPl1jjA0dP76m5SIVSqF8XcDR306ZB9GLJywOHKba0lxGLsXOAzJ+8u9jeixJ6VZKFqZg2Fhl/saKbg==</ds:SignatureValue><ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIIDJzCCAg8CBEuonbIwDQYJKoZIhvcNAQEFBQAwWDELMAkGA1UEBhMCRVMxDjAMBgNVBAgMBVNw
+YWluMQ8wDQYDVQQHDAZNYWRyaWQxDjAMBgNVBAoMBUluZHJhMRgwFgYDVQQDDA9sb2NhbC1kZW1v
+LWNlcnQwHhcNMTAwMzIzMTA1MzM4WhcNMTAwNjAxMTA1MzM4WjBYMQswCQYDVQQGEwJFUzEOMAwG
+A1UECAwFU3BhaW4xDzANBgNVBAcMBk1hZHJpZDEOMAwGA1UECgwFSW5kcmExGDAWBgNVBAMMD2xv
+Y2FsLWRlbW8tY2VydDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJfdQ1/mkM9sqqab
+ri8qqqX4s0J6UEEXyF+0AjLU8RC4WMeYFSZ5tfwnyLsoXY0/9bZLXnBxSibQYaf4SnpZJhlVA4sU
+0d8qyEWA2OvXGDCm7uspGHG3CRQa7fpHsmHmfIAqho9XDlwpwJdx5gK4Edc6aArcMQfjqMhy1s1n
+6Of1i1lMGGsGrERIRY7biIQu/8nITbHH18sUAZMG1u/Q0Avi9O3LWyswHXUouZ818fWwG6xru2N5
+y6vtVO/SL3doRSdqYkEms93TgxTtaKg8XNe24zhNTte6nvWLaKesi2KzZGC57HU47HBFEs8NWk7z
+9BDf8uLyPz9VDahwVKzMto8CAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAgpuReXQ7Dsfdoe5zzy2F
+6kn1qqtMkRGsBPKnDFCI/GkIZpBiqlfwdh6sipnFKWfKEDlPKN1kEhbkDR2GA1Cp4F4ZSL/HumZM
+pWabRhDxhTPvHIFbbShPDJY93+jw/yQeaWgMuhw3WzdH9TrVoRZH0Q7sG1pIJo5/6IogIZwFvJHT
+/NDutKmurU6Lw8Vnde8PfnQd+FTEhz0SEGyKkWjAuhGbJfseBy/z3L+MJq1rdSQ9PF7wXDvWNzJq
+yaNBUWWBV1TskvkNZXcaguroVPy2XhA1aixlAajWEXLk6Uuj5UYqalrV/reNYvDvY0BV2CIn51r7
+Ppm8IFVTk8mYfX8/jw==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature><saml2p:Extensions><stork:QualityAuthenticationAssuranceLevel>3</stork:QualityAuthenticationAssuranceLevel><storkp:eIDSectorShare>false</storkp:eIDSectorShare><storkp:eIDCrossSectorShare>false</storkp:eIDCrossSectorShare><storkp:eIDCrossBorderShare>false</storkp:eIDCrossBorderShare><storkp:RequestedAttributes><stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/dateOfBirth" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="false"/><stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/isAgeOver" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"><stork:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:anyType">16</stork:AttributeValue><stork:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:anyType">18</stork:AttributeValue></stork:RequestedAttribute><stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/givenName" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"><stork:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:anyType">Sveinbjörn</stork:AttributeValue></stork:RequestedAttribute><stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/eIdentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"><stork:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:anyType">ES/IS/1234567890</stork:AttributeValue></stork:RequestedAttribute></storkp:RequestedAttributes></saml2p:Extensions><saml2:Subject><saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:1.0:cm:sender-vouches"/></saml2:Subject></saml2p:AttributeQuery> \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryResponse.xml b/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryResponse.xml
new file mode 100644
index 000000000..1ff7fbeeb
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryResponse.xml
@@ -0,0 +1,15 @@
+<?xml version="1.0" encoding="UTF-8"?><saml2p:Response xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:stork="urn:eu:stork:names:tc:STORK:1.0:assertion" xmlns:storkp="urn:eu:stork:names:tc:STORK:1.0:protocol" xmlns:xs="http://www.w3.org/2001/XMLSchema" Consent="urn:oasis:names:tc:SAML:2.0:consent:obtained" Destination="http://C-PEPS.gov.xx/PEPS/ColleagueRequest" ID="_483140d440fc4eef8e949ace49669f2e" InResponseTo="_0a22c1120bf2de912714c24e99dd38ed" IssueInstant="2013-10-08T09:11:17.255Z" Version="2.0"><saml2:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://C-PEPS.gov.xx</saml2:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/><ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/><ds:Reference URI="#_483140d440fc4eef8e949ace49669f2e"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"><ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="xs"/></ds:Transform></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>yMOVS1T/yRiVh3L6IBM9rR9Ie3w=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>d8e/RyNNPmnHRIzTIuRSnW6B60oWGBGxjRua/HvNxTuod0qSarYJxEedhY9Wl1Z9WYXlry28FuKjp3DA3HhzNaVd7A7QpFqNC4dnizSVWFjxlhmoE/Uv3Y/ha9P/fk6nbtHCSKW4kHSX7QfFLeggcLmUG0IULRF8UmRdQ0WerCl0aSZZeSp8J3LsFBPeWCRSwXgfiLn+RehggzZmQU6g0ssxrpnsYEAtjAiOli+YVQGuumsZGaJ8zHA/DgJ2FTGovNUyfuSUFLhd9nLlSqFs2Avnx0Ck7Q1dxDO5truOm6e285YLHqLaGdetFyPQAj/Z4w4RJ5u5X6d7rhBjTfRAAw==</ds:SignatureValue><ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIIDJzCCAg8CBEuonbIwDQYJKoZIhvcNAQEFBQAwWDELMAkGA1UEBhMCRVMxDjAMBgNVBAgMBVNw
+YWluMQ8wDQYDVQQHDAZNYWRyaWQxDjAMBgNVBAoMBUluZHJhMRgwFgYDVQQDDA9sb2NhbC1kZW1v
+LWNlcnQwHhcNMTAwMzIzMTA1MzM4WhcNMTAwNjAxMTA1MzM4WjBYMQswCQYDVQQGEwJFUzEOMAwG
+A1UECAwFU3BhaW4xDzANBgNVBAcMBk1hZHJpZDEOMAwGA1UECgwFSW5kcmExGDAWBgNVBAMMD2xv
+Y2FsLWRlbW8tY2VydDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJfdQ1/mkM9sqqab
+ri8qqqX4s0J6UEEXyF+0AjLU8RC4WMeYFSZ5tfwnyLsoXY0/9bZLXnBxSibQYaf4SnpZJhlVA4sU
+0d8qyEWA2OvXGDCm7uspGHG3CRQa7fpHsmHmfIAqho9XDlwpwJdx5gK4Edc6aArcMQfjqMhy1s1n
+6Of1i1lMGGsGrERIRY7biIQu/8nITbHH18sUAZMG1u/Q0Avi9O3LWyswHXUouZ818fWwG6xru2N5
+y6vtVO/SL3doRSdqYkEms93TgxTtaKg8XNe24zhNTte6nvWLaKesi2KzZGC57HU47HBFEs8NWk7z
+9BDf8uLyPz9VDahwVKzMto8CAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAgpuReXQ7Dsfdoe5zzy2F
+6kn1qqtMkRGsBPKnDFCI/GkIZpBiqlfwdh6sipnFKWfKEDlPKN1kEhbkDR2GA1Cp4F4ZSL/HumZM
+pWabRhDxhTPvHIFbbShPDJY93+jw/yQeaWgMuhw3WzdH9TrVoRZH0Q7sG1pIJo5/6IogIZwFvJHT
+/NDutKmurU6Lw8Vnde8PfnQd+FTEhz0SEGyKkWjAuhGbJfseBy/z3L+MJq1rdSQ9PF7wXDvWNzJq
+yaNBUWWBV1TskvkNZXcaguroVPy2XhA1aixlAajWEXLk6Uuj5UYqalrV/reNYvDvY0BV2CIn51r7
+Ppm8IFVTk8mYfX8/jw==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature><saml2p:Status><saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/><saml2p:StatusMessage>urn:oasis:names:tc:SAML:2.0:status:Success</saml2p:StatusMessage></saml2p:Status><saml2:Assertion ID="_9ed05849dee5c154e62fa9e3ba53e9f3" IssueInstant="2013-10-08T09:11:17.255Z" Version="2.0"><saml2:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://C-PEPS.gov.xx</saml2:Issuer><saml2:Subject><saml2:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified" NameQualifier="http://C-PEPS.gov.xx">urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</saml2:NameID><saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer"><saml2:SubjectConfirmationData Address="111.222.333.444" InResponseTo="_0a22c1120bf2de912714c24e99dd38ed" NotOnOrAfter="2013-10-08T09:16:17.255Z"/></saml2:SubjectConfirmation></saml2:Subject><saml2:Conditions NotBefore="2013-10-08T09:11:17.255Z" NotOnOrAfter="2013-10-08T09:16:17.255Z"><saml2:AudienceRestriction><saml2:Audience>http://S-PEPS.gov.xx</saml2:Audience></saml2:AudienceRestriction><saml2:OneTimeUse/></saml2:Conditions><saml2:AuthnStatement AuthnInstant="2013-10-08T09:11:17.255Z"><saml2:SubjectLocality Address="111.222.333.444"/><saml2:AuthnContext><saml2:AuthnContextDecl/></saml2:AuthnContext></saml2:AuthnStatement><saml2:AttributeStatement><saml2:Attribute Name="http://www.stork.gov.eu/1.0/dateOfBirth" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" stork:AttributeStatus="Available"><saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:anyType">16/12/2008</saml2:AttributeValue></saml2:Attribute><saml2:Attribute Name="http://www.stork.gov.eu/1.0/canonicalResidenceAddress" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" stork:AttributeStatus="Available"><saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:anyType"><stork:postalCode xsi:type="xs:anyType">105</stork:postalCode><stork:state xsi:type="xs:anyType">IS</stork:state><stork:streetNumber xsi:type="xs:anyType">10</stork:streetNumber><stork:streetName xsi:type="xs:anyType">Gudrunartun</stork:streetName><stork:town xsi:type="xs:anyType">Reykjavik</stork:town></saml2:AttributeValue></saml2:Attribute><saml2:Attribute Name="http://www.stork.gov.eu/1.0/newAttribute2" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" stork:AttributeStatus="Available"><saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:anyType"><stork:value3 xsi:type="xs:anyType">value3</stork:value3><stork:value4 xsi:type="xs:anyType">value4</stork:value4><stork:value1 xsi:type="xs:anyType">value1</stork:value1><stork:value2 xsi:type="xs:anyType">value2</stork:value2></saml2:AttributeValue></saml2:Attribute><saml2:Attribute Name="http://www.stork.gov.eu/1.0/isAgeOver" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" stork:AttributeStatus="Available"><saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:anyType">16</saml2:AttributeValue><saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:anyType">18</saml2:AttributeValue></saml2:Attribute><saml2:Attribute Name="http://www.stork.gov.eu/1.0/eIdentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" stork:AttributeStatus="Available"><saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:anyType">123456789IS</saml2:AttributeValue></saml2:Attribute></saml2:AttributeStatement></saml2:Assertion></saml2p:Response> \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AuthnRequest.xml b/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AuthnRequest.xml
new file mode 100644
index 000000000..c822702df
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AuthnRequest.xml
@@ -0,0 +1,26 @@
+<?xml version="1.0" encoding="UTF-8"?><saml2p:AuthnRequest xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:stork="urn:eu:stork:names:tc:STORK:1.0:assertion" xmlns:storkp="urn:eu:stork:names:tc:STORK:1.0:protocol" AssertionConsumerServiceURL="http://S-PEPS.gov.xx/PEPS/ColleagueResponse" Consent="urn:oasis:names:tc:SAML:2.0:consent:unspecified" Destination="http://C-PEPS.gov.xx/PEPS/ColleagueRequest" ForceAuthn="true" ID="_e54eee285e7b8e2772875c406ec39674" IsPassive="false" IssueInstant="2010-06-08T07:37:54.533Z" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" ProviderName="University of Oxford" Version="2.0"><saml2:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://S-PEPS.gov.xx</saml2:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+<ds:SignedInfo>
+<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
+<ds:Reference URI="#_e54eee285e7b8e2772875c406ec39674">
+<ds:Transforms>
+<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"><ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="ds saml2 saml2p stork storkp xs"/></ds:Transform>
+</ds:Transforms>
+<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+<ds:DigestValue>yzsqaxBNicOrixBUno5cL0CBOpE=</ds:DigestValue>
+</ds:Reference>
+</ds:SignedInfo>
+<ds:SignatureValue>
+Xycll1PF7hh3Xdykpr6nIr8Q6PQ6OxLIBBBugoGpAm/V4Hu7tKakHJp8TgtRWZ30jG5eolOXnJkC
+wiaTVUFaQz7cNn27syRJkdA+eYlz9doiwUJ5eD1cAyddZYsNPpSeAj5UK45oN0qCH+/pI9mRw8Oi
+YIN/BUEtXkoYTjPtkmA=
+</ds:SignatureValue>
+<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIIBmDCCAQECBEuWisIwDQYJKoZIhvcNAQEFBQAwEzERMA8GA1UEAxMIY291bnRyeTEwHhcNMTAw
+MzA5MTc1MjAyWhcNMTAwNjA3MTc1MjAyWjATMREwDwYDVQQDEwhjb3VudHJ5MTCBnzANBgkqhkiG
+9w0BAQEFAAOBjQAwgYkCgYEAnb2gcchwxvJBclcsfCBWJnYefLJYQnDGCQ3RUtYZc26JznnLXclu
+h1XfLJlWgYk/pFKz7B9KfJztal47c6mBfisnxjhdcLqcbXOuRIm7E8TZPzdbHEd60WHPDv20jr+r
+/WkOQs12tKQMbgDX2wtBBcJODLYCDiYa1oQsnyhdOGkCAwEAATANBgkqhkiG9w0BAQUFAAOBgQBk
+3luVRc0EqEE1zZeYvRPi5a2yOZfI9H+/rXI1qNLwmICnuJX++ukUbqJHm/FV1iSPM9O9oqzifJ/K
+eKL5EcUugJ76Tu5XO8za2FoJvYr+jIZDsEkCg+OSzcp/eljiWAIh2enZcQ/ON6QxWXeSNJPH0xOq
+KAoZgbUK0Zld3Dsheg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature><saml2p:Extensions><stork:QualityAuthenticationAssuranceLevel>3</stork:QualityAuthenticationAssuranceLevel><stork:spSector>EDU001</stork:spSector><stork:spInstitution>OXF001</stork:spInstitution><stork:spApplication>APP001</stork:spApplication><stork:spCountry>EN</stork:spCountry><storkp:eIDSectorShare>true</storkp:eIDSectorShare><storkp:eIDCrossSectorShare>true</storkp:eIDCrossSectorShare><storkp:eIDCrossBorderShare>true</storkp:eIDCrossBorderShare><storkp:RequestedAttributes><stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/isAgeOver" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"><stork:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">16</stork:AttributeValue><stork:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">18</stork:AttributeValue></stork:RequestedAttribute><stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/dateOfBirth" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="false"/><stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/eIdentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/></storkp:RequestedAttributes></saml2p:Extensions></saml2p:AuthnRequest> \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AuthnRequestTagDelete.xml b/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AuthnRequestTagDelete.xml
new file mode 100644
index 000000000..2a54c7d59
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AuthnRequestTagDelete.xml
@@ -0,0 +1,14 @@
+<?xml version="1.0" encoding="UTF-8"?><saml2p:AuthnRequest xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:stork="urn:eu:stork:names:tc:STORK:1.0:stork" xmlns:storkp="urn:eu:stork:names:tc:STORK:1.0:protocol" AssertionConsumerServiceURL="http://localhost:8080/SP/ReturnPage" Consent="urn:oasis:names:tc:SAML:2.0:consent:unspecified" Destination="http://locahost:8080/PEPS/ServiceProvider" ForceAuthn="true" ID="_0c64ff85-1323-4618-847b-12d1983b86e4" IsPassive="false" IssueInstant="2010-04-07T16:45:03.593Z" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" ProviderName="PT-SP" Version="2.0"><saml2:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://S-PEPS.gov.xx</saml2:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+<ds:SignatureValue>
+S6nY97RSCUJXq3HZ5obSLCI341LvtAA3vHjR1FWxrIMDPACQMqlNWBYNnRP1RiZiJV6x0RieH+SR
+Vkiy03jYyhr0XkwAE5Wd6Huf+zIbeTXjZkdQj7JpAXoB+ky4G/+L0deamvsP3eO7ZJ4grady4gmC
+Xt8p8tK3EoMocZse2hw=
+</ds:SignatureValue>
+<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIIBkTCB+wIESpT8bTANBgkqhkiG9w0BAQUFADAQMQ4wDAYDVQQDEwVzdG9yazAeFw0wOTA4MjYw
+OTEyMTNaFw0wOTExMjQwOTEyMTNaMBAxDjAMBgNVBAMTBXN0b3JrMIGfMA0GCSqGSIb3DQEBAQUA
+A4GNADCBiQKBgQDK/QL8NuMd41I1lObObeRA6DaM8bjeYqIz5mg5WnnZv4jlcK7Gq89Lk6htXRFl
+lAXpDYhI3zolMIMHEMZ3zQQPc7lgTV6Bbz9uD2YTJ9Kx55e8Y6Y49DO+TiiejGJxTzTFUcuBJHaK
+ipuvLVd1a8N3RAnaGSUOozhrTqxba82mEwIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAFJgeS18nhUl
+r7WnvSn9FlkI94U//Hk3iZLc3/cScTu7D7Y/J0eUq4TF8PsSzWX5khGuqrTkswNgfEtl2IpACQ2w
+kB8+RxeRNdddQlGHlO4ZqnpvxXBwSouiy2yUeAo0y++vMFm6DO4sxfk8eTtimPDo5SzBtjtGtbqS
+3cyl/wz8</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature><saml2p:Extensions><stork:QualityAuthenticationAssuranceLevel>3</stork:QualityAuthenticationAssuranceLevel><storkp:eIDSectorShare>false</storkp:eIDSectorShare><storkp:eIDCrossSectorShare>false</storkp:eIDCrossSectorShare><storkp:eIDCrossBorderShare>false</storkp:eIDCrossBorderShare><storkp:RequestedAttributes><stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/nationalityCode" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/><stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/dateOfBirth" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/><stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/givenName" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/></storkp:RequestedAttributes></saml2p:Extensions></saml2p:AuthnRequest> \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AuthnRequestTagDeleteEncoded.xml b/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AuthnRequestTagDeleteEncoded.xml
new file mode 100644
index 000000000..3239cf6e7
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AuthnRequestTagDeleteEncoded.xml
@@ -0,0 +1,14 @@
+<?xml version="1.0" encoding="UTF-8"?><saml2p:AuthnRequest xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:stork="urn:eu:stork:names:tc:STORK:1.0:stork" xmlns:storkp="urn:eu:stork:names:tc:STORK:1.0:protocol" AssertionConsumerServiceURL="http://localhost:8080/SP/ReturnPage" Consent="urn:oasis:names:tc:SAML:2.0:consent:unspecified" Destination="http://localhost:8080/PEPS/ServiceProvider" ForceAuthn="true" ID="_0c64ff85-1323-4618-847b-12d1983b86e4" IsPassive="false" IssueInstant="2010-04-07T16:45:03.593Z" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" ProviderName="PT-SP" Version="2.0"><saml2:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://S-PEPS.gov.xx</saml2:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+<ds:SignatureValue>
+S6nY97RSCUJXq3HZ5obSLCI341LvtAA3vHjR1FWxrIMDPACQMqlNWBYNnRP1RiZiJV6x0RieH+SR
+Vkiy03jYyhr0XkwAE5Wd6Huf+zIbeTXjZkdQj7JpAXoB+ky4G/+L0deamvsP3eO7ZJ4grady4gmC
+Xt8p8tK3EoMocZse2hw=
+</ds:SignatureValue>
+<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIIBkTCB+wIESpT8bTANBgkqhkiG9w0BAQUFADAQMQ4wDAYDVQQDEwVzdG9yazAeFw0wOTA4MjYw
+OTEyMTNaFw0wOTExMjQwOTEyMTNaMBAxDjAMBgNVBAMTBXN0b3JrMIGfMA0GCSqGSIb3DQEBAQUA
+A4GNADCBiQKBgQDK/QL8NuMd41I1lObObeRA6DaM8bjeYqIz5mg5WnnZv4jlcK7Gq89Lk6htXRFl
+lAXpDYhI3zolMIMHEMZ3zQQPc7lgTV6Bbz9uD2YTJ9Kx55e8Y6Y49DO+TiiejGJxTzTFUcuBJHaK
+ipuvLVd1a8N3RAnaGSUOozhrTqxba82mEwIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAFJgeS18nhUl
+r7WnvSn9FlkI94U//Hk3iZLc3/cScTu7D7Y/J0eUq4TF8PsSzWX5khGuqrTkswNgfEtl2IpACQ2w
+kB8+RxeRNdddQlGHlO4ZqnpvxXBwSouiy2yUeAo0y++vMFm6DO4sxfk8eTtimPDo5SzBtjtGtbqS
+3cyl/wz8</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature><saml2p:Extensions><stork:QualityAuthenticationAssuranceLevel>3</stork:QualityAuthenticationAssuranceLevel><storkp:eIDSectorShare>false</storkp:eIDSectorShare><storkp:eIDCrossSectorShare>false</storkp:eIDCrossSectorShare><storkp:eIDCrossBorderShare>false</storkp:eIDCrossBorderShare><storkp:RequestedAttributes><stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/nationalityCode" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/><stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/dateOfBirth" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/><stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/givenName" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/></storkp:RequestedAttributes></saml2p:Extensions></saml2p:AuthnRequest> \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/test/resources/keyStoreCountry0.jks b/id/server/stork2-saml-engine/src/test/resources/keyStoreCountry0.jks
new file mode 100644
index 000000000..289e952fe
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/test/resources/keyStoreCountry0.jks
Binary files differ
diff --git a/id/server/stork2-saml-engine/src/test/resources/keyStoreCountry1.jks b/id/server/stork2-saml-engine/src/test/resources/keyStoreCountry1.jks
new file mode 100644
index 000000000..5399bf689
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/test/resources/keyStoreCountry1.jks
Binary files differ
diff --git a/id/server/stork2-saml-engine/src/test/resources/keyStoreCountry2.jks b/id/server/stork2-saml-engine/src/test/resources/keyStoreCountry2.jks
new file mode 100644
index 000000000..5399bf689
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/test/resources/keyStoreCountry2.jks
Binary files differ
diff --git a/id/server/stork2-saml-engine/src/test/resources/keyStoreCountry3.jks b/id/server/stork2-saml-engine/src/test/resources/keyStoreCountry3.jks
new file mode 100644
index 000000000..5399bf689
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/test/resources/keyStoreCountry3.jks
Binary files differ
diff --git a/id/server/stork2-saml-engine/src/test/resources/logback-test.xml b/id/server/stork2-saml-engine/src/test/resources/logback-test.xml
new file mode 100644
index 000000000..ff900e124
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/test/resources/logback-test.xml
@@ -0,0 +1,23 @@
+<?xml version="1.0" encoding="UTF-8"?>
+ <!--
+ Basic configuration used until the IdP can load the real configuration
+ -->
+<configuration>
+
+ <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
+ <layout class="ch.qos.logback.classic.PatternLayout">
+ <Pattern>%d{HH:mm:ss.SSS} [%thread] %-5level %logger{36} - %msg%n
+ </Pattern>
+ </layout>
+ </appender>
+
+ <logger name="eu.stork">
+ <level value="DEBUG" />
+ </logger>
+
+ <root>
+ <appender-ref ref="STDOUT" />
+ <level value="INFO" />
+ </root>
+
+</configuration> \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/test/resources/p11Conf.cfg b/id/server/stork2-saml-engine/src/test/resources/p11Conf.cfg
new file mode 100644
index 000000000..b712219c1
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/test/resources/p11Conf.cfg
@@ -0,0 +1,24 @@
+//ATTRIBUTE VALUE
+//name name suffix of this provider instance
+//library pathname of PKCS#11 implementation
+//slotListIndex slot index
+
+//PREFIX DESCRIPTION
+//CKO_ Object class
+//CKA_ Attribute
+//CKK_ Key type
+
+//attributes(operation, keytype, keyalgorithm) = {
+// name1 = value1
+// [...]
+//}
+
+name=nameProvider
+library=library.dll
+slotListIndex=0
+attributes(*,CKO_PUBLIC_KEY,CKK_RSA)={
+ CKA_VERIFY=true
+}
+attributes(*,CKO_PRIVATE_KEY,CKK_RSA)={
+ CKA_SIGN=true
+} \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/test/resources/storkDemoKeys.jks b/id/server/stork2-saml-engine/src/test/resources/storkDemoKeys.jks
new file mode 100644
index 000000000..efaeac86c
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/test/resources/storkDemoKeys.jks
Binary files differ
diff --git a/repository/eu/stork/oasis-dss-api/1.0.0-SNAPSHOT/maven-metadata-local.xml b/repository/eu/stork/oasis-dss-api/1.0.0-SNAPSHOT/maven-metadata-local.xml
new file mode 100644
index 000000000..99d92cd77
--- /dev/null
+++ b/repository/eu/stork/oasis-dss-api/1.0.0-SNAPSHOT/maven-metadata-local.xml
@@ -0,0 +1,12 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<metadata>
+ <groupId>eu.stork</groupId>
+ <artifactId>oasis-dss-api</artifactId>
+ <version>1.0.0-SNAPSHOT</version>
+ <versioning>
+ <snapshot>
+ <localCopy>true</localCopy>
+ </snapshot>
+ <lastUpdated>20140130171508</lastUpdated>
+ </versioning>
+</metadata>
diff --git a/repository/eu/stork/oasis-dss-api/1.0.0-SNAPSHOT/oasis-dss-api-1.0.0-SNAPSHOT.jar b/repository/eu/stork/oasis-dss-api/1.0.0-SNAPSHOT/oasis-dss-api-1.0.0-SNAPSHOT.jar
new file mode 100644
index 000000000..5ad0cb42e
--- /dev/null
+++ b/repository/eu/stork/oasis-dss-api/1.0.0-SNAPSHOT/oasis-dss-api-1.0.0-SNAPSHOT.jar
Binary files differ
diff --git a/repository/eu/stork/oasis-dss-api/1.0.0-SNAPSHOT/oasis-dss-api-1.0.0-SNAPSHOT.pom b/repository/eu/stork/oasis-dss-api/1.0.0-SNAPSHOT/oasis-dss-api-1.0.0-SNAPSHOT.pom
new file mode 100644
index 000000000..ef04f07c4
--- /dev/null
+++ b/repository/eu/stork/oasis-dss-api/1.0.0-SNAPSHOT/oasis-dss-api-1.0.0-SNAPSHOT.pom
@@ -0,0 +1,85 @@
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+ <artifactId>oasis-dss-api</artifactId>
+ <groupId>eu.stork</groupId>
+ <version>1.0.0-SNAPSHOT</version>
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>org.codehaus.mojo</groupId>
+ <artifactId>jaxb2-maven-plugin</artifactId>
+ <version>1.5</version>
+ <executions>
+ <execution>
+ <id>oasis-dss</id>
+ <goals>
+ <goal>xjc</goal>
+ </goals>
+ </execution>
+ </executions>
+ <configuration>
+ <args>
+ <arg>-npa</arg>
+ </args>
+ <schemaDirectory>${project.basedir}/src/main/resources/schema/oasis-dss</schemaDirectory>
+ <schemaFiles>oasis-dss-core-schema-v1.0-os.xsd</schemaFiles>
+ <packageName>eu.stork.oasisdss.profile</packageName>
+ <extension>true</extension>
+ </configuration>
+ </plugin>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-compiler-plugin</artifactId>
+ <version>2.0.2</version>
+ <configuration>
+ <source>1.6</source>
+ <target>1.6</target>
+ <encoding>${project.build.sourceEncoding}</encoding>
+ </configuration>
+ </plugin>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-resources-plugin</artifactId>
+ <version>2.4</version>
+ <configuration>
+ <encoding>${project.build.sourceEncoding}</encoding>
+ </configuration>
+ </plugin>
+
+ </plugins>
+ </build>
+ <properties>
+ <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
+ </properties>
+ <dependencies>
+ <dependency>
+ <groupId>log4j</groupId>
+ <artifactId>log4j</artifactId>
+ <version>1.2.17</version>
+ </dependency>
+ <dependency>
+ <groupId>xerces</groupId>
+ <artifactId>xercesImpl</artifactId>
+ <version>2.11.0</version>
+
+ <scope>provided</scope>
+ </dependency>
+ <dependency>
+ <groupId>junit</groupId>
+ <artifactId>junit</artifactId>
+ <version>4.11</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.commons</groupId>
+ <artifactId>commons-io</artifactId>
+ <version>1.3.2</version>
+ </dependency>
+ <dependency>
+ <groupId>com.sun.xml.ws</groupId>
+ <artifactId>jaxws-rt</artifactId>
+ <version>2.1.7</version>
+ </dependency>
+
+ </dependencies>
+</project> \ No newline at end of file
diff --git a/repository/eu/stork/oasis-dss-api/maven-metadata-local.xml b/repository/eu/stork/oasis-dss-api/maven-metadata-local.xml
new file mode 100644
index 000000000..8c8297768
--- /dev/null
+++ b/repository/eu/stork/oasis-dss-api/maven-metadata-local.xml
@@ -0,0 +1,12 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<metadata>
+ <groupId>eu.stork</groupId>
+ <artifactId>oasis-dss-api</artifactId>
+ <version>1.0.0-SNAPSHOT</version>
+ <versioning>
+ <versions>
+ <version>1.0.0-SNAPSHOT</version>
+ </versions>
+ <lastUpdated>20140130171508</lastUpdated>
+ </versioning>
+</metadata>