diff options
author | Thomas Lenz <tlenz@iaik.tugraz.at> | 2015-09-14 13:29:32 +0200 |
---|---|---|
committer | Thomas Lenz <tlenz@iaik.tugraz.at> | 2015-09-14 13:29:32 +0200 |
commit | 76bae60e9bda1acb7ee0e3d45ab187749d16bf82 (patch) | |
tree | ba22e87aeee1330e70e702dcfb4612fd951e6c7a | |
parent | 1131cdf040e608c3f79dd8987ec3b8444fc9bf0d (diff) | |
download | moa-id-spss-76bae60e9bda1acb7ee0e3d45ab187749d16bf82.tar.gz moa-id-spss-76bae60e9bda1acb7ee0e3d45ab187749d16bf82.tar.bz2 moa-id-spss-76bae60e9bda1acb7ee0e3d45ab187749d16bf82.zip |
move citizen-card authentication and validation (Security-layer communication) to discrete module
94 files changed, 4276 insertions, 5036 deletions
diff --git a/id/ConfigWebTool/pom.xml b/id/ConfigWebTool/pom.xml index 10262158e..81d50a0b8 100644 --- a/id/ConfigWebTool/pom.xml +++ b/id/ConfigWebTool/pom.xml @@ -87,6 +87,17 @@ </exclusions> </dependency> + <dependency> + <groupId>MOA.id.server.modules</groupId> + <artifactId>moa-id-module-openID</artifactId> + </dependency> + + <dependency> + <groupId>MOA.id.server.modules</groupId> + <artifactId>moa-id-module-stork</artifactId> + </dependency> + + <dependency> <groupId>at.gv.util</groupId> <artifactId>egovutils</artifactId> diff --git a/id/server/auth/pom.xml b/id/server/auth/pom.xml index beefad3ca..2705ab7b1 100644 --- a/id/server/auth/pom.xml +++ b/id/server/auth/pom.xml @@ -161,6 +161,11 @@ <artifactId>moa-id-module-openID</artifactId> </dependency> + <dependency> + <groupId>MOA.id.server.modules</groupId> + <artifactId>moa-id-modul-citizencard_authentication</artifactId> + </dependency> + <!-- transitive dependencies we don't want to include into the war --> <dependency> <groupId>iaik.prod</groupId> diff --git a/id/server/idserverlib/pom.xml b/id/server/idserverlib/pom.xml index c38774998..ee697926b 100644 --- a/id/server/idserverlib/pom.xml +++ b/id/server/idserverlib/pom.xml @@ -644,13 +644,13 @@ <plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-jar-plugin</artifactId>
- <configuration>
+<!-- <configuration>
<skip>true</skip>
<skipTests>true</skipTests>
<archive>
<addMavenDescriptor>false</addMavenDescriptor>
</archive>
- </configuration>
+ </configuration> -->
<executions>
<execution>
<goals>
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/MOAReversionLogger.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/MOAReversionLogger.java index 77105d77e..8ee32c54e 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/MOAReversionLogger.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/MOAReversionLogger.java @@ -33,8 +33,8 @@ import at.gv.egovernment.moa.id.auth.data.IdentityLink; import at.gv.egovernment.moa.id.config.ConfigurationException; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; +import at.gv.egovernment.moa.id.data.MISMandate; import at.gv.egovernment.moa.id.moduls.IRequest; -import at.gv.egovernment.moa.id.util.client.mis.simple.MISMandate; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.Base64Utils; import at.gv.egovernment.moa.util.MiscUtil; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/StatisticLogger.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/StatisticLogger.java index 0d9c1ec20..bfed65ae2 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/StatisticLogger.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/StatisticLogger.java @@ -54,9 +54,9 @@ import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.data.IAuthData; +import at.gv.egovernment.moa.id.data.MISMandate; import at.gv.egovernment.moa.id.moduls.IRequest; import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; -import at.gv.egovernment.moa.id.util.client.mis.simple.MISMandate; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationSessionCleaner.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationSessionCleaner.java index 104cd8622..1f12675ca 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationSessionCleaner.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationSessionCleaner.java @@ -26,7 +26,7 @@ public class AuthenticationSessionCleaner implements Runnable { while (true) { try { Logger.debug("AuthenticationSessionCleaner run"); - AuthenticationServer.getInstance().cleanup(); + BaseAuthenticationServer.cleanup(); } catch (Exception e) { Logger.error(MOAIDMessageProvider.getInstance().getMessage("cleaner.01", null), e); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/BaseAuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/BaseAuthenticationServer.java new file mode 100644 index 000000000..5e3b6653b --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/BaseAuthenticationServer.java @@ -0,0 +1,100 @@ + +package at.gv.egovernment.moa.id.auth; + +import java.io.UnsupportedEncodingException; +import java.util.Date; +import java.util.List; +import java.util.UUID; + +import org.opensaml.xml.util.XMLHelper; + +import org.w3c.dom.Element; + +import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; +import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; +import at.gv.egovernment.moa.id.client.SZRGWClient; +import at.gv.egovernment.moa.id.client.SZRGWClientException; +import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; +import at.gv.egovernment.moa.id.config.ConfigurationException; +import at.gv.egovernment.moa.id.config.ConnectionParameter; +import at.gv.egovernment.moa.id.config.auth.AuthConfiguration; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; +import at.gv.egovernment.moa.id.storage.AssertionStorage; +import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; +import at.gv.egovernment.moa.id.storage.DBExceptionStoreImpl; +import at.gv.egovernment.moa.id.util.MOAIDMessageProvider; +import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.MiscUtil; +import at.gv.util.xsd.mis.MandateIdentifiers; +import at.gv.util.xsd.mis.Target; +import at.gv.util.xsd.srzgw.CreateIdentityLinkRequest; +import at.gv.util.xsd.srzgw.CreateIdentityLinkRequest.PEPSData; +import at.gv.util.xsd.srzgw.CreateIdentityLinkResponse; +import at.gv.util.xsd.srzgw.MISType; +import at.gv.util.xsd.srzgw.MISType.Filters; + +/** + * API for MOA ID Authentication Service.<br> {@link AuthenticationSession} is + * stored in a session store and retrieved by giving the session ID. + * + * @author Paul Ivancsics + * @version $Id: AuthenticationServer.java 1273 2012-02-27 14:50:18Z kstranacher + * $ + */ +public abstract class BaseAuthenticationServer extends MOAIDAuthConstants { + + /** + * Retrieves a session from the session store. + * + * @param id session ID + * @return <code>AuthenticationSession</code> stored with given session ID (never {@code null}). + * @throws AuthenticationException in case the session id does not reflect a valic, active session. + */ + public static AuthenticationSession getSession(String id) + throws AuthenticationException { + AuthenticationSession session; + try { + session = AuthenticationSessionStoreage.getSession(id); + + if (session == null) + throw new AuthenticationException("auth.02", new Object[]{id}); + return session; + + } catch (MOADatabaseException e) { + throw new AuthenticationException("auth.02", new Object[]{id}); + + } catch (Exception e) { + throw new AuthenticationException("parser.04", new Object[]{id}); + } + } + + /** + * Cleans up expired session and authentication data stores. + */ + public static void cleanup() { + long now = new Date().getTime(); + + try { + int sessionTimeOutCreated = AuthConfigurationProviderFactory.getInstance().getSSOCreatedTimeOut() * 1000; + int sessionTimeOutUpdated = AuthConfigurationProviderFactory.getInstance().getSSOUpdatedTimeOut() * 1000; + int authDataTimeOut = AuthConfigurationProviderFactory.getInstance().getTransactionTimeOut() * 1000; + + //clean AuthenticationSessionStore + AuthenticationSessionStoreage.clean(now, sessionTimeOutCreated, sessionTimeOutUpdated); + + //clean AssertionStore + AssertionStorage assertionstore = AssertionStorage.getInstance(); + assertionstore.clean(now, authDataTimeOut); + + //clean ExeptionStore + DBExceptionStoreImpl exstore = DBExceptionStoreImpl.getStore(); + exstore.clean(now, authDataTimeOut); + + } catch (Exception e) { + Logger.error("Session cleanUp FAILED!" , e); + + } + + } + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java index ed632d8b9..953a478be 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java @@ -20,9 +20,6 @@ import at.gv.egovernment.moa.id.config.ConnectionParameter; import at.gv.egovernment.moa.id.config.auth.AuthConfigLoader; import at.gv.egovernment.moa.id.config.auth.AuthConfiguration; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; -import at.gv.egovernment.moa.id.config.auth.PropertyBasedAuthConfigurationProvider; -import at.gv.egovernment.moa.id.iaik.config.LoggerConfigImpl; -import at.gv.egovernment.moa.id.protocols.pvp2x.metadata.MOAMetadataProvider; import at.gv.egovernment.moa.id.util.AxisSecureSocketFactory; import at.gv.egovernment.moa.id.util.MOAIDMessageProvider; import at.gv.egovernment.moa.id.util.SSLUtils; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java index 9d4ecfcfa..998fa495f 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java @@ -83,6 +83,7 @@ import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.data.AuthenticationData; import at.gv.egovernment.moa.id.data.AuthenticationRoleFactory; import at.gv.egovernment.moa.id.data.IAuthData; +import at.gv.egovernment.moa.id.data.MISMandate; import at.gv.egovernment.moa.id.moduls.IRequest; import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; import at.gv.egovernment.moa.id.protocols.pvp2x.PVPTargetConfiguration; @@ -99,7 +100,6 @@ import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; import at.gv.egovernment.moa.id.util.IdentityLinkReSigner; import at.gv.egovernment.moa.id.util.PVPtoSTORKMapper; import at.gv.egovernment.moa.id.util.ParamValidatorUtils; -import at.gv.egovernment.moa.id.util.client.mis.simple.MISMandate; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.Base64Utils; import at.gv.egovernment.moa.util.Constants; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java index 1729bbfc8..59482c4a8 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java @@ -48,7 +48,7 @@ import java.util.List; import eu.stork.peps.auth.commons.IPersonalAttributeList; import eu.stork.peps.auth.commons.STORKAuthnRequest; -import at.gv.egovernment.moa.id.util.client.mis.simple.MISMandate; +import at.gv.egovernment.moa.id.data.MISMandate; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.Constants; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/ProcessEngineSignalServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/ProcessEngineSignalServlet.java index ee995e16b..f3e3ae8a4 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/ProcessEngineSignalServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/ProcessEngineSignalServlet.java @@ -7,20 +7,16 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang.StringEscapeUtils;
-import org.slf4j.MDC;
import at.gv.egovernment.moa.id.advancedlogging.TransactionIDUtils;
-import at.gv.egovernment.moa.id.auth.AuthenticationServer;
+import at.gv.egovernment.moa.id.auth.BaseAuthenticationServer;
import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionExtensions;
import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
-import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
-import at.gv.egovernment.moa.id.commons.db.MOASessionDBUtils;
import at.gv.egovernment.moa.id.moduls.IRequest;
import at.gv.egovernment.moa.id.moduls.RequestStorage;
import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
-import at.gv.egovernment.moa.id.util.ParamValidatorUtils;
import at.gv.egovernment.moa.logging.Logger;
/**
@@ -81,7 +77,7 @@ public class ProcessEngineSignalServlet extends AuthServlet { }
AuthenticationSessionExtensions extendedSessionInformation = AuthenticationSessionStoreage.getAuthenticationSessionExtensions(sessionID);
- AuthenticationSession session = AuthenticationServer.getSession(sessionID);
+ AuthenticationSession session = BaseAuthenticationServer.getSession(sessionID);
//add transactionID and unique sessionID to Logger
if (extendedSessionInformation != null)
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/AssertionVerifier.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/AssertionVerifier.java deleted file mode 100644 index ca15cb120..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/AssertionVerifier.java +++ /dev/null @@ -1,78 +0,0 @@ -/*******************************************************************************
- * Copyright 2014 Federal Chancellery Austria
- * MOA-ID has been developed in a cooperation between BRZ, the Federal
- * Chancellery Austria - ICT staff unit, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- ******************************************************************************/
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-/**
- *
- */
-package at.gv.egovernment.moa.id.auth.stork;
-
-import java.util.List;
-
-import org.opensaml.saml2.core.Assertion;
-import org.opensaml.saml2.metadata.RequestedAttribute;
-
-/**
- * Interface to be implemented for verifying SAML assertions
- *
- * @author bzwattendorfer
- *
- */
-public interface AssertionVerifier {
-
- /**
- * Verifies a given assertion
- * @param assertion SAML assertion
- * @param reqIPAddress IP address of the client
- * @param authnRequestID ID of the corresponding authentication request for verification
- * @param recipient recipient for verification
- * @param audience audience for verification
- * @param reqAttrList RequestedAttribute list for verification
- * @throws SecurityException
- */
- public void verify(Assertion assertion, String reqIPAddress, String authnRequestID, String recipient, String audience, List<RequestedAttribute> reqAttrList) throws SecurityException;
-
-}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/client/szrgw/CreateIdentityLinkResponse.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/client/szrgw/CreateIdentityLinkResponse.java deleted file mode 100644 index fca0b2dce..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/client/szrgw/CreateIdentityLinkResponse.java +++ /dev/null @@ -1,84 +0,0 @@ -/*******************************************************************************
- * Copyright 2014 Federal Chancellery Austria
- * MOA-ID has been developed in a cooperation between BRZ, the Federal
- * Chancellery Austria - ICT staff unit, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- ******************************************************************************/
-/*
- * Copyright 2003 Federal Chancellery Austria
- * MOA-ID has been developed in a cooperation between BRZ, the Federal
- * Chancellery Austria - ICT staff unit, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw;
-
-
-import org.w3c.dom.Element;
-
-
-/**
- * This class implements a SZR-gateway GetIdentityLink Response.
- *
- */
-public class CreateIdentityLinkResponse {
-
- private Element assertion;
- private String error;
- private boolean isError;
-
- public Element getAssertion() {
- return assertion;
- }
- public String getError() {
- return error;
- }
-
- public void setAssertion(Element assertion) {
- isError = false;
- this.assertion = assertion;
- }
- public void setError(String error) {
- isError = true;
- this.error = error;
- }
-
- public boolean isError() {
- return isError;
- }
-
-
-}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/client/szrgw/CreateMandateResponse.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/client/szrgw/CreateMandateResponse.java deleted file mode 100644 index e6b7dee34..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/client/szrgw/CreateMandateResponse.java +++ /dev/null @@ -1,181 +0,0 @@ -/*******************************************************************************
- * Copyright 2014 Federal Chancellery Austria
- * MOA-ID has been developed in a cooperation between BRZ, the Federal
- * Chancellery Austria - ICT staff unit, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- ******************************************************************************/
-/*
- * Copyright 2003 Federal Chancellery Austria
- * MOA-ID has been developed in a cooperation between BRZ, the Federal
- * Chancellery Austria - ICT staff unit, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw;
-
-
-import org.apache.xpath.XPathAPI;
-import org.w3c.dom.Element;
-import org.w3c.dom.Node;
-import org.w3c.dom.NodeList;
-
-
-/**
- * This class implements a SZR-gateway CreateMandate Response.
- *
- * @author <a href="mailto:peter.danner@egiz.gv.at">Peter Danner</a>
- */
-public class CreateMandateResponse {
-
- /**
- * Result code of the request.
- */
- private int resultCode;
-
- /**
- * Description of the result.
- */
- private String resultInfo;
-
- /**
- * The returned mandate.
- */
- private Element mandate;
-
- /**
- * @return the resultCode
- */
- public int getResultCode() {
- return resultCode;
- }
-
- /**
- * @param resultCode the resultCode to set
- */
- public void setResultCode(String resultCode) {
- if (resultCode!=null) {
- this.resultCode = Integer.parseInt(resultCode);
- } else {
- this.resultCode = 0;
- }
- }
-
- /**
- * @return the resultInfo
- */
- public String getInfo() {
- return resultInfo;
- }
-
- /**
- * @param resultInfo the resultInfo to set
- */
- public void setInfo(String resultInfo) {
- this.resultInfo = resultInfo;
- }
-
- /**
- * @return the mandate
- */
- public Element getMandate() {
- return mandate;
- }
-
- /**
- * @param mandate the mandate to set
- */
- public void setMandate(Element mandate) {
- this.mandate = mandate;
- }
-
-
- /**
- * Parses the SZR-gateway response.
- *
- * @param response the SZR-gateway response.
- * @throws SZRGWClientException if an error occurs.
- */
- public void parse(Element response) throws SZRGWClientException {
- try {
-
- // first check if response is a soap error
- NodeList list = response.getElementsByTagName("faultstring");
- if (list.getLength() > 0) {
- String faultCode = "";
- String faultString = "";
- Element snameSpaceNode = response.getOwnerDocument().createElement("NameSpaceNode");
- snameSpaceNode.setAttribute("xmlns" + SOAPConstants.SOAP_ENV_POSTFIX, SOAPConstants.SOAP_ENV_NS);
- Node faultCodeNode = XPathAPI.selectSingleNode(response, SOAPConstants.XPATH_SOAP_FAULTCODE, snameSpaceNode);
- Node faultStringNode = XPathAPI.selectSingleNode(response, SOAPConstants.XPATH_SOAP_FAULTSTRING, snameSpaceNode);
- if (faultCodeNode!=null) faultCode = faultCodeNode.getNodeValue();
- if (faultStringNode!=null) faultString = faultStringNode.getNodeValue();
- throw new SZRGWClientException("Fehler bei SZR-Gateway (SOAP-Error " + faultCode + "): " + faultString);
- }
-
- this.mandate = null;
- this.resultCode = 2000;
- this.resultInfo = null;
- // parse single SZR-gateway results
- Element nameSpaceNode = response.getOwnerDocument().createElement("NameSpaceNode");
- nameSpaceNode.setAttribute("xmlns" + SZRGWConstants.SZRGW_POSTFIX, SZRGWConstants.SZRGW_REQUEST_NS);
- nameSpaceNode.setAttribute("xmlns" + SZRGWConstants.MANDATE_POSTFIX, SZRGWConstants.MANDATE_NS);
- Node mandateNode = XPathAPI.selectSingleNode(response, "//" + SZRGWConstants.SZRGW_PREFIX + SZRGWConstants.CREATE_MANDATE_RESPONSE + "/" + SZRGWConstants.MANDATE_PREFIX + SZRGWConstants.MANDATE, nameSpaceNode);
- if (mandateNode!=null) {
- this.mandate = (Element) mandateNode;
- } else {
- String errorResponse = "//" + SZRGWConstants.SZRGW_PREFIX + SZRGWConstants.CREATE_MANDATE_RESPONSE + "/" + SZRGWConstants.SZRGW_PREFIX + SZRGWConstants.ERROR_RESPONSE + "/";
- Node errorCode = XPathAPI.selectSingleNode(response, errorResponse + SZRGWConstants.SZRGW_PREFIX + "ErrorCode/text()", nameSpaceNode);
- if (errorCode!=null) setResultCode(errorCode.getNodeValue());
- Node errorInfo = XPathAPI.selectSingleNode(response, errorResponse + SZRGWConstants.SZRGW_PREFIX + "Info/text()", nameSpaceNode);
- this.setInfo(errorInfo.getNodeValue());
- }
- } catch(Exception e) {
- e.printStackTrace();
- throw new SZRGWClientException(e);
- }
- }
-
- public static void main(String[] args) throws Exception {
-// CreateMandateResponse resp = new CreateMandateResponse();
-// Document doc = ParepUtils.readDocFromIs(new FileInputStream("c:/response2.xml"));
-// Element response = doc.getDocumentElement();
-// resp.parse(response);
-// System.out.println(resp.getResultCode());
-// System.out.println(resp.getInfo());
-// if (resp.getMandate()!=null) ParepUtils.serializeElement(resp.getMandate(), System.out);
- }
-
-}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/client/szrgw/SOAPConstants.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/client/szrgw/SOAPConstants.java deleted file mode 100644 index 0313814b1..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/client/szrgw/SOAPConstants.java +++ /dev/null @@ -1,78 +0,0 @@ -/*******************************************************************************
- * Copyright 2014 Federal Chancellery Austria
- * MOA-ID has been developed in a cooperation between BRZ, the Federal
- * Chancellery Austria - ICT staff unit, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- ******************************************************************************/
-/*
- * Copyright 2003 Federal Chancellery Austria
- * MOA-ID has been developed in a cooperation between BRZ, the Federal
- * Chancellery Austria - ICT staff unit, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw;
-
-
-/**
- * SOAP Envelope Constants.
- *
- * @author <a href="mailto:arne.tauber@egiz.gv.at">Arne Tauber</a>
- * @version $ $
- **/
-public interface SOAPConstants {
-
- /*
- * Namespaces and namespace prefixes for SOAP message handling
- */
- public static final String SOAP_ENV_NS = "http://schemas.xmlsoap.org/soap/envelope/";
- public static final String SOAP_ENV_ENCODING_STYLE = "http://schemas.xmlsoap.org/soap/encoding/";
- public static final String SOAP_ENV_PREFIX = "soapenv:";
- public static final String SOAP_ENV_POSTFIX = ":soapenv";
-
- public static final String ENVELOPE = "Envelope";
- public static final String BODY = "Body";
- public static final String FAULT = "Fault";
- public static final String ENCODING_STYLE = "encodingStyle";
-
- public static final String XPATH_SOAP_FAULT = "/" + SOAP_ENV_PREFIX + ENVELOPE + "/" + SOAP_ENV_PREFIX + BODY + "/" + SOAP_ENV_PREFIX + FAULT;
- public static final String XPATH_SOAP_FAULTCODE = XPATH_SOAP_FAULT + "/faultcode/text()";
- public static final String XPATH_SOAP_FAULTSTRING = XPATH_SOAP_FAULT + "/faultstring/text()";
-
-
-
-}
-
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/client/szrgw/SZRGWClient.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/client/szrgw/SZRGWClient.java deleted file mode 100644 index 61b26b59a..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/client/szrgw/SZRGWClient.java +++ /dev/null @@ -1,389 +0,0 @@ -/*******************************************************************************
- * Copyright 2014 Federal Chancellery Austria
- * MOA-ID has been developed in a cooperation between BRZ, the Federal
- * Chancellery Austria - ICT staff unit, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- ******************************************************************************/
-/*
- * Copyright 2003 Federal Chancellery Austria
- * MOA-ID has been developed in a cooperation between BRZ, the Federal
- * Chancellery Austria - ICT staff unit, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-
-package at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-
-import javax.net.ssl.SSLSocketFactory;
-import javax.xml.parsers.DocumentBuilder;
-import javax.xml.parsers.DocumentBuilderFactory;
-import javax.xml.parsers.ParserConfigurationException;
-
-import org.apache.commons.httpclient.HttpClient;
-import org.apache.commons.httpclient.methods.PostMethod;
-import org.apache.commons.httpclient.protocol.Protocol;
-import org.apache.xpath.XPathAPI;
-import org.w3c.dom.Document;
-import org.w3c.dom.Element;
-import org.w3c.dom.NodeList;
-import org.w3c.dom.Text;
-
-import at.gv.egovernment.moa.id.auth.validator.parep.ParepUtils;
-import at.gv.egovernment.moa.id.commons.utils.HttpClientWithProxySupport;
-import at.gv.egovernment.moa.util.Constants;
-import at.gv.egovernment.moa.util.DOMUtils;
-
-
-
-/**
- * This class implements a client for communication with the SZR-gateway
- * <p>
- * Two types of requests are supported
- * <ol>
- * <li>Basic Request</li>
- * <li>Detailed Request</li>
- * </ol>
- *
- * @author <a href="mailto:peter.danner@egiz.gv.at">Peter Danner</a>
- */
-public class SZRGWClient {
- /**
- * The URL of the SZR-gateway webservice.
- */
- private String address;
-
- /**
- * The SSL socket factory when using a secure connection.
- */
- private SSLSocketFactory sSLSocketFactory;
-
- /**
- * Constructor
- */
- public SZRGWClient() {
- }
-
- /**
- * Constructor
- *
- * @param address the URL of the SZR-gateway webservice.
- */
- public SZRGWClient(String address) {
- this.address = address;
- }
- /**
- * Sets the SSL socket factory.
- *
- * @param factory the SSL socket factory.
- */
- public void setSSLSocketFactory(SSLSocketFactory factory) {
- this.sSLSocketFactory = factory;
- }
-
- /**
- * Sets the SZR webservice URL
- *
- * @param address the URL of the SZR-gateway webservice.
- */
- public void setAddress(String address) {
- this.address = address;
- }
-
- /**
- * Creates a mandate.
- *
- * @param reqElem the request.
- * @return a SZR-gateway response containing the result
- * @throws SZRGWException when an error occurs creating the mandate.
- */
- public CreateMandateResponse createMandateResponse(Element reqElem) throws SZRGWClientException {
- //Logger.info("Connecting to SZR-gateway.");
- try {
- if (address == null) {
- throw new NullPointerException("Address (SZR-gateway ServiceURL) must not be null.");
- }
- HttpClient client = HttpClientWithProxySupport.getHttpClient();
- PostMethod method = new PostMethod(address);
- method.setRequestHeader("SOAPAction", "");
-
-
- // ssl settings
- if (sSLSocketFactory != null) {
- SZRGWSecureSocketFactory fac = new SZRGWSecureSocketFactory(sSLSocketFactory);
- Protocol.registerProtocol("https", new Protocol("https", fac, 443));
- }
-
- // create soap body
- Element soapBody = getSOAPBody();
- Document doc = soapBody.getOwnerDocument();
- soapBody.appendChild(doc.importNode(reqElem, true));
- Element requestElement = soapBody.getOwnerDocument().getDocumentElement();
-
- //ParepUtils.saveElementToFile(requestElement, new File("c:/temp/szrRequest.xml"));
- ByteArrayOutputStream bos = new ByteArrayOutputStream();
- ParepUtils.serializeElementAsDocument(requestElement, bos);
-
- method.setRequestBody(new ByteArrayInputStream(bos.toByteArray()));
- client.executeMethod(method);
- CreateMandateResponse response = new CreateMandateResponse();
-
- bos = new ByteArrayOutputStream();
- doc = ParepUtils.readDocFromIs(method.getResponseBodyAsStream());
-
- //ParepUtils.saveElementToFile(doc.getDocumentElement(), new File("c:/temp/szrResponse.xml"));
- response.parse(doc.getDocumentElement());
-
-
- return response;
- } catch(Exception e) {
- //e.printStackTrace();
- throw new SZRGWClientException(e);
- }
- }
-
- /**
- * Gets a identity link.
- *
- * @param reqElem the request.
- * @return a SZR-gateway response containing the result
- * @throws SZRGWException when an error occurs creating the mandate.
- */
- public CreateIdentityLinkResponse createIdentityLinkResponse(Element reqElem) throws SZRGWClientException {
-
- try {
- if (address == null) {
- throw new NullPointerException("Address (SZR-gateway ServiceURL) must not be null.");
- }
- HttpClient client = new HttpClient();
- PostMethod method = new PostMethod(address);
- method.setRequestHeader("SOAPAction", "");
-
-
- // ssl settings
- if (sSLSocketFactory != null) {
- SZRGWSecureSocketFactory fac = new SZRGWSecureSocketFactory(sSLSocketFactory);
- Protocol.registerProtocol("https", new Protocol("https", fac, 443));
- }
-
- // create soap body
- Element soapBody = getSOAPBody();
- Document doc = soapBody.getOwnerDocument();
- soapBody.appendChild(doc.importNode(reqElem, true));
- Element requestElement = soapBody.getOwnerDocument().getDocumentElement();
-
- //ParepUtils.saveElementToFile(requestElement, new File("c:/temp/szrRequest.xml"));
- ByteArrayOutputStream bos = new ByteArrayOutputStream();
- ParepUtils.serializeElementAsDocument(requestElement, bos);
-
- method.setRequestBody(new ByteArrayInputStream(bos.toByteArray()));
- client.executeMethod(method);
- CreateIdentityLinkResponse response = new CreateIdentityLinkResponse();
-
- bos = new ByteArrayOutputStream();
- doc = ParepUtils.readDocFromIs(method.getResponseBodyAsStream());
- //ParepUtils.saveElementToFile(doc.getDocumentElement(), new File("c:/temp/szrResponse.xml"));
-
- NodeList list = doc.getElementsByTagNameNS(SZRGWConstants.SZRGW_REQUEST_NS, "ErrorResponse");
- if (list.getLength() > 0) {
- // set error response
- list = doc.getElementsByTagNameNS(SZRGWConstants.SZRGW_REQUEST_NS, "Info");
- String error = DOMUtils.getText(list.item(0));
-
- response.setError(error);
- }
- else {
- // set assertion
- DocumentBuilder builder = DocumentBuilderFactory.newInstance().newDocumentBuilder();
- Document newdoc = builder.newDocument();
-
- Element nameSpaceNode = newdoc.createElement("NameSpaceNode");
- nameSpaceNode.setAttribute("xmlns:" + Constants.DSIG_PREFIX, Constants.DSIG_NS_URI);
- nameSpaceNode.setAttribute("xmlns:" + Constants.SAML_PREFIX, Constants.SAML_NS_URI);
-
- Element samlAssertion = (Element)XPathAPI.selectSingleNode(doc, "//saml:Assertion[1]", nameSpaceNode);
-
- if (samlAssertion == null)
- throw new SZRGWClientException("Could not found a saml:Assertion element in response.");
- else
- response.setAssertion(samlAssertion);
- }
-
- return response;
-
- } catch(Exception e) {
- throw new SZRGWClientException(e);
- }
- }
-
-
- /*
- * builds an XML soap envelope
- */
- private Element getSOAPBody() throws SZRGWClientException {
- Document doc_;
- try {
- doc_ = ParepUtils.createEmptyDocument();
- Element root = doc_.createElementNS(SOAPConstants.SOAP_ENV_NS, SOAPConstants.SOAP_ENV_PREFIX + SOAPConstants.ENVELOPE);
- doc_.appendChild(root);
-
- root.setAttribute("xmlns" + SOAPConstants.SOAP_ENV_POSTFIX, SOAPConstants.SOAP_ENV_NS);
- //root.setAttribute(SOAPConstants.SOAP_ENV_PREFIX + SOAPConstants.ENCODING_STYLE, SOAPConstants.SOAP_ENV_ENCODING_STYLE);
- root.setAttribute("xmlns:xsd", "http://www.w3.org/2001/XMLSchema");
- root.setAttribute("xmlns:xsi", "http://www.w3.org/2001/XMLSchema-instance");
-
- Element body = doc_.createElementNS(SOAPConstants.SOAP_ENV_NS, SOAPConstants.SOAP_ENV_PREFIX + SOAPConstants.BODY);
- root.appendChild(body);
-
- return body;
- } catch (SZRGWClientException e) {
- throw new SZRGWClientException(e);
- }
-
- }
-
- public Document buildGetIdentityLinkRequest(String PEPSIdentifier, String PEPSFirstname, String PEPSFamilyname, String PEPSDateOfBirth, String signature, String representative, String represented, String mandateContent) throws SZRGWClientException { - - String SZRGW_NS = "http://reference.e-government.gv.at/namespace/szrgw/20070807#";
- try {
- DocumentBuilderFactory factory =DocumentBuilderFactory.newInstance();
- factory.setNamespaceAware(true);
- DocumentBuilder builder = factory.newDocumentBuilder();
- Document doc = builder.newDocument();
-
- Element getIdentityLink = doc.createElementNS(SZRGW_NS, "szrgw:GetIdentityLinkRequest");
- getIdentityLink.setAttributeNS("http://www.w3.org/2000/xmlns/", "xmlns:szrgw", SZRGW_NS);
- doc.appendChild(getIdentityLink);
-
- if ( (PEPSIdentifier != null) || (PEPSFirstname != null) || (PEPSFamilyname != null) || (PEPSDateOfBirth != null) ) {
-
- Element pepsDataElem = doc.createElementNS(SZRGW_NS, "szrgw:PEPSData");
- getIdentityLink.appendChild(pepsDataElem);
-
- if (PEPSIdentifier != null) {
- Element elem = doc.createElementNS(SZRGW_NS, "szrgw:Identifier");
- pepsDataElem.appendChild(elem);
- Text text= doc.createTextNode(PEPSIdentifier);
- elem.appendChild(text);
- }
- if (PEPSFirstname != null) {
- Element elem = doc.createElementNS(SZRGW_NS, "szrgw:Firstname");
- pepsDataElem.appendChild(elem);
- Text text= doc.createTextNode(PEPSFirstname);
- elem.appendChild(text);
- }
-
- if (PEPSFamilyname != null) {
- Element elem = doc.createElementNS(SZRGW_NS, "szrgw:Familyname");
- pepsDataElem.appendChild(elem);
- Text text= doc.createTextNode(PEPSFamilyname);
- elem.appendChild(text);
- }
-
- if (PEPSDateOfBirth != null) {
- Element elem = doc.createElementNS(SZRGW_NS, "szrgw:DateOfBirth");
- pepsDataElem.appendChild(elem);
- Text text= doc.createTextNode(PEPSDateOfBirth);
- elem.appendChild(text);
- }
-
- if (representative != null) { - Element elem = doc.createElementNS(SZRGW_NS, "szrgw:Representative"); - pepsDataElem.appendChild(elem);
- Text text= doc.createTextNode(representative); - elem.appendChild(text);
- } -
- if (represented != null) { - Element elem = doc.createElementNS(SZRGW_NS, "szrgw:Represented"); - pepsDataElem.appendChild(elem);
- Text text= doc.createTextNode(represented); - elem.appendChild(text);
- }
-
- if (mandateContent != null) { - Element elem = doc.createElementNS(SZRGW_NS, "szrgw:MandateContent"); - pepsDataElem.appendChild(elem);
- Text text= doc.createTextNode(mandateContent); - elem.appendChild(text);
- }
- }
-
- if (signature == null)
- throw new SZRGWClientException("Signature element must not be null!");
- else {
- Element sig = doc.createElementNS(SZRGW_NS, "szrgw:Signature");
- Element base64content = doc.createElementNS(SZRGW_NS, "szrgw:Base64Content");
- sig.appendChild(base64content);
- getIdentityLink.appendChild(sig);
- Text text= doc.createTextNode(signature);
- base64content.appendChild(text);
- }
- - if(representative != null && represented != null && mandateContent != null) { - Element mis = doc.createElementNS(SZRGW_NS, "szrgw:MIS"); - Element filters = doc.createElementNS(SZRGW_NS, "szrgw:Filters"); - mis.appendChild(filters); - Element target = doc.createElementNS(SZRGW_NS, "szrgw:Target"); - mis.appendChild(target); - Element friendlyName = doc.createElementNS(SZRGW_NS, "szrgw:OAFriendlyName"); - mis.appendChild(friendlyName); - getIdentityLink.appendChild(mis); - -// TODO fetch data from oa params -// String moasessionid = req.getParameter(MOAIDAuthConstants.PARAM_SESSIONID); -// moasessionid = StringEscapeUtils.escapeHtml(moasessionid); -// AuthenticationSession moasession = AuthenticationSessionStoreage.getSession(moasessionid); -// OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moasession.getPublicOAURLPrefix()); -// if (oaParam == null) -// throw new AuthenticationException("auth.00", new Object[] { moasession.getPublicOAURLPrefix() }); -// Text text = doc.createTextNode(oaParam.getFriendlyName()); - } - - return doc;
- } catch (ParserConfigurationException e) {
- throw new SZRGWClientException(e);
- } /*catch (CertificateEncodingException e) {
- throw new SZRGWClientException(e);
- }*/
-
-
- }
-
-}
-
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/client/utils/SZRGWClientUtils.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/client/utils/SZRGWClientUtils.java new file mode 100644 index 000000000..b0b2029ec --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/client/utils/SZRGWClientUtils.java @@ -0,0 +1,198 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.client.utils; + +import java.io.UnsupportedEncodingException; +import java.util.List; +import java.util.UUID; + +import org.opensaml.xml.util.XMLHelper; +import org.w3c.dom.Element; + +import at.gv.egovernment.moa.id.client.SZRGWClient; +import at.gv.egovernment.moa.id.client.SZRGWClientException; +import at.gv.egovernment.moa.id.config.ConfigurationException; +import at.gv.egovernment.moa.id.config.ConnectionParameter; +import at.gv.egovernment.moa.id.config.auth.AuthConfiguration; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; +import at.gv.egovernment.moa.id.util.MOAIDMessageProvider; +import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.MiscUtil; +import at.gv.util.xsd.mis.MandateIdentifiers; +import at.gv.util.xsd.mis.Target; +import at.gv.util.xsd.srzgw.CreateIdentityLinkRequest; +import at.gv.util.xsd.srzgw.CreateIdentityLinkResponse; +import at.gv.util.xsd.srzgw.MISType; +import at.gv.util.xsd.srzgw.CreateIdentityLinkRequest.PEPSData; +import at.gv.util.xsd.srzgw.MISType.Filters; + +/** + * @author tlenz + * + */ +public class SZRGWClientUtils { + + /** + * Does the request to the SZR-GW. + * + * @param signature the signature + * @return the identity link + * @throws SZRGWClientException the sZRGW client exception + * @throws ConfigurationException the configuration exception + */ + public static CreateIdentityLinkResponse getIdentityLink(Element signature) throws SZRGWClientException, ConfigurationException { + return getIdentityLink(null, null, null, null, XMLHelper.nodeToString(signature), null); + } + + /** + * Does the request to the SZR-GW. + * + * @param PEPSIdentifier the pEPS identifier + * @param PEPSFirstname the pEPS firstname + * @param PEPSFamilyname the pEPS familyname + * @param PEPSDateOfBirth the pEPS date of birth + * @param signature XMLDSIG signature + * @return Identity link assertion + * @throws SZRGWClientException the sZRGW client exception + * @throws ConfigurationException the configuration exception + */ + public static CreateIdentityLinkResponse getIdentityLink(String PEPSIdentifier, String PEPSFirstname, String PEPSFamilyname, String PEPSDateOfBirth, String signature, String PEPSFiscalNumber) throws SZRGWClientException { + return getIdentityLink(PEPSIdentifier, PEPSFirstname, PEPSFamilyname, PEPSDateOfBirth, null, signature, null, null, null, null, null, null, null, PEPSFiscalNumber); + } + + /** + * SZR-GW Client interface. + * + * @param eIdentifier the e identifier + * @param givenName the given name + * @param lastName the last name + * @param dateOfBirth the date of birth + * @param citizenSignature the citizen signature + * @param representative the representative + * @param represented the represented + * @param mandate the mandate + * @return the identity link + * @throws SZRGWClientException the sZRGW client exception + */ + public static CreateIdentityLinkResponse getIdentityLink(String eIdentifier, + String givenName, String lastName, String dateOfBirth, String gender, + String citizenSignature, String representative, String represented, + String mandate, String targetType, String targetValue, String oaFriendlyName, List<String> filters, String PEPSFiscalNumber) throws SZRGWClientException { + return getIdentityLink(eIdentifier, givenName, lastName, dateOfBirth, gender, + citizenSignature, representative, represented, mandate, null, + null, targetType, targetValue, oaFriendlyName, filters, PEPSFiscalNumber); + } + + /** + * Gets the identity link. + * + * @param citizenSignature the citizen signature + * @param representative the representative + * @param represented the represented + * @param mandate the mandate + * @param organizationAddress the organization address + * @param organizationType the organization type + * @return the identity link + * @throws SZRGWClientException + */ + public static CreateIdentityLinkResponse getIdentityLink(String citizenSignature, + String representative, String represented, String mandateContent, + String organizationAddress, String organizationType, String targetType, String targetValue, String oaFriendlyName, List<String> filters, String PEPSFiscalNumber) throws SZRGWClientException { + return getIdentityLink(null, null, null, null, null, + citizenSignature, represented, representative, mandateContent, organizationAddress, + organizationType, targetType, targetValue, oaFriendlyName, filters, PEPSFiscalNumber); + } + + public static CreateIdentityLinkResponse getIdentityLink(String PEPSIdentifier, String PEPSFirstname, String PEPSFamilyname, String PEPSDateOfBirth, String gender, String citizenSignature, String represented, String representative, String mandateContent, String organizationAddress, String organizationType, String targetType, String targetValue, String oaFriendlyName, List<String> filters, String PEPSFiscalNumber) throws SZRGWClientException { + + try { + AuthConfiguration authConf = AuthConfigurationProviderFactory.getInstance(); + ConnectionParameter connectionParameters = authConf.getForeignIDConnectionParameter(); + + String requestID = UUID.randomUUID().toString(); + SZRGWClient client = new SZRGWClient(connectionParameters); + + CreateIdentityLinkRequest request = new CreateIdentityLinkRequest(); + request.setSignature(citizenSignature.getBytes("UTF-8")); + request.setReqID(requestID); + if(PEPSDateOfBirth!=null || PEPSFamilyname!=null || PEPSFirstname!=null || PEPSIdentifier!=null || representative!=null || represented!=null || mandateContent!=null || organizationAddress!=null || organizationType!=null) + { + PEPSData data = new PEPSData(); + data.setDateOfBirth(PEPSDateOfBirth); + data.setFamilyname(PEPSFamilyname); + data.setFirstname(PEPSFirstname); + data.setIdentifier(PEPSIdentifier); + + data.setFiscalNumber(PEPSFiscalNumber); + + data.setRepresentative(representative); + data.setRepresented(represented); + data.setMandateContent(mandateContent); + + data.setLegalPersonCanonicalRegisteredAddress(organizationAddress); + data.setLegalPersonTranslatableType(organizationType); + + request.setPEPSData(data); + } + if (null != mandateContent) { + MISType mis = new MISType(); + + Target targetObject = new Target(); + targetObject.setType(targetType); + targetObject.setValue(targetValue); + mis.setTarget(targetObject); + + mis.setOAFriendlyName(oaFriendlyName); + + Filters filterObject = new Filters(); + MandateIdentifiers mandateIds = new MandateIdentifiers(); + for(String current : filters) + mandateIds.getMandateIdentifier().add(current.trim()); + filterObject.setMandateIdentifiers(mandateIds); + mis.setFilters(filterObject); + + request.setMIS(mis); + } + + if (MiscUtil.isEmpty(connectionParameters.getUrl())) { + Logger.warn("SZR-Gateway Service URL is empty"); + throw new SZRGWClientException("service.07"); + } + + Logger.info("Starte Kommunikation mit dem Stammzahlenregister Gateway(" + connectionParameters.getUrl() + ")..."); + CreateIdentityLinkResponse response = client.sentCreateIDLRequest(request, connectionParameters.getUrl()); + return response; + + } + catch (ConfigurationException e) { + Logger.warn(e); + Logger.warn(MOAIDMessageProvider.getInstance().getMessage("config.12", null )); + } catch (UnsupportedEncodingException e) { + Logger.warn(e); + } + + return null; + + } + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/AuthenticationData.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/AuthenticationData.java index 05b008515..e2892e70a 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/AuthenticationData.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/AuthenticationData.java @@ -27,7 +27,6 @@ import java.text.DateFormat; import java.text.ParseException; import java.text.SimpleDateFormat; import java.util.ArrayList; -import java.util.Arrays; import java.util.Date; import java.util.List; @@ -37,7 +36,6 @@ import eu.stork.peps.auth.commons.IPersonalAttributeList; import eu.stork.peps.auth.commons.STORKAuthnRequest; import at.gv.egovernment.moa.id.auth.data.IdentityLink; -import at.gv.egovernment.moa.id.util.client.mis.simple.MISMandate; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.DOMUtils; import at.gv.egovernment.moa.util.DateTimeUtils; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/IAuthData.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/IAuthData.java index ccc90a031..09b0d7971 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/IAuthData.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/IAuthData.java @@ -31,7 +31,6 @@ import eu.stork.peps.auth.commons.IPersonalAttributeList; import eu.stork.peps.auth.commons.STORKAuthnRequest; import at.gv.egovernment.moa.id.auth.data.IdentityLink; -import at.gv.egovernment.moa.id.util.client.mis.simple.MISMandate; /** * @author tlenz diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/client/mis/simple/MISMandate.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/MISMandate.java index 8e42f0df7..12fe3c948 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/client/mis/simple/MISMandate.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/MISMandate.java @@ -1,161 +1,161 @@ -/*******************************************************************************
- * Copyright 2014 Federal Chancellery Austria
- * MOA-ID has been developed in a cooperation between BRZ, the Federal
- * Chancellery Austria - ICT staff unit, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- ******************************************************************************/
-/*
- * Copyright 2003 Federal Chancellery Austria
- * MOA-ID has been developed in a cooperation between BRZ, the Federal
- * Chancellery Austria - ICT staff unit, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package at.gv.egovernment.moa.id.util.client.mis.simple;
-
-import java.io.Serializable;
-
-import org.w3c.dom.Element;
-
-import at.gv.e_government.reference.namespace.mandates._20040701_.Mandate;
-import at.gv.egovernment.moa.id.util.MandateBuilder;
-import at.gv.egovernment.moa.logging.Logger;
-import at.gv.egovernment.moa.util.DOMUtils;
-import at.gv.egovernment.moa.util.MiscUtil;
-
-public class MISMandate implements Serializable{
-
- private static final long serialVersionUID = 1L;
-
- final static private String OID_NOTAR = "1.2.40.0.10.3.1";
- final static private String TEXT_NOTAR = "berufsmäßige(r) Parteienvertreter(in) mit Notariatseigenschaft";
-
- final static private String OID_RECHTSANWALT = "1.2.40.0.10.3.2";
- final static private String TEXT_RECHTSANWALT = "berufsmäßige(r) Parteienvertreter(in) mit Rechtsanwaltseigenschaft";
-
- final static private String OID_ZIVILTECHNIKER = "1.2.40.0.10.3.3";
- final static private String TEXT_ZIVILTECHNIKER = "berufsmäßige(r) Parteienvertreter(in) mit Ziviltechnikerinneneigenschaft";
-
- final static public String OID_ORGANWALTER = "1.2.40.0.10.3.4";
- final static private String TEXT_ORGANWALTER = "Organwalter";
-
- final static public String OID_ELGA_OMBUTSSTELLE = "1.2.40.0.34.3.1.3";
- final static public String OID_ELGA_OMBUTSSTELLE_TEST = "1.2.40.0.34.3.1.2.99.9";
- final static private String TEXT_ELGA_OMBUTSSTELLE = "ELGA-Ombudsstelle";
-
- private String oid = null;
- private byte[] mandate = null;
- private String owBPK = null;
- private boolean isFullMandateIncluded = false;
-
- public String getProfRep() {
- return oid;
- }
- public void setProfRep(String oid) {
- this.oid = oid;
- }
- public void setOWbPK(String oWbPK) {
- this.owBPK = oWbPK;
- }
-
- public String getOWbPK() {
- return owBPK;
- }
- public byte[] getMandate() {
- return mandate;
- }
-
- public Element getMandateDOM() {
- try {
- byte[] byteMandate = mandate;
- String stringMandate = new String(byteMandate);
- return DOMUtils.parseDocument(stringMandate, false, null, null).getDocumentElement();
-
- }
- catch (Throwable e) {
- Logger.warn("Mandate content could not be generated from MISMandate.");
- return null;
- }
- }
-
- public Mandate getMandateJaxB() {
- Element domMandate = getMandateDOM();
- if (domMandate != null)
- return MandateBuilder.buildMandate(domMandate);
-
- return null;
- }
-
- public void setMandate(byte[] mandate) {
- this.mandate = mandate;
- }
-
- public String getTextualDescriptionOfOID() {
- if (MiscUtil.isNotEmpty(this.oid)) {
- if (this.oid.equalsIgnoreCase(OID_NOTAR))
- return TEXT_NOTAR;
- if (this.oid.equalsIgnoreCase(OID_RECHTSANWALT))
- return TEXT_RECHTSANWALT;
- if (this.oid.equalsIgnoreCase(OID_ZIVILTECHNIKER))
- return TEXT_ZIVILTECHNIKER;
- if (this.oid.equalsIgnoreCase(OID_ORGANWALTER))
- return TEXT_ORGANWALTER;
- if (this.oid.equalsIgnoreCase(OID_ELGA_OMBUTSSTELLE)
- || this.oid.equalsIgnoreCase(OID_ELGA_OMBUTSSTELLE_TEST))
- return TEXT_ELGA_OMBUTSSTELLE;
-
- return "Keine textuelle Beschreibung für OID " + oid;
-
- } else {
- return null;
- }
-
- }
- /**
- * @return the isFullMandateIncluded
- */
- public boolean isFullMandateIncluded() {
- return isFullMandateIncluded;
- }
- /**
- * @param isFullMandateIncluded the isFullMandateIncluded to set
- */
- public void setFullMandateIncluded(boolean isFullMandateIncluded) {
- this.isFullMandateIncluded = isFullMandateIncluded;
- }
-
-
-}
+/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + ******************************************************************************/ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.id.data; + +import java.io.Serializable; + +import org.w3c.dom.Element; + +import at.gv.e_government.reference.namespace.mandates._20040701_.Mandate; +import at.gv.egovernment.moa.id.util.MandateBuilder; +import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.DOMUtils; +import at.gv.egovernment.moa.util.MiscUtil; + +public class MISMandate implements Serializable{ + + private static final long serialVersionUID = 1L; + + final static private String OID_NOTAR = "1.2.40.0.10.3.1"; + final static private String TEXT_NOTAR = "berufsmäßige(r) Parteienvertreter(in) mit Notariatseigenschaft"; + + final static private String OID_RECHTSANWALT = "1.2.40.0.10.3.2"; + final static private String TEXT_RECHTSANWALT = "berufsmäßige(r) Parteienvertreter(in) mit Rechtsanwaltseigenschaft"; + + final static private String OID_ZIVILTECHNIKER = "1.2.40.0.10.3.3"; + final static private String TEXT_ZIVILTECHNIKER = "berufsmäßige(r) Parteienvertreter(in) mit Ziviltechnikerinneneigenschaft"; + + final static public String OID_ORGANWALTER = "1.2.40.0.10.3.4"; + final static private String TEXT_ORGANWALTER = "Organwalter"; + + final static public String OID_ELGA_OMBUTSSTELLE = "1.2.40.0.34.3.1.3"; + final static public String OID_ELGA_OMBUTSSTELLE_TEST = "1.2.40.0.34.3.1.2.99.9"; + final static private String TEXT_ELGA_OMBUTSSTELLE = "ELGA-Ombudsstelle"; + + private String oid = null; + private byte[] mandate = null; + private String owBPK = null; + private boolean isFullMandateIncluded = false; + + public String getProfRep() { + return oid; + } + public void setProfRep(String oid) { + this.oid = oid; + } + public void setOWbPK(String oWbPK) { + this.owBPK = oWbPK; + } + + public String getOWbPK() { + return owBPK; + } + public byte[] getMandate() { + return mandate; + } + + public Element getMandateDOM() { + try { + byte[] byteMandate = mandate; + String stringMandate = new String(byteMandate); + return DOMUtils.parseDocument(stringMandate, false, null, null).getDocumentElement(); + + } + catch (Throwable e) { + Logger.warn("Mandate content could not be generated from MISMandate."); + return null; + } + } + + public Mandate getMandateJaxB() { + Element domMandate = getMandateDOM(); + if (domMandate != null) + return MandateBuilder.buildMandate(domMandate); + + return null; + } + + public void setMandate(byte[] mandate) { + this.mandate = mandate; + } + + public String getTextualDescriptionOfOID() { + if (MiscUtil.isNotEmpty(this.oid)) { + if (this.oid.equalsIgnoreCase(OID_NOTAR)) + return TEXT_NOTAR; + if (this.oid.equalsIgnoreCase(OID_RECHTSANWALT)) + return TEXT_RECHTSANWALT; + if (this.oid.equalsIgnoreCase(OID_ZIVILTECHNIKER)) + return TEXT_ZIVILTECHNIKER; + if (this.oid.equalsIgnoreCase(OID_ORGANWALTER)) + return TEXT_ORGANWALTER; + if (this.oid.equalsIgnoreCase(OID_ELGA_OMBUTSSTELLE) + || this.oid.equalsIgnoreCase(OID_ELGA_OMBUTSSTELLE_TEST)) + return TEXT_ELGA_OMBUTSSTELLE; + + return "Keine textuelle Beschreibung für OID " + oid; + + } else { + return null; + } + + } + /** + * @return the isFullMandateIncluded + */ + public boolean isFullMandateIncluded() { + return isFullMandateIncluded; + } + /** + * @param isFullMandateIncluded the isFullMandateIncluded to set + */ + public void setFullMandateIncluded(boolean isFullMandateIncluded) { + this.isFullMandateIncluded = isFullMandateIncluded; + } + + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/SAMLVerifierMOASP.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/SAMLVerifierMOASP.java index 942fab4f3..9c654d42f 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/SAMLVerifierMOASP.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/SAMLVerifierMOASP.java @@ -1,136 +1,136 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -package at.gv.egovernment.moa.id.protocols.pvp2x.verification; - -import java.io.UnsupportedEncodingException; - -import org.opensaml.saml2.core.RequestAbstractType; -import org.opensaml.security.SAMLSignatureProfileValidator; -import org.opensaml.xml.validation.ValidationException; -import org.w3c.dom.Element; - -import at.gv.egovernment.moa.id.auth.builder.VerifyXMLSignatureRequestBuilder; -import at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse; -import at.gv.egovernment.moa.id.auth.exception.BuildException; -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; -import at.gv.egovernment.moa.id.auth.exception.ParseException; -import at.gv.egovernment.moa.id.auth.exception.ServiceException; -import at.gv.egovernment.moa.id.auth.invoke.SignatureVerificationInvoker; -import at.gv.egovernment.moa.id.auth.parser.VerifyXMLSignatureResponseParser; -import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; -import at.gv.egovernment.moa.id.util.XMLUtil; -import at.gv.egovernment.moa.logging.Logger; - -public class SAMLVerifierMOASP implements ISAMLVerifier { - - - //TODO: implement via metadata validator .... - public void verifyRequest(RequestAbstractType request) - throws MOAIDException { - // validate Signature - try { - if (request.isSigned()) { - - String trustProfileID = AuthConfigurationProviderFactory.getInstance() - .getStorkConfig().getSignatureVerificationParameter() - .getTrustProfileID(); - - Logger.trace("Starting validation of Signature references"); - try { - SAMLSignatureProfileValidator sigValidator = new SAMLSignatureProfileValidator(); - sigValidator.validate(request.getSignature()); - } catch (ValidationException e) { - Logger.error("Validation of XML Signature refrences failed: " - + e.getMessage()); - throw new SecurityException(e); - } - Logger.debug("XML Signature references are OK."); - - Logger.debug("Invoking MOA-SP with TrustProfileID: " - + trustProfileID); - - // builds a <VerifyXMLSignatureRequest> for a call of MOA-SP - Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder() - .build(XMLUtil.printXML(request.getDOM()).getBytes("UTF-8"), - trustProfileID); - - Logger.trace("VerifyXMLSignatureRequest for MOA-SP succesfully built"); - - Logger.trace("Calling MOA-SP"); - // invokes the call - Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker() - .verifyXMLSignature(domVerifyXMLSignatureRequest); - - // parses the <VerifyXMLSignatureResponse> - VerifyXMLSignatureResponse verifyXMLSignatureResponse = new VerifyXMLSignatureResponseParser( - domVerifyXMLSignatureResponse).parseData(); - - Logger.trace("Received VerifyXMLSignatureResponse from MOA-SP"); - - if (verifyXMLSignatureResponse.getSignatureCheckCode() != 0) { - String msg = "Signature of SAMLResponse not valid"; - Logger.error(msg); - throw new SecurityException(msg); - } - - Logger.debug("Signature of SAML response successfully verified"); - - if (verifyXMLSignatureResponse.getCertificateCheckCode() != 0) { - String msg = "Certificate of SAMLResponse not valid"; - Logger.error(msg); - throw new SecurityException(msg); - } - - Logger.debug("Signing certificate of SAML response succesfully verified"); - - } else { - String msg = "SAML Object is not signed."; - throw new SecurityException(msg); - } - - } catch (ConfigurationException e) { - String msg = "Unable to load STORK configuration for STORK SAML Response signature verification."; - Logger.error(msg, e); - throw new SecurityException(msg, e); - } catch (ParseException e) { - String msg = "Unable to parse VerifyXMLSignature Request or Response."; - Logger.error(msg, e); - throw new SecurityException(msg, e); - } catch (BuildException e) { - String msg = "Unable to parse VerifyXMLSignature Request or Response."; - Logger.error(msg, e); - throw new SecurityException(msg, e); - } catch (ServiceException e) { - String msg = "Unable to invoke MOA-SP."; - Logger.error(msg, e); - throw new SecurityException(msg, e); - } catch (UnsupportedEncodingException e) { - String msg = "Unsupported Encoding."; - Logger.error(msg, e); - throw new SecurityException(msg, e); - } - - } - -} +///******************************************************************************* +// * Copyright 2014 Federal Chancellery Austria +// * MOA-ID has been developed in a cooperation between BRZ, the Federal +// * Chancellery Austria - ICT staff unit, and Graz University of Technology. +// * +// * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by +// * the European Commission - subsequent versions of the EUPL (the "Licence"); +// * You may not use this work except in compliance with the Licence. +// * You may obtain a copy of the Licence at: +// * http://www.osor.eu/eupl/ +// * +// * Unless required by applicable law or agreed to in writing, software +// * distributed under the Licence is distributed on an "AS IS" basis, +// * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// * See the Licence for the specific language governing permissions and +// * limitations under the Licence. +// * +// * This product combines work with different licenses. See the "NOTICE" text +// * file for details on the various modules and licenses. +// * The "NOTICE" text file is part of the distribution. Any derivative works +// * that you distribute must include a readable copy of the "NOTICE" text file. +// *******************************************************************************/ +//package at.gv.egovernment.moa.id.protocols.pvp2x.verification; +// +//import java.io.UnsupportedEncodingException; +// +//import org.opensaml.saml2.core.RequestAbstractType; +//import org.opensaml.security.SAMLSignatureProfileValidator; +//import org.opensaml.xml.validation.ValidationException; +//import org.w3c.dom.Element; +// +//import at.gv.egovernment.moa.id.auth.builder.VerifyXMLSignatureRequestBuilder; +//import at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse; +//import at.gv.egovernment.moa.id.auth.exception.BuildException; +//import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +//import at.gv.egovernment.moa.id.auth.exception.ParseException; +//import at.gv.egovernment.moa.id.auth.exception.ServiceException; +//import at.gv.egovernment.moa.id.auth.invoke.SignatureVerificationInvoker; +//import at.gv.egovernment.moa.id.auth.parser.VerifyXMLSignatureResponseParser; +//import at.gv.egovernment.moa.id.config.ConfigurationException; +//import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; +//import at.gv.egovernment.moa.id.util.XMLUtil; +//import at.gv.egovernment.moa.logging.Logger; +// +//public class SAMLVerifierMOASP implements ISAMLVerifier { +// +// +// //TODO: implement via metadata validator .... +// public void verifyRequest(RequestAbstractType request) +// throws MOAIDException { +// // validate Signature +// try { +// if (request.isSigned()) { +// +// String trustProfileID = AuthConfigurationProviderFactory.getInstance() +// .getStorkConfig().getSignatureVerificationParameter() +// .getTrustProfileID(); +// +// Logger.trace("Starting validation of Signature references"); +// try { +// SAMLSignatureProfileValidator sigValidator = new SAMLSignatureProfileValidator(); +// sigValidator.validate(request.getSignature()); +// } catch (ValidationException e) { +// Logger.error("Validation of XML Signature refrences failed: " +// + e.getMessage()); +// throw new SecurityException(e); +// } +// Logger.debug("XML Signature references are OK."); +// +// Logger.debug("Invoking MOA-SP with TrustProfileID: " +// + trustProfileID); +// +// // builds a <VerifyXMLSignatureRequest> for a call of MOA-SP +// Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder() +// .build(XMLUtil.printXML(request.getDOM()).getBytes("UTF-8"), +// trustProfileID); +// +// Logger.trace("VerifyXMLSignatureRequest for MOA-SP succesfully built"); +// +// Logger.trace("Calling MOA-SP"); +// // invokes the call +// Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker() +// .verifyXMLSignature(domVerifyXMLSignatureRequest); +// +// // parses the <VerifyXMLSignatureResponse> +// VerifyXMLSignatureResponse verifyXMLSignatureResponse = new VerifyXMLSignatureResponseParser( +// domVerifyXMLSignatureResponse).parseData(); +// +// Logger.trace("Received VerifyXMLSignatureResponse from MOA-SP"); +// +// if (verifyXMLSignatureResponse.getSignatureCheckCode() != 0) { +// String msg = "Signature of SAMLResponse not valid"; +// Logger.error(msg); +// throw new SecurityException(msg); +// } +// +// Logger.debug("Signature of SAML response successfully verified"); +// +// if (verifyXMLSignatureResponse.getCertificateCheckCode() != 0) { +// String msg = "Certificate of SAMLResponse not valid"; +// Logger.error(msg); +// throw new SecurityException(msg); +// } +// +// Logger.debug("Signing certificate of SAML response succesfully verified"); +// +// } else { +// String msg = "SAML Object is not signed."; +// throw new SecurityException(msg); +// } +// +// } catch (ConfigurationException e) { +// String msg = "Unable to load STORK configuration for STORK SAML Response signature verification."; +// Logger.error(msg, e); +// throw new SecurityException(msg, e); +// } catch (ParseException e) { +// String msg = "Unable to parse VerifyXMLSignature Request or Response."; +// Logger.error(msg, e); +// throw new SecurityException(msg, e); +// } catch (BuildException e) { +// String msg = "Unable to parse VerifyXMLSignature Request or Response."; +// Logger.error(msg, e); +// throw new SecurityException(msg, e); +// } catch (ServiceException e) { +// String msg = "Unable to invoke MOA-SP."; +// Logger.error(msg, e); +// throw new SecurityException(msg, e); +// } catch (UnsupportedEncodingException e) { +// String msg = "Unsupported Encoding."; +// Logger.error(msg, e); +// throw new SecurityException(msg, e); +// } +// +// } +// +//} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/HTTPRequestJSPForwarder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/HTTPRequestJSPForwarder.java deleted file mode 100644 index 3e31c0403..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/HTTPRequestJSPForwarder.java +++ /dev/null @@ -1,122 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - ******************************************************************************/ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -/* - * Created on 17.02.2004 - * - * To change the template for this generated file go to - * Window>Preferences>Java>Code Generation>Code and Comments - */ -package at.gv.egovernment.moa.id.util; - -import java.io.IOException; -import javax.servlet.ServletContext; -import javax.servlet.ServletException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import at.gv.egovernment.moa.logging.Logger; - -/** - * @author rschamberger - * - * To change the template for this generated type comment go to - * Window>Preferences>Java>Code Generation>Code and Comments - */ -public class HTTPRequestJSPForwarder { - - /** - * Forwards the HttpServletRequest to a customizable JSP Page and serves the Response. <br> - * <ul> - * <li>Logs the message</li> - * </ul> - * - * @param message message text - * @param jspPageURI URI of the JSP page - * @param context the servlet context of the servlet belonging to the req, resp - * @param req servlet request - * @param resp servlet response - */ - public static void forwardNamed( - String message, - String jspPageURI, - ServletContext context, - HttpServletRequest req, - HttpServletResponse resp) { - - if (null != message) { - Logger.info(message); - req.setAttribute("Message", message); - } - - //forward this to the given jsp page where the HTML response is generated - try { - context.getRequestDispatcher(jspPageURI).forward(req, resp); - } catch (IOException e) { - Logger.error(e); - } catch (ServletException e) { - Logger.error(e); - } - } - - /** - * Forwards the HttpServletRequest to the customizable JSP Page 'message.jsp' and serves the Response. <br> - * <ul> - * <li>Logs the message</li> - * </ul> - * - * @param message message text - * @param context the servlet context of the servlet belonging to the req, resp - * @param req servlet request - * @param resp servlet response - */ - public static void forwardDefault( - String message, - ServletContext context, - HttpServletRequest req, - HttpServletResponse resp) { - forwardNamed(message, "/message.jsp", context, req, resp); - } -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ServletUtils.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ServletUtils.java index 3dbc0ab7b..a4d79ac05 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ServletUtils.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ServletUtils.java @@ -1,183 +1,69 @@ -/*******************************************************************************
- * Copyright 2014 Federal Chancellery Austria
- * MOA-ID has been developed in a cooperation between BRZ, the Federal
- * Chancellery Austria - ICT staff unit, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- ******************************************************************************/
-/*
- * Copyright 2003 Federal Chancellery Austria
- * MOA-ID has been developed in a cooperation between BRZ, the Federal
- * Chancellery Austria - ICT staff unit, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-/**
- *
- */
-package at.gv.egovernment.moa.id.util;
-
-import java.io.IOException;
-import java.io.OutputStream;
-import java.net.URLEncoder;
-
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import at.gv.egovernment.moa.id.auth.AuthenticationServer;
-import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder;
-import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
-import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
-import at.gv.egovernment.moa.logging.Logger;
-
-/**
- * @author <a href="mailto:peter.danner@egiz.gv.at">Peter Danner</a>
- *
- */
-public class ServletUtils {
-
- /**
- * Writes out whether the CreateXMLSignatureRequest or a Redirect for form input processing
- * depending on the requests starting text.
- *
- * @param resp The httpServletResponse
- * @param session The current AuthenticationSession
- * @param createXMLSignatureRequestOrRedirect The request
- * @param servletGoal The servlet to which the redirect should happen
- * @param servletName The servlet name for debug purposes
- * @throws MOAIDException
- * @throws IOException
- */
- public static void writeCreateXMLSignatureRequestOrRedirect(HttpServletResponse resp, AuthenticationSession session, String createXMLSignatureRequestOrRedirect, String servletGoal, String servletName)
- throws MOAIDException,
- IOException
- {
- if (!createXMLSignatureRequestOrRedirect.startsWith("Redirect")) {
- resp.setStatus(307);
- String dataURL = new DataURLBuilder().buildDataURL(
- session.getAuthURL(), AuthenticationServer.REQ_VERIFY_AUTH_BLOCK, session.getSessionID());
- resp.addHeader("Location", dataURL);
-
- //TODO test impact of explicit setting charset with older versions of BKUs (HotSign)
- resp.setContentType("text/xml;charset=UTF-8");
-
- OutputStream out = resp.getOutputStream();
- out.write(createXMLSignatureRequestOrRedirect.getBytes("UTF-8"));
- out.flush();
- out.close();
- Logger.debug("Finished POST " + servletName);
-
- } else {
- String redirectURL = new DataURLBuilder().buildDataURL(session.getAuthURL(), servletGoal, session.getSessionID());
- resp.setContentType("text/html");
- resp.setStatus(302);
- resp.addHeader("Location", redirectURL);
- Logger.debug("REDIRECT TO: " + redirectURL);
-
- }
- }
- /**
- * Writes out whether the CreateXMLSignatureRequest or a Redirect for form input processing
- * depending on the requests starting text.
- *
- * @param resp The httpServletResponse
- * @param createXMLSignatureRequestOrRedirect The request
- * @param servletGoal The servlet to which the redirect should happen
- * @param servletName The servlet name for debug purposes
- * @throws MOAIDException
- * @throws IOException
- */
- public static void writeCreateXMLSignatureRequest(HttpServletResponse resp, String createXMLSignatureRequestOrRedirect, String servletGoal, String servletName, String dataURL)
- throws MOAIDException,
- IOException
- {
- resp.setStatus(307);
- resp.addHeader("Location", dataURL);
-
- //TODO test impact of explicit setting charset with older versions of BKUs (HotSign)
- resp.setContentType("text/xml;charset=UTF-8");
-
- OutputStream out = resp.getOutputStream();
- out.write(createXMLSignatureRequestOrRedirect.getBytes("UTF-8"));
- out.flush();
- out.close();
- Logger.debug("Finished POST " + servletName);
-
- }
-
- /**
- * Writes out whether the CreateXMLSignatureRequest or a Redirect for form input processing
- * depending on the requests starting text.
- *
- * @param resp The httpServletResponse
- * @param session The current AuthenticationSession
- * @param createXMLSignatureRequestOrRedirect The request
- * @param servletGoal The servlet to which the redirect should happen
- * @param servletName The servlet name for debug purposes
- * @throws MOAIDException
- * @throws IOException
- */
- public static void writeCreateXMLSignatureRequestURLEncoded(HttpServletResponse resp, AuthenticationSession session, String createXMLSignatureRequestOrRedirect, String servletGoal, String servletName, String dataURL)
- throws MOAIDException,
- IOException {
- resp.setStatus(200);
- Logger.debug("ContentType set to: application/x-www-form-urlencoded");
-
- resp.setContentType("application/x-www-form-urlencoded");
-
- String content = "XMLRequest=" + URLEncoder.encode(createXMLSignatureRequestOrRedirect, "UTF-8") + "&" +
- "DataURL=" + URLEncoder.encode(dataURL, "UTF-8");
-
- OutputStream out = resp.getOutputStream();
- out.write(content.getBytes("UTF-8"));
- out.flush();
- out.close();
- Logger.debug("Finished POST " + servletName);
-
- }
-
- public static String getBaseUrl( HttpServletRequest request ) {
- if ( ( request.getServerPort() == 80 ) ||
- ( request.getServerPort() == 443 ) )
- return request.getScheme() + "://" +
- request.getServerName() +
- request.getContextPath();
- else
- return request.getScheme() + "://" +
- request.getServerName() + ":" + request.getServerPort() +
- request.getContextPath();
- }
-
-}
+/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + ******************************************************************************/ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +/** + * + */ +package at.gv.egovernment.moa.id.util; + +import javax.servlet.http.HttpServletRequest; + +public class ServletUtils { + + + public static String getBaseUrl( HttpServletRequest request ) { + if ( ( request.getServerPort() == 80 ) || + ( request.getServerPort() == 443 ) ) + return request.getScheme() + "://" + + request.getServerName() + + request.getContextPath(); + else + return request.getScheme() + "://" + + request.getServerName() + ":" + request.getServerPort() + + request.getContextPath(); + } + +} diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/pom.xml b/id/server/modules/moa-id-modul-citizencard_authentication/pom.xml new file mode 100644 index 000000000..32a3d0c28 --- /dev/null +++ b/id/server/modules/moa-id-modul-citizencard_authentication/pom.xml @@ -0,0 +1,25 @@ +<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> + <modelVersion>4.0.0</modelVersion> + <parent> + <groupId>MOA.id.server.modules</groupId> + <artifactId>moa-id-modules</artifactId> + <version>${moa-id-version}</version> + </parent> + <artifactId>moa-id-modul-citizencard_authentication</artifactId> + + <packaging>jar</packaging> + <name>MOA ID-Module Citizen-Card Authentication</name> + + <properties> + <repositoryPath>${basedir}/../../../../repository</repositoryPath> + </properties> + + <dependencies> + <dependency> + <groupId>MOA.id.server</groupId> + <artifactId>moa-id-lib</artifactId> + <scope>test</scope> + </dependency> + </dependencies> + +</project>
\ No newline at end of file diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java index e2b0f78a5..0850bb676 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java @@ -1,6 +1,6 @@ - package at.gv.egovernment.moa.id.auth; + import iaik.asn1.ObjectID; import iaik.x509.X509Certificate; import iaik.x509.X509ExtensionInitException; @@ -8,14 +8,11 @@ import iaik.x509.X509ExtensionInitException; import java.io.ByteArrayInputStream; import java.io.IOException; import java.io.InputStream; -import java.io.UnsupportedEncodingException; import java.security.Principal; import java.security.cert.CertificateException; import java.util.Calendar; -import java.util.Date; import java.util.List; import java.util.Map; -import java.util.UUID; import java.util.Vector; import javax.servlet.http.HttpServletRequest; @@ -25,7 +22,6 @@ import javax.xml.transform.TransformerException; import org.apache.commons.lang.StringEscapeUtils; import org.apache.xpath.XPathAPI; import org.opensaml.xml.util.Base64; -import org.opensaml.xml.util.XMLHelper; import org.w3c.dom.Document; import org.w3c.dom.Element; import org.w3c.dom.NodeList; @@ -33,6 +29,7 @@ import org.xml.sax.SAXException; import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants; import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger; +import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; import at.gv.egovernment.moa.id.auth.builder.AuthenticationBlockAssertionBuilder; import at.gv.egovernment.moa.id.auth.builder.BPKBuilder; import at.gv.egovernment.moa.id.auth.builder.CreateXMLSignatureRequestBuilder; @@ -63,22 +60,14 @@ import at.gv.egovernment.moa.id.auth.validator.IdentityLinkValidator; import at.gv.egovernment.moa.id.auth.validator.VerifyXMLSignatureResponseValidator; import at.gv.egovernment.moa.id.auth.validator.parep.ParepUtils; import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.SZRGWConstants; -import at.gv.egovernment.moa.id.client.SZRGWClient; -import at.gv.egovernment.moa.id.client.SZRGWClientException; -import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.ConnectionParameter; import at.gv.egovernment.moa.id.config.auth.AuthConfiguration; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; +import at.gv.egovernment.moa.id.data.MISMandate; import at.gv.egovernment.moa.id.moduls.IRequest; import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; -import at.gv.egovernment.moa.id.storage.AssertionStorage; -import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; -import at.gv.egovernment.moa.id.storage.DBExceptionStoreImpl; -import at.gv.egovernment.moa.id.util.MOAIDMessageProvider; import at.gv.egovernment.moa.id.util.XMLUtil; -import at.gv.egovernment.moa.id.util.client.mis.simple.MISMandate; import at.gv.egovernment.moa.logging.LogMsg; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.Constants; @@ -87,13 +76,6 @@ import at.gv.egovernment.moa.util.DateTimeUtils; import at.gv.egovernment.moa.util.FileUtils; import at.gv.egovernment.moa.util.MiscUtil; import at.gv.egovernment.moa.util.StringUtils; -import at.gv.util.xsd.mis.MandateIdentifiers; -import at.gv.util.xsd.mis.Target; -import at.gv.util.xsd.srzgw.CreateIdentityLinkRequest; -import at.gv.util.xsd.srzgw.CreateIdentityLinkRequest.PEPSData; -import at.gv.util.xsd.srzgw.CreateIdentityLinkResponse; -import at.gv.util.xsd.srzgw.MISType; -import at.gv.util.xsd.srzgw.MISType.Filters; /** * API for MOA ID Authentication Service.<br> {@link AuthenticationSession} is @@ -103,7 +85,7 @@ import at.gv.util.xsd.srzgw.MISType.Filters; * @version $Id: AuthenticationServer.java 1273 2012-02-27 14:50:18Z kstranacher * $ */ -public class AuthenticationServer extends MOAIDAuthConstants { +public class AuthenticationServer extends BaseAuthenticationServer { /** * single instance @@ -111,17 +93,6 @@ public class AuthenticationServer extends MOAIDAuthConstants { private static AuthenticationServer instance; /** - * time out in milliseconds used by {@link cleanup} for session store - */ - private long sessionTimeOutCreated = 15 * 60 * 1000; // default 10 minutes - private long sessionTimeOutUpdated = 10 * 60 * 1000; // default 10 minutes - /** - * time out in milliseconds used by {@link cleanup} for authentication data - * store - */ - private long authDataTimeOut = 2 * 60 * 1000; // default 2 minutes - - /** * Returns the single instance of <code>AuthenticationServer</code>. * * @return the single instance of <code>AuthenticationServer</code> @@ -1299,73 +1270,6 @@ public class AuthenticationServer extends MOAIDAuthConstants { } /** - * Retrieves a session from the session store. - * - * @param id session ID - * @return <code>AuthenticationSession</code> stored with given session ID (never {@code null}). - * @throws AuthenticationException in case the session id does not reflect a valic, active session. - */ - public static AuthenticationSession getSession(String id) - throws AuthenticationException { - AuthenticationSession session; - try { - session = AuthenticationSessionStoreage.getSession(id); - - if (session == null) - throw new AuthenticationException("auth.02", new Object[]{id}); - return session; - - } catch (MOADatabaseException e) { - throw new AuthenticationException("auth.02", new Object[]{id}); - - } catch (Exception e) { - throw new AuthenticationException("parser.04", new Object[]{id}); - } - } - - /** - * Cleans up expired session and authentication data stores. - */ - public void cleanup() { - long now = new Date().getTime(); - - //clean AuthenticationSessionStore - - AuthenticationSessionStoreage.clean(now, sessionTimeOutCreated, sessionTimeOutUpdated); - - //clean AssertionStore - AssertionStorage assertionstore = AssertionStorage.getInstance(); - assertionstore.clean(now, authDataTimeOut); - - //clean ExeptionStore - DBExceptionStoreImpl exstore = DBExceptionStoreImpl.getStore(); - exstore.clean(now, authDataTimeOut); - - } - - /** - * Sets the sessionTimeOut. - * - * @param seconds Time out of the session in seconds - */ - public void setSecondsSessionTimeOutCreated(long seconds) { - sessionTimeOutCreated = seconds * 1000; - } - - public void setSecondsSessionTimeOutUpdated(long seconds) { - sessionTimeOutUpdated = seconds * 1000; - } - - /** - * Sets the authDataTimeOut. - * - * @param seconds Time out for signing AuthData in seconds - */ - public void setSecondsAuthDataTimeOut(long seconds) { - authDataTimeOut = seconds * 1000; - } - - /** * Checks a parameter. * * @param param parameter @@ -1424,149 +1328,6 @@ public class AuthenticationServer extends MOAIDAuthConstants { } /** - * Does the request to the SZR-GW. - * - * @param signature the signature - * @return the identity link - * @throws SZRGWClientException the sZRGW client exception - * @throws ConfigurationException the configuration exception - */ - public CreateIdentityLinkResponse getIdentityLink(Element signature) throws SZRGWClientException, ConfigurationException { - return getIdentityLink(null, null, null, null, XMLHelper.nodeToString(signature), null); - } - - /** - * Does the request to the SZR-GW. - * - * @param PEPSIdentifier the pEPS identifier - * @param PEPSFirstname the pEPS firstname - * @param PEPSFamilyname the pEPS familyname - * @param PEPSDateOfBirth the pEPS date of birth - * @param signature XMLDSIG signature - * @return Identity link assertion - * @throws SZRGWClientException the sZRGW client exception - * @throws ConfigurationException the configuration exception - */ - public CreateIdentityLinkResponse getIdentityLink(String PEPSIdentifier, String PEPSFirstname, String PEPSFamilyname, String PEPSDateOfBirth, String signature, String PEPSFiscalNumber) throws SZRGWClientException { - return getIdentityLink(PEPSIdentifier, PEPSFirstname, PEPSFamilyname, PEPSDateOfBirth, null, signature, null, null, null, null, null, null, null, PEPSFiscalNumber); - } - - /** - * SZR-GW Client interface. - * - * @param eIdentifier the e identifier - * @param givenName the given name - * @param lastName the last name - * @param dateOfBirth the date of birth - * @param citizenSignature the citizen signature - * @param representative the representative - * @param represented the represented - * @param mandate the mandate - * @return the identity link - * @throws SZRGWClientException the sZRGW client exception - */ - public CreateIdentityLinkResponse getIdentityLink(String eIdentifier, - String givenName, String lastName, String dateOfBirth, String gender, - String citizenSignature, String representative, String represented, - String mandate, String targetType, String targetValue, String oaFriendlyName, List<String> filters, String PEPSFiscalNumber) throws SZRGWClientException { - return getIdentityLink(eIdentifier, givenName, lastName, dateOfBirth, gender, - citizenSignature, representative, represented, mandate, null, - null, targetType, targetValue, oaFriendlyName, filters, PEPSFiscalNumber); - } - - /** - * Gets the identity link. - * - * @param citizenSignature the citizen signature - * @param representative the representative - * @param represented the represented - * @param mandate the mandate - * @param organizationAddress the organization address - * @param organizationType the organization type - * @return the identity link - * @throws SZRGWClientException - */ - public CreateIdentityLinkResponse getIdentityLink(String citizenSignature, - String representative, String represented, String mandateContent, - String organizationAddress, String organizationType, String targetType, String targetValue, String oaFriendlyName, List<String> filters, String PEPSFiscalNumber) throws SZRGWClientException { - return getIdentityLink(null, null, null, null, null, - citizenSignature, represented, representative, mandateContent, organizationAddress, - organizationType, targetType, targetValue, oaFriendlyName, filters, PEPSFiscalNumber); - } - - public CreateIdentityLinkResponse getIdentityLink(String PEPSIdentifier, String PEPSFirstname, String PEPSFamilyname, String PEPSDateOfBirth, String gender, String citizenSignature, String represented, String representative, String mandateContent, String organizationAddress, String organizationType, String targetType, String targetValue, String oaFriendlyName, List<String> filters, String PEPSFiscalNumber) throws SZRGWClientException { - - try { - AuthConfiguration authConf = AuthConfigurationProviderFactory.getInstance(); - ConnectionParameter connectionParameters = authConf.getForeignIDConnectionParameter(); - - String requestID = UUID.randomUUID().toString(); - SZRGWClient client = new SZRGWClient(connectionParameters); - - CreateIdentityLinkRequest request = new CreateIdentityLinkRequest(); - request.setSignature(citizenSignature.getBytes("UTF-8")); - request.setReqID(requestID); - if(PEPSDateOfBirth!=null || PEPSFamilyname!=null || PEPSFirstname!=null || PEPSIdentifier!=null || representative!=null || represented!=null || mandateContent!=null || organizationAddress!=null || organizationType!=null) - { - PEPSData data = new PEPSData(); - data.setDateOfBirth(PEPSDateOfBirth); - data.setFamilyname(PEPSFamilyname); - data.setFirstname(PEPSFirstname); - data.setIdentifier(PEPSIdentifier); - - data.setFiscalNumber(PEPSFiscalNumber); - - data.setRepresentative(representative); - data.setRepresented(represented); - data.setMandateContent(mandateContent); - - data.setLegalPersonCanonicalRegisteredAddress(organizationAddress); - data.setLegalPersonTranslatableType(organizationType); - - request.setPEPSData(data); - } - if (null != mandateContent) { - MISType mis = new MISType(); - - Target targetObject = new Target(); - targetObject.setType(targetType); - targetObject.setValue(targetValue); - mis.setTarget(targetObject); - - mis.setOAFriendlyName(oaFriendlyName); - - Filters filterObject = new Filters(); - MandateIdentifiers mandateIds = new MandateIdentifiers(); - for(String current : filters) - mandateIds.getMandateIdentifier().add(current.trim()); - filterObject.setMandateIdentifiers(mandateIds); - mis.setFilters(filterObject); - - request.setMIS(mis); - } - - if (MiscUtil.isEmpty(connectionParameters.getUrl())) { - Logger.warn("SZR-Gateway Service URL is empty"); - throw new SZRGWClientException("service.07"); - } - - Logger.info("Starte Kommunikation mit dem Stammzahlenregister Gateway(" + connectionParameters.getUrl() + ")..."); - CreateIdentityLinkResponse response = client.sentCreateIDLRequest(request, connectionParameters.getUrl()); - return response; - - } - catch (ConfigurationException e) { - Logger.warn(e); - Logger.warn(MOAIDMessageProvider.getInstance().getMessage("config.12", null )); - } catch (UnsupportedEncodingException e) { - Logger.warn(e); - } - - return null; - - } - - /** * Extracts an X509 Certificate out of an XML signagture element * * @param signedXML XML signature element diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationAssertionBuilder.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationAssertionBuilder.java index 89f42ab7d..89f42ab7d 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationAssertionBuilder.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationAssertionBuilder.java diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java index 760d28d5b..760d28d5b 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/Builder.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/Builder.java index ca9bf2080..ca9bf2080 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/Builder.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/Builder.java diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/CertInfoVerifyXMLSignatureRequestBuilder.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/CertInfoVerifyXMLSignatureRequestBuilder.java index a904242e1..a904242e1 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/CertInfoVerifyXMLSignatureRequestBuilder.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/CertInfoVerifyXMLSignatureRequestBuilder.java diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilderForeign.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilderForeign.java index f4b5cb4c9..76cf9addb 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilderForeign.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilderForeign.java @@ -1,172 +1,172 @@ -/*******************************************************************************
- * Copyright 2014 Federal Chancellery Austria
- * MOA-ID has been developed in a cooperation between BRZ, the Federal
- * Chancellery Austria - ICT staff unit, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- ******************************************************************************/
-/*
- * Copyright 2003 Federal Chancellery Austria
- * MOA-ID has been developed in a cooperation between BRZ, the Federal
- * Chancellery Austria - ICT staff unit, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package at.gv.egovernment.moa.id.auth.builder;
-
-import java.io.IOException;
-import java.io.StringReader;
-import java.io.StringWriter;
-
-import at.gv.egovernment.moa.id.auth.exception.BuildException;
-
-
-/**
- * Builder for CreateXMLSignatureRequest to sign data from a foreign
- * eID card.
- *
- */
-
-public class CreateXMLSignatureRequestBuilderForeign extends Builder {
-
- /** special tag in the XML template to be substituted for the KeyboxIdentifier */
- private static final String KEYBOXID_TAG = "<KEYBOXID>";
- /** special tag in the XML template to be substituted for the content */
- private static final String XMLCONTENT_TAG = "<XMLContent>";
- /** private static int all contains the representation to replace all tags*/
- private static final int ALL = -1;
-
-// /** default HTML template */
-// private static final String DEFAULT_XML_TEMPLATE =
-// "<?xml version=\"1.0\" encoding=\"UTF-8\"?>" +
-// "<sl:CreateXMLSignatureRequest xmlns:sl=\"http://www.buergerkarte.at/namespaces/securitylayer/1.2#\">" +
-// "<sl:KeyboxIdentifier>" + KEYBOXID_TAG + "</sl:KeyboxIdentifier>" +
-// "<sl:DataObjectInfo Structure=\"enveloping\">" +
-// "<sl:DataObject>" +
-// "<sl:XMLContent>" + XMLCONTENT_TAG + "</sl:XMLContent>" +
-// "</sl:DataObject>" +
-// "<sl:TransformsInfo>" +
-// "<sl:FinalDataMetaInfo>" +
-// "<sl:MimeType>text/plain</sl:MimeType>" +
-// "</sl:FinalDataMetaInfo>" +
-// "</sl:TransformsInfo>" +
-// "</sl:DataObjectInfo>" +
-// "</sl:CreateXMLSignatureRequest>";
-
- /** default HTML template */
- private static final String DEFAULT_XHTML_TEMPLATE =
- "<?xml version=\"1.0\" encoding=\"UTF-8\"?>" +
- "<sl:CreateXMLSignatureRequest xmlns:sl=\"http://www.buergerkarte.at/namespaces/securitylayer/1.2#\">" +
- "<sl:KeyboxIdentifier>" + KEYBOXID_TAG + "</sl:KeyboxIdentifier>" +
- "<sl:DataObjectInfo Structure=\"enveloping\">" +
- "<sl:DataObject>" +
- "<sl:XMLContent>" + XMLCONTENT_TAG + "</sl:XMLContent>" +
- "</sl:DataObject>" +
- "<sl:TransformsInfo>" +
- "<sl:FinalDataMetaInfo>" +
- "<sl:MimeType>application/xhtml+xml</sl:MimeType>" +
- "</sl:FinalDataMetaInfo>" +
- "</sl:TransformsInfo>" +
- "</sl:DataObjectInfo>" +
- "</sl:CreateXMLSignatureRequest>";
-
- /**
- * Constructor for CreateXMLSignatureRequestBuilderForeign.
- */
- public CreateXMLSignatureRequestBuilderForeign() {
- super();
- }
- /**
- * Builds the XML request.
- *
- * @param xmlRequest XML Request to be sent as a parameter in the form
- * @param bkuURL URL of the "Bürgerkartenumgebung" the form will be submitted to;
- * may be <code>null</code>, in this case the default URL will be used
- * @param dataURL DataURL to be sent as a parameter in the form
- */
- public String build(
- String keyboxIdentifier,
- String xmlContent)
- throws BuildException
- {
- String xmlRequest = DEFAULT_XHTML_TEMPLATE;
- xmlRequest = replaceTag(xmlRequest, KEYBOXID_TAG, keyboxIdentifier, true, ALL);
- //htmlForm = replaceTag(htmlForm, XMLREQUEST_TAG, encodeParameter(xmlRequest), true, ALL);
- xmlRequest = replaceTag(xmlRequest, XMLCONTENT_TAG, xmlContent, true, ALL);
- return xmlRequest;
- }
- /**
- * Encodes a string for inclusion as a parameter in the form.
- * Double quotes are substituted by <code>"&quot;"</code>.
- * @param s the string to be encoded
- * @return the string encoded
- * @throws BuildException on any exception encountered
- */
- public static String encodeParameter(String s) throws BuildException {
- StringReader in = new StringReader(s);
- StringWriter out = new StringWriter();
- try {
- for (int ch = in.read(); ch >= 0; ch = in.read()) {
- if (ch == '"')
- out.write(""");
- else if (ch == '<')
- out.write("<");
- else if (ch == '>')
- out.write(">");
- else if (ch == 'ä')
- out.write("ä");
- else if (ch == 'ö')
- out.write("ö");
- else if (ch == 'ü')
- out.write("ü");
- else if (ch == 'Ä')
- out.write("Ä");
- else if (ch == 'Ö')
- out.write("Ö");
- else if (ch == 'Ü')
- out.write("Ü");
- else if (ch == 'ß')
- out.write("ß");
- else
- out.write(ch);
- }
- }
- catch (IOException ex) {
- throw new BuildException("builder.00", new Object[] {"CreateXMLSignatureRequest", ex.toString()});
- }
- return out.toString();
- }
-
-}
+/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + ******************************************************************************/ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.id.auth.builder; + +import java.io.IOException; +import java.io.StringReader; +import java.io.StringWriter; + +import at.gv.egovernment.moa.id.auth.exception.BuildException; + + +/** + * Builder for CreateXMLSignatureRequest to sign data from a foreign + * eID card. + * + */ + +public class CreateXMLSignatureRequestBuilderForeign extends Builder { + + /** special tag in the XML template to be substituted for the KeyboxIdentifier */ + private static final String KEYBOXID_TAG = "<KEYBOXID>"; + /** special tag in the XML template to be substituted for the content */ + private static final String XMLCONTENT_TAG = "<XMLContent>"; + /** private static int all contains the representation to replace all tags*/ + private static final int ALL = -1; + +// /** default HTML template */ +// private static final String DEFAULT_XML_TEMPLATE = +// "<?xml version=\"1.0\" encoding=\"UTF-8\"?>" + +// "<sl:CreateXMLSignatureRequest xmlns:sl=\"http://www.buergerkarte.at/namespaces/securitylayer/1.2#\">" + +// "<sl:KeyboxIdentifier>" + KEYBOXID_TAG + "</sl:KeyboxIdentifier>" + +// "<sl:DataObjectInfo Structure=\"enveloping\">" + +// "<sl:DataObject>" + +// "<sl:XMLContent>" + XMLCONTENT_TAG + "</sl:XMLContent>" + +// "</sl:DataObject>" + +// "<sl:TransformsInfo>" + +// "<sl:FinalDataMetaInfo>" + +// "<sl:MimeType>text/plain</sl:MimeType>" + +// "</sl:FinalDataMetaInfo>" + +// "</sl:TransformsInfo>" + +// "</sl:DataObjectInfo>" + +// "</sl:CreateXMLSignatureRequest>"; + + /** default HTML template */ + private static final String DEFAULT_XHTML_TEMPLATE = + "<?xml version=\"1.0\" encoding=\"UTF-8\"?>" + + "<sl:CreateXMLSignatureRequest xmlns:sl=\"http://www.buergerkarte.at/namespaces/securitylayer/1.2#\">" + + "<sl:KeyboxIdentifier>" + KEYBOXID_TAG + "</sl:KeyboxIdentifier>" + + "<sl:DataObjectInfo Structure=\"enveloping\">" + + "<sl:DataObject>" + + "<sl:XMLContent>" + XMLCONTENT_TAG + "</sl:XMLContent>" + + "</sl:DataObject>" + + "<sl:TransformsInfo>" + + "<sl:FinalDataMetaInfo>" + + "<sl:MimeType>application/xhtml+xml</sl:MimeType>" + + "</sl:FinalDataMetaInfo>" + + "</sl:TransformsInfo>" + + "</sl:DataObjectInfo>" + + "</sl:CreateXMLSignatureRequest>"; + + /** + * Constructor for CreateXMLSignatureRequestBuilderForeign. + */ + public CreateXMLSignatureRequestBuilderForeign() { + super(); + } + /** + * Builds the XML request. + * + * @param xmlRequest XML Request to be sent as a parameter in the form + * @param bkuURL URL of the "Bürgerkartenumgebung" the form will be submitted to; + * may be <code>null</code>, in this case the default URL will be used + * @param dataURL DataURL to be sent as a parameter in the form + */ + public String build( + String keyboxIdentifier, + String xmlContent) + throws BuildException + { + String xmlRequest = DEFAULT_XHTML_TEMPLATE; + xmlRequest = replaceTag(xmlRequest, KEYBOXID_TAG, keyboxIdentifier, true, ALL); + //htmlForm = replaceTag(htmlForm, XMLREQUEST_TAG, encodeParameter(xmlRequest), true, ALL); + xmlRequest = replaceTag(xmlRequest, XMLCONTENT_TAG, xmlContent, true, ALL); + return xmlRequest; + } + /** + * Encodes a string for inclusion as a parameter in the form. + * Double quotes are substituted by <code>"&quot;"</code>. + * @param s the string to be encoded + * @return the string encoded + * @throws BuildException on any exception encountered + */ + public static String encodeParameter(String s) throws BuildException { + StringReader in = new StringReader(s); + StringWriter out = new StringWriter(); + try { + for (int ch = in.read(); ch >= 0; ch = in.read()) { + if (ch == '"') + out.write("""); + else if (ch == '<') + out.write("<"); + else if (ch == '>') + out.write(">"); + else if (ch == 'ä') + out.write("ä"); + else if (ch == 'ö') + out.write("ö"); + else if (ch == 'ü') + out.write("ü"); + else if (ch == 'Ä') + out.write("Ä"); + else if (ch == 'Ö') + out.write("Ö"); + else if (ch == 'Ãœ') + out.write("Ü"); + else if (ch == 'ß') + out.write("ß"); + else + out.write(ch); + } + } + catch (IOException ex) { + throw new BuildException("builder.00", new Object[] {"CreateXMLSignatureRequest", ex.toString()}); + } + return out.toString(); + } + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java index dc981ba33..dc981ba33 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetVerifyAuthBlockFormBuilder.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetVerifyAuthBlockFormBuilder.java index 3f2d96df4..45e5edf2c 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetVerifyAuthBlockFormBuilder.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetVerifyAuthBlockFormBuilder.java @@ -1,128 +1,128 @@ -/*******************************************************************************
- * Copyright 2014 Federal Chancellery Austria
- * MOA-ID has been developed in a cooperation between BRZ, the Federal
- * Chancellery Austria - ICT staff unit, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- ******************************************************************************/
-/*
- * Copyright 2003 Federal Chancellery Austria
- * MOA-ID has been developed in a cooperation between BRZ, the Federal
- * Chancellery Austria - ICT staff unit, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package at.gv.egovernment.moa.id.auth.builder;
-
-import at.gv.egovernment.moa.id.auth.exception.BuildException;
-
-/**
- * Builder for HTML form requesting a security layer request
- *
- * @author Peter Danner
- * @version $Id: GetIdentityLinkFormBuilder.java 769 2007-01-10 15:37:52Z peter.danner $
- */
-public class GetVerifyAuthBlockFormBuilder extends Builder {
- /** private static String NL contains the NewLine representation in Java*/
- private static final String nl = "\n";
- /** special tag in the HTML template to be substituted for the BKU URL */
- private static final String BKU_TAG = "<BKU>";
- /** special tag in the HTML template to be substituted for the XML request */
- private static final String XMLREQUEST_TAG = "<XMLRequest>";
- /** special tag in the HTML template to be substituted for the data URL */
- private static final String DATAURL_TAG = "<DataURL>";
- /** special tag in the HTML template to be substituted for the infoboxes to be pushed from the BKU */
- private static final String PUSHINFOBOX_TAG = "<PushInfobox>";
- /** private static int all contains the representation to replace all tags*/
- private static final int ALL = -1;
-
- /** default HTML template */
- private static final String DEFAULT_HTML_TEMPLATE =
- "<html>" + nl +
- " <head>" + nl +
- " <meta http-equiv=\"content-type\" content=\"text/html; charset=UTF-8\"/>" + nl +
- " <title>Signatur der Anmeldedaten</title>" + nl +
- " </head>" + nl +
- " <body onLoad=\"autoSubmit()\">" + nl +
- " <script type=\"text/javascript\">" + nl +
- " //<!-- " + nl +
- " function autoSubmit() { " + nl +
- " document.VerifyAuthBlockForm.submitButton.disabled=true;" + nl +
- " document.VerifyAuthBlockForm.submit(); " + nl +
- " } //-->" + nl +
- " </script>" + nl +
- " <form name=\"VerifyAuthBlockForm\" action=\"" + BKU_TAG + "\" method=\"post\" enctype=\"application/x-www-form-urlencoded\">" + nl +
- " <input type=\"hidden\" name=\"XMLRequest\" value=\"" + XMLREQUEST_TAG + "\"/>" + nl +
- " <input type=\"hidden\" name=\"DataURL\" value=\"" + DATAURL_TAG + "\"/>" + nl +
- " <input type=\"hidden\" name=\"PushInfobox\" value=\"" + PUSHINFOBOX_TAG + "\"/>" + nl +
- " <input type=\"submit\" value=\"Signieren der Anmeldedaten\" id=\"submitButton\"/>" + nl +
- " </form>" + nl +
- " </body>" + nl +
- "</html>";
-
- /**
- * Constructor for GetVerifyAuthBlockFormBuilder.
- */
- public GetVerifyAuthBlockFormBuilder() {
- super();
- }
- /**
- * Builds the HTML form, including XML Request and data URL as parameters.
- *
- * @param htmlTemplate template to be used for the HTML form;
- * may be <code>null</code>, in this case a default layout will be produced
- * @param xmlRequest XML Request to be sent as a parameter in the form
- * @param bkuURL URL of the "Bürgerkartenumgebung" the form will be submitted to;
- * may be <code>null</code>, in this case the default URL will be used
- * @param dataURL DataURL to be sent as a parameter in the form
- */
- public String build(
- String htmlTemplate,
- String bkuURL,
- String xmlRequest,
- String dataURL,
- String pushInfobox)
- throws BuildException
- {
- String htmlForm = htmlTemplate == null ? DEFAULT_HTML_TEMPLATE : htmlTemplate;
- htmlForm = replaceTag(htmlForm, BKU_TAG, bkuURL, true, ALL);
- htmlForm = replaceTag(htmlForm, XMLREQUEST_TAG, GetIdentityLinkFormBuilder.encodeParameter(xmlRequest), true, ALL);
- htmlForm = replaceTag(htmlForm, DATAURL_TAG, dataURL, true, ALL);
- if (null==pushInfobox) pushInfobox="";
- htmlForm = replaceTag(htmlForm, PUSHINFOBOX_TAG, pushInfobox, false, ALL);
- return htmlForm;
- }
-
-}
+/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + ******************************************************************************/ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.id.auth.builder; + +import at.gv.egovernment.moa.id.auth.exception.BuildException; + +/** + * Builder for HTML form requesting a security layer request + * + * @author Peter Danner + * @version $Id: GetIdentityLinkFormBuilder.java 769 2007-01-10 15:37:52Z peter.danner $ + */ +public class GetVerifyAuthBlockFormBuilder extends Builder { + /** private static String NL contains the NewLine representation in Java*/ + private static final String nl = "\n"; + /** special tag in the HTML template to be substituted for the BKU URL */ + private static final String BKU_TAG = "<BKU>"; + /** special tag in the HTML template to be substituted for the XML request */ + private static final String XMLREQUEST_TAG = "<XMLRequest>"; + /** special tag in the HTML template to be substituted for the data URL */ + private static final String DATAURL_TAG = "<DataURL>"; + /** special tag in the HTML template to be substituted for the infoboxes to be pushed from the BKU */ + private static final String PUSHINFOBOX_TAG = "<PushInfobox>"; + /** private static int all contains the representation to replace all tags*/ + private static final int ALL = -1; + + /** default HTML template */ + private static final String DEFAULT_HTML_TEMPLATE = + "<html>" + nl + + " <head>" + nl + + " <meta http-equiv=\"content-type\" content=\"text/html; charset=UTF-8\"/>" + nl + + " <title>Signatur der Anmeldedaten</title>" + nl + + " </head>" + nl + + " <body onLoad=\"autoSubmit()\">" + nl + + " <script type=\"text/javascript\">" + nl + + " //<!-- " + nl + + " function autoSubmit() { " + nl + + " document.VerifyAuthBlockForm.submitButton.disabled=true;" + nl + + " document.VerifyAuthBlockForm.submit(); " + nl + + " } //-->" + nl + + " </script>" + nl + + " <form name=\"VerifyAuthBlockForm\" action=\"" + BKU_TAG + "\" method=\"post\" enctype=\"application/x-www-form-urlencoded\">" + nl + + " <input type=\"hidden\" name=\"XMLRequest\" value=\"" + XMLREQUEST_TAG + "\"/>" + nl + + " <input type=\"hidden\" name=\"DataURL\" value=\"" + DATAURL_TAG + "\"/>" + nl + + " <input type=\"hidden\" name=\"PushInfobox\" value=\"" + PUSHINFOBOX_TAG + "\"/>" + nl + + " <input type=\"submit\" value=\"Signieren der Anmeldedaten\" id=\"submitButton\"/>" + nl + + " </form>" + nl + + " </body>" + nl + + "</html>"; + + /** + * Constructor for GetVerifyAuthBlockFormBuilder. + */ + public GetVerifyAuthBlockFormBuilder() { + super(); + } + /** + * Builds the HTML form, including XML Request and data URL as parameters. + * + * @param htmlTemplate template to be used for the HTML form; + * may be <code>null</code>, in this case a default layout will be produced + * @param xmlRequest XML Request to be sent as a parameter in the form + * @param bkuURL URL of the "Bürgerkartenumgebung" the form will be submitted to; + * may be <code>null</code>, in this case the default URL will be used + * @param dataURL DataURL to be sent as a parameter in the form + */ + public String build( + String htmlTemplate, + String bkuURL, + String xmlRequest, + String dataURL, + String pushInfobox) + throws BuildException + { + String htmlForm = htmlTemplate == null ? DEFAULT_HTML_TEMPLATE : htmlTemplate; + htmlForm = replaceTag(htmlForm, BKU_TAG, bkuURL, true, ALL); + htmlForm = replaceTag(htmlForm, XMLREQUEST_TAG, GetIdentityLinkFormBuilder.encodeParameter(xmlRequest), true, ALL); + htmlForm = replaceTag(htmlForm, DATAURL_TAG, dataURL, true, ALL); + if (null==pushInfobox) pushInfobox=""; + htmlForm = replaceTag(htmlForm, PUSHINFOBOX_TAG, pushInfobox, false, ALL); + return htmlForm; + } + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/InfoboxReadRequestBuilder.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/InfoboxReadRequestBuilder.java index 81ef5e408..81ef5e408 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/InfoboxReadRequestBuilder.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/InfoboxReadRequestBuilder.java diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/InfoboxReadRequestBuilderCertificate.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/InfoboxReadRequestBuilderCertificate.java index bb3533664..bb3533664 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/InfoboxReadRequestBuilderCertificate.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/InfoboxReadRequestBuilderCertificate.java diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/LoginConfirmationBuilder.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/LoginConfirmationBuilder.java index 31e4c0578..31e4c0578 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/LoginConfirmationBuilder.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/LoginConfirmationBuilder.java diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/PersonDataBuilder.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/PersonDataBuilder.java index 333d8680c..333d8680c 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/PersonDataBuilder.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/PersonDataBuilder.java diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SAMLResponseBuilder.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/SAMLResponseBuilder.java index 8b0d906fe..8b0d906fe 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SAMLResponseBuilder.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/SAMLResponseBuilder.java diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/StartAuthenticationBuilder.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/StartAuthenticationBuilder.java index 5c1b12e0d..5c1b12e0d 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/StartAuthenticationBuilder.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/StartAuthenticationBuilder.java diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/VerifyXMLSignatureRequestBuilder.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/VerifyXMLSignatureRequestBuilder.java index d2ea53011..d2ea53011 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/VerifyXMLSignatureRequestBuilder.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/VerifyXMLSignatureRequestBuilder.java diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/invoke/SignatureVerificationInvoker.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/invoke/SignatureVerificationInvoker.java index 72a7d3ba1..72a7d3ba1 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/invoke/SignatureVerificationInvoker.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/invoke/SignatureVerificationInvoker.java diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/DefaultAuthModuleImpl.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/DefaultAuthModuleImpl.java index 8ae4a9999..8ae4a9999 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/DefaultAuthModuleImpl.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/DefaultAuthModuleImpl.java diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CertificateReadRequestTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CertificateReadRequestTask.java index 0cfd16262..7e1bf1fc7 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CertificateReadRequestTask.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CertificateReadRequestTask.java @@ -1,103 +1,103 @@ -package at.gv.egovernment.moa.id.auth.modules.internal.tasks;
-
-import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.*;
-
-import java.io.IOException;
-
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import org.apache.commons.lang.StringEscapeUtils;
-import org.apache.commons.lang3.BooleanUtils;
-
-import at.gv.egovernment.moa.id.auth.AuthenticationServer;
-import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder;
-import at.gv.egovernment.moa.id.auth.builder.InfoboxReadRequestBuilderCertificate;
-import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
-import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
-import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
-import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
-import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask;
-import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException;
-
-import at.gv.egovernment.moa.id.process.api.ExecutionContext;
-import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
-import at.gv.egovernment.moa.id.util.ParamValidatorUtils;
-import at.gv.egovernment.moa.id.util.ServletUtils;
-import at.gv.egovernment.moa.logging.Logger;
-
-/**
- * Creates {@code InfoBoxReadRequest} in order to read the subject's certificates.<p/>
- * In detail:
- * <ul>
- * <li>Renames the moa session id.</li>
- * <li>Creates {@code InfoBoxReadRequest} in order to read the subject's certificates.</li>
- * <li>Responds with {@code InfoBoxReadRequest} (for CCE), {@code DataURL} is {@code /VerifyCertificate}</li>
- * </ul>
- * Expects:
- * <ul>
- * <li>HttpServletRequest parameter {@linkplain at.gv.egovernment.moa.id.auth.MOAIDAuthConstants#PARAM_SESSIONID PARAM_SESSIONID}</li>
- * </ul>
- * Result:
- * <ul>
- * <li>Responds with {@code InfoBoxReadRequest} (for CCE), {@code DataURL} is {@code /VerifyCertificate}</li>
- * </ul>
- * Code taken from {@link at.gv.egovernment.moa.id.auth.servlet.VerifyIdentityLinkServlet}.
- * @see #execute(ExecutionContext, HttpServletRequest, HttpServletResponse)
- *
- */
-public class CertificateReadRequestTask extends AbstractAuthServletTask {
-
- @Override
- public void execute(ExecutionContext executionContext, HttpServletRequest req, HttpServletResponse resp)
- throws TaskExecutionException {
-
- // TODO[branch]: Foreign citizen or mandate mode; respond with IRR for certificates, dataURL = "/VerifyCertificate"
- Logger.info("Send InfoboxReadRequest to BKU to get signer certificate.");
-
- setNoCachingHeaders(resp);
- try {
-
- String sessionID = StringEscapeUtils.escapeHtml(req.getParameter(PARAM_SESSIONID));
-
- // check parameter
- if (!ParamValidatorUtils.isValidSessionID(sessionID)) {
- throw new WrongParametersException("CertificateReadRequestTask", PARAM_SESSIONID, "auth.12");
- }
-
- AuthenticationSession session = AuthenticationServer.getSession(sessionID);
-
- boolean useMandate = session.getUseMandate();
- boolean identityLinkAvailable = BooleanUtils.isTrue((Boolean) executionContext.get("identityLinkAvailable"));
-
- if (!identityLinkAvailable && useMandate) {
- Logger.error("Online-Mandate Mode for foreign citizencs not supported.");
- throw new AuthenticationException("auth.13", null);
- }
-
- // change MOASessionID
- AuthenticationSessionStoreage.changeSessionID(session);
-
- // create the InfoboxReadRequest to get the certificate
- String infoboxReadRequest = new InfoboxReadRequestBuilderCertificate().build(true);
-
- // build dataurl (to the VerifyCertificateSerlvet)
- String dataurl = new DataURLBuilder().buildDataURL(session.getAuthURL(), REQ_VERIFY_CERTIFICATE,
- session.getSessionID());
-
- ServletUtils.writeCreateXMLSignatureRequest(resp, infoboxReadRequest,
- AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT, "VerifyIdentityLink", dataurl);
-
- } catch (MOAIDException ex) {
- throw new TaskExecutionException(ex.getMessage(), ex);
-
- } catch (IOException e) {
- throw new TaskExecutionException(e.getMessage(), e);
-
- } finally {
-
- }
-
- }
-
-}
+package at.gv.egovernment.moa.id.auth.modules.internal.tasks; + +import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.*; + +import java.io.IOException; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.apache.commons.lang.StringEscapeUtils; +import org.apache.commons.lang3.BooleanUtils; + +import at.gv.egovernment.moa.id.auth.AuthenticationServer; +import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder; +import at.gv.egovernment.moa.id.auth.builder.InfoboxReadRequestBuilderCertificate; +import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; +import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; +import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; +import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask; +import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException; + +import at.gv.egovernment.moa.id.process.api.ExecutionContext; +import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; +import at.gv.egovernment.moa.id.util.CitizenCardServletUtils; +import at.gv.egovernment.moa.id.util.ParamValidatorUtils; +import at.gv.egovernment.moa.logging.Logger; + +/** + * Creates {@code InfoBoxReadRequest} in order to read the subject's certificates.<p/> + * In detail: + * <ul> + * <li>Renames the moa session id.</li> + * <li>Creates {@code InfoBoxReadRequest} in order to read the subject's certificates.</li> + * <li>Responds with {@code InfoBoxReadRequest} (for CCE), {@code DataURL} is {@code /VerifyCertificate}</li> + * </ul> + * Expects: + * <ul> + * <li>HttpServletRequest parameter {@linkplain at.gv.egovernment.moa.id.auth.MOAIDAuthConstants#PARAM_SESSIONID PARAM_SESSIONID}</li> + * </ul> + * Result: + * <ul> + * <li>Responds with {@code InfoBoxReadRequest} (for CCE), {@code DataURL} is {@code /VerifyCertificate}</li> + * </ul> + * Code taken from {@link at.gv.egovernment.moa.id.auth.servlet.VerifyIdentityLinkServlet}. + * @see #execute(ExecutionContext, HttpServletRequest, HttpServletResponse) + * + */ +public class CertificateReadRequestTask extends AbstractAuthServletTask { + + @Override + public void execute(ExecutionContext executionContext, HttpServletRequest req, HttpServletResponse resp) + throws TaskExecutionException { + + // TODO[branch]: Foreign citizen or mandate mode; respond with IRR for certificates, dataURL = "/VerifyCertificate" + Logger.info("Send InfoboxReadRequest to BKU to get signer certificate."); + + setNoCachingHeaders(resp); + try { + + String sessionID = StringEscapeUtils.escapeHtml(req.getParameter(PARAM_SESSIONID)); + + // check parameter + if (!ParamValidatorUtils.isValidSessionID(sessionID)) { + throw new WrongParametersException("CertificateReadRequestTask", PARAM_SESSIONID, "auth.12"); + } + + AuthenticationSession session = AuthenticationServer.getSession(sessionID); + + boolean useMandate = session.getUseMandate(); + boolean identityLinkAvailable = BooleanUtils.isTrue((Boolean) executionContext.get("identityLinkAvailable")); + + if (!identityLinkAvailable && useMandate) { + Logger.error("Online-Mandate Mode for foreign citizencs not supported."); + throw new AuthenticationException("auth.13", null); + } + + // change MOASessionID + AuthenticationSessionStoreage.changeSessionID(session); + + // create the InfoboxReadRequest to get the certificate + String infoboxReadRequest = new InfoboxReadRequestBuilderCertificate().build(true); + + // build dataurl (to the VerifyCertificateSerlvet) + String dataurl = new DataURLBuilder().buildDataURL(session.getAuthURL(), REQ_VERIFY_CERTIFICATE, + session.getSessionID()); + + CitizenCardServletUtils.writeCreateXMLSignatureRequest(resp, infoboxReadRequest, + AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT, "VerifyIdentityLink", dataurl); + + } catch (MOAIDException ex) { + throw new TaskExecutionException(ex.getMessage(), ex); + + } catch (IOException e) { + throw new TaskExecutionException(e.getMessage(), e); + + } finally { + + } + + } + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CreateIdentityLinkFormTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CreateIdentityLinkFormTask.java index df3d90aab..20f102571 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CreateIdentityLinkFormTask.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CreateIdentityLinkFormTask.java @@ -1,138 +1,138 @@ -package at.gv.egovernment.moa.id.auth.modules.internal.tasks;
-
-import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.*;
-
-import java.io.PrintWriter;
-
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import org.apache.commons.lang.StringEscapeUtils;
-import org.apache.commons.lang3.BooleanUtils;
-import org.apache.commons.lang3.ObjectUtils;
-
-import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
-import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger;
-import at.gv.egovernment.moa.id.advancedlogging.TransactionIDUtils;
-import at.gv.egovernment.moa.id.auth.builder.StartAuthenticationBuilder;
-import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
-import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
-import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
-import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask;
-import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException;
-import at.gv.egovernment.moa.id.auth.servlet.GenerateIFrameTemplateServlet;
-
-import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
-import at.gv.egovernment.moa.id.moduls.IRequest;
-import at.gv.egovernment.moa.id.moduls.RequestStorage;
-import at.gv.egovernment.moa.id.process.api.ExecutionContext;
-import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
-import at.gv.egovernment.moa.logging.Logger;
-import at.gv.egovernment.moa.util.MiscUtil;
-import at.gv.egovernment.moa.util.StringUtils;
-
-/**
- * Creates a http form including an embedded {@code InfoBoxReadRequest} for reading the identity link.<p/>
- * In detail:
- * <ul>
- * <li>Renames the moa session id.</li>
- * <li>Removes ExecutionContext property {@linkplain at.gv.egovernment.moa.id.auth.MOAIDAuthConstants#PARAM_SESSIONID PARAM_SESSIONID}.</li>
- * <li>Creates the http form mentioned above.</li>
- * <li>Returns the http form via HttpServletResponse.</li>
- * </ul>
- * Expects:
- * <ul>
- * <li>HttpServletRequest parameter {@linkplain at.gv.egovernment.moa.id.auth.MOAIDAuthConstants#PARAM_SESSIONID PARAM_SESSIONID} <strong>or</strong></li>
- * <li>ExecutionContext property {@linkplain at.gv.egovernment.moa.id.auth.MOAIDAuthConstants#PARAM_SESSIONID PARAM_SESSIONID} (in case of legacy authentication without CCE selection, where the moa session is not provided by request parameter).</li>
- * </ul>
- * Result:
- * <ul>
- * <li>The identity link form via HttpServletResponse.</li>
- * </ul>
- * Possible branches:
- * <ul>
- * <li>In case of STORK authentication
- * <ul>
- * <li>Creates STORK auth SAML request.</li>
- * <li>Creates and returns a form for submitting the SAML request to the CPEPS (post binding).</li>
- * <li>Returns the form via HttpServletResponse.</li>
- * </ul>
- * </li>
- * </ul>
- * Code taken from {@link at.gv.egovernment.moa.id.auth.servlet.GenerateIFrameTemplateServlet}.
- * @see #execute(ExecutionContext, HttpServletRequest, HttpServletResponse)
- *
- */
-public class CreateIdentityLinkFormTask extends AbstractAuthServletTask {
-
- @Override
- public void execute(ExecutionContext executionContext, HttpServletRequest req, HttpServletResponse resp)
- throws TaskExecutionException {
-
- String moasessionid = StringEscapeUtils.escapeHtml(ObjectUtils.defaultIfNull(req.getParameter(PARAM_SESSIONID), (String) executionContext.get(PARAM_SESSIONID)));
- AuthenticationSession moasession = null;
- try {
-
- if (MiscUtil.isEmpty(moasessionid)) {
- Logger.warn("MOASessionID is empty.");
- throw new MOAIDException("auth.18", new Object[] {});
- }
-
- try {
- moasession = AuthenticationSessionStoreage.getSession(moasessionid);
-
- AuthenticationSessionStoreage.changeSessionID(moasession);
- executionContext.remove(PARAM_SESSIONID);
-
- } catch (MOADatabaseException e) {
- Logger.info("MOASession with SessionID=" + moasessionid + " is not found in Database");
- throw new MOAIDException("init.04", new Object[] { moasessionid });
-
- } catch (Throwable e) {
- Logger.info("No HTTP Session found!");
- throw new MOAIDException("auth.18", new Object[] {});
- }
-
- StartAuthenticationBuilder startauth = StartAuthenticationBuilder.getInstance();
- String getIdentityLinkForm = startauth.build(moasession, req, resp);
-
- IRequest pendingReq = RequestStorage.getPendingRequest(
- (String) executionContext.get("pendingRequestID"));
-
- if (BooleanUtils.isTrue((Boolean) executionContext.get("useMandate")))
- MOAReversionLogger.getInstance().logEvent(pendingReq.getOnlineApplicationConfiguration(),
- pendingReq, MOAIDEventConstants.AUTHPROCESS_MANDATES_REQUESTED);
- MOAReversionLogger.getInstance().logEvent(pendingReq.getOnlineApplicationConfiguration(),
- pendingReq, MOAIDEventConstants.AUTHPROCESS_BKU_URL, moasession.getBkuURL());
-
- if (!StringUtils.isEmpty(getIdentityLinkForm)) {
- resp.setContentType("text/html;charset=UTF-8");
- PrintWriter out = new PrintWriter(resp.getOutputStream());
- out.print(getIdentityLinkForm);
- out.flush();
- Logger.debug("Finished GET " + GenerateIFrameTemplateServlet.class);
- }
-
- } catch (WrongParametersException ex) {
-// handleWrongParameters(ex, req, resp);
- throw new TaskExecutionException(ex.getMessage(), ex);
- }
-
- catch (MOAIDException ex) {
-// handleError(null, ex, req, resp, pendingRequestID);
- throw new TaskExecutionException(ex.getMessage(), ex);
-
- } catch (Exception e) {
- Logger.error("CreateIdentityLinkFormTask has an interal Error.", e);
- throw new TaskExecutionException(e.getMessage(), e);
-
- }
-
- finally {
-
- TransactionIDUtils.removeTransactionId();
- TransactionIDUtils.removeSessionId();
- }
- }
-
-}
+package at.gv.egovernment.moa.id.auth.modules.internal.tasks; + +import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.*; + +import java.io.PrintWriter; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.apache.commons.lang.StringEscapeUtils; +import org.apache.commons.lang3.BooleanUtils; +import org.apache.commons.lang3.ObjectUtils; + +import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants; +import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger; +import at.gv.egovernment.moa.id.advancedlogging.TransactionIDUtils; +import at.gv.egovernment.moa.id.auth.builder.StartAuthenticationBuilder; +import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; +import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; +import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask; +import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException; +import at.gv.egovernment.moa.id.auth.servlet.GenerateIFrameTemplateServlet; + +import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; +import at.gv.egovernment.moa.id.moduls.IRequest; +import at.gv.egovernment.moa.id.moduls.RequestStorage; +import at.gv.egovernment.moa.id.process.api.ExecutionContext; +import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; +import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.MiscUtil; +import at.gv.egovernment.moa.util.StringUtils; + +/** + * Creates a http form including an embedded {@code InfoBoxReadRequest} for reading the identity link.<p/> + * In detail: + * <ul> + * <li>Renames the moa session id.</li> + * <li>Removes ExecutionContext property {@linkplain at.gv.egovernment.moa.id.auth.MOAIDAuthConstants#PARAM_SESSIONID PARAM_SESSIONID}.</li> + * <li>Creates the http form mentioned above.</li> + * <li>Returns the http form via HttpServletResponse.</li> + * </ul> + * Expects: + * <ul> + * <li>HttpServletRequest parameter {@linkplain at.gv.egovernment.moa.id.auth.MOAIDAuthConstants#PARAM_SESSIONID PARAM_SESSIONID} <strong>or</strong></li> + * <li>ExecutionContext property {@linkplain at.gv.egovernment.moa.id.auth.MOAIDAuthConstants#PARAM_SESSIONID PARAM_SESSIONID} (in case of legacy authentication without CCE selection, where the moa session is not provided by request parameter).</li> + * </ul> + * Result: + * <ul> + * <li>The identity link form via HttpServletResponse.</li> + * </ul> + * Possible branches: + * <ul> + * <li>In case of STORK authentication + * <ul> + * <li>Creates STORK auth SAML request.</li> + * <li>Creates and returns a form for submitting the SAML request to the CPEPS (post binding).</li> + * <li>Returns the form via HttpServletResponse.</li> + * </ul> + * </li> + * </ul> + * Code taken from {@link at.gv.egovernment.moa.id.auth.servlet.GenerateIFrameTemplateServlet}. + * @see #execute(ExecutionContext, HttpServletRequest, HttpServletResponse) + * + */ +public class CreateIdentityLinkFormTask extends AbstractAuthServletTask { + + @Override + public void execute(ExecutionContext executionContext, HttpServletRequest req, HttpServletResponse resp) + throws TaskExecutionException { + + String moasessionid = StringEscapeUtils.escapeHtml(ObjectUtils.defaultIfNull(req.getParameter(PARAM_SESSIONID), (String) executionContext.get(PARAM_SESSIONID))); + AuthenticationSession moasession = null; + try { + + if (MiscUtil.isEmpty(moasessionid)) { + Logger.warn("MOASessionID is empty."); + throw new MOAIDException("auth.18", new Object[] {}); + } + + try { + moasession = AuthenticationSessionStoreage.getSession(moasessionid); + + AuthenticationSessionStoreage.changeSessionID(moasession); + executionContext.remove(PARAM_SESSIONID); + + } catch (MOADatabaseException e) { + Logger.info("MOASession with SessionID=" + moasessionid + " is not found in Database"); + throw new MOAIDException("init.04", new Object[] { moasessionid }); + + } catch (Throwable e) { + Logger.info("No HTTP Session found!"); + throw new MOAIDException("auth.18", new Object[] {}); + } + + StartAuthenticationBuilder startauth = StartAuthenticationBuilder.getInstance(); + String getIdentityLinkForm = startauth.build(moasession, req, resp); + + IRequest pendingReq = RequestStorage.getPendingRequest( + (String) executionContext.get("pendingRequestID")); + + if (BooleanUtils.isTrue((Boolean) executionContext.get("useMandate"))) + MOAReversionLogger.getInstance().logEvent(pendingReq.getOnlineApplicationConfiguration(), + pendingReq, MOAIDEventConstants.AUTHPROCESS_MANDATES_REQUESTED); + MOAReversionLogger.getInstance().logEvent(pendingReq.getOnlineApplicationConfiguration(), + pendingReq, MOAIDEventConstants.AUTHPROCESS_BKU_URL, moasession.getBkuURL()); + + if (!StringUtils.isEmpty(getIdentityLinkForm)) { + resp.setContentType("text/html;charset=UTF-8"); + PrintWriter out = new PrintWriter(resp.getOutputStream()); + out.print(getIdentityLinkForm); + out.flush(); + Logger.debug("Finished GET " + GenerateIFrameTemplateServlet.class); + } + + } catch (WrongParametersException ex) { +// handleWrongParameters(ex, req, resp); + throw new TaskExecutionException(ex.getMessage(), ex); + } + + catch (MOAIDException ex) { +// handleError(null, ex, req, resp, pendingRequestID); + throw new TaskExecutionException(ex.getMessage(), ex); + + } catch (Exception e) { + Logger.error("CreateIdentityLinkFormTask has an interal Error.", e); + throw new TaskExecutionException(e.getMessage(), e); + + } + + finally { + + TransactionIDUtils.removeTransactionId(); + TransactionIDUtils.removeSessionId(); + } + } + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/FinalizeAuthenticationTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/FinalizeAuthenticationTask.java index 28bed7713..28bed7713 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/FinalizeAuthenticationTask.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/FinalizeAuthenticationTask.java diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetForeignIDTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetForeignIDTask.java index 215a7a809..b729f26e1 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetForeignIDTask.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetForeignIDTask.java @@ -1,191 +1,192 @@ -package at.gv.egovernment.moa.id.auth.modules.internal.tasks;
-
-import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.*;
-
-import java.io.ByteArrayInputStream;
-import java.io.IOException;
-import java.security.cert.CertificateException;
-import java.util.Map;
-
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import javax.xml.transform.TransformerException;
-
-import org.apache.commons.fileupload.FileUploadException;
-import org.apache.commons.lang.StringEscapeUtils;
-import org.w3c.dom.Element;
-
-import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
-import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger;
-import at.gv.egovernment.moa.id.auth.AuthenticationServer;
-import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder;
-import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
-import at.gv.egovernment.moa.id.auth.data.CreateXMLSignatureResponse;
-import at.gv.egovernment.moa.id.auth.data.IdentityLink;
-import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
-import at.gv.egovernment.moa.id.auth.exception.ParseException;
-import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
-import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask;
-import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException;
-import at.gv.egovernment.moa.id.auth.parser.CreateXMLSignatureResponseParser;
-import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser;
-import at.gv.egovernment.moa.id.client.SZRGWClientException;
-import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
-import at.gv.egovernment.moa.id.moduls.IRequest;
-import at.gv.egovernment.moa.id.moduls.ModulUtils;
-import at.gv.egovernment.moa.id.moduls.RequestStorage;
-import at.gv.egovernment.moa.id.process.api.ExecutionContext;
-import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants;
-import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
-import at.gv.egovernment.moa.id.util.ParamValidatorUtils;
-import at.gv.egovernment.moa.logging.Logger;
-import at.gv.egovernment.moa.util.DOMUtils;
-import at.gv.util.xsd.srzgw.CreateIdentityLinkResponse;
-
-/**
- * Evaluates the {@code CreateXMLSignatureResponse}, extracts signature and certificate and asks the SZR Gateway for an identity link.<p/>
- * In detail:
- * <ul>
- * <li>Renames the moa session id.</li>
- * <li>Parses the CreateXMLSignatureResponse retrieved from POST parameter {@linkplain at.gv.egovernment.moa.id.auth.MOAIDAuthConstants#PARAM_XMLRESPONSE PARAM_XMLRESPONSE}.</li>
- * <li>Extracts signature and signer certificate.</li>
- * <li>Send request to SZR Gateway in order to get an identity link.</li>
- * <li>Updates moa session (sets identity link, QAA level 4, authentication data and foreigner flag).</li>
- * <li>Redirects back to {@code /dispatcher} in order to finalize authentication.</li>
- * </ul>
- * Expects:
- * <ul>
- * <li>HttpServletRequest parameter {@linkplain at.gv.egovernment.moa.id.auth.MOAIDAuthConstants#PARAM_SESSIONID PARAM_SESSIONID}</li>
- * <li>HttpServletRequest parameter {@linkplain at.gv.egovernment.moa.id.auth.MOAIDAuthConstants#PARAM_XMLRESPONSE PARAM_XMLRESPONSE} containing a {@code CreateXMLSignatureResponse}.</li>
- * </ul>
- * Result:
- * <ul>
- * <li>Identity link, QAA level 4 and foreigner flag put into moa session.</li>
- * <li>Redirect to {@code /dispatcher}.</li>
- * </ul>
- * Code taken from {@link at.gv.egovernment.moa.id.auth.servlet.GetForeignIDServlet}.
- * @see #execute(ExecutionContext, HttpServletRequest, HttpServletResponse)
- *
- */
-public class GetForeignIDTask extends AbstractAuthServletTask {
-
- @Override
- public void execute(ExecutionContext executionContext, HttpServletRequest req, HttpServletResponse resp)
- throws TaskExecutionException {
-
- Logger.debug("POST GetForeignIDServlet");
-
- setNoCachingHeaders(resp);
-
- Map<String, String> parameters;
-
- try {
- parameters = getParameters(req);
-
- } catch (FileUploadException | IOException e) {
- Logger.error("Parsing mulitpart/form-data request parameters failed: " + e.getMessage());
- throw new TaskExecutionException("Parsing mulitpart/form-data request parameters failed", new IOException(e.getMessage()));
- }
-
- String sessionID = StringEscapeUtils.escapeHtml(req.getParameter(PARAM_SESSIONID));
- String pendingRequestID = null;
- String redirectURL = null;
- AuthenticationSession session = null;
- try {
- // check parameter
- if (!ParamValidatorUtils.isValidSessionID(sessionID)) {
- throw new WrongParametersException("GetForeignID", PARAM_SESSIONID, "auth.12");
- }
- String xmlCreateXMLSignatureResponse = (String) parameters.get(PARAM_XMLRESPONSE);
- if (!ParamValidatorUtils.isValidXMLDocument(xmlCreateXMLSignatureResponse)) {
- throw new WrongParametersException("GetForeignID", PARAM_XMLRESPONSE, "auth.12");
- }
- pendingRequestID = AuthenticationSessionStoreage.getPendingRequestID(sessionID);
- session = AuthenticationServer.getSession(sessionID);
-
- IRequest pendingReq = RequestStorage.getPendingRequest(
- (String) executionContext.get("pendingRequestID"));
- MOAReversionLogger.getInstance().logEvent(pendingReq.getOnlineApplicationConfiguration(),
- pendingReq, MOAIDEventConstants.AUTHPROCESS_BKU_DATAURL_IP, req.getRemoteHost());
-
- // change MOASessionID
- sessionID = AuthenticationSessionStoreage.changeSessionID(session);
-
- Logger.debug(xmlCreateXMLSignatureResponse);
-
- CreateXMLSignatureResponse csresp = new CreateXMLSignatureResponseParser(xmlCreateXMLSignatureResponse)
- .parseResponseDsig();
-
- try {
- String serializedAssertion = DOMUtils.serializeNode(csresp.getDsigSignature());
- session.setAuthBlock(serializedAssertion);
-
- } catch (TransformerException e) {
- throw new ParseException("parser.04", new Object[] { REQ_VERIFY_AUTH_BLOCK, PARAM_XMLRESPONSE });
-
- } catch (IOException e) {
- throw new ParseException("parser.04", new Object[] { REQ_VERIFY_AUTH_BLOCK, PARAM_XMLRESPONSE });
-
- }
-
- Element signature = csresp.getDsigSignature();
-
- try {
- session.setSignerCertificate(AuthenticationServer.getCertificateFromXML(signature));
- } catch (CertificateException e) {
- Logger.error("Could not extract certificate from CreateXMLSignatureResponse");
- throw new MOAIDException("auth.14", null);
- }
-
- MOAReversionLogger.getInstance().logEvent(pendingReq.getOnlineApplicationConfiguration(),
- pendingReq, MOAIDEventConstants.AUTHPROCESS_FOREIGN_SZRGW_CONNECTED);
-
- // make SZR request to the identity link
- CreateIdentityLinkResponse response = AuthenticationServer.getInstance().getIdentityLink(signature);
-
- if (null != response.getErrorResponse()) {
- // TODO fix exception parameter
- throw new SZRGWClientException("service.08", (String) response.getErrorResponse().getErrorCode(),
- (String) response.getErrorResponse().getInfo());
- } else {
- IdentityLinkAssertionParser ilParser = new IdentityLinkAssertionParser(new ByteArrayInputStream(
- response.getIdentityLink()));
- IdentityLink identitylink = ilParser.parseIdentityLink();
- session.setIdentityLink(identitylink);
-
- // set QAA Level four in case of card authentifcation
- session.setQAALevel(PVPConstants.STORK_QAA_1_4);
-
- AuthenticationServer.getInstance().getForeignAuthenticationData(session);
-
- // session is implicit stored in changeSessionID!!!!
- String newMOASessionID = AuthenticationSessionStoreage.changeSessionID(session);
-
- Logger.info("Changed MOASession " + sessionID + " to Session " + newMOASessionID);
- Logger.info("Daten angelegt zu MOASession " + newMOASessionID);
-
- MOAReversionLogger.getInstance().logEvent(pendingReq.getOnlineApplicationConfiguration(),
- pendingReq, MOAIDEventConstants.AUTHPROCESS_FOREIGN_SZRGW_RECEIVED);
-
- try {
- AuthenticationSessionStoreage.storeSession(session);
- } catch (MOADatabaseException e) {
- throw new MOAIDException("Session store error", null);
- }
-
- //put session to context
- executionContext.put(PARAM_SESSIONID, session.getSessionID());
- }
-
- } catch (MOAIDException ex) {
- throw new TaskExecutionException(ex.getMessage(), ex);
-
- } catch (Exception e) {
- Logger.error("GetForeignIDServlet has an interal Error.", e);
- throw new TaskExecutionException(e.getMessage(), e);
-
- }
-
- }
-
-}
+package at.gv.egovernment.moa.id.auth.modules.internal.tasks; + +import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.*; + +import java.io.ByteArrayInputStream; +import java.io.IOException; +import java.security.cert.CertificateException; +import java.util.Map; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import javax.xml.transform.TransformerException; + +import org.apache.commons.fileupload.FileUploadException; +import org.apache.commons.lang.StringEscapeUtils; +import org.w3c.dom.Element; + +import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants; +import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger; +import at.gv.egovernment.moa.id.auth.AuthenticationServer; +import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder; +import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; +import at.gv.egovernment.moa.id.auth.data.CreateXMLSignatureResponse; +import at.gv.egovernment.moa.id.auth.data.IdentityLink; +import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +import at.gv.egovernment.moa.id.auth.exception.ParseException; +import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; +import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask; +import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException; +import at.gv.egovernment.moa.id.auth.parser.CreateXMLSignatureResponseParser; +import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser; +import at.gv.egovernment.moa.id.client.SZRGWClientException; +import at.gv.egovernment.moa.id.client.utils.SZRGWClientUtils; +import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; +import at.gv.egovernment.moa.id.moduls.IRequest; +import at.gv.egovernment.moa.id.moduls.ModulUtils; +import at.gv.egovernment.moa.id.moduls.RequestStorage; +import at.gv.egovernment.moa.id.process.api.ExecutionContext; +import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; +import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; +import at.gv.egovernment.moa.id.util.ParamValidatorUtils; +import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.DOMUtils; +import at.gv.util.xsd.srzgw.CreateIdentityLinkResponse; + +/** + * Evaluates the {@code CreateXMLSignatureResponse}, extracts signature and certificate and asks the SZR Gateway for an identity link.<p/> + * In detail: + * <ul> + * <li>Renames the moa session id.</li> + * <li>Parses the CreateXMLSignatureResponse retrieved from POST parameter {@linkplain at.gv.egovernment.moa.id.auth.MOAIDAuthConstants#PARAM_XMLRESPONSE PARAM_XMLRESPONSE}.</li> + * <li>Extracts signature and signer certificate.</li> + * <li>Send request to SZR Gateway in order to get an identity link.</li> + * <li>Updates moa session (sets identity link, QAA level 4, authentication data and foreigner flag).</li> + * <li>Redirects back to {@code /dispatcher} in order to finalize authentication.</li> + * </ul> + * Expects: + * <ul> + * <li>HttpServletRequest parameter {@linkplain at.gv.egovernment.moa.id.auth.MOAIDAuthConstants#PARAM_SESSIONID PARAM_SESSIONID}</li> + * <li>HttpServletRequest parameter {@linkplain at.gv.egovernment.moa.id.auth.MOAIDAuthConstants#PARAM_XMLRESPONSE PARAM_XMLRESPONSE} containing a {@code CreateXMLSignatureResponse}.</li> + * </ul> + * Result: + * <ul> + * <li>Identity link, QAA level 4 and foreigner flag put into moa session.</li> + * <li>Redirect to {@code /dispatcher}.</li> + * </ul> + * Code taken from {@link at.gv.egovernment.moa.id.auth.servlet.GetForeignIDServlet}. + * @see #execute(ExecutionContext, HttpServletRequest, HttpServletResponse) + * + */ +public class GetForeignIDTask extends AbstractAuthServletTask { + + @Override + public void execute(ExecutionContext executionContext, HttpServletRequest req, HttpServletResponse resp) + throws TaskExecutionException { + + Logger.debug("POST GetForeignIDServlet"); + + setNoCachingHeaders(resp); + + Map<String, String> parameters; + + try { + parameters = getParameters(req); + + } catch (FileUploadException | IOException e) { + Logger.error("Parsing mulitpart/form-data request parameters failed: " + e.getMessage()); + throw new TaskExecutionException("Parsing mulitpart/form-data request parameters failed", new IOException(e.getMessage())); + } + + String sessionID = StringEscapeUtils.escapeHtml(req.getParameter(PARAM_SESSIONID)); + String pendingRequestID = null; + String redirectURL = null; + AuthenticationSession session = null; + try { + // check parameter + if (!ParamValidatorUtils.isValidSessionID(sessionID)) { + throw new WrongParametersException("GetForeignID", PARAM_SESSIONID, "auth.12"); + } + String xmlCreateXMLSignatureResponse = (String) parameters.get(PARAM_XMLRESPONSE); + if (!ParamValidatorUtils.isValidXMLDocument(xmlCreateXMLSignatureResponse)) { + throw new WrongParametersException("GetForeignID", PARAM_XMLRESPONSE, "auth.12"); + } + pendingRequestID = AuthenticationSessionStoreage.getPendingRequestID(sessionID); + session = AuthenticationServer.getSession(sessionID); + + IRequest pendingReq = RequestStorage.getPendingRequest( + (String) executionContext.get("pendingRequestID")); + MOAReversionLogger.getInstance().logEvent(pendingReq.getOnlineApplicationConfiguration(), + pendingReq, MOAIDEventConstants.AUTHPROCESS_BKU_DATAURL_IP, req.getRemoteHost()); + + // change MOASessionID + sessionID = AuthenticationSessionStoreage.changeSessionID(session); + + Logger.debug(xmlCreateXMLSignatureResponse); + + CreateXMLSignatureResponse csresp = new CreateXMLSignatureResponseParser(xmlCreateXMLSignatureResponse) + .parseResponseDsig(); + + try { + String serializedAssertion = DOMUtils.serializeNode(csresp.getDsigSignature()); + session.setAuthBlock(serializedAssertion); + + } catch (TransformerException e) { + throw new ParseException("parser.04", new Object[] { REQ_VERIFY_AUTH_BLOCK, PARAM_XMLRESPONSE }); + + } catch (IOException e) { + throw new ParseException("parser.04", new Object[] { REQ_VERIFY_AUTH_BLOCK, PARAM_XMLRESPONSE }); + + } + + Element signature = csresp.getDsigSignature(); + + try { + session.setSignerCertificate(AuthenticationServer.getCertificateFromXML(signature)); + } catch (CertificateException e) { + Logger.error("Could not extract certificate from CreateXMLSignatureResponse"); + throw new MOAIDException("auth.14", null); + } + + MOAReversionLogger.getInstance().logEvent(pendingReq.getOnlineApplicationConfiguration(), + pendingReq, MOAIDEventConstants.AUTHPROCESS_FOREIGN_SZRGW_CONNECTED); + + // make SZR request to the identity link + CreateIdentityLinkResponse response = SZRGWClientUtils.getIdentityLink(signature); + + if (null != response.getErrorResponse()) { + // TODO fix exception parameter + throw new SZRGWClientException("service.08", (String) response.getErrorResponse().getErrorCode(), + (String) response.getErrorResponse().getInfo()); + } else { + IdentityLinkAssertionParser ilParser = new IdentityLinkAssertionParser(new ByteArrayInputStream( + response.getIdentityLink())); + IdentityLink identitylink = ilParser.parseIdentityLink(); + session.setIdentityLink(identitylink); + + // set QAA Level four in case of card authentifcation + session.setQAALevel(PVPConstants.STORK_QAA_1_4); + + AuthenticationServer.getInstance().getForeignAuthenticationData(session); + + // session is implicit stored in changeSessionID!!!! + String newMOASessionID = AuthenticationSessionStoreage.changeSessionID(session); + + Logger.info("Changed MOASession " + sessionID + " to Session " + newMOASessionID); + Logger.info("Daten angelegt zu MOASession " + newMOASessionID); + + MOAReversionLogger.getInstance().logEvent(pendingReq.getOnlineApplicationConfiguration(), + pendingReq, MOAIDEventConstants.AUTHPROCESS_FOREIGN_SZRGW_RECEIVED); + + try { + AuthenticationSessionStoreage.storeSession(session); + } catch (MOADatabaseException e) { + throw new MOAIDException("Session store error", null); + } + + //put session to context + executionContext.put(PARAM_SESSIONID, session.getSessionID()); + } + + } catch (MOAIDException ex) { + throw new TaskExecutionException(ex.getMessage(), ex); + + } catch (Exception e) { + Logger.error("GetForeignIDServlet has an interal Error.", e); + throw new TaskExecutionException(e.getMessage(), e); + + } + + } + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetMISSessionIDTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetMISSessionIDTask.java index 4951dcab8..d85681b40 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetMISSessionIDTask.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetMISSessionIDTask.java @@ -1,184 +1,184 @@ -package at.gv.egovernment.moa.id.auth.modules.internal.tasks;
-
-import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.*;
-import iaik.pki.PKIException;
-
-import java.security.GeneralSecurityException;
-import java.util.List;
-
-import javax.net.ssl.SSLSocketFactory;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import javax.xml.parsers.ParserConfigurationException;
-
-import org.apache.commons.lang.StringEscapeUtils;
-import org.xml.sax.SAXException;
-
-import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
-import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger;
-import at.gv.egovernment.moa.id.auth.AuthenticationServer;
-import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder;
-import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
-import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
-import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
-import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
-import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask;
-import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException;
-
-import at.gv.egovernment.moa.id.config.ConnectionParameter;
-import at.gv.egovernment.moa.id.config.auth.AuthConfiguration;
-import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
-import at.gv.egovernment.moa.id.moduls.IRequest;
-import at.gv.egovernment.moa.id.moduls.ModulUtils;
-import at.gv.egovernment.moa.id.moduls.RequestStorage;
-import at.gv.egovernment.moa.id.process.api.ExecutionContext;
-import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants;
-import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
-import at.gv.egovernment.moa.id.util.ParamValidatorUtils;
-import at.gv.egovernment.moa.id.util.SSLUtils;
-import at.gv.egovernment.moa.id.util.client.mis.simple.MISMandate;
-import at.gv.egovernment.moa.id.util.client.mis.simple.MISSimpleClient;
-import at.gv.egovernment.moa.logging.Logger;
-import at.gv.egovernment.moa.util.DOMUtils;
-
-/**
- * Retrieves a mandate from the online mandate issuing service.<p/>
- * In detail:
- * <ul>
- * <li>Renames the moa session id.</li>
- * <li>Retrieves the mandate referenced within the moa session from the online (external) mandate issuing service.</li>
- * <li>Verifies the mandate.</li>
- * <li>Puts mandate into moa session.</li>
- * <li>Redirects back to {@code /dispatcher} in order to finalize the authentication.</li>
- * </ul>
- * Expects:
- * <ul>
- * <li>HttpServletRequest parameter {@linkplain at.gv.egovernment.moa.id.auth.MOAIDAuthConstants#PARAM_SESSIONID PARAM_SESSIONID}</li>
- * </ul>
- * Result:
- * <ul>
- * <li>Mandate put into moa session.</li>
- * <li>Redirect to {@code /dispatcher}.</li>
- * </ul>
- * Code taken from {@link at.gv.egovernment.moa.id.auth.servlet.GetMISSessionIDServlet}.
- * @see #execute(ExecutionContext, HttpServletRequest, HttpServletResponse)
- *
- */
-public class GetMISSessionIDTask extends AbstractAuthServletTask {
-
- @Override
- public void execute(ExecutionContext executionContext, HttpServletRequest req, HttpServletResponse resp)
- throws TaskExecutionException {
-
- Logger.debug("POST GetMISSessionIDServlet");
-
- String sessionID = req.getParameter(PARAM_SESSIONID);
-
- // escape parameter strings
- sessionID = StringEscapeUtils.escapeHtml(sessionID);
-
- AuthenticationSession session = null;
- String pendingRequestID = null;
- try {
- // check parameter
- if (!ParamValidatorUtils.isValidSessionID(sessionID))
- throw new WrongParametersException("VerifyCertificate",
- PARAM_SESSIONID, "auth.12");
-
- pendingRequestID = AuthenticationSessionStoreage.getPendingRequestID(sessionID);
-
- session = AuthenticationServer.getSession(sessionID);
-
- IRequest pendingReq = RequestStorage.getPendingRequest(
- (String) executionContext.get("pendingRequestID"));
-
- //change MOASessionID
- sessionID = AuthenticationSessionStoreage.changeSessionID(session);
-
- String misSessionID = session.getMISSessionID();
-
- AuthConfiguration authConf = AuthConfigurationProviderFactory
- .getInstance();
- ConnectionParameter connectionParameters = authConf
- .getOnlineMandatesConnectionParameter();
- SSLSocketFactory sslFactory = SSLUtils.getSSLSocketFactory(
- AuthConfigurationProviderFactory.getInstance(),
- connectionParameters);
-
- List<MISMandate> list = MISSimpleClient.sendGetMandatesRequest(
- connectionParameters.getUrl(), misSessionID, sslFactory);
-
- if (list == null || list.size() == 0) {
- Logger.error("Keine Vollmacht gefunden.");
- throw new AuthenticationException("auth.15", null);
- }
-
- MOAReversionLogger.getInstance().logEvent(pendingReq.getOnlineApplicationConfiguration(),
- pendingReq, MOAIDEventConstants.AUTHPROCESS_MANDATE_RECEIVED);
-
-
- // for now: list contains only one element
- MISMandate mandate = (MISMandate) list.get(0);
-
- // TODO[tlenz]: UTF-8 ?
- String sMandate = new String(mandate.getMandate());
- if (sMandate == null || sMandate.compareToIgnoreCase("") == 0) {
- Logger.error("Mandate is empty.");
- throw new AuthenticationException("auth.15",
- new Object[] { GET_MIS_SESSIONID });
- }
-
- //check if it is a parsable XML
- byte[] byteMandate = mandate.getMandate();
- // TODO[tlenz]: UTF-8 ?
- String stringMandate = new String(byteMandate);
- DOMUtils.parseDocument(stringMandate, false,
- null, null).getDocumentElement();
-
- // extract RepresentationType
- AuthenticationServer.getInstance().verifyMandate(session, mandate);
-
- session.setMISMandate(mandate);
-
- //log mandate specific set of events
- MOAReversionLogger.getInstance().logMandateEventSet(pendingReq, mandate);
-
- String oldsessionID = session.getSessionID();
-
- //Session is implicite stored in changeSessionID!!!
- String newMOASessionID = AuthenticationSessionStoreage.changeSessionID(session);
-
- Logger.info("Changed MOASession " + oldsessionID + " to Session " + newMOASessionID);
- Logger.info("Daten angelegt zu MOASession " + newMOASessionID);
-
- //put session to context
- executionContext.put(PARAM_SESSIONID, session.getSessionID());
-
-
- } catch (MOAIDException ex) {
- throw new TaskExecutionException(ex.getMessage(), ex);
-
- } catch (GeneralSecurityException ex) {
- throw new TaskExecutionException(ex.getMessage(), ex);
-
- } catch (PKIException e) {
- throw new TaskExecutionException(e.getMessage(), e);
-
- } catch (SAXException e) {
- throw new TaskExecutionException(e.getMessage(), e);
-
- } catch (ParserConfigurationException e) {
- throw new TaskExecutionException(e.getMessage(), e);
-
- } catch (Exception e) {
- Logger.error("MISMandateValidation has an interal Error.", e);
- throw new TaskExecutionException(e.getMessage(), e);
-
- }
- finally {
-
- }
-
- }
-
-}
+package at.gv.egovernment.moa.id.auth.modules.internal.tasks; + +import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.*; +import iaik.pki.PKIException; + +import java.security.GeneralSecurityException; +import java.util.List; + +import javax.net.ssl.SSLSocketFactory; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import javax.xml.parsers.ParserConfigurationException; + +import org.apache.commons.lang.StringEscapeUtils; +import org.xml.sax.SAXException; + +import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants; +import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger; +import at.gv.egovernment.moa.id.auth.AuthenticationServer; +import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder; +import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; +import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; +import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; +import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask; +import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException; + +import at.gv.egovernment.moa.id.config.ConnectionParameter; +import at.gv.egovernment.moa.id.config.auth.AuthConfiguration; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; +import at.gv.egovernment.moa.id.data.MISMandate; +import at.gv.egovernment.moa.id.moduls.IRequest; +import at.gv.egovernment.moa.id.moduls.ModulUtils; +import at.gv.egovernment.moa.id.moduls.RequestStorage; +import at.gv.egovernment.moa.id.process.api.ExecutionContext; +import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; +import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; +import at.gv.egovernment.moa.id.util.ParamValidatorUtils; +import at.gv.egovernment.moa.id.util.SSLUtils; +import at.gv.egovernment.moa.id.util.client.mis.simple.MISSimpleClient; +import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.DOMUtils; + +/** + * Retrieves a mandate from the online mandate issuing service.<p/> + * In detail: + * <ul> + * <li>Renames the moa session id.</li> + * <li>Retrieves the mandate referenced within the moa session from the online (external) mandate issuing service.</li> + * <li>Verifies the mandate.</li> + * <li>Puts mandate into moa session.</li> + * <li>Redirects back to {@code /dispatcher} in order to finalize the authentication.</li> + * </ul> + * Expects: + * <ul> + * <li>HttpServletRequest parameter {@linkplain at.gv.egovernment.moa.id.auth.MOAIDAuthConstants#PARAM_SESSIONID PARAM_SESSIONID}</li> + * </ul> + * Result: + * <ul> + * <li>Mandate put into moa session.</li> + * <li>Redirect to {@code /dispatcher}.</li> + * </ul> + * Code taken from {@link at.gv.egovernment.moa.id.auth.servlet.GetMISSessionIDServlet}. + * @see #execute(ExecutionContext, HttpServletRequest, HttpServletResponse) + * + */ +public class GetMISSessionIDTask extends AbstractAuthServletTask { + + @Override + public void execute(ExecutionContext executionContext, HttpServletRequest req, HttpServletResponse resp) + throws TaskExecutionException { + + Logger.debug("POST GetMISSessionIDServlet"); + + String sessionID = req.getParameter(PARAM_SESSIONID); + + // escape parameter strings + sessionID = StringEscapeUtils.escapeHtml(sessionID); + + AuthenticationSession session = null; + String pendingRequestID = null; + try { + // check parameter + if (!ParamValidatorUtils.isValidSessionID(sessionID)) + throw new WrongParametersException("VerifyCertificate", + PARAM_SESSIONID, "auth.12"); + + pendingRequestID = AuthenticationSessionStoreage.getPendingRequestID(sessionID); + + session = AuthenticationServer.getSession(sessionID); + + IRequest pendingReq = RequestStorage.getPendingRequest( + (String) executionContext.get("pendingRequestID")); + + //change MOASessionID + sessionID = AuthenticationSessionStoreage.changeSessionID(session); + + String misSessionID = session.getMISSessionID(); + + AuthConfiguration authConf = AuthConfigurationProviderFactory + .getInstance(); + ConnectionParameter connectionParameters = authConf + .getOnlineMandatesConnectionParameter(); + SSLSocketFactory sslFactory = SSLUtils.getSSLSocketFactory( + AuthConfigurationProviderFactory.getInstance(), + connectionParameters); + + List<MISMandate> list = MISSimpleClient.sendGetMandatesRequest( + connectionParameters.getUrl(), misSessionID, sslFactory); + + if (list == null || list.size() == 0) { + Logger.error("Keine Vollmacht gefunden."); + throw new AuthenticationException("auth.15", null); + } + + MOAReversionLogger.getInstance().logEvent(pendingReq.getOnlineApplicationConfiguration(), + pendingReq, MOAIDEventConstants.AUTHPROCESS_MANDATE_RECEIVED); + + + // for now: list contains only one element + MISMandate mandate = (MISMandate) list.get(0); + + // TODO[tlenz]: UTF-8 ? + String sMandate = new String(mandate.getMandate()); + if (sMandate == null || sMandate.compareToIgnoreCase("") == 0) { + Logger.error("Mandate is empty."); + throw new AuthenticationException("auth.15", + new Object[] { GET_MIS_SESSIONID }); + } + + //check if it is a parsable XML + byte[] byteMandate = mandate.getMandate(); + // TODO[tlenz]: UTF-8 ? + String stringMandate = new String(byteMandate); + DOMUtils.parseDocument(stringMandate, false, + null, null).getDocumentElement(); + + // extract RepresentationType + AuthenticationServer.getInstance().verifyMandate(session, mandate); + + session.setMISMandate(mandate); + + //log mandate specific set of events + MOAReversionLogger.getInstance().logMandateEventSet(pendingReq, mandate); + + String oldsessionID = session.getSessionID(); + + //Session is implicite stored in changeSessionID!!! + String newMOASessionID = AuthenticationSessionStoreage.changeSessionID(session); + + Logger.info("Changed MOASession " + oldsessionID + " to Session " + newMOASessionID); + Logger.info("Daten angelegt zu MOASession " + newMOASessionID); + + //put session to context + executionContext.put(PARAM_SESSIONID, session.getSessionID()); + + + } catch (MOAIDException ex) { + throw new TaskExecutionException(ex.getMessage(), ex); + + } catch (GeneralSecurityException ex) { + throw new TaskExecutionException(ex.getMessage(), ex); + + } catch (PKIException e) { + throw new TaskExecutionException(e.getMessage(), e); + + } catch (SAXException e) { + throw new TaskExecutionException(e.getMessage(), e); + + } catch (ParserConfigurationException e) { + throw new TaskExecutionException(e.getMessage(), e); + + } catch (Exception e) { + Logger.error("MISMandateValidation has an interal Error.", e); + throw new TaskExecutionException(e.getMessage(), e); + + } + finally { + + } + + } + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareAuthBlockSignatureTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareAuthBlockSignatureTask.java index 4dcd48f57..469ca91a9 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareAuthBlockSignatureTask.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareAuthBlockSignatureTask.java @@ -1,101 +1,101 @@ -package at.gv.egovernment.moa.id.auth.modules.internal.tasks;
-
-import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.*;
-
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import org.apache.commons.lang.StringEscapeUtils;
-
-import at.gv.egovernment.moa.id.auth.AuthenticationServer;
-import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
-import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
-import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
-import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask;
-import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException;
-
-import at.gv.egovernment.moa.id.config.auth.AuthConfiguration;
-import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
-import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
-import at.gv.egovernment.moa.id.process.api.ExecutionContext;
-import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
-import at.gv.egovernment.moa.id.util.ParamValidatorUtils;
-import at.gv.egovernment.moa.id.util.ServletUtils;
-import at.gv.egovernment.moa.logging.Logger;
-
-/**
- * Creates {@code CreateXMLSignatureRequest} for auth block signature.<p/>
- * In detail:
- * <ul>
- * <li>Renames the moa session id.</li>
- * <li>Creates {@code CreateXMLSignatureRequest} for auth block signature.</li>
- * <li>Responds with {@code CreateXMLSignatureRequest} (for CCE), {@code DataURL} is {@code /VerifyAuthBlock}</li>
- * </ul>
- * Expects:
- * <ul>
- * <li>HttpServletRequest parameter {@linkplain at.gv.egovernment.moa.id.auth.MOAIDAuthConstants#PARAM_SESSIONID PARAM_SESSIONID}</li>
- * </ul>
- * Result:
- * <ul>
- * <li>Responds with {@code CreateXMLSignatureRequest} (for CCE), {@code DataURL} is {@code /VerifyAuthBlock}</li>
- * </ul>
- * Code taken from {@link at.gv.egovernment.moa.id.auth.servlet.VerifyIdentityLinkServlet}.
- * @see #execute(ExecutionContext, HttpServletRequest, HttpServletResponse)
- *
- */
-public class PrepareAuthBlockSignatureTask extends AbstractAuthServletTask {
-
- @Override
- public void execute(ExecutionContext executionContext, HttpServletRequest req, HttpServletResponse resp)
- throws TaskExecutionException {
- // note: code taken from at.gv.egovernment.moa.id.auth.servlet.VerifyIdentityLinkServlet
-
- Logger.debug("Process IdentityLink");
-
- setNoCachingHeaders(resp);
-
- String pendingRequestID = null;
-
- try {
-
- String sessionID = StringEscapeUtils.escapeHtml(req.getParameter(PARAM_SESSIONID));
-
- // check parameter
- if (!ParamValidatorUtils.isValidSessionID(sessionID)) {
- throw new WrongParametersException("VerifyIdentityLink", PARAM_SESSIONID, "auth.12");
- }
-
- pendingRequestID = AuthenticationSessionStoreage.getPendingRequestID(sessionID);
-
- AuthenticationSession session = AuthenticationServer.getSession(sessionID);
-
- // change MOASessionID
- sessionID = AuthenticationSessionStoreage.changeSessionID(session);
-
- OAAuthParameter oaParam = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(
- session.getPublicOAURLPrefix());
- AuthConfiguration authConf = AuthConfigurationProviderFactory.getInstance();
-
- String createXMLSignatureRequest = AuthenticationServer.getInstance()
- .getCreateXMLSignatureRequestAuthBlockOrRedirect(session, authConf, oaParam);
-
- AuthenticationSessionStoreage.storeSession(session);
-
- ServletUtils.writeCreateXMLSignatureRequestOrRedirect(resp, session,
- createXMLSignatureRequest, AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT,
- "VerifyIdentityLink");
-
- } catch (MOAIDException ex) {
- throw new TaskExecutionException(ex.getMessage(), ex);
-
- } catch (Exception e) {
- Logger.error("IdentityLinkValidation has an interal Error.", e);
- throw new TaskExecutionException(e.getMessage(), e);
- }
-
- finally {
-
- }
- }
-
-}
+package at.gv.egovernment.moa.id.auth.modules.internal.tasks; + +import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.*; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.apache.commons.lang.StringEscapeUtils; + +import at.gv.egovernment.moa.id.auth.AuthenticationServer; +import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; +import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; +import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask; +import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException; + +import at.gv.egovernment.moa.id.config.auth.AuthConfiguration; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; +import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; +import at.gv.egovernment.moa.id.process.api.ExecutionContext; +import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; +import at.gv.egovernment.moa.id.util.CitizenCardServletUtils; +import at.gv.egovernment.moa.id.util.ParamValidatorUtils; +import at.gv.egovernment.moa.logging.Logger; + +/** + * Creates {@code CreateXMLSignatureRequest} for auth block signature.<p/> + * In detail: + * <ul> + * <li>Renames the moa session id.</li> + * <li>Creates {@code CreateXMLSignatureRequest} for auth block signature.</li> + * <li>Responds with {@code CreateXMLSignatureRequest} (for CCE), {@code DataURL} is {@code /VerifyAuthBlock}</li> + * </ul> + * Expects: + * <ul> + * <li>HttpServletRequest parameter {@linkplain at.gv.egovernment.moa.id.auth.MOAIDAuthConstants#PARAM_SESSIONID PARAM_SESSIONID}</li> + * </ul> + * Result: + * <ul> + * <li>Responds with {@code CreateXMLSignatureRequest} (for CCE), {@code DataURL} is {@code /VerifyAuthBlock}</li> + * </ul> + * Code taken from {@link at.gv.egovernment.moa.id.auth.servlet.VerifyIdentityLinkServlet}. + * @see #execute(ExecutionContext, HttpServletRequest, HttpServletResponse) + * + */ +public class PrepareAuthBlockSignatureTask extends AbstractAuthServletTask { + + @Override + public void execute(ExecutionContext executionContext, HttpServletRequest req, HttpServletResponse resp) + throws TaskExecutionException { + // note: code taken from at.gv.egovernment.moa.id.auth.servlet.VerifyIdentityLinkServlet + + Logger.debug("Process IdentityLink"); + + setNoCachingHeaders(resp); + + String pendingRequestID = null; + + try { + + String sessionID = StringEscapeUtils.escapeHtml(req.getParameter(PARAM_SESSIONID)); + + // check parameter + if (!ParamValidatorUtils.isValidSessionID(sessionID)) { + throw new WrongParametersException("VerifyIdentityLink", PARAM_SESSIONID, "auth.12"); + } + + pendingRequestID = AuthenticationSessionStoreage.getPendingRequestID(sessionID); + + AuthenticationSession session = AuthenticationServer.getSession(sessionID); + + // change MOASessionID + sessionID = AuthenticationSessionStoreage.changeSessionID(session); + + OAAuthParameter oaParam = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter( + session.getPublicOAURLPrefix()); + AuthConfiguration authConf = AuthConfigurationProviderFactory.getInstance(); + + String createXMLSignatureRequest = AuthenticationServer.getInstance() + .getCreateXMLSignatureRequestAuthBlockOrRedirect(session, authConf, oaParam); + + AuthenticationSessionStoreage.storeSession(session); + + CitizenCardServletUtils.writeCreateXMLSignatureRequestOrRedirect(resp, session, + createXMLSignatureRequest, AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT, + "VerifyIdentityLink"); + + } catch (MOAIDException ex) { + throw new TaskExecutionException(ex.getMessage(), ex); + + } catch (Exception e) { + Logger.error("IdentityLinkValidation has an interal Error.", e); + throw new TaskExecutionException(e.getMessage(), e); + } + + finally { + + } + } + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareGetMISMandateTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareGetMISMandateTask.java index 099bc085c..099bc085c 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareGetMISMandateTask.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareGetMISMandateTask.java diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyAuthenticationBlockTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyAuthenticationBlockTask.java index da464ba68..35104bf3e 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyAuthenticationBlockTask.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyAuthenticationBlockTask.java @@ -1,160 +1,160 @@ -package at.gv.egovernment.moa.id.auth.modules.internal.tasks;
-
-import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.*;
-import iaik.pki.PKIException;
-
-import java.io.IOException;
-import java.security.GeneralSecurityException;
-import java.util.List;
-import java.util.Map;
-
-import javax.net.ssl.SSLSocketFactory;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import javax.xml.transform.TransformerException;
-
-import org.apache.commons.fileupload.FileUploadException;
-import org.apache.commons.lang.StringEscapeUtils;
-import org.w3c.dom.Element;
-
-import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
-import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger;
-import at.gv.egovernment.moa.id.auth.AuthenticationServer;
-import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder;
-import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
-import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
-import at.gv.egovernment.moa.id.auth.exception.MISSimpleClientException;
-import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
-import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
-import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask;
-import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException;
-
-import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
-import at.gv.egovernment.moa.id.config.ConnectionParameter;
-import at.gv.egovernment.moa.id.config.auth.AuthConfiguration;
-import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
-import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
-import at.gv.egovernment.moa.id.moduls.IRequest;
-import at.gv.egovernment.moa.id.moduls.ModulUtils;
-import at.gv.egovernment.moa.id.moduls.RequestStorage;
-import at.gv.egovernment.moa.id.process.api.ExecutionContext;
-import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
-import at.gv.egovernment.moa.id.util.ParamValidatorUtils;
-import at.gv.egovernment.moa.id.util.SSLUtils;
-import at.gv.egovernment.moa.id.util.client.mis.simple.MISSessionId;
-import at.gv.egovernment.moa.id.util.client.mis.simple.MISSimpleClient;
-import at.gv.egovernment.moa.logging.Logger;
-import at.gv.egovernment.moa.util.DOMUtils;
-
-/**
- * Verifies the signed authentication block (provided as {@code CreateXMLSignatureResponse}).<p/>
- * In detail:
- * <ul>
- * <li>Renames the moa session id.</li>
- * <li>Takes the {@code CreateXMLSignatureResponse} from POST parameter {@linkplain at.gv.egovernment.moa.id.auth.MOAIDAuthConstants#PARAM_XMLRESPONSE PARAM_XMLRESPONSE}.</li>
- * <li>Verifies the {@code CreateXMLSignatureResponse}.</li>
- * <li>Updates moa session.</li>
- * <li>Redirects back to {@code /dispatcher} in order to finalize the authentication.</li>
- * </ul>
- * Expects:
- * <ul>
- * <li>HttpServletRequest parameter {@linkplain at.gv.egovernment.moa.id.auth.MOAIDAuthConstants#PARAM_SESSIONID PARAM_SESSIONID}</li>
- * <li>HttpServletRequest parameter {@linkplain at.gv.egovernment.moa.id.auth.MOAIDAuthConstants#PARAM_XMLRESPONSE PARAM_XMLRESPONSE} containing a {@code CreateXMLSignatureResponse}.</li>
- * </ul>
- * Result:
- * <ul>
- * <li>Authentication data put into moa session.</li>
- * <li>Redirect to {@code /dispatcher}.</li>
- * </ul>
- * Possible branches:
- * <ul>
- * <li>In case of mandate mode
- * <ul>
- * <li>Creates a mandate session at the external mandate issuing service.</li>
- * <li>Redirects the user's browser to the online mandate issuing service GUI.</li>
- * </ul>
- * </li>
- * </ul>
- * Code taken from {@link at.gv.egovernment.moa.id.auth.servlet.VerifyAuthenticationBlockServlet}.
- * @see #execute(ExecutionContext, HttpServletRequest, HttpServletResponse)
- *
- */
-public class VerifyAuthenticationBlockTask extends AbstractAuthServletTask {
-
- @Override
- public void execute(ExecutionContext executionContext, HttpServletRequest req, HttpServletResponse resp)
- throws TaskExecutionException {
-
- // note: code taken from at.gv.egovernment.moa.id.auth.servlet.VerifyAuthenticationBlockServlet
-
- Logger.debug("POST VerifyAuthenticationBlock");
-
- String pendingRequestID = null;
-
- Map<String, String> parameters;
- try
- {
- parameters = getParameters(req);
-
- } catch (FileUploadException | IOException e)
- {
- Logger.error("Parsing mulitpart/form-data request parameters failed: " + e.getMessage());
- throw new TaskExecutionException("Parsing mulitpart/form-data request parameters failed", new IOException(e.getMessage()));
- }
-
- String sessionID = req.getParameter(PARAM_SESSIONID);
- String createXMLSignatureResponse = (String)parameters.get(PARAM_XMLRESPONSE);
-
- // escape parameter strings
- sessionID = StringEscapeUtils.escapeHtml(sessionID);
- pendingRequestID = AuthenticationSessionStoreage.getPendingRequestID(sessionID);
-
- String redirectURL = null;
- try {
- // check parameter
- if (!ParamValidatorUtils.isValidSessionID(sessionID))
- throw new WrongParametersException("VerifyAuthenticationBlock", PARAM_SESSIONID, "auth.12");
- if (!ParamValidatorUtils.isValidXMLDocument(createXMLSignatureResponse))
- throw new WrongParametersException("VerifyAuthenticationBlock", PARAM_XMLRESPONSE, "auth.12");
-
- AuthenticationSession session = AuthenticationServer.getSession(sessionID);
-
- IRequest pendingReq = RequestStorage.getPendingRequest(
- (String) executionContext.get("pendingRequestID"));
- MOAReversionLogger.getInstance().logEvent(pendingReq.getOnlineApplicationConfiguration(),
- pendingReq, MOAIDEventConstants.AUTHPROCESS_BKU_DATAURL_IP, req.getRemoteHost());
-
- //change MOASessionID
- sessionID = AuthenticationSessionStoreage.changeSessionID(session);
-
- AuthenticationServer.getInstance().verifyAuthenticationBlock(pendingReq, session, createXMLSignatureResponse);
-
- //store all changes in session DAO
- AuthenticationSessionStoreage.storeSession(session);
-
- //put session to context
- executionContext.put(PARAM_SESSIONID, session.getSessionID());
-
- }
-
- catch (MOAIDException ex) {
- throw new TaskExecutionException(ex.getMessage(), ex);
-
-
-
- } catch (Exception e) {
- Logger.error("AuthBlockValidation has an interal Error.", e);
- throw new TaskExecutionException(e.getMessage(), e);
-
- }
-
-
- finally {
-
- }
-
-
-
- }
-
-}
+package at.gv.egovernment.moa.id.auth.modules.internal.tasks; + +import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.*; +import iaik.pki.PKIException; + +import java.io.IOException; +import java.security.GeneralSecurityException; +import java.util.List; +import java.util.Map; + +import javax.net.ssl.SSLSocketFactory; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import javax.xml.transform.TransformerException; + +import org.apache.commons.fileupload.FileUploadException; +import org.apache.commons.lang.StringEscapeUtils; +import org.w3c.dom.Element; + +import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants; +import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger; +import at.gv.egovernment.moa.id.auth.AuthenticationServer; +import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder; +import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; +import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; +import at.gv.egovernment.moa.id.auth.exception.MISSimpleClientException; +import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; +import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask; +import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException; + +import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; +import at.gv.egovernment.moa.id.config.ConnectionParameter; +import at.gv.egovernment.moa.id.config.auth.AuthConfiguration; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; +import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; +import at.gv.egovernment.moa.id.moduls.IRequest; +import at.gv.egovernment.moa.id.moduls.ModulUtils; +import at.gv.egovernment.moa.id.moduls.RequestStorage; +import at.gv.egovernment.moa.id.process.api.ExecutionContext; +import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; +import at.gv.egovernment.moa.id.util.ParamValidatorUtils; +import at.gv.egovernment.moa.id.util.SSLUtils; +import at.gv.egovernment.moa.id.util.client.mis.simple.MISSessionId; +import at.gv.egovernment.moa.id.util.client.mis.simple.MISSimpleClient; +import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.DOMUtils; + +/** + * Verifies the signed authentication block (provided as {@code CreateXMLSignatureResponse}).<p/> + * In detail: + * <ul> + * <li>Renames the moa session id.</li> + * <li>Takes the {@code CreateXMLSignatureResponse} from POST parameter {@linkplain at.gv.egovernment.moa.id.auth.MOAIDAuthConstants#PARAM_XMLRESPONSE PARAM_XMLRESPONSE}.</li> + * <li>Verifies the {@code CreateXMLSignatureResponse}.</li> + * <li>Updates moa session.</li> + * <li>Redirects back to {@code /dispatcher} in order to finalize the authentication.</li> + * </ul> + * Expects: + * <ul> + * <li>HttpServletRequest parameter {@linkplain at.gv.egovernment.moa.id.auth.MOAIDAuthConstants#PARAM_SESSIONID PARAM_SESSIONID}</li> + * <li>HttpServletRequest parameter {@linkplain at.gv.egovernment.moa.id.auth.MOAIDAuthConstants#PARAM_XMLRESPONSE PARAM_XMLRESPONSE} containing a {@code CreateXMLSignatureResponse}.</li> + * </ul> + * Result: + * <ul> + * <li>Authentication data put into moa session.</li> + * <li>Redirect to {@code /dispatcher}.</li> + * </ul> + * Possible branches: + * <ul> + * <li>In case of mandate mode + * <ul> + * <li>Creates a mandate session at the external mandate issuing service.</li> + * <li>Redirects the user's browser to the online mandate issuing service GUI.</li> + * </ul> + * </li> + * </ul> + * Code taken from {@link at.gv.egovernment.moa.id.auth.servlet.VerifyAuthenticationBlockServlet}. + * @see #execute(ExecutionContext, HttpServletRequest, HttpServletResponse) + * + */ +public class VerifyAuthenticationBlockTask extends AbstractAuthServletTask { + + @Override + public void execute(ExecutionContext executionContext, HttpServletRequest req, HttpServletResponse resp) + throws TaskExecutionException { + + // note: code taken from at.gv.egovernment.moa.id.auth.servlet.VerifyAuthenticationBlockServlet + + Logger.debug("POST VerifyAuthenticationBlock"); + + String pendingRequestID = null; + + Map<String, String> parameters; + try + { + parameters = getParameters(req); + + } catch (FileUploadException | IOException e) + { + Logger.error("Parsing mulitpart/form-data request parameters failed: " + e.getMessage()); + throw new TaskExecutionException("Parsing mulitpart/form-data request parameters failed", new IOException(e.getMessage())); + } + + String sessionID = req.getParameter(PARAM_SESSIONID); + String createXMLSignatureResponse = (String)parameters.get(PARAM_XMLRESPONSE); + + // escape parameter strings + sessionID = StringEscapeUtils.escapeHtml(sessionID); + pendingRequestID = AuthenticationSessionStoreage.getPendingRequestID(sessionID); + + String redirectURL = null; + try { + // check parameter + if (!ParamValidatorUtils.isValidSessionID(sessionID)) + throw new WrongParametersException("VerifyAuthenticationBlock", PARAM_SESSIONID, "auth.12"); + if (!ParamValidatorUtils.isValidXMLDocument(createXMLSignatureResponse)) + throw new WrongParametersException("VerifyAuthenticationBlock", PARAM_XMLRESPONSE, "auth.12"); + + AuthenticationSession session = AuthenticationServer.getSession(sessionID); + + IRequest pendingReq = RequestStorage.getPendingRequest( + (String) executionContext.get("pendingRequestID")); + MOAReversionLogger.getInstance().logEvent(pendingReq.getOnlineApplicationConfiguration(), + pendingReq, MOAIDEventConstants.AUTHPROCESS_BKU_DATAURL_IP, req.getRemoteHost()); + + //change MOASessionID + sessionID = AuthenticationSessionStoreage.changeSessionID(session); + + AuthenticationServer.getInstance().verifyAuthenticationBlock(pendingReq, session, createXMLSignatureResponse); + + //store all changes in session DAO + AuthenticationSessionStoreage.storeSession(session); + + //put session to context + executionContext.put(PARAM_SESSIONID, session.getSessionID()); + + } + + catch (MOAIDException ex) { + throw new TaskExecutionException(ex.getMessage(), ex); + + + + } catch (Exception e) { + Logger.error("AuthBlockValidation has an interal Error.", e); + throw new TaskExecutionException(e.getMessage(), e); + + } + + + finally { + + } + + + + } + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyCertificateTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyCertificateTask.java index 5e0be0f2c..d99ba873d 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyCertificateTask.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyCertificateTask.java @@ -1,174 +1,175 @@ -package at.gv.egovernment.moa.id.auth.modules.internal.tasks;
-
-import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.*;
-import iaik.x509.X509Certificate;
-
-import java.io.IOException;
-import java.util.Map;
-
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import org.apache.commons.fileupload.FileUploadException;
-import org.apache.commons.lang.StringEscapeUtils;
-
-import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
-import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger;
-import at.gv.egovernment.moa.id.auth.AuthenticationServer;
-import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder;
-import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
-import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
-import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
-import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
-import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask;
-import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException;
-
-import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
-import at.gv.egovernment.moa.id.moduls.IRequest;
-import at.gv.egovernment.moa.id.moduls.RequestStorage;
-import at.gv.egovernment.moa.id.process.api.ExecutionContext;
-import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
-import at.gv.egovernment.moa.id.util.ParamValidatorUtils;
-import at.gv.egovernment.moa.id.util.ServletUtils;
-import at.gv.egovernment.moa.logging.Logger;
-import at.gv.egovernment.moa.spss.util.CertificateUtils;
-
-/**
- * Parses the certificate from {@code InfoBoxReadResponse} (via POST parameter {@linkplain at.gv.egovernment.moa.id.auth.MOAIDAuthConstants#PARAM_XMLRESPONSE PARAM_XMLRESPONSE}), creates the auth block to be signed and returns a {@code CreateXMLSignatureRequest} for auth block signature.<p/>
- * In detail:
- * <ul>
- * <li>Renames the moa session id.</li>
- * <li>Retrieves the certificate via {@code InfoBoxReadResponse} from POST parameter {@linkplain at.gv.egovernment.moa.id.auth.MOAIDAuthConstants#PARAM_XMLRESPONSE PARAM_XMLRESPONSE}.</li>
- * <li>Verifies the certificate.</li>
- * <li>Creates the auth block to be signed using information from the certificate (Organwalter, foreign citizen.</li>
- * <li>Puts it in a {@code CreateXMLSignatureRequest}.</li>
- * <li>Updates moa session.</li>
- * <li>Responds with {@code CreateXMLSignatureRequest}.</li>
- * </ul>
- * Expects:
- * <ul>
- * <li>HttpServletRequest parameter {@linkplain at.gv.egovernment.moa.id.auth.MOAIDAuthConstants#PARAM_SESSIONID PARAM_SESSIONID}</li>
- * <li>HttpServletRequest parameter {@linkplain at.gv.egovernment.moa.id.auth.MOAIDAuthConstants#PARAM_XMLRESPONSE PARAM_SESSIONID} containing a {@code InfoBoxReadResponse}.</li>
- * </ul>
- * Result:
- * <ul>
- * <li>{@code CreateXMLSignatureRequest} send as HttpServletResponse (for CCE).</li>
- * </ul>
- * Code taken from {@link at.gv.egovernment.moa.id.auth.servlet.VerifyCertificateServlet}.
- * @see #execute(ExecutionContext, HttpServletRequest, HttpServletResponse)
- *
- */
-public class VerifyCertificateTask extends AbstractAuthServletTask {
-
- @Override
- public void execute(ExecutionContext executionContext, HttpServletRequest req, HttpServletResponse resp)
- throws TaskExecutionException {
-
- // note: code taken from at.gv.egovernment.moa.id.auth.servlet.VerifyCertificateServlet
-
- Logger.debug("POST VerifyCertificateServlet");
-
- Map<String, String> parameters;
- try
- {
- parameters = getParameters(req);
- } catch (FileUploadException | IOException e)
- {
- Logger.error("Parsing mulitpart/form-data request parameters failed: " + e.getMessage());
- throw new TaskExecutionException("Parsing mulitpart/form-data request parameters failed", new IOException(e.getMessage()));
- }
- String sessionID = req.getParameter(PARAM_SESSIONID);
-
- // escape parameter strings
- sessionID = StringEscapeUtils.escapeHtml(sessionID);
-
- AuthenticationSession session = null;
- try {
- // check parameter
- if (!ParamValidatorUtils.isValidSessionID(sessionID))
- throw new WrongParametersException("VerifyCertificate", PARAM_SESSIONID, "auth.12");
-
- session = AuthenticationServer.getSession(sessionID);
-
- IRequest pendingReq = RequestStorage.getPendingRequest(
- (String) executionContext.get("pendingRequestID"));
- MOAReversionLogger.getInstance().logEvent(pendingReq.getOnlineApplicationConfiguration(),
- pendingReq, MOAIDEventConstants.AUTHPROCESS_BKU_DATAURL_IP, req.getRemoteHost());
-
- //change MOASessionID
- sessionID = AuthenticationSessionStoreage.changeSessionID(session);
-
- X509Certificate cert = AuthenticationServer.getInstance().getCertificate(pendingReq, sessionID, parameters);
- if (cert == null) {
- Logger.error("Certificate could not be read.");
- throw new AuthenticationException("auth.14", null);
- }
-
- boolean useMandate = session.getUseMandate();
-
- if (useMandate) {
-
- // verify certificate for OrganWalter
- String createXMLSignatureRequestOrRedirect = AuthenticationServer.getInstance().verifyCertificate(session, cert);
-
- try {
- AuthenticationSessionStoreage.storeSession(session);
- } catch (MOADatabaseException e) {
- throw new MOAIDException("session store error", null);
- }
-
- // TODO[branch]: Mandate; respond with CXSR for authblock signature, dataURL "/VerifyAuthBlock"
- ServletUtils.writeCreateXMLSignatureRequestOrRedirect(resp, session, createXMLSignatureRequestOrRedirect, AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT, "VerifyCertificate");
-
- }
- else {
-
- String countrycode = CertificateUtils.getIssuerCountry(cert);
- if (countrycode != null) {
- if (countrycode.compareToIgnoreCase("AT") == 0) {
- Logger.error("Certificate issuer country code is \"AT\". Login not support in foreign identities mode.");
- throw new AuthenticationException("auth.22", null);
- }
- }
-
- // Foreign Identities Modus
- MOAReversionLogger.getInstance().logEvent(pendingReq.getOnlineApplicationConfiguration(),
- pendingReq, MOAIDEventConstants.AUTHPROCESS_FOREIGN_FOUND);
-
- String createXMLSignatureRequest = AuthenticationServer.getInstance().createXMLSignatureRequestForeignID(session, cert);
- // build dataurl (to the GetForeignIDSerlvet)
- String dataurl =
- new DataURLBuilder().buildDataURL(
- session.getAuthURL(),
- REQ_GET_FOREIGN_ID,
- session.getSessionID());
-
- try {
- AuthenticationSessionStoreage.storeSession(session);
- } catch (MOADatabaseException e) {
- throw new MOAIDException("session store error", null);
- }
-
- // TODO[branch]: Foreign citizen; respond with CXSR for authblock signature, dataURL "/GetForeignID"
- ServletUtils.writeCreateXMLSignatureRequest(resp, createXMLSignatureRequest, AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT, "GetForeignID", dataurl);
-
- Logger.debug("Send CreateXMLSignatureRequest to BKU");
- }
- }
- catch (MOAIDException ex) {
- throw new TaskExecutionException(ex.getMessage(), ex);
-
- } catch (Exception e) {
- Logger.error("CertificateValidation has an interal Error.", e);
- throw new TaskExecutionException(e.getMessage(), e);
-
- }
-
-
- finally {
-
- }
-
- }
-
-}
+package at.gv.egovernment.moa.id.auth.modules.internal.tasks; + +import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.*; +import iaik.x509.X509Certificate; + +import java.io.IOException; +import java.util.Map; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.apache.commons.fileupload.FileUploadException; +import org.apache.commons.lang.StringEscapeUtils; + +import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants; +import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger; +import at.gv.egovernment.moa.id.auth.AuthenticationServer; +import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder; +import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; +import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; +import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; +import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask; +import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException; + +import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; +import at.gv.egovernment.moa.id.moduls.IRequest; +import at.gv.egovernment.moa.id.moduls.RequestStorage; +import at.gv.egovernment.moa.id.process.api.ExecutionContext; +import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; +import at.gv.egovernment.moa.id.util.CitizenCardServletUtils; +import at.gv.egovernment.moa.id.util.ParamValidatorUtils; +import at.gv.egovernment.moa.id.util.ServletUtils; +import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.spss.util.CertificateUtils; + +/** + * Parses the certificate from {@code InfoBoxReadResponse} (via POST parameter {@linkplain at.gv.egovernment.moa.id.auth.MOAIDAuthConstants#PARAM_XMLRESPONSE PARAM_XMLRESPONSE}), creates the auth block to be signed and returns a {@code CreateXMLSignatureRequest} for auth block signature.<p/> + * In detail: + * <ul> + * <li>Renames the moa session id.</li> + * <li>Retrieves the certificate via {@code InfoBoxReadResponse} from POST parameter {@linkplain at.gv.egovernment.moa.id.auth.MOAIDAuthConstants#PARAM_XMLRESPONSE PARAM_XMLRESPONSE}.</li> + * <li>Verifies the certificate.</li> + * <li>Creates the auth block to be signed using information from the certificate (Organwalter, foreign citizen.</li> + * <li>Puts it in a {@code CreateXMLSignatureRequest}.</li> + * <li>Updates moa session.</li> + * <li>Responds with {@code CreateXMLSignatureRequest}.</li> + * </ul> + * Expects: + * <ul> + * <li>HttpServletRequest parameter {@linkplain at.gv.egovernment.moa.id.auth.MOAIDAuthConstants#PARAM_SESSIONID PARAM_SESSIONID}</li> + * <li>HttpServletRequest parameter {@linkplain at.gv.egovernment.moa.id.auth.MOAIDAuthConstants#PARAM_XMLRESPONSE PARAM_SESSIONID} containing a {@code InfoBoxReadResponse}.</li> + * </ul> + * Result: + * <ul> + * <li>{@code CreateXMLSignatureRequest} send as HttpServletResponse (for CCE).</li> + * </ul> + * Code taken from {@link at.gv.egovernment.moa.id.auth.servlet.VerifyCertificateServlet}. + * @see #execute(ExecutionContext, HttpServletRequest, HttpServletResponse) + * + */ +public class VerifyCertificateTask extends AbstractAuthServletTask { + + @Override + public void execute(ExecutionContext executionContext, HttpServletRequest req, HttpServletResponse resp) + throws TaskExecutionException { + + // note: code taken from at.gv.egovernment.moa.id.auth.servlet.VerifyCertificateServlet + + Logger.debug("POST VerifyCertificateServlet"); + + Map<String, String> parameters; + try + { + parameters = getParameters(req); + } catch (FileUploadException | IOException e) + { + Logger.error("Parsing mulitpart/form-data request parameters failed: " + e.getMessage()); + throw new TaskExecutionException("Parsing mulitpart/form-data request parameters failed", new IOException(e.getMessage())); + } + String sessionID = req.getParameter(PARAM_SESSIONID); + + // escape parameter strings + sessionID = StringEscapeUtils.escapeHtml(sessionID); + + AuthenticationSession session = null; + try { + // check parameter + if (!ParamValidatorUtils.isValidSessionID(sessionID)) + throw new WrongParametersException("VerifyCertificate", PARAM_SESSIONID, "auth.12"); + + session = AuthenticationServer.getSession(sessionID); + + IRequest pendingReq = RequestStorage.getPendingRequest( + (String) executionContext.get("pendingRequestID")); + MOAReversionLogger.getInstance().logEvent(pendingReq.getOnlineApplicationConfiguration(), + pendingReq, MOAIDEventConstants.AUTHPROCESS_BKU_DATAURL_IP, req.getRemoteHost()); + + //change MOASessionID + sessionID = AuthenticationSessionStoreage.changeSessionID(session); + + X509Certificate cert = AuthenticationServer.getInstance().getCertificate(pendingReq, sessionID, parameters); + if (cert == null) { + Logger.error("Certificate could not be read."); + throw new AuthenticationException("auth.14", null); + } + + boolean useMandate = session.getUseMandate(); + + if (useMandate) { + + // verify certificate for OrganWalter + String createXMLSignatureRequestOrRedirect = AuthenticationServer.getInstance().verifyCertificate(session, cert); + + try { + AuthenticationSessionStoreage.storeSession(session); + } catch (MOADatabaseException e) { + throw new MOAIDException("session store error", null); + } + + // TODO[branch]: Mandate; respond with CXSR for authblock signature, dataURL "/VerifyAuthBlock" + CitizenCardServletUtils.writeCreateXMLSignatureRequestOrRedirect(resp, session, createXMLSignatureRequestOrRedirect, AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT, "VerifyCertificate"); + + } + else { + + String countrycode = CertificateUtils.getIssuerCountry(cert); + if (countrycode != null) { + if (countrycode.compareToIgnoreCase("AT") == 0) { + Logger.error("Certificate issuer country code is \"AT\". Login not support in foreign identities mode."); + throw new AuthenticationException("auth.22", null); + } + } + + // Foreign Identities Modus + MOAReversionLogger.getInstance().logEvent(pendingReq.getOnlineApplicationConfiguration(), + pendingReq, MOAIDEventConstants.AUTHPROCESS_FOREIGN_FOUND); + + String createXMLSignatureRequest = AuthenticationServer.getInstance().createXMLSignatureRequestForeignID(session, cert); + // build dataurl (to the GetForeignIDSerlvet) + String dataurl = + new DataURLBuilder().buildDataURL( + session.getAuthURL(), + REQ_GET_FOREIGN_ID, + session.getSessionID()); + + try { + AuthenticationSessionStoreage.storeSession(session); + } catch (MOADatabaseException e) { + throw new MOAIDException("session store error", null); + } + + // TODO[branch]: Foreign citizen; respond with CXSR for authblock signature, dataURL "/GetForeignID" + CitizenCardServletUtils.writeCreateXMLSignatureRequest(resp, createXMLSignatureRequest, AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT, "GetForeignID", dataurl); + + Logger.debug("Send CreateXMLSignatureRequest to BKU"); + } + } + catch (MOAIDException ex) { + throw new TaskExecutionException(ex.getMessage(), ex); + + } catch (Exception e) { + Logger.error("CertificateValidation has an interal Error.", e); + throw new TaskExecutionException(e.getMessage(), e); + + } + + + finally { + + } + + } + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyIdentityLinkTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyIdentityLinkTask.java index f0a0024e5..50ef11f27 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyIdentityLinkTask.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyIdentityLinkTask.java @@ -1,111 +1,111 @@ -package at.gv.egovernment.moa.id.auth.modules.internal.tasks;
-
-import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.*;
-
-import java.io.IOException;
-import java.util.Map;
-
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import org.apache.commons.lang.StringEscapeUtils;
-
-import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
-import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger;
-import at.gv.egovernment.moa.id.auth.AuthenticationServer;
-import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
-import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
-import at.gv.egovernment.moa.id.auth.exception.ParseException;
-import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
-import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask;
-import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException;
-
-import at.gv.egovernment.moa.id.moduls.IRequest;
-import at.gv.egovernment.moa.id.moduls.RequestStorage;
-import at.gv.egovernment.moa.id.process.api.ExecutionContext;
-import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
-import at.gv.egovernment.moa.id.util.ParamValidatorUtils;
-import at.gv.egovernment.moa.logging.Logger;
-
-/**
- * Verifies the identity link.<p/>
- * In detail:
- * <ul>
- * <li>Renames the moa session id.</li>
- * <li>Parses the identity link retrieved as {@code InfoBoxReadResponse} from POST parameter {@linkplain at.gv.egovernment.moa.id.auth.MOAIDAuthConstants#PARAM_XMLRESPONSE PARAM_XMLRESPONSE}.</li>
- * <li>Verifies the identity link.</li>
- * <li>Updates moa session.</li>
- * <li>Puts boolean flag {@code identityLinkAvailable} into {@code ExecutionContext}.</li>
- * </ul>
- * Expects:
- * <ul>
- * <li>HttpServletRequest parameter {@linkplain at.gv.egovernment.moa.id.auth.MOAIDAuthConstants#PARAM_SESSIONID PARAM_SESSIONID}</li>
- * <li>HttpServletRequest parameter {@linkplain at.gv.egovernment.moa.id.auth.MOAIDAuthConstants#PARAM_XMLRESPONSE PARAM_XMLRESPONSE} containing a {@code InfoBoxReadResponse}.</li>
- * </ul>
- * Result:
- * <ul>
- * <li>Identity link put into moa session.</li>
- * <li>Boolean flag {@code identityLinkAvailable} into {@code ExecutionContext}.</li>
- * </ul>
- * Code taken from {@link at.gv.egovernment.moa.id.auth.servlet.VerifyIdentityLinkServlet}.
- * @see #execute(ExecutionContext, HttpServletRequest, HttpServletResponse)
- *
- */
-public class VerifyIdentityLinkTask extends AbstractAuthServletTask {
-
- @Override
- public void execute(ExecutionContext executionContext, HttpServletRequest req, HttpServletResponse resp)
- throws TaskExecutionException {
-
- // note: code taken from at.gv.egovernment.moa.id.auth.servlet.VerifyIdentityLinkServlet
-
- Logger.debug("POST VerifyIdentityLink");
-
- setNoCachingHeaders(resp);
-
- Map<String, String> parameters;
-
- try {
- parameters = getParameters(req);
- } catch (Exception e) {
- Logger.error("Parsing mulitpart/form-data request parameters failed: " + e.getMessage());
- throw new TaskExecutionException("Parsing mulitpart/form-data request parameters failed", new IOException(e.getMessage()));
- }
-
- try {
-
- String sessionID = StringEscapeUtils.escapeHtml(req.getParameter(PARAM_SESSIONID));
- // check parameter
- if (!ParamValidatorUtils.isValidSessionID(sessionID)) {
- throw new WrongParametersException("VerifyIdentityLink", PARAM_SESSIONID, "auth.12");
- }
- AuthenticationSession session = AuthenticationServer.getSession(sessionID);
-
- IRequest pendingReq = RequestStorage.getPendingRequest(
- (String) executionContext.get("pendingRequestID"));
- MOAReversionLogger.getInstance().logEvent(pendingReq.getOnlineApplicationConfiguration(),
- pendingReq, MOAIDEventConstants.AUTHPROCESS_BKU_DATAURL_IP, req.getRemoteHost());
-
- boolean identityLinkAvailable = AuthenticationServer.getInstance().verifyIdentityLink(pendingReq, session, parameters) != null;
- AuthenticationSessionStoreage.storeSession(session);
-
- executionContext.put("identityLinkAvailable", identityLinkAvailable);
-
- } catch (ParseException ex) {
- throw new TaskExecutionException(ex.getMessage(), ex);
-
- } catch (MOAIDException ex) {
- throw new TaskExecutionException(ex.getMessage(), ex);
-
- } catch (Exception e) {
- Logger.error("IdentityLinkValidation has an interal Error.", e);
- throw new TaskExecutionException(e.getMessage(), e);
-
- }
-
- finally {
-
- }
- }
-
-}
+package at.gv.egovernment.moa.id.auth.modules.internal.tasks; + +import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.*; + +import java.io.IOException; +import java.util.Map; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.apache.commons.lang.StringEscapeUtils; + +import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants; +import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger; +import at.gv.egovernment.moa.id.auth.AuthenticationServer; +import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; +import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +import at.gv.egovernment.moa.id.auth.exception.ParseException; +import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; +import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask; +import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException; + +import at.gv.egovernment.moa.id.moduls.IRequest; +import at.gv.egovernment.moa.id.moduls.RequestStorage; +import at.gv.egovernment.moa.id.process.api.ExecutionContext; +import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; +import at.gv.egovernment.moa.id.util.ParamValidatorUtils; +import at.gv.egovernment.moa.logging.Logger; + +/** + * Verifies the identity link.<p/> + * In detail: + * <ul> + * <li>Renames the moa session id.</li> + * <li>Parses the identity link retrieved as {@code InfoBoxReadResponse} from POST parameter {@linkplain at.gv.egovernment.moa.id.auth.MOAIDAuthConstants#PARAM_XMLRESPONSE PARAM_XMLRESPONSE}.</li> + * <li>Verifies the identity link.</li> + * <li>Updates moa session.</li> + * <li>Puts boolean flag {@code identityLinkAvailable} into {@code ExecutionContext}.</li> + * </ul> + * Expects: + * <ul> + * <li>HttpServletRequest parameter {@linkplain at.gv.egovernment.moa.id.auth.MOAIDAuthConstants#PARAM_SESSIONID PARAM_SESSIONID}</li> + * <li>HttpServletRequest parameter {@linkplain at.gv.egovernment.moa.id.auth.MOAIDAuthConstants#PARAM_XMLRESPONSE PARAM_XMLRESPONSE} containing a {@code InfoBoxReadResponse}.</li> + * </ul> + * Result: + * <ul> + * <li>Identity link put into moa session.</li> + * <li>Boolean flag {@code identityLinkAvailable} into {@code ExecutionContext}.</li> + * </ul> + * Code taken from {@link at.gv.egovernment.moa.id.auth.servlet.VerifyIdentityLinkServlet}. + * @see #execute(ExecutionContext, HttpServletRequest, HttpServletResponse) + * + */ +public class VerifyIdentityLinkTask extends AbstractAuthServletTask { + + @Override + public void execute(ExecutionContext executionContext, HttpServletRequest req, HttpServletResponse resp) + throws TaskExecutionException { + + // note: code taken from at.gv.egovernment.moa.id.auth.servlet.VerifyIdentityLinkServlet + + Logger.debug("POST VerifyIdentityLink"); + + setNoCachingHeaders(resp); + + Map<String, String> parameters; + + try { + parameters = getParameters(req); + } catch (Exception e) { + Logger.error("Parsing mulitpart/form-data request parameters failed: " + e.getMessage()); + throw new TaskExecutionException("Parsing mulitpart/form-data request parameters failed", new IOException(e.getMessage())); + } + + try { + + String sessionID = StringEscapeUtils.escapeHtml(req.getParameter(PARAM_SESSIONID)); + // check parameter + if (!ParamValidatorUtils.isValidSessionID(sessionID)) { + throw new WrongParametersException("VerifyIdentityLink", PARAM_SESSIONID, "auth.12"); + } + AuthenticationSession session = AuthenticationServer.getSession(sessionID); + + IRequest pendingReq = RequestStorage.getPendingRequest( + (String) executionContext.get("pendingRequestID")); + MOAReversionLogger.getInstance().logEvent(pendingReq.getOnlineApplicationConfiguration(), + pendingReq, MOAIDEventConstants.AUTHPROCESS_BKU_DATAURL_IP, req.getRemoteHost()); + + boolean identityLinkAvailable = AuthenticationServer.getInstance().verifyIdentityLink(pendingReq, session, parameters) != null; + AuthenticationSessionStoreage.storeSession(session); + + executionContext.put("identityLinkAvailable", identityLinkAvailable); + + } catch (ParseException ex) { + throw new TaskExecutionException(ex.getMessage(), ex); + + } catch (MOAIDException ex) { + throw new TaskExecutionException(ex.getMessage(), ex); + + } catch (Exception e) { + Logger.error("IdentityLinkValidation has an interal Error.", e); + throw new TaskExecutionException(e.getMessage(), e); + + } + + finally { + + } + } + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/CreateXMLSignatureResponseParser.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/parser/CreateXMLSignatureResponseParser.java index b39cf9e9b..b39cf9e9b 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/CreateXMLSignatureResponseParser.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/parser/CreateXMLSignatureResponseParser.java diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/ErrorResponseParser.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/parser/ErrorResponseParser.java index a09f0a2a8..a09f0a2a8 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/ErrorResponseParser.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/parser/ErrorResponseParser.java diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/ExtendedInfoboxReadResponseParser.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/parser/ExtendedInfoboxReadResponseParser.java index 390467bf8..390467bf8 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/ExtendedInfoboxReadResponseParser.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/parser/ExtendedInfoboxReadResponseParser.java diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/InfoboxReadResponseParser.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/parser/InfoboxReadResponseParser.java index 28ce69e95..28ce69e95 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/InfoboxReadResponseParser.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/parser/InfoboxReadResponseParser.java diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/VerifyXMLSignatureResponseParser.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/parser/VerifyXMLSignatureResponseParser.java index 7bce406e0..7bce406e0 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/VerifyXMLSignatureResponseParser.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/parser/VerifyXMLSignatureResponseParser.java diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java index e1ab0025e..e1ab0025e 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/IdentityLinkValidator.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/IdentityLinkValidator.java index fa6486afe..fa6486afe 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/IdentityLinkValidator.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/IdentityLinkValidator.java diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/InfoboxValidator.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/InfoboxValidator.java index e6e2539c9..e6e2539c9 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/InfoboxValidator.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/InfoboxValidator.java diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java index ac528c89d..ac528c89d 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/ParepUtils.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/ParepUtils.java index 0e2251f21..1850ff671 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/ParepUtils.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/ParepUtils.java @@ -1,762 +1,762 @@ -/*******************************************************************************
- * Copyright 2014 Federal Chancellery Austria
- * MOA-ID has been developed in a cooperation between BRZ, the Federal
- * Chancellery Austria - ICT staff unit, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- ******************************************************************************/
-/*
- * Copyright 2003 Federal Chancellery Austria
- * MOA-ID has been developed in a cooperation between BRZ, the Federal
- * Chancellery Austria - ICT staff unit, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package at.gv.egovernment.moa.id.auth.validator.parep;
-
-import java.io.File;
-import java.io.FileOutputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStream;
-import java.io.OutputStreamWriter;
-
-import javax.xml.parsers.DocumentBuilderFactory;
-
-import org.apache.xml.serialize.OutputFormat;
-import org.apache.xml.serialize.XMLSerializer;
-import org.apache.xpath.XPathAPI;
-import org.w3c.dom.Document;
-import org.w3c.dom.Element;
-import org.w3c.dom.Node;
-import org.w3c.dom.NodeList;
-
-import at.gv.egovernment.moa.id.auth.builder.BPKBuilder;
-import at.gv.egovernment.moa.id.auth.exception.BuildException;
-import at.gv.egovernment.moa.id.auth.exception.ParseException;
-import at.gv.egovernment.moa.id.auth.exception.ValidateException;
-import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.SZRGWClientException;
-import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.SZRGWConstants;
-import at.gv.egovernment.moa.id.config.ConfigurationException;
-import at.gv.egovernment.moa.logging.Logger;
-import at.gv.egovernment.moa.util.BoolUtils;
-import at.gv.egovernment.moa.util.Constants;
-import at.gv.egovernment.moa.util.DOMUtils;
-import at.gv.egovernment.moa.util.StringUtils;
-
-/**
- * This class implements a set of utility methods.
- *
- * @author <a href="mailto:peter.danner@egiz.gv.at">Peter Danner</a>
- */
-public class ParepUtils {
-
- /**
- * Determines whether a string is null or empty
- *
- * @param str the string to check.
- * @return <code>true</code> if the string is null or empty,
- * <code>false</code> otherwise.
- */
- public static boolean isEmpty(String str) {
- return str == null || "".equals(str);
- }
-
- /**
- * Reads a XML document from an input stream (namespace-aware).
- *
- * @param is
- * the input stream to read from.
- * @return the read XML document.
- * @throws SZRGWClientException
- * if an error occurs reading the document from the input stream.
- */
- public static Document readDocFromIs(InputStream is) throws SZRGWClientException {
- try {
- DocumentBuilderFactory f = DocumentBuilderFactory.newInstance();
- f.setNamespaceAware(true);
- return f.newDocumentBuilder().parse(is);
- } catch (Exception e) {
- throw new SZRGWClientException(e);
- }
- }
-
-// /*
-// *
-// */
-// public static String extractRepresentativeID(Element mandate) throws ValidateException {
-// try {
-// Element nameSpaceNode = mandate.getOwnerDocument().createElement("NameSpaceNode");
-// nameSpaceNode.setAttribute("xmlns:md", SZRGWConstants.MANDATE_NS);
-// Node resultNode = XPathAPI.selectSingleNode(mandate, "//md:Mandate/attribute::MandateID", nameSpaceNode);
-// if (resultNode != null) {
-// // because following line is not ready for JDK 1.4.x we need to get the childnode;
-// // return resultNode.getTextContent();
-// Node textNode = resultNode.getFirstChild();
-// if (textNode != null) {
-// return textNode.getNodeValue();
-// }
-// }
-// return null;
-// } catch (Exception e) {
-// throw new ValidateException("validator.62", null);
-// }
-// }
-
-
- /**
- * Dumps all bytes from an input stream to the given output stream.
- *
- * @param is
- * the input stream to dump from.
- * @param os
- * the output stream to dump to.
- * @throws IOException
- * if an error occurs while dumping.
- */
- public static void dumpInputOutputStream(InputStream is, OutputStream os) throws IOException {
- if (is == null) {
- return;
- }
- int ch;
- while ((ch = is.read()) != -1) {
- os.write(ch);
- }
- }
-
- /**
- * Gets a string that represents the date a mandate was issued.
- *
- * @param mandate
- * the mandate to extract the issuing date from.
- * @return the issuing date of the given mandate.
- * @throws SZRGWClientException
- * if an exception occurs extracting the issuing date of the
- * mandate.
- */
- public static String getMandateIssuedDate(Element mandate) throws SZRGWClientException {
- try {
- Element nameSpaceNode = mandate.getOwnerDocument().createElement("NameSpaceNode");
- nameSpaceNode.setAttribute("xmlns:md", SZRGWConstants.MANDATE_NS);
-
- Node dateNode = XPathAPI.selectSingleNode(mandate, "//md:Issued/md:Date/text()", nameSpaceNode);
-
- if (dateNode == null) {
- throw new Exception("Date in Mandate-Issued not found.");
- }
- return dateNode.getNodeValue();
- } catch (Exception e) {
- throw new SZRGWClientException(e);
- }
- }
-
- /**
- * Gets a string that represents the place a mandate was issued.
- *
- * @param mandate
- * the mandate to extract the issuing place from.
- * @return the issuing place of the given mandate.
- * @throws SZRGWClientException
- * if an exception occurs extracting the issuing place of the
- * mandate.
- */
- public static String getMandateIssuedPlace(Element mandate) throws SZRGWClientException {
- try {
- Element nameSpaceNode = mandate.getOwnerDocument().createElement("NameSpaceNode");
- nameSpaceNode.setAttribute("xmlns:md", SZRGWConstants.MANDATE_NS);
-
- Node placeNode = XPathAPI.selectSingleNode(mandate, "//md:Issued/md:Place/text()", nameSpaceNode);
-
- if (placeNode == null) {
- throw new Exception("Place in Mandate-Issued not found.");
- }
- return placeNode.getNodeValue();
- } catch (Exception e) {
- throw new SZRGWClientException(e);
- }
- }
-
- /**
- * Extracts the textual description of the mandate.
- *
- * @param mandate
- * the mandate to extract the textual description from.
- * @return the textual description of the mandate.
- * @throws SZRGWClientException
- * if an exception occurs extracting the textual description.
- */
- public static String getMandateContent(Element mandate) throws SZRGWClientException {
- try {
- Element nameSpaceNode = mandate.getOwnerDocument().createElement("NameSpaceNode");
- nameSpaceNode.setAttribute("xmlns:md", SZRGWConstants.MANDATE_NS);
-
- Node contentNode = XPathAPI.selectSingleNode(mandate, "//md:SimpleMandateContent/md:TextualDescription/text()", nameSpaceNode);
-
- if (contentNode == null) {
- throw new Exception("Content in Mandate not found.");
- }
- return contentNode.getNodeValue();
- } catch (Exception e) {
- throw new SZRGWClientException(e);
- }
- }
-
- /**
- * Extracts the md:Mandator element from a XML mandate element.
- *
- * @param mandate
- * the md:Mandate element to extract the md:Mandator from.
- * @return the md:Mandator element.
- * @throws SZRGWClientException
- * if an error occurs extracting the md:Mandator element.
- */
- public static Element extractMandator(Element mandate) throws ParseException {
- try {
-
- Element nameSpaceNode = mandate.getOwnerDocument().createElement("NameSpaceNode");
- nameSpaceNode.setAttribute("xmlns" + SZRGWConstants.MANDATE_POSTFIX, SZRGWConstants.MANDATE_NS);
- Element mandator = (Element) XPathAPI.selectSingleNode(mandate, "//" + SZRGWConstants.MANDATE_PREFIX + SZRGWConstants.MANDATOR, nameSpaceNode);
- if (mandator == null) {
- // if we got the Mandator itself
- if (mandate.getLocalName().equals(SZRGWConstants.MANDATOR)) return mandate;
- }
- if (mandator == null)
- return null;
- String nsPrefix = mandator.getPrefix();
- String nsUri = mandator.getNamespaceURI();
- Element mandatorClone = (Element) mandator.cloneNode(true);
- mandatorClone.setAttribute("xmlns:" + nsPrefix, nsUri);
- return mandatorClone;
- } catch (Exception e) {
- throw new ParseException(e.toString(), null);
- }
- }
-
- /**
- * Tells wether a mandator is a physical person or not.
- *
- * @param mandator
- * the XML md:Mandator element to extract from.
- * @return <code>true<code> if the mandator is a physical person, <code>false</code> otherwise.
- */
- public static boolean isPhysicalPerson(Element mandator) {
- try {
- Element nameSpaceNode = mandator.getOwnerDocument().createElement("NameSpaceNode");
- nameSpaceNode.setAttribute("xmlns" + SZRGWConstants.PD_POSTFIX, Constants.PD_NS_URI);
-
- DOMUtils.serializeNode(mandator);
-
- // check if physical person
- Element physicalPerson = (Element) XPathAPI.selectSingleNode(mandator, "descendant-or-self::pr:PhysicalPerson", nameSpaceNode);
-
-
- // Element physicalPerson = (Element)XPathAPI.selectSingleNode(mandator,
- // "descendant-or-self::pr:CorporateBody", nameSpaceNode);
- return physicalPerson != null;
- } catch (Exception e) {
- e.printStackTrace();
- return false;
- }
- }
-
- /**
- * Extracts the <code>pr:PhysicalPerson</code> or <code>pr:CorporateBody</code>
- * element from a XML mandate element.
- *
- * @param mandate
- * the md:Mandate element to extract the person from.
- * @return the <code>pr:PhysicalPerson</code> or <code>pr:CorporateBody</code> element.
- * @throws ParseException
- * if an error occurs extracting the element.
- */
- public static Element extractPersonOfMandate(Element mandate) throws ParseException {
- try {
-
- Element nameSpaceNode = mandate.getOwnerDocument().createElement("NameSpaceNode");
- nameSpaceNode.setAttribute("xmlns" + SZRGWConstants.MANDATE_POSTFIX, SZRGWConstants.MANDATE_NS);
- nameSpaceNode.setAttribute("xmlns" + SZRGWConstants.PD_POSTFIX, Constants.PD_NS_URI);
- Element person = (Element) XPathAPI.selectSingleNode(mandate, "//" + SZRGWConstants.MANDATE_PREFIX + SZRGWConstants.MANDATOR + "/pr:PhysicalPerson", nameSpaceNode);
- if (person == null) {
- person = (Element) XPathAPI.selectSingleNode(mandate, "//" + SZRGWConstants.MANDATE_PREFIX + SZRGWConstants.MANDATOR + "/pr:CorporateBody", nameSpaceNode);
- }
- if (person == null) return null;
- String nsPrefix = person.getPrefix();
- String nsUri = person.getNamespaceURI();
- Element personClone = (Element) person.cloneNode(true);
- personClone.setAttribute("xmlns:" + nsPrefix, nsUri);
- return personClone;
- } catch (Exception e) {
- //e.printStackTrace();
- throw new ParseException(e.toString(), null);
- }
- }
-
- /**
- * Benerates the </code>pr:Person</code> element form a
- * <code>pr:PhysicalPerson</code> or <code>pr:CorporateBody</code>
- * element of a XML mandate element.
- *
- * @param mandate
- * the md:Mandate element to extract the person from.
- * @return the <code>pr:Person</code> element.
- * @throws ParseException
- * if an error occurs extracting the element.
- */
- public static Element extractPrPersonOfMandate(Element mandate) throws ParseException {
-
- try {
- Document document = ParepUtils.createEmptyDocument();
- Element root = document.createElement(SZRGWConstants.PD_PREFIX + SZRGWConstants.PERSON);
- root.setAttribute("xmlns" + SZRGWConstants.PD_POSTFIX, Constants.PD_NS_URI);
- root.setAttribute("xmlns:" + Constants.XSI_PREFIX, Constants.XSI_NS_URI);
-
- Element nameSpaceNode = mandate.getOwnerDocument().createElement("NameSpaceNode");
- nameSpaceNode.setAttribute("xmlns" + SZRGWConstants.MANDATE_POSTFIX, SZRGWConstants.MANDATE_NS);
- nameSpaceNode.setAttribute("xmlns" + SZRGWConstants.PD_POSTFIX, Constants.PD_NS_URI);
- Element person = (Element) XPathAPI.selectSingleNode(mandate, "//"
- + SZRGWConstants.MANDATE_PREFIX + SZRGWConstants.MANDATOR + "/" + SZRGWConstants.PD_PREFIX + SZRGWConstants.PHYSICALPERSON, nameSpaceNode);
- if (person == null) {
- person = (Element) XPathAPI.selectSingleNode(mandate, "//"
- + SZRGWConstants.MANDATE_PREFIX + SZRGWConstants.MANDATOR + "/" + SZRGWConstants.PD_PREFIX + SZRGWConstants.CORPORATEBODY, nameSpaceNode);
- }
- if (person != null) {
- root.setAttribute(Constants.XSI_PREFIX + ":type", SZRGWConstants.PD_PREFIX + person.getLocalName());
- if (person != null) {
- NodeList nl = person.getChildNodes();
- for (int i = 0; i < nl.getLength(); i++) {
- Node testNode = nl.item(i);
- if (Node.ELEMENT_NODE == testNode.getNodeType()) {
- root.appendChild(document.importNode(testNode, true));
- }
- }
- }
- }
-
- return root;
- } catch (Exception e) {
- //e.printStackTrace();
- throw new ParseException(e.toString(), null);
- }
- }
-
- /**
- * Extracts the name of the mandator as a string representation.
- *
- * @param mandator
- * the XML md:Mandator element to extract from.
- * @return the mandator name as a string.
- */
- public static String extractMandatorName(Element mandator) {
- try {
- Element nameSpaceNode = mandator.getOwnerDocument().createElement("NameSpaceNode");
- nameSpaceNode.setAttribute("xmlns" + SZRGWConstants.PD_POSTFIX, Constants.PD_NS_URI);
-
- // first check if physical person
- Element name = (Element) XPathAPI.selectSingleNode(mandator, "descendant-or-self::pr:Name/pr:GivenName", nameSpaceNode);
- if (name != null) {
- String givenName = XPathAPI.selectSingleNode(mandator, "descendant-or-self::pr:Name/pr:GivenName/text()", nameSpaceNode).getNodeValue();
- String familyName = XPathAPI.selectSingleNode(mandator, "descendant-or-self::pr:Name/pr:FamilyName/text()", nameSpaceNode).getNodeValue();
-
- return givenName + " " + familyName;
- }
-
- // check if corporate body
- Node fullName = XPathAPI.selectSingleNode(mandator, "descendant-or-self::pr:FullName/text()", nameSpaceNode);
- if (fullName != null) {
- return fullName.getNodeValue();
- }
- return "";
- } catch (Exception e) {
- //e.printStackTrace();
- return "";
- }
- }
-
- /**
- * Extracts specific text of an element of a given md:Mandator element.
- *
- * @param mandator
- * the XML md:Mandator to extract from.
- * @return the resulting text of the mandator element.
- */
- public static String extractText(Element mandator, String xpath) {
- try {
- Element nameSpaceNode = mandator.getOwnerDocument().createElement("NameSpaceNode");
- nameSpaceNode.setAttribute("xmlns" + SZRGWConstants.PD_POSTFIX, Constants.PD_NS_URI);
-
- Node textNode = XPathAPI.selectSingleNode(mandator, xpath, nameSpaceNode);
- if (textNode == null)
- return null;
- return textNode.getNodeValue();
- } catch (Exception e) {
- e.printStackTrace();
- return null;
- }
- }
-
- /**
- * Extracts the date of birth of the mandator of a given md:Mandator element.
- *
- * @param mandator
- * the XML md:Mandator to extract from.
- * @return the dob of the mandator.
- */
- public static String extractMandatorDateOfBirth(Element mandator) {
- try {
- Element nameSpaceNode = mandator.getOwnerDocument().createElement("NameSpaceNode");
- nameSpaceNode.setAttribute("xmlns" + SZRGWConstants.PD_POSTFIX, Constants.PD_NS_URI);
-
- Node dobName = XPathAPI.selectSingleNode(mandator, "descendant-or-self::pr:DateOfBirth/text()", nameSpaceNode);
- if (dobName == null)
- return null;
- return dobName.getNodeValue();
- } catch (Exception e) {
- e.printStackTrace();
- return null;
- }
- }
-
- /**
- * Extracts the full name of the mandators corporate body of a given
- * md:Mandator element.
- *
- * @param mandator
- * the XML md:Mandator to extract from.
- * @return the full name of the mandator.
- */
- public static String extractMandatorFullName(Element mandator) {
- try {
- Element nameSpaceNode = mandator.getOwnerDocument().createElement("NameSpaceNode");
- nameSpaceNode.setAttribute("xmlns" + SZRGWConstants.PD_POSTFIX, Constants.PD_NS_URI);
-
- Node fullName = XPathAPI.selectSingleNode(mandator, "descendant-or-self::pr:CorporateBody/pr:FullName/text()", nameSpaceNode);
- if (fullName == null)
- return null;
- return fullName.getNodeValue();
- } catch (Exception e) {
- e.printStackTrace();
- return null;
- }
- }
-
- /**
- * Extracts the identification value of the mandator of a given mandate.
- *
- * @param mandator
- * the XML md:Mandator element.
- * @return the identification value.
- */
- public static String extractMandatorWbpk(Element mandator) {
- try {
- Element nameSpaceNode = mandator.getOwnerDocument().createElement("NameSpaceNode");
- nameSpaceNode.setAttribute("xmlns" + SZRGWConstants.PD_POSTFIX, Constants.PD_NS_URI);
-
- Node idValue = XPathAPI.selectSingleNode(mandator, "descendant-or-self::pr:Identification/pr:Value/text()", nameSpaceNode);
- if (idValue != null) {
- return idValue.getNodeValue();
- }
- return "";
- } catch (Exception e) {
- e.printStackTrace();
- return "";
- }
- }
-
- /**
- * Extracts the identification type of the mandator of a given mandate.
- *
- * @param mandator
- * the XML md:Mandator element.
- * @return the identification type.
- */
- public static String extractMandatorIdentificationType(Element mandator) {
- try {
- Element nameSpaceNode = mandator.getOwnerDocument().createElement("NameSpaceNode");
- nameSpaceNode.setAttribute("xmlns" + SZRGWConstants.PD_POSTFIX, Constants.PD_NS_URI);
-
- Node idType = XPathAPI.selectSingleNode(mandator, "descendant-or-self::pr:Identification/pr:Type/text()", nameSpaceNode);
- if (idType != null) {
- return idType.getNodeValue();
- }
- return "";
- } catch (Exception e) {
- e.printStackTrace();
- return "";
- }
- }
-
- /*
- *
- */
- public static String getIdentification(Element personElement, String element) throws ParseException {
- try {
-
- Element nameSpaceNode = personElement.getOwnerDocument().createElement("NameSpaceNode");
- nameSpaceNode.setAttribute("xmlns" + SZRGWConstants.PD_POSTFIX, Constants.PD_NS_URI);
-
- return XPathAPI.selectSingleNode(personElement, "descendant-or-self::pr:Identification/pr:" + element + "/text()", nameSpaceNode)
- .getNodeValue();
- } catch (Exception e) {
- throw new ParseException(e.toString(), null);
- }
- }
-
-// /*
-// *
-// */
-// private static Element extractRepresentative(Element mandate) throws SZRGWClientException {
-// try {
-// Element nameSpaceNode = mandate.getOwnerDocument().createElement("NameSpaceNode");
-// nameSpaceNode.setAttribute("xmlns:md", SZRGWConstants.MANDATE_NS);
-// Element mandator = (Element) XPathAPI.selectSingleNode(mandate, "//md:Representative/child::*[1]", nameSpaceNode);
-// String nsPrefix = mandator.getPrefix();
-// String nsUri = mandator.getNamespaceURI();
-//
-// Element mandatorClone = (Element) mandator.cloneNode(true);
-// mandatorClone.setAttribute("xmlns:" + nsPrefix, nsUri);
-//
-// return mandatorClone;
-// } catch (Exception e) {
-// throw new SZRGWClientException(e);
-// }
-// }
-
- /**
- * Serializes a XML element to a given output stream.
- *
- * @param element
- * the XML element to serialize.
- * @param out
- * the output streamt o serialize to.
- * @throws IOException
- * if an I/O error occurs during serialization.
- */
- public static void serializeElement(Element element, OutputStream out) throws IOException {
- OutputFormat format = new OutputFormat();
- format.setOmitXMLDeclaration(true);
- format.setEncoding("UTF-8");
- format.setPreserveSpace(true);
- XMLSerializer serializer = new XMLSerializer(new OutputStreamWriter(out, "UTF-8"), format);
- serializer.serialize(element);
- }
-
- public static void serializeElementAsDocument(Element element, OutputStream out) throws IOException {
- OutputFormat format = new OutputFormat();
- format.setOmitXMLDeclaration(false);
- format.setEncoding("UTF-8");
- format.setPreserveSpace(true);
- XMLSerializer serializer = new XMLSerializer(new OutputStreamWriter(out, "UTF-8"), format);
- serializer.serialize(element);
- }
-
- public static void serializeElementWithoutEncoding(Element element, OutputStream out) throws IOException {
- OutputFormat format = new OutputFormat();
- format.setOmitXMLDeclaration(true);
- format.setEncoding("UTF-8");
- format.setPreserveSpace(true);
- XMLSerializer serializer = new XMLSerializer(new OutputStreamWriter(out), format);
- serializer.serialize(element);
- }
-
- public static void saveStringToFile(String str, File file) throws IOException {
- FileOutputStream fos = new FileOutputStream(file);
- fos.write(str.getBytes());
- fos.flush();
- fos.close();
- }
-
- public static void saveBytesToFile(byte[] str, File file) throws IOException {
- FileOutputStream fos = new FileOutputStream(file);
- fos.write(str);
- fos.flush();
- fos.close();
- }
-
- public static void saveElementToFile(Element elem, File file) throws IOException {
- FileOutputStream fos = new FileOutputStream(file);
- serializeElementWithoutEncoding(elem, fos);
- fos.flush();
- fos.close();
- }
-
- /**
- * Creates an empty XML document.
- *
- * @return a newly created empty XML document.
- * @throws SZRGWClientException
- * if an error occurs creating the empty document.
- */
- public static Document createEmptyDocument() throws SZRGWClientException {
- try {
- DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
- factory.setNamespaceAware(true);
- return factory.newDocumentBuilder().newDocument();
- } catch (Exception e) {
- throw new SZRGWClientException(e);
- }
- }
-
-
- /**
- * Tells if the Validator of an Infobox is enabled. If the corresponding application
- * specific configuration element <code>EnableInfoboxValidator</code> is missing, a default value <code>true</code> is assumed
- *
- * @param applicationSpecificParams
- * the XML element of the infobox configuration.
- * @return the boolean value of the determination.
- * @throws ConfigurationException
- * if an error occurs reading the configuration.
- */
- public static boolean isValidatorEnabled(Element applicationSpecificParams) throws ConfigurationException {
- try {
- Element nameSpaceNode = applicationSpecificParams.getOwnerDocument().createElement("NameSpaceNode");
- nameSpaceNode.setAttribute("xmlns:" + Constants.MOA_ID_CONFIG_PREFIX, Constants.MOA_ID_CONFIG_NS_URI);
-
- //ParepUtils.serializeElement(applicationSpecificParams, System.out);
- Node validatorEnabledNode = XPathAPI.selectSingleNode(applicationSpecificParams, Constants.MOA_ID_CONFIG_PREFIX
- + ":EnableInfoboxValidator/text()", nameSpaceNode);
- if (validatorEnabledNode != null) {
- return BoolUtils.valueOf(validatorEnabledNode.getNodeValue());
- }
- return true;
- } catch (Exception e) {
- // e.printStackTrace();
- throw new ConfigurationException("config.02", null);
- }
- }
-
- /**
- * Delivers a String with the description of the register which is described
- * through the identification Type of a corporate body of the persondata schema
- *
- * @param identificationType
- * the identification type.
- * @return the register description.
- */
- public static String getRegisterString(String identificationType) {
- String corporateBase = Constants.URN_PREFIX_BASEID + "+";
- if (ParepUtils.isEmpty(identificationType) || !identificationType.startsWith(corporateBase)) return null;
- String register = identificationType.substring(corporateBase.length());
- if (ParepUtils.isEmpty(register)) return null;
- if (register.equals("FN") || register.equals("XFN")) return "Firmenbuchnummer";
- if (register.equals("VR") || register.equals("XZVR") || register.equals("XVR") || register.equals("ZVR")) return "Nummer im Vereinsregister";
- if (register.equals("ERSB") || register.equals("XERSB")) return "Nummer im Ergänzungsregister für sonstige Betroffene";
- return null;
- }
-
- /**
- * Hides Stammzahlen in the given element
- *
- * @param hideElement The element where Stammzahlen should be replaced.
- * @param businessApplication For decision whether to calc a bPK or wbPK.
- * @param target Target for calculating a bPK.
- * @param registerID Necessary string for calculating a wbPK (example <code>FN+4096i</code>).
- * @param blank Switch for behaviour.
- * <code>true</code> if Stammzahlen are blinded. All occurences will be replaced by empty strings.
- * <code>false</code> calculates (w)bPKs and changes also the <code>pr:Identifivation/pr:Type</code> elements.
- * @return The element where Stammzahlen are hidden.
- */
- public static Element HideStammZahlen(Element hideElement, boolean businessApplication, String target, String registerID, boolean blank)
- throws BuildException {
- try {
- if (hideElement != null) {
- Element nameSpaceNode = hideElement.getOwnerDocument().createElement("NameSpaceNode");
- nameSpaceNode.setAttribute("xmlns" + SZRGWConstants.PD_POSTFIX, Constants.PD_NS_URI);
- NodeList identifications = XPathAPI.selectNodeList(hideElement, "descendant-or-self::pr:Identification", nameSpaceNode);
- for (int i = 0; i < identifications.getLength(); i++) {
- Element identificationElement = (Element) identifications.item(i);
- Node idTypeNode = XPathAPI.selectSingleNode(identificationElement, "descendant-or-self::pr:Identification/pr:Type/text()", nameSpaceNode);
- if (idTypeNode != null && Constants.URN_PREFIX_BASEID.equals(idTypeNode.getNodeValue())) {
- Node idValueNode = XPathAPI.selectSingleNode(identificationElement, "descendant-or-self::pr:Identification/pr:Value/text()", nameSpaceNode);
- if (idValueNode == null || ParepUtils.isEmpty(idValueNode.getNodeValue())) {
- Logger.error("HideStammZahlen: Problem beim Parsen des erhaltenen Elements - Value Element(-Inhalt) von pr:Identification nicht vorhanden.");
- throw new BuildException("builder.02", null);
- }
- if (blank) {
- idValueNode.setNodeValue("");
- } else {
- String idValue = idValueNode.getNodeValue();
- if (businessApplication) {
- // wbPK berechnen
- idTypeNode.setNodeValue(Constants.URN_PREFIX_WBPK + "+" + registerID);
- String bpkBase64 = new BPKBuilder().buildWBPK(idValueNode.getNodeValue(), registerID);
- idValueNode.setNodeValue(bpkBase64);
-
- } else {
- // bPK berechnen
- idTypeNode.setNodeValue(Constants.URN_PREFIX_BPK);
- String bpkBase64 = new BPKBuilder().buildBPK(idValueNode.getNodeValue(), target);
- idValueNode.setNodeValue(bpkBase64);
- }
- }
- }
- }
- }
- } catch (Exception e) {
- throw new BuildException("builder.02", null);
- }
- return hideElement;
- }
-
- /**
- * Replaces each substring of string <code>s</code> that matches the given
- * <code>search</code> string by the given <code>replace</code> string.
- *
- * @param s The string where the replacement should take place.
- * @param search The pattern that should be replaced.
- * @param replace The string that should replace all each <code>search</code>
- * string within <code>s</code>.
- * @return A string where all occurrence of <code>search</code> are
- * replaced with <code>replace</code>.
- */
- public static String replaceAll (String s, String search, String replace) {
- if (replace==null) replace = "";
- return StringUtils.replaceAll(s, search, replace);
- }
-
-
-// public static void main(String[] args) throws Exception {
-// Document mandate = readDocFromIs(new FileInputStream("c:/Doku/work/Organwalter/schemas/Vertretung_OW_Max_Mustermann.xml"));
-// Document mandate = readDocFromIs(new FileInputStream("c:/mandator.xml"));
-// Document mandate = readDocFromIs(new FileInputStream("c:/vertetervollmacht_1.2.40.0.10.3.1.xml"));
-// Element mandatorElement = extractMandator(mandate.getDocumentElement());
-// System.out.println(extractMandatorName(mandatorElement));
-// System.out.println(extractMandatorDateOfBirth(mandatorElement));
-// System.out.println(extractMandatorWbpk(mandatorElement));
-// //serializeElement(mandatorElement, System.out);
-// serializeElement((extractPrPersonOfMandate(mandate.getDocumentElement())), System.out);
-// }
-
-}
+/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + ******************************************************************************/ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.id.auth.validator.parep; + +import java.io.File; +import java.io.FileOutputStream; +import java.io.IOException; +import java.io.InputStream; +import java.io.OutputStream; +import java.io.OutputStreamWriter; + +import javax.xml.parsers.DocumentBuilderFactory; + +import org.apache.xml.serialize.OutputFormat; +import org.apache.xml.serialize.XMLSerializer; +import org.apache.xpath.XPathAPI; +import org.w3c.dom.Document; +import org.w3c.dom.Element; +import org.w3c.dom.Node; +import org.w3c.dom.NodeList; + +import at.gv.egovernment.moa.id.auth.builder.BPKBuilder; +import at.gv.egovernment.moa.id.auth.exception.BuildException; +import at.gv.egovernment.moa.id.auth.exception.ParseException; +import at.gv.egovernment.moa.id.auth.exception.ValidateException; +import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.SZRGWClientException; +import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.SZRGWConstants; +import at.gv.egovernment.moa.id.config.ConfigurationException; +import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.BoolUtils; +import at.gv.egovernment.moa.util.Constants; +import at.gv.egovernment.moa.util.DOMUtils; +import at.gv.egovernment.moa.util.StringUtils; + +/** + * This class implements a set of utility methods. + * + * @author <a href="mailto:peter.danner@egiz.gv.at">Peter Danner</a> + */ +public class ParepUtils { + + /** + * Determines whether a string is null or empty + * + * @param str the string to check. + * @return <code>true</code> if the string is null or empty, + * <code>false</code> otherwise. + */ + public static boolean isEmpty(String str) { + return str == null || "".equals(str); + } + + /** + * Reads a XML document from an input stream (namespace-aware). + * + * @param is + * the input stream to read from. + * @return the read XML document. + * @throws SZRGWClientException + * if an error occurs reading the document from the input stream. + */ + public static Document readDocFromIs(InputStream is) throws SZRGWClientException { + try { + DocumentBuilderFactory f = DocumentBuilderFactory.newInstance(); + f.setNamespaceAware(true); + return f.newDocumentBuilder().parse(is); + } catch (Exception e) { + throw new SZRGWClientException(e); + } + } + +// /* +// * +// */ +// public static String extractRepresentativeID(Element mandate) throws ValidateException { +// try { +// Element nameSpaceNode = mandate.getOwnerDocument().createElement("NameSpaceNode"); +// nameSpaceNode.setAttribute("xmlns:md", SZRGWConstants.MANDATE_NS); +// Node resultNode = XPathAPI.selectSingleNode(mandate, "//md:Mandate/attribute::MandateID", nameSpaceNode); +// if (resultNode != null) { +// // because following line is not ready for JDK 1.4.x we need to get the childnode; +// // return resultNode.getTextContent(); +// Node textNode = resultNode.getFirstChild(); +// if (textNode != null) { +// return textNode.getNodeValue(); +// } +// } +// return null; +// } catch (Exception e) { +// throw new ValidateException("validator.62", null); +// } +// } + + + /** + * Dumps all bytes from an input stream to the given output stream. + * + * @param is + * the input stream to dump from. + * @param os + * the output stream to dump to. + * @throws IOException + * if an error occurs while dumping. + */ + public static void dumpInputOutputStream(InputStream is, OutputStream os) throws IOException { + if (is == null) { + return; + } + int ch; + while ((ch = is.read()) != -1) { + os.write(ch); + } + } + + /** + * Gets a string that represents the date a mandate was issued. + * + * @param mandate + * the mandate to extract the issuing date from. + * @return the issuing date of the given mandate. + * @throws SZRGWClientException + * if an exception occurs extracting the issuing date of the + * mandate. + */ + public static String getMandateIssuedDate(Element mandate) throws SZRGWClientException { + try { + Element nameSpaceNode = mandate.getOwnerDocument().createElement("NameSpaceNode"); + nameSpaceNode.setAttribute("xmlns:md", SZRGWConstants.MANDATE_NS); + + Node dateNode = XPathAPI.selectSingleNode(mandate, "//md:Issued/md:Date/text()", nameSpaceNode); + + if (dateNode == null) { + throw new Exception("Date in Mandate-Issued not found."); + } + return dateNode.getNodeValue(); + } catch (Exception e) { + throw new SZRGWClientException(e); + } + } + + /** + * Gets a string that represents the place a mandate was issued. + * + * @param mandate + * the mandate to extract the issuing place from. + * @return the issuing place of the given mandate. + * @throws SZRGWClientException + * if an exception occurs extracting the issuing place of the + * mandate. + */ + public static String getMandateIssuedPlace(Element mandate) throws SZRGWClientException { + try { + Element nameSpaceNode = mandate.getOwnerDocument().createElement("NameSpaceNode"); + nameSpaceNode.setAttribute("xmlns:md", SZRGWConstants.MANDATE_NS); + + Node placeNode = XPathAPI.selectSingleNode(mandate, "//md:Issued/md:Place/text()", nameSpaceNode); + + if (placeNode == null) { + throw new Exception("Place in Mandate-Issued not found."); + } + return placeNode.getNodeValue(); + } catch (Exception e) { + throw new SZRGWClientException(e); + } + } + + /** + * Extracts the textual description of the mandate. + * + * @param mandate + * the mandate to extract the textual description from. + * @return the textual description of the mandate. + * @throws SZRGWClientException + * if an exception occurs extracting the textual description. + */ + public static String getMandateContent(Element mandate) throws SZRGWClientException { + try { + Element nameSpaceNode = mandate.getOwnerDocument().createElement("NameSpaceNode"); + nameSpaceNode.setAttribute("xmlns:md", SZRGWConstants.MANDATE_NS); + + Node contentNode = XPathAPI.selectSingleNode(mandate, "//md:SimpleMandateContent/md:TextualDescription/text()", nameSpaceNode); + + if (contentNode == null) { + throw new Exception("Content in Mandate not found."); + } + return contentNode.getNodeValue(); + } catch (Exception e) { + throw new SZRGWClientException(e); + } + } + + /** + * Extracts the md:Mandator element from a XML mandate element. + * + * @param mandate + * the md:Mandate element to extract the md:Mandator from. + * @return the md:Mandator element. + * @throws SZRGWClientException + * if an error occurs extracting the md:Mandator element. + */ + public static Element extractMandator(Element mandate) throws ParseException { + try { + + Element nameSpaceNode = mandate.getOwnerDocument().createElement("NameSpaceNode"); + nameSpaceNode.setAttribute("xmlns" + SZRGWConstants.MANDATE_POSTFIX, SZRGWConstants.MANDATE_NS); + Element mandator = (Element) XPathAPI.selectSingleNode(mandate, "//" + SZRGWConstants.MANDATE_PREFIX + SZRGWConstants.MANDATOR, nameSpaceNode); + if (mandator == null) { + // if we got the Mandator itself + if (mandate.getLocalName().equals(SZRGWConstants.MANDATOR)) return mandate; + } + if (mandator == null) + return null; + String nsPrefix = mandator.getPrefix(); + String nsUri = mandator.getNamespaceURI(); + Element mandatorClone = (Element) mandator.cloneNode(true); + mandatorClone.setAttribute("xmlns:" + nsPrefix, nsUri); + return mandatorClone; + } catch (Exception e) { + throw new ParseException(e.toString(), null); + } + } + + /** + * Tells wether a mandator is a physical person or not. + * + * @param mandator + * the XML md:Mandator element to extract from. + * @return <code>true<code> if the mandator is a physical person, <code>false</code> otherwise. + */ + public static boolean isPhysicalPerson(Element mandator) { + try { + Element nameSpaceNode = mandator.getOwnerDocument().createElement("NameSpaceNode"); + nameSpaceNode.setAttribute("xmlns" + SZRGWConstants.PD_POSTFIX, Constants.PD_NS_URI); + + DOMUtils.serializeNode(mandator); + + // check if physical person + Element physicalPerson = (Element) XPathAPI.selectSingleNode(mandator, "descendant-or-self::pr:PhysicalPerson", nameSpaceNode); + + + // Element physicalPerson = (Element)XPathAPI.selectSingleNode(mandator, + // "descendant-or-self::pr:CorporateBody", nameSpaceNode); + return physicalPerson != null; + } catch (Exception e) { + e.printStackTrace(); + return false; + } + } + + /** + * Extracts the <code>pr:PhysicalPerson</code> or <code>pr:CorporateBody</code> + * element from a XML mandate element. + * + * @param mandate + * the md:Mandate element to extract the person from. + * @return the <code>pr:PhysicalPerson</code> or <code>pr:CorporateBody</code> element. + * @throws ParseException + * if an error occurs extracting the element. + */ + public static Element extractPersonOfMandate(Element mandate) throws ParseException { + try { + + Element nameSpaceNode = mandate.getOwnerDocument().createElement("NameSpaceNode"); + nameSpaceNode.setAttribute("xmlns" + SZRGWConstants.MANDATE_POSTFIX, SZRGWConstants.MANDATE_NS); + nameSpaceNode.setAttribute("xmlns" + SZRGWConstants.PD_POSTFIX, Constants.PD_NS_URI); + Element person = (Element) XPathAPI.selectSingleNode(mandate, "//" + SZRGWConstants.MANDATE_PREFIX + SZRGWConstants.MANDATOR + "/pr:PhysicalPerson", nameSpaceNode); + if (person == null) { + person = (Element) XPathAPI.selectSingleNode(mandate, "//" + SZRGWConstants.MANDATE_PREFIX + SZRGWConstants.MANDATOR + "/pr:CorporateBody", nameSpaceNode); + } + if (person == null) return null; + String nsPrefix = person.getPrefix(); + String nsUri = person.getNamespaceURI(); + Element personClone = (Element) person.cloneNode(true); + personClone.setAttribute("xmlns:" + nsPrefix, nsUri); + return personClone; + } catch (Exception e) { + //e.printStackTrace(); + throw new ParseException(e.toString(), null); + } + } + + /** + * Benerates the </code>pr:Person</code> element form a + * <code>pr:PhysicalPerson</code> or <code>pr:CorporateBody</code> + * element of a XML mandate element. + * + * @param mandate + * the md:Mandate element to extract the person from. + * @return the <code>pr:Person</code> element. + * @throws ParseException + * if an error occurs extracting the element. + */ + public static Element extractPrPersonOfMandate(Element mandate) throws ParseException { + + try { + Document document = ParepUtils.createEmptyDocument(); + Element root = document.createElement(SZRGWConstants.PD_PREFIX + SZRGWConstants.PERSON); + root.setAttribute("xmlns" + SZRGWConstants.PD_POSTFIX, Constants.PD_NS_URI); + root.setAttribute("xmlns:" + Constants.XSI_PREFIX, Constants.XSI_NS_URI); + + Element nameSpaceNode = mandate.getOwnerDocument().createElement("NameSpaceNode"); + nameSpaceNode.setAttribute("xmlns" + SZRGWConstants.MANDATE_POSTFIX, SZRGWConstants.MANDATE_NS); + nameSpaceNode.setAttribute("xmlns" + SZRGWConstants.PD_POSTFIX, Constants.PD_NS_URI); + Element person = (Element) XPathAPI.selectSingleNode(mandate, "//" + + SZRGWConstants.MANDATE_PREFIX + SZRGWConstants.MANDATOR + "/" + SZRGWConstants.PD_PREFIX + SZRGWConstants.PHYSICALPERSON, nameSpaceNode); + if (person == null) { + person = (Element) XPathAPI.selectSingleNode(mandate, "//" + + SZRGWConstants.MANDATE_PREFIX + SZRGWConstants.MANDATOR + "/" + SZRGWConstants.PD_PREFIX + SZRGWConstants.CORPORATEBODY, nameSpaceNode); + } + if (person != null) { + root.setAttribute(Constants.XSI_PREFIX + ":type", SZRGWConstants.PD_PREFIX + person.getLocalName()); + if (person != null) { + NodeList nl = person.getChildNodes(); + for (int i = 0; i < nl.getLength(); i++) { + Node testNode = nl.item(i); + if (Node.ELEMENT_NODE == testNode.getNodeType()) { + root.appendChild(document.importNode(testNode, true)); + } + } + } + } + + return root; + } catch (Exception e) { + //e.printStackTrace(); + throw new ParseException(e.toString(), null); + } + } + + /** + * Extracts the name of the mandator as a string representation. + * + * @param mandator + * the XML md:Mandator element to extract from. + * @return the mandator name as a string. + */ + public static String extractMandatorName(Element mandator) { + try { + Element nameSpaceNode = mandator.getOwnerDocument().createElement("NameSpaceNode"); + nameSpaceNode.setAttribute("xmlns" + SZRGWConstants.PD_POSTFIX, Constants.PD_NS_URI); + + // first check if physical person + Element name = (Element) XPathAPI.selectSingleNode(mandator, "descendant-or-self::pr:Name/pr:GivenName", nameSpaceNode); + if (name != null) { + String givenName = XPathAPI.selectSingleNode(mandator, "descendant-or-self::pr:Name/pr:GivenName/text()", nameSpaceNode).getNodeValue(); + String familyName = XPathAPI.selectSingleNode(mandator, "descendant-or-self::pr:Name/pr:FamilyName/text()", nameSpaceNode).getNodeValue(); + + return givenName + " " + familyName; + } + + // check if corporate body + Node fullName = XPathAPI.selectSingleNode(mandator, "descendant-or-self::pr:FullName/text()", nameSpaceNode); + if (fullName != null) { + return fullName.getNodeValue(); + } + return ""; + } catch (Exception e) { + //e.printStackTrace(); + return ""; + } + } + + /** + * Extracts specific text of an element of a given md:Mandator element. + * + * @param mandator + * the XML md:Mandator to extract from. + * @return the resulting text of the mandator element. + */ + public static String extractText(Element mandator, String xpath) { + try { + Element nameSpaceNode = mandator.getOwnerDocument().createElement("NameSpaceNode"); + nameSpaceNode.setAttribute("xmlns" + SZRGWConstants.PD_POSTFIX, Constants.PD_NS_URI); + + Node textNode = XPathAPI.selectSingleNode(mandator, xpath, nameSpaceNode); + if (textNode == null) + return null; + return textNode.getNodeValue(); + } catch (Exception e) { + e.printStackTrace(); + return null; + } + } + + /** + * Extracts the date of birth of the mandator of a given md:Mandator element. + * + * @param mandator + * the XML md:Mandator to extract from. + * @return the dob of the mandator. + */ + public static String extractMandatorDateOfBirth(Element mandator) { + try { + Element nameSpaceNode = mandator.getOwnerDocument().createElement("NameSpaceNode"); + nameSpaceNode.setAttribute("xmlns" + SZRGWConstants.PD_POSTFIX, Constants.PD_NS_URI); + + Node dobName = XPathAPI.selectSingleNode(mandator, "descendant-or-self::pr:DateOfBirth/text()", nameSpaceNode); + if (dobName == null) + return null; + return dobName.getNodeValue(); + } catch (Exception e) { + e.printStackTrace(); + return null; + } + } + + /** + * Extracts the full name of the mandators corporate body of a given + * md:Mandator element. + * + * @param mandator + * the XML md:Mandator to extract from. + * @return the full name of the mandator. + */ + public static String extractMandatorFullName(Element mandator) { + try { + Element nameSpaceNode = mandator.getOwnerDocument().createElement("NameSpaceNode"); + nameSpaceNode.setAttribute("xmlns" + SZRGWConstants.PD_POSTFIX, Constants.PD_NS_URI); + + Node fullName = XPathAPI.selectSingleNode(mandator, "descendant-or-self::pr:CorporateBody/pr:FullName/text()", nameSpaceNode); + if (fullName == null) + return null; + return fullName.getNodeValue(); + } catch (Exception e) { + e.printStackTrace(); + return null; + } + } + + /** + * Extracts the identification value of the mandator of a given mandate. + * + * @param mandator + * the XML md:Mandator element. + * @return the identification value. + */ + public static String extractMandatorWbpk(Element mandator) { + try { + Element nameSpaceNode = mandator.getOwnerDocument().createElement("NameSpaceNode"); + nameSpaceNode.setAttribute("xmlns" + SZRGWConstants.PD_POSTFIX, Constants.PD_NS_URI); + + Node idValue = XPathAPI.selectSingleNode(mandator, "descendant-or-self::pr:Identification/pr:Value/text()", nameSpaceNode); + if (idValue != null) { + return idValue.getNodeValue(); + } + return ""; + } catch (Exception e) { + e.printStackTrace(); + return ""; + } + } + + /** + * Extracts the identification type of the mandator of a given mandate. + * + * @param mandator + * the XML md:Mandator element. + * @return the identification type. + */ + public static String extractMandatorIdentificationType(Element mandator) { + try { + Element nameSpaceNode = mandator.getOwnerDocument().createElement("NameSpaceNode"); + nameSpaceNode.setAttribute("xmlns" + SZRGWConstants.PD_POSTFIX, Constants.PD_NS_URI); + + Node idType = XPathAPI.selectSingleNode(mandator, "descendant-or-self::pr:Identification/pr:Type/text()", nameSpaceNode); + if (idType != null) { + return idType.getNodeValue(); + } + return ""; + } catch (Exception e) { + e.printStackTrace(); + return ""; + } + } + + /* + * + */ + public static String getIdentification(Element personElement, String element) throws ParseException { + try { + + Element nameSpaceNode = personElement.getOwnerDocument().createElement("NameSpaceNode"); + nameSpaceNode.setAttribute("xmlns" + SZRGWConstants.PD_POSTFIX, Constants.PD_NS_URI); + + return XPathAPI.selectSingleNode(personElement, "descendant-or-self::pr:Identification/pr:" + element + "/text()", nameSpaceNode) + .getNodeValue(); + } catch (Exception e) { + throw new ParseException(e.toString(), null); + } + } + +// /* +// * +// */ +// private static Element extractRepresentative(Element mandate) throws SZRGWClientException { +// try { +// Element nameSpaceNode = mandate.getOwnerDocument().createElement("NameSpaceNode"); +// nameSpaceNode.setAttribute("xmlns:md", SZRGWConstants.MANDATE_NS); +// Element mandator = (Element) XPathAPI.selectSingleNode(mandate, "//md:Representative/child::*[1]", nameSpaceNode); +// String nsPrefix = mandator.getPrefix(); +// String nsUri = mandator.getNamespaceURI(); +// +// Element mandatorClone = (Element) mandator.cloneNode(true); +// mandatorClone.setAttribute("xmlns:" + nsPrefix, nsUri); +// +// return mandatorClone; +// } catch (Exception e) { +// throw new SZRGWClientException(e); +// } +// } + + /** + * Serializes a XML element to a given output stream. + * + * @param element + * the XML element to serialize. + * @param out + * the output streamt o serialize to. + * @throws IOException + * if an I/O error occurs during serialization. + */ + public static void serializeElement(Element element, OutputStream out) throws IOException { + OutputFormat format = new OutputFormat(); + format.setOmitXMLDeclaration(true); + format.setEncoding("UTF-8"); + format.setPreserveSpace(true); + XMLSerializer serializer = new XMLSerializer(new OutputStreamWriter(out, "UTF-8"), format); + serializer.serialize(element); + } + + public static void serializeElementAsDocument(Element element, OutputStream out) throws IOException { + OutputFormat format = new OutputFormat(); + format.setOmitXMLDeclaration(false); + format.setEncoding("UTF-8"); + format.setPreserveSpace(true); + XMLSerializer serializer = new XMLSerializer(new OutputStreamWriter(out, "UTF-8"), format); + serializer.serialize(element); + } + + public static void serializeElementWithoutEncoding(Element element, OutputStream out) throws IOException { + OutputFormat format = new OutputFormat(); + format.setOmitXMLDeclaration(true); + format.setEncoding("UTF-8"); + format.setPreserveSpace(true); + XMLSerializer serializer = new XMLSerializer(new OutputStreamWriter(out), format); + serializer.serialize(element); + } + + public static void saveStringToFile(String str, File file) throws IOException { + FileOutputStream fos = new FileOutputStream(file); + fos.write(str.getBytes()); + fos.flush(); + fos.close(); + } + + public static void saveBytesToFile(byte[] str, File file) throws IOException { + FileOutputStream fos = new FileOutputStream(file); + fos.write(str); + fos.flush(); + fos.close(); + } + + public static void saveElementToFile(Element elem, File file) throws IOException { + FileOutputStream fos = new FileOutputStream(file); + serializeElementWithoutEncoding(elem, fos); + fos.flush(); + fos.close(); + } + + /** + * Creates an empty XML document. + * + * @return a newly created empty XML document. + * @throws SZRGWClientException + * if an error occurs creating the empty document. + */ + public static Document createEmptyDocument() throws SZRGWClientException { + try { + DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance(); + factory.setNamespaceAware(true); + return factory.newDocumentBuilder().newDocument(); + } catch (Exception e) { + throw new SZRGWClientException(e); + } + } + + + /** + * Tells if the Validator of an Infobox is enabled. If the corresponding application + * specific configuration element <code>EnableInfoboxValidator</code> is missing, a default value <code>true</code> is assumed + * + * @param applicationSpecificParams + * the XML element of the infobox configuration. + * @return the boolean value of the determination. + * @throws ConfigurationException + * if an error occurs reading the configuration. + */ + public static boolean isValidatorEnabled(Element applicationSpecificParams) throws ConfigurationException { + try { + Element nameSpaceNode = applicationSpecificParams.getOwnerDocument().createElement("NameSpaceNode"); + nameSpaceNode.setAttribute("xmlns:" + Constants.MOA_ID_CONFIG_PREFIX, Constants.MOA_ID_CONFIG_NS_URI); + + //ParepUtils.serializeElement(applicationSpecificParams, System.out); + Node validatorEnabledNode = XPathAPI.selectSingleNode(applicationSpecificParams, Constants.MOA_ID_CONFIG_PREFIX + + ":EnableInfoboxValidator/text()", nameSpaceNode); + if (validatorEnabledNode != null) { + return BoolUtils.valueOf(validatorEnabledNode.getNodeValue()); + } + return true; + } catch (Exception e) { + // e.printStackTrace(); + throw new ConfigurationException("config.02", null); + } + } + + /** + * Delivers a String with the description of the register which is described + * through the identification Type of a corporate body of the persondata schema + * + * @param identificationType + * the identification type. + * @return the register description. + */ + public static String getRegisterString(String identificationType) { + String corporateBase = Constants.URN_PREFIX_BASEID + "+"; + if (ParepUtils.isEmpty(identificationType) || !identificationType.startsWith(corporateBase)) return null; + String register = identificationType.substring(corporateBase.length()); + if (ParepUtils.isEmpty(register)) return null; + if (register.equals("FN") || register.equals("XFN")) return "Firmenbuchnummer"; + if (register.equals("VR") || register.equals("XZVR") || register.equals("XVR") || register.equals("ZVR")) return "Nummer im Vereinsregister"; + if (register.equals("ERSB") || register.equals("XERSB")) return "Nummer im Ergänzungsregister für sonstige Betroffene"; + return null; + } + + /** + * Hides Stammzahlen in the given element + * + * @param hideElement The element where Stammzahlen should be replaced. + * @param businessApplication For decision whether to calc a bPK or wbPK. + * @param target Target for calculating a bPK. + * @param registerID Necessary string for calculating a wbPK (example <code>FN+4096i</code>). + * @param blank Switch for behaviour. + * <code>true</code> if Stammzahlen are blinded. All occurences will be replaced by empty strings. + * <code>false</code> calculates (w)bPKs and changes also the <code>pr:Identifivation/pr:Type</code> elements. + * @return The element where Stammzahlen are hidden. + */ + public static Element HideStammZahlen(Element hideElement, boolean businessApplication, String target, String registerID, boolean blank) + throws BuildException { + try { + if (hideElement != null) { + Element nameSpaceNode = hideElement.getOwnerDocument().createElement("NameSpaceNode"); + nameSpaceNode.setAttribute("xmlns" + SZRGWConstants.PD_POSTFIX, Constants.PD_NS_URI); + NodeList identifications = XPathAPI.selectNodeList(hideElement, "descendant-or-self::pr:Identification", nameSpaceNode); + for (int i = 0; i < identifications.getLength(); i++) { + Element identificationElement = (Element) identifications.item(i); + Node idTypeNode = XPathAPI.selectSingleNode(identificationElement, "descendant-or-self::pr:Identification/pr:Type/text()", nameSpaceNode); + if (idTypeNode != null && Constants.URN_PREFIX_BASEID.equals(idTypeNode.getNodeValue())) { + Node idValueNode = XPathAPI.selectSingleNode(identificationElement, "descendant-or-self::pr:Identification/pr:Value/text()", nameSpaceNode); + if (idValueNode == null || ParepUtils.isEmpty(idValueNode.getNodeValue())) { + Logger.error("HideStammZahlen: Problem beim Parsen des erhaltenen Elements - Value Element(-Inhalt) von pr:Identification nicht vorhanden."); + throw new BuildException("builder.02", null); + } + if (blank) { + idValueNode.setNodeValue(""); + } else { + String idValue = idValueNode.getNodeValue(); + if (businessApplication) { + // wbPK berechnen + idTypeNode.setNodeValue(Constants.URN_PREFIX_WBPK + "+" + registerID); + String bpkBase64 = new BPKBuilder().buildWBPK(idValueNode.getNodeValue(), registerID); + idValueNode.setNodeValue(bpkBase64); + + } else { + // bPK berechnen + idTypeNode.setNodeValue(Constants.URN_PREFIX_BPK); + String bpkBase64 = new BPKBuilder().buildBPK(idValueNode.getNodeValue(), target); + idValueNode.setNodeValue(bpkBase64); + } + } + } + } + } + } catch (Exception e) { + throw new BuildException("builder.02", null); + } + return hideElement; + } + + /** + * Replaces each substring of string <code>s</code> that matches the given + * <code>search</code> string by the given <code>replace</code> string. + * + * @param s The string where the replacement should take place. + * @param search The pattern that should be replaced. + * @param replace The string that should replace all each <code>search</code> + * string within <code>s</code>. + * @return A string where all occurrence of <code>search</code> are + * replaced with <code>replace</code>. + */ + public static String replaceAll (String s, String search, String replace) { + if (replace==null) replace = ""; + return StringUtils.replaceAll(s, search, replace); + } + + +// public static void main(String[] args) throws Exception { +// Document mandate = readDocFromIs(new FileInputStream("c:/Doku/work/Organwalter/schemas/Vertretung_OW_Max_Mustermann.xml")); +// Document mandate = readDocFromIs(new FileInputStream("c:/mandator.xml")); +// Document mandate = readDocFromIs(new FileInputStream("c:/vertetervollmacht_1.2.40.0.10.3.1.xml")); +// Element mandatorElement = extractMandator(mandate.getDocumentElement()); +// System.out.println(extractMandatorName(mandatorElement)); +// System.out.println(extractMandatorDateOfBirth(mandatorElement)); +// System.out.println(extractMandatorWbpk(mandatorElement)); +// //serializeElement(mandatorElement, System.out); +// serializeElement((extractPrPersonOfMandate(mandate.getDocumentElement())), System.out); +// } + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/client/szrgw/SZRGWClientException.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/client/szrgw/SZRGWClientException.java index 8e1f887f6..85c213169 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/client/szrgw/SZRGWClientException.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/client/szrgw/SZRGWClientException.java @@ -1,88 +1,88 @@ -/*******************************************************************************
- * Copyright 2014 Federal Chancellery Austria
- * MOA-ID has been developed in a cooperation between BRZ, the Federal
- * Chancellery Austria - ICT staff unit, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- ******************************************************************************/
-/*
- * Copyright 2003 Federal Chancellery Austria
- * MOA-ID has been developed in a cooperation between BRZ, the Federal
- * Chancellery Austria - ICT staff unit, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw;
-
-/**
- * This class implements the basic exception type for the SZR-gateway client
- *
- * @author <a href="mailto:peter.danner@egiz.gv.at">Peter Danner</a>
- */
-public class SZRGWClientException extends Exception {
-
- /**
- *
- */
- private static final long serialVersionUID = 26538259471017714L;
-
-/*
- * see super constructor.
- */
- public SZRGWClientException() {
- super();
- }
-
- /*
- * see super constructor.
- */
- public SZRGWClientException(String arg0) {
- super(arg0);
- }
-
- /*
- * see super construction.
- */
- public SZRGWClientException(Throwable arg0) {
- super(arg0);
- }
-
- /*
- * see super constructor
- */
- public SZRGWClientException(String arg0, Throwable arg1) {
- super(arg0, arg1);
- }
-}
+/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + ******************************************************************************/ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw; + +/** + * This class implements the basic exception type for the SZR-gateway client + * + * @author <a href="mailto:peter.danner@egiz.gv.at">Peter Danner</a> + */ +public class SZRGWClientException extends Exception { + + /** + * + */ + private static final long serialVersionUID = 26538259471017714L; + +/* + * see super constructor. + */ + public SZRGWClientException() { + super(); + } + + /* + * see super constructor. + */ + public SZRGWClientException(String arg0) { + super(arg0); + } + + /* + * see super construction. + */ + public SZRGWClientException(Throwable arg0) { + super(arg0); + } + + /* + * see super constructor + */ + public SZRGWClientException(String arg0, Throwable arg1) { + super(arg0, arg1); + } +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/client/szrgw/SZRGWSecureSocketFactory.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/client/szrgw/SZRGWSecureSocketFactory.java index fd16c1586..22b575489 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/client/szrgw/SZRGWSecureSocketFactory.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/client/szrgw/SZRGWSecureSocketFactory.java @@ -1,170 +1,170 @@ -/*******************************************************************************
- * Copyright 2014 Federal Chancellery Austria
- * MOA-ID has been developed in a cooperation between BRZ, the Federal
- * Chancellery Austria - ICT staff unit, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- ******************************************************************************/
-/*
- * Copyright 2003 Federal Chancellery Austria
- * MOA-ID has been developed in a cooperation between BRZ, the Federal
- * Chancellery Austria - ICT staff unit, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw;
-
-import java.io.IOException;
-import java.net.InetAddress;
-import java.net.Socket;
-import java.net.UnknownHostException;
-
-import javax.net.ssl.SSLSocketFactory;
-
-import org.apache.commons.httpclient.params.HttpConnectionParams;
-import org.apache.commons.httpclient.protocol.SecureProtocolSocketFactory;
-
-/**
- * This class implements a secure protocol socket factory
- * for the Apache HTTP client.
- *
- * @author <a href="mailto:peter.danner@egiz.gv.at">Peter Danner</a>
- */
-public class SZRGWSecureSocketFactory implements SecureProtocolSocketFactory {
-
- /**
- * The SSL socket factory.
- */
- private SSLSocketFactory factory;
-
- /**
- * Creates a new Secure socket factory for the
- * Apache HTTP client.
- *
- * @param factory the SSL socket factory to use.
- */
- public SZRGWSecureSocketFactory(SSLSocketFactory factory) {
- this.factory = factory;
- }
-
-
- /**
- * @see SecureProtocolSocketFactory#createSocket(java.lang.String,int,java.net.InetAddress,int)
- */
- public Socket createSocket(
- String host,
- int port,
- InetAddress clientHost,
- int clientPort)
- throws IOException, UnknownHostException {
-
- return this.factory.createSocket(
- host,
- port,
- clientHost,
- clientPort
- );
- }
-
- /**
- * @see SecureProtocolSocketFactory#createSocket(java.lang.String,int)
- */
- public Socket createSocket(String host, int port)
- throws IOException, UnknownHostException {
- return this.factory.createSocket(
- host,
- port
- );
- }
-
- /**
- * @see SecureProtocolSocketFactory#createSocket(java.net.Socket,java.lang.String,int,boolean)
- */
- public Socket createSocket(
- Socket socket,
- String host,
- int port,
- boolean autoClose)
- throws IOException, UnknownHostException {
- return this.factory.createSocket(
- socket,
- host,
- port,
- autoClose
- );
- }
-
- /**
- * @see SecureProtocolSocketFactory#createSocket(java.lang.String,int,java.net.InetAddress,int,org.apache.commons.httpclient.params.HttpConnectionParams)
- */
- public Socket createSocket(
- String host,
- int port,
- InetAddress clientHost,
- int clientPort,
- HttpConnectionParams params)
- throws IOException, UnknownHostException, org.apache.commons.httpclient.ConnectTimeoutException {
-
- Socket socket = createSocket(host, port, clientHost, clientPort);
- if (socket != null) {
- // socket.setKeepAlive(false);
- if (params.getReceiveBufferSize() >= 0)
- socket.setReceiveBufferSize(params.getReceiveBufferSize());
- if (params.getSendBufferSize() >= 0)
- socket.setSendBufferSize(params.getSendBufferSize());
- socket.setReuseAddress(true);
- if (params.getSoTimeout() >= 0)
- socket.setSoTimeout(params.getSoTimeout());
- }
- return socket;
-
- }
-
- /**
- * @see java.lang.Object#equals(java.lang.Object)
- */
- public boolean equals(Object obj) {
- return ((obj != null) && obj.getClass().equals(SZRGWSecureSocketFactory.class));
- }
-
- /**
- * @see java.lang.Object#hashCode()
- */
- public int hashCode() {
- return SZRGWSecureSocketFactory.class.hashCode();
- }
-
-}
-
+/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + ******************************************************************************/ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw; + +import java.io.IOException; +import java.net.InetAddress; +import java.net.Socket; +import java.net.UnknownHostException; + +import javax.net.ssl.SSLSocketFactory; + +import org.apache.commons.httpclient.params.HttpConnectionParams; +import org.apache.commons.httpclient.protocol.SecureProtocolSocketFactory; + +/** + * This class implements a secure protocol socket factory + * for the Apache HTTP client. + * + * @author <a href="mailto:peter.danner@egiz.gv.at">Peter Danner</a> + */ +public class SZRGWSecureSocketFactory implements SecureProtocolSocketFactory { + + /** + * The SSL socket factory. + */ + private SSLSocketFactory factory; + + /** + * Creates a new Secure socket factory for the + * Apache HTTP client. + * + * @param factory the SSL socket factory to use. + */ + public SZRGWSecureSocketFactory(SSLSocketFactory factory) { + this.factory = factory; + } + + + /** + * @see SecureProtocolSocketFactory#createSocket(java.lang.String,int,java.net.InetAddress,int) + */ + public Socket createSocket( + String host, + int port, + InetAddress clientHost, + int clientPort) + throws IOException, UnknownHostException { + + return this.factory.createSocket( + host, + port, + clientHost, + clientPort + ); + } + + /** + * @see SecureProtocolSocketFactory#createSocket(java.lang.String,int) + */ + public Socket createSocket(String host, int port) + throws IOException, UnknownHostException { + return this.factory.createSocket( + host, + port + ); + } + + /** + * @see SecureProtocolSocketFactory#createSocket(java.net.Socket,java.lang.String,int,boolean) + */ + public Socket createSocket( + Socket socket, + String host, + int port, + boolean autoClose) + throws IOException, UnknownHostException { + return this.factory.createSocket( + socket, + host, + port, + autoClose + ); + } + + /** + * @see SecureProtocolSocketFactory#createSocket(java.lang.String,int,java.net.InetAddress,int,org.apache.commons.httpclient.params.HttpConnectionParams) + */ + public Socket createSocket( + String host, + int port, + InetAddress clientHost, + int clientPort, + HttpConnectionParams params) + throws IOException, UnknownHostException, org.apache.commons.httpclient.ConnectTimeoutException { + + Socket socket = createSocket(host, port, clientHost, clientPort); + if (socket != null) { + // socket.setKeepAlive(false); + if (params.getReceiveBufferSize() >= 0) + socket.setReceiveBufferSize(params.getReceiveBufferSize()); + if (params.getSendBufferSize() >= 0) + socket.setSendBufferSize(params.getSendBufferSize()); + socket.setReuseAddress(true); + if (params.getSoTimeout() >= 0) + socket.setSoTimeout(params.getSoTimeout()); + } + return socket; + + } + + /** + * @see java.lang.Object#equals(java.lang.Object) + */ + public boolean equals(Object obj) { + return ((obj != null) && obj.getClass().equals(SZRGWSecureSocketFactory.class)); + } + + /** + * @see java.lang.Object#hashCode() + */ + public int hashCode() { + return SZRGWSecureSocketFactory.class.hashCode(); + } + +} + diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/util/CitizenCardServletUtils.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/util/CitizenCardServletUtils.java new file mode 100644 index 000000000..276d6a105 --- /dev/null +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/util/CitizenCardServletUtils.java @@ -0,0 +1,171 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + ******************************************************************************/ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +/** + * + */ +package at.gv.egovernment.moa.id.util; + +import java.io.IOException; +import java.io.OutputStream; +import java.net.URLEncoder; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; +import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder; +import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; +import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +import at.gv.egovernment.moa.logging.Logger; + +/** + * @author <a href="mailto:peter.danner@egiz.gv.at">Peter Danner</a> + * + */ +public class CitizenCardServletUtils extends ServletUtils{ + + /** + * Writes out whether the CreateXMLSignatureRequest or a Redirect for form input processing + * depending on the requests starting text. + * + * @param resp The httpServletResponse + * @param session The current AuthenticationSession + * @param createXMLSignatureRequestOrRedirect The request + * @param servletGoal The servlet to which the redirect should happen + * @param servletName The servlet name for debug purposes + * @throws MOAIDException + * @throws IOException + */ + public static void writeCreateXMLSignatureRequestOrRedirect(HttpServletResponse resp, AuthenticationSession session, String createXMLSignatureRequestOrRedirect, String servletGoal, String servletName) + throws MOAIDException, + IOException + { + if (!createXMLSignatureRequestOrRedirect.startsWith("Redirect")) { + resp.setStatus(307); + String dataURL = new DataURLBuilder().buildDataURL( + session.getAuthURL(), MOAIDAuthConstants.REQ_VERIFY_AUTH_BLOCK, session.getSessionID()); + resp.addHeader("Location", dataURL); + + //TODO test impact of explicit setting charset with older versions of BKUs (HotSign) + resp.setContentType("text/xml;charset=UTF-8"); + + OutputStream out = resp.getOutputStream(); + out.write(createXMLSignatureRequestOrRedirect.getBytes("UTF-8")); + out.flush(); + out.close(); + Logger.debug("Finished POST " + servletName); + + } else { + String redirectURL = new DataURLBuilder().buildDataURL(session.getAuthURL(), servletGoal, session.getSessionID()); + resp.setContentType("text/html"); + resp.setStatus(302); + resp.addHeader("Location", redirectURL); + Logger.debug("REDIRECT TO: " + redirectURL); + + } + } + /** + * Writes out whether the CreateXMLSignatureRequest or a Redirect for form input processing + * depending on the requests starting text. + * + * @param resp The httpServletResponse + * @param createXMLSignatureRequestOrRedirect The request + * @param servletGoal The servlet to which the redirect should happen + * @param servletName The servlet name for debug purposes + * @throws MOAIDException + * @throws IOException + */ + public static void writeCreateXMLSignatureRequest(HttpServletResponse resp, String createXMLSignatureRequestOrRedirect, String servletGoal, String servletName, String dataURL) + throws MOAIDException, + IOException + { + resp.setStatus(307); + resp.addHeader("Location", dataURL); + + //TODO test impact of explicit setting charset with older versions of BKUs (HotSign) + resp.setContentType("text/xml;charset=UTF-8"); + + OutputStream out = resp.getOutputStream(); + out.write(createXMLSignatureRequestOrRedirect.getBytes("UTF-8")); + out.flush(); + out.close(); + Logger.debug("Finished POST " + servletName); + + } + + /** + * Writes out whether the CreateXMLSignatureRequest or a Redirect for form input processing + * depending on the requests starting text. + * + * @param resp The httpServletResponse + * @param session The current AuthenticationSession + * @param createXMLSignatureRequestOrRedirect The request + * @param servletGoal The servlet to which the redirect should happen + * @param servletName The servlet name for debug purposes + * @throws MOAIDException + * @throws IOException + */ + public static void writeCreateXMLSignatureRequestURLEncoded(HttpServletResponse resp, AuthenticationSession session, String createXMLSignatureRequestOrRedirect, String servletGoal, String servletName, String dataURL) + throws MOAIDException, + IOException { + resp.setStatus(200); + Logger.debug("ContentType set to: application/x-www-form-urlencoded"); + + resp.setContentType("application/x-www-form-urlencoded"); + + String content = "XMLRequest=" + URLEncoder.encode(createXMLSignatureRequestOrRedirect, "UTF-8") + "&" + + "DataURL=" + URLEncoder.encode(dataURL, "UTF-8"); + + OutputStream out = resp.getOutputStream(); + out.write(content.getBytes("UTF-8")); + out.flush(); + out.close(); + Logger.debug("Finished POST " + servletName); + + } + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/client/mis/simple/MISSessionId.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/util/client/mis/simple/MISSessionId.java index 9050a0f38..69b546f78 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/client/mis/simple/MISSessionId.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/util/client/mis/simple/MISSessionId.java @@ -1,68 +1,68 @@ -/*******************************************************************************
- * Copyright 2014 Federal Chancellery Austria
- * MOA-ID has been developed in a cooperation between BRZ, the Federal
- * Chancellery Austria - ICT staff unit, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- ******************************************************************************/
-/*
- * Copyright 2003 Federal Chancellery Austria
- * MOA-ID has been developed in a cooperation between BRZ, the Federal
- * Chancellery Austria - ICT staff unit, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package at.gv.egovernment.moa.id.util.client.mis.simple;
-
-public class MISSessionId {
-
- private String sessiondId = null;
- private String redirectURL = null;
-
- public String getSessiondId() {
- return sessiondId;
- }
- public void setSessiondId(String sessiondId) {
- this.sessiondId = sessiondId;
- }
- public String getRedirectURL() {
- return redirectURL;
- }
- public void setRedirectURL(String redirectURL) {
- this.redirectURL = redirectURL;
- }
-
-
-}
+/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + ******************************************************************************/ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.id.util.client.mis.simple; + +public class MISSessionId { + + private String sessiondId = null; + private String redirectURL = null; + + public String getSessiondId() { + return sessiondId; + } + public void setSessiondId(String sessiondId) { + this.sessiondId = sessiondId; + } + public String getRedirectURL() { + return redirectURL; + } + public void setRedirectURL(String redirectURL) { + this.redirectURL = redirectURL; + } + + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/client/mis/simple/MISSimpleClient.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/util/client/mis/simple/MISSimpleClient.java index 24c96a78f..e346c8bee 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/client/mis/simple/MISSimpleClient.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/util/client/mis/simple/MISSimpleClient.java @@ -1,358 +1,359 @@ -/*******************************************************************************
- * Copyright 2014 Federal Chancellery Austria
- * MOA-ID has been developed in a cooperation between BRZ, the Federal
- * Chancellery Austria - ICT staff unit, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- ******************************************************************************/
-/*
- * Copyright 2003 Federal Chancellery Austria
- * MOA-ID has been developed in a cooperation between BRZ, the Federal
- * Chancellery Austria - ICT staff unit, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package at.gv.egovernment.moa.id.util.client.mis.simple;
-
-import java.io.IOException;
-import java.util.ArrayList;
-import java.util.List;
-
-import javax.net.ssl.SSLSocketFactory;
-import javax.xml.parsers.DocumentBuilderFactory;
-import javax.xml.parsers.ParserConfigurationException;
-import javax.xml.transform.TransformerException;
-
-import org.apache.commons.codec.binary.Base64;
-import org.apache.commons.httpclient.HostConfiguration;
-import org.apache.commons.httpclient.HttpClient;
-import org.apache.commons.httpclient.methods.PostMethod;
-import org.apache.commons.httpclient.methods.StringRequestEntity;
-import org.apache.commons.httpclient.protocol.Protocol;
-import org.apache.xpath.XPathAPI;
-import org.w3c.dom.DOMException;
-import org.w3c.dom.Document;
-import org.w3c.dom.Element;
-import org.w3c.dom.Node;
-import org.w3c.dom.NodeList;
-import org.xml.sax.SAXException;
-
-import at.gv.egovernment.moa.id.auth.exception.MISSimpleClientException;
-import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.SZRGWSecureSocketFactory;
-import at.gv.egovernment.moa.id.commons.utils.HttpClientWithProxySupport;
-import at.gv.egovernment.moa.logging.Logger;
-import at.gv.egovernment.moa.util.DOMUtils;
-import at.gv.egovernment.moa.util.StringUtils;
-
-
-public class MISSimpleClient {
-
-
- private final static String SOAP_NS = "http://schemas.xmlsoap.org/soap/envelope/";
- private final static String MIS_NS = "http://reference.e-government.gv.at/namespace/mandates/mis/1.0/xsd";
-
- private static Element NS_NODE = null;
-
-
- static {
- try {
- NS_NODE = DocumentBuilderFactory.newInstance().newDocumentBuilder().newDocument().createElement("test");
- NS_NODE.setAttribute("xmlns:soap", SOAP_NS);
- NS_NODE.setAttribute("xmlns:mis", MIS_NS);
- } catch (Exception e) {
- Logger.warn("Error initializing namespace node.", e);
- }
- }
-
- public static List<MISMandate> sendGetMandatesRequest(String webServiceURL, String sessionId, SSLSocketFactory sSLSocketFactory) throws MISSimpleClientException {
- if (webServiceURL == null) {
- throw new NullPointerException("Argument webServiceURL must not be null.");
- }
- if (sessionId == null) {
- throw new NullPointerException("Argument sessionId must not be null.");
- }
-
- // ssl settings
- if (sSLSocketFactory != null) {
- SZRGWSecureSocketFactory fac = new SZRGWSecureSocketFactory(sSLSocketFactory);
- Protocol.registerProtocol("https", new Protocol("https", fac, 443));
- }
-
-
- try {
- Document doc = DocumentBuilderFactory.newInstance().newDocumentBuilder().newDocument();
- Element mirElement = doc.createElementNS(MIS_NS, "MandateIssueRequest");
- Element sessionIdElement = doc.createElementNS(MIS_NS, "SessionID");
- sessionIdElement.appendChild(doc.createTextNode(sessionId));
- mirElement.appendChild(sessionIdElement);
-
- // send soap request
- Element mandateIssueResponseElement = sendSOAPRequest(webServiceURL, mirElement);
-
- // check for error
- checkForError(mandateIssueResponseElement);
-
- // check for session id
- NodeList mandateElements = XPathAPI.selectNodeList(mandateIssueResponseElement, "//mis:MandateIssueResponse/mis:Mandates/mis:Mandate", NS_NODE);
-
- if (mandateElements == null || mandateElements.getLength() == 0) {
- throw new MISSimpleClientException("No mandates found in response.");
- }
-
- ArrayList<MISMandate> foundMandates = new ArrayList<MISMandate>();
- for (int i=0; i<mandateElements.getLength(); i++) {
- Element mandate = (Element) mandateElements.item(i);
-
- MISMandate misMandate = new MISMandate();
- if (mandate.hasAttribute("ProfessionalRepresentative")) {
-// System.out.println("OID: " + mandate.getAttribute("ProfessionalRepresentative"));
- misMandate.setProfRep(mandate.getAttribute("ProfessionalRepresentative"));
- }
- if (mandate.hasAttribute("OWbPK")) {
- misMandate.setOWbPK(mandate.getAttribute("OWbPK"));
-// System.out.println("OWBPK: " + mandate.getAttribute("OWbPK"));
- }
-
- //misMandate.setMandate(Base64.decodeBase64(DOMUtils.getText(mandate)));
- misMandate.setMandate(Base64.decodeBase64(DOMUtils.getText(mandate).getBytes()));
- misMandate.setFullMandateIncluded(true);
-
- foundMandates.add(misMandate);
- }
- return foundMandates;
- } catch (ParserConfigurationException e) {
- throw new MISSimpleClientException("service.06", e);
- } catch (DOMException e) {
- throw new MISSimpleClientException("service.06", e);
- } catch (TransformerException e) {
- throw new MISSimpleClientException("service.06", e);
- }
- }
-
- public static MISSessionId sendSessionIdRequest(String webServiceURL, byte[] idl, byte[] cert, String oaFriendlyName, String redirectURL, String referenceValue, List<String> mandateIdentifier, String targetType, byte[] authBlock, SSLSocketFactory sSLSocketFactory) throws MISSimpleClientException {
- if (webServiceURL == null) {
- throw new MISSimpleClientException("service.04");
- }
- if (idl == null) {
- throw new NullPointerException("Argument idl must not be null.");
- }
- if (redirectURL == null) {
- throw new NullPointerException("Argument redirectURL must not be null.");
- }
-
- // ssl settings
- if (sSLSocketFactory != null) {
- SZRGWSecureSocketFactory fac = new SZRGWSecureSocketFactory(sSLSocketFactory);
- Protocol.registerProtocol("https", new Protocol("https", fac, 443));
- }
-
- try {
- Document doc = DocumentBuilderFactory.newInstance().newDocumentBuilder().newDocument();
- Element mirElement = doc.createElementNS(MIS_NS, "MandateIssueRequest");
- Element idlElement = doc.createElementNS(MIS_NS, "IdentityLink");
-
-
- idlElement.appendChild(doc.createTextNode(new String(Base64.encodeBase64(idl))));
- mirElement.appendChild(idlElement);
-
- if (cert != null && cert.length > 0) {
- Element certElement = doc.createElementNS(MIS_NS, "X509SignatureCertificate");
- certElement.appendChild(doc.createTextNode(new String(Base64.encodeBase64(cert))));
- //certElement.appendChild(doc.createTextNode(Base64.encodeBase64(cert)));
- // certElement.appendChild(doc.createTextNode(new String(Base64.encodeBase64(cert))));
- mirElement.appendChild(certElement);
- }
-
- if (!StringUtils.isEmpty(oaFriendlyName)) {
- Element oaFriendlyNameElement = doc.createElementNS(MIS_NS, "OAFriendlyName");
- oaFriendlyNameElement.appendChild(doc.createTextNode(oaFriendlyName));
- mirElement.appendChild(oaFriendlyNameElement);
- }
-
- Element redirectElement = doc.createElementNS(MIS_NS, "RedirectURL");
- redirectElement.appendChild(doc.createTextNode(redirectURL));
- mirElement.appendChild(redirectElement);
-
- Element referenceValueElement = doc.createElementNS(MIS_NS, "ReferenceValue");
- referenceValueElement.appendChild(doc.createTextNode(referenceValue));
- mirElement.appendChild(referenceValueElement);
-
- if (mandateIdentifier != null && mandateIdentifier.size() > 0) {
- Element filtersElement = doc.createElementNS(MIS_NS, "Filters");
- Element mandateIdentifiersElement = doc.createElementNS(MIS_NS, "MandateIdentifiers");
- for (int i=0; i<mandateIdentifier.size(); i++) {
- Element mandateIdentifierElement = doc.createElementNS(MIS_NS, "MandateIdentifier");
- mandateIdentifierElement.appendChild(doc.createTextNode(mandateIdentifier.get(i)));
- mandateIdentifiersElement.appendChild(mandateIdentifierElement);
- }
- filtersElement.appendChild(mandateIdentifiersElement);
- mirElement.appendChild(filtersElement);
- }
-
- //add Target element
- Element targetElement = doc.createElementNS(MIS_NS, "Target");
- Element targetTypeElement = doc.createElementNS(MIS_NS, "Type");
- targetTypeElement.appendChild(doc.createTextNode(targetType));
- targetElement.appendChild(targetTypeElement);
- mirElement.appendChild(targetElement);
-
- //add AuthBlock element
- Element authBlockElement = doc.createElementNS(MIS_NS, "authBlock");
- authBlockElement.appendChild(doc.createTextNode(new String(Base64.encodeBase64(authBlock))));
- mirElement.appendChild(authBlockElement);
-
- // send soap request
- Element mandateIssueResponseElement = sendSOAPRequest(webServiceURL, mirElement);
-
- // check for error
- checkForError(mandateIssueResponseElement);
-
- // check for session id
- //String sessionId = ((Node) XPathAPI.selectSingleNode(mandateIssueResponseElement, "/mis:MandateIssueResponse/mis:SessionID/text()", NS_NODE)).getNodeValue();
- Node sessionIdNode = ((Node) XPathAPI.selectSingleNode(mandateIssueResponseElement, "//mis:MandateIssueResponse/mis:SessionID/text()", NS_NODE));
- if (sessionIdNode == null) {
- throw new MISSimpleClientException("SessionId not found in response.");
- }
- String sessionId = sessionIdNode.getNodeValue();
-
- Node guiRedirectURLNode = ((Node) XPathAPI.selectSingleNode(mandateIssueResponseElement, "//mis:MandateIssueResponse/mis:GuiRedirectURL/text()", NS_NODE));
- if (guiRedirectURLNode == null) {
- throw new MISSimpleClientException("GuiRedirectURL not found in response.");
- }
- String guiRedirectURL = guiRedirectURLNode.getNodeValue();
-
- // create return object
- MISSessionId msid = new MISSessionId();
- msid.setSessiondId(sessionId);
- msid.setRedirectURL(guiRedirectURL);
-
- return msid;
- } catch (ParserConfigurationException e) {
- throw new MISSimpleClientException("service.06", e);
- } catch (DOMException e) {
- throw new MISSimpleClientException("service.06", e);
- } catch (TransformerException e) {
- throw new MISSimpleClientException("service.06", e);
- }
-
- }
-
- private static void checkForError(Element mandateIssueResponseElement) throws MISSimpleClientException {
- if (mandateIssueResponseElement == null) {
- throw new NullPointerException("Argument mandateIssueResponseElement must not be null.");
- }
- try {
- Element errorElement = (Element) XPathAPI.selectSingleNode(mandateIssueResponseElement, "//mis:MandateIssueResponse/mis:Error", NS_NODE);
- if (errorElement != null) {
- String code = ((Node) XPathAPI.selectSingleNode(mandateIssueResponseElement, "//mis:MandateIssueResponse/mis:Error/mis:Code/text()", NS_NODE)).getNodeValue();
- String text = ((Node) XPathAPI.selectSingleNode(mandateIssueResponseElement, "//mis:MandateIssueResponse/mis:Error/mis:Text/text()", NS_NODE)).getNodeValue();
- throw new MISSimpleClientException("service.05", code, text); }
-
- } catch (TransformerException e) {
- throw new MISSimpleClientException("auth.15", e);
- }
- }
-
- private static Element sendSOAPRequest(String webServiceURL, Element request) throws MISSimpleClientException {
-
-// try {
-// System.out.println("REQUEST-MIS: \n" + DOMUtils.serializeNode(request));
-// } catch (TransformerException e1) {
-// e1.printStackTrace();
-// } catch (IOException e1) {
-// e1.printStackTrace();
-// }
-
- if (webServiceURL == null) {
- throw new NullPointerException("Argument webServiceURL must not be null.");
- }
- if (request == null) {
- throw new NullPointerException("Argument request must not be null.");
- }
- try {
- HttpClient httpclient = HttpClientWithProxySupport.getHttpClient();
- PostMethod post = new PostMethod(webServiceURL);
- StringRequestEntity re = new StringRequestEntity(DOMUtils.serializeNode(packIntoSOAP(request)),"text/xml", "UTF-8");
- post.setRequestEntity(re);
- int responseCode = httpclient.executeMethod(post);
-
- if (responseCode != 200) {
- throw new MISSimpleClientException("Invalid HTTP response code " + responseCode);
- }
- //Element elem = parse(post.getResponseBodyAsStream());
- Document doc = DOMUtils.parseDocumentSimple(post.getResponseBodyAsStream());
- return unpackFromSOAP(doc.getDocumentElement());
-
- } catch(IOException e) {
- throw new MISSimpleClientException("service.04", e);
-
- } catch (TransformerException e) {
- throw new MISSimpleClientException("service.06", e);
-
- } catch (SAXException e) {
- throw new MISSimpleClientException("service.06", e);
-
- } catch (ParserConfigurationException e) {
- throw new MISSimpleClientException("service.06", e);
-
- } catch (Exception e) {
- throw new MISSimpleClientException("service.06", e);
-
- }
-
- }
-
- private static Element packIntoSOAP(Element element) throws MISSimpleClientException {
- try {
- Document doc = DocumentBuilderFactory.newInstance().newDocumentBuilder().newDocument();
- Element soapEnvelope = doc.createElement("Envelope");
- soapEnvelope.setAttribute("xmlns", SOAP_NS);
- Element soapBody = doc.createElement("Body");
- soapEnvelope.appendChild(soapBody);
- soapBody.appendChild(doc.importNode(element, true));
- return soapEnvelope;
- } catch(ParserConfigurationException e) {
- throw new MISSimpleClientException("service.06", e);
- }
- }
-
- private static Element unpackFromSOAP(Element element) throws MISSimpleClientException {
- try {
- return (Element) XPathAPI.selectSingleNode(element, "/soap:Envelope/soap:Body/child::*[position()=1]", NS_NODE);
- } catch(TransformerException e) {
- throw new MISSimpleClientException("service.06", e);
- }
- }
-}
+/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + ******************************************************************************/ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.id.util.client.mis.simple; + +import java.io.IOException; +import java.util.ArrayList; +import java.util.List; + +import javax.net.ssl.SSLSocketFactory; +import javax.xml.parsers.DocumentBuilderFactory; +import javax.xml.parsers.ParserConfigurationException; +import javax.xml.transform.TransformerException; + +import org.apache.commons.codec.binary.Base64; +import org.apache.commons.httpclient.HostConfiguration; +import org.apache.commons.httpclient.HttpClient; +import org.apache.commons.httpclient.methods.PostMethod; +import org.apache.commons.httpclient.methods.StringRequestEntity; +import org.apache.commons.httpclient.protocol.Protocol; +import org.apache.xpath.XPathAPI; +import org.w3c.dom.DOMException; +import org.w3c.dom.Document; +import org.w3c.dom.Element; +import org.w3c.dom.Node; +import org.w3c.dom.NodeList; +import org.xml.sax.SAXException; + +import at.gv.egovernment.moa.id.auth.exception.MISSimpleClientException; +import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.SZRGWSecureSocketFactory; +import at.gv.egovernment.moa.id.commons.utils.HttpClientWithProxySupport; +import at.gv.egovernment.moa.id.data.MISMandate; +import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.DOMUtils; +import at.gv.egovernment.moa.util.StringUtils; + + +public class MISSimpleClient { + + + private final static String SOAP_NS = "http://schemas.xmlsoap.org/soap/envelope/"; + private final static String MIS_NS = "http://reference.e-government.gv.at/namespace/mandates/mis/1.0/xsd"; + + private static Element NS_NODE = null; + + + static { + try { + NS_NODE = DocumentBuilderFactory.newInstance().newDocumentBuilder().newDocument().createElement("test"); + NS_NODE.setAttribute("xmlns:soap", SOAP_NS); + NS_NODE.setAttribute("xmlns:mis", MIS_NS); + } catch (Exception e) { + Logger.warn("Error initializing namespace node.", e); + } + } + + public static List<MISMandate> sendGetMandatesRequest(String webServiceURL, String sessionId, SSLSocketFactory sSLSocketFactory) throws MISSimpleClientException { + if (webServiceURL == null) { + throw new NullPointerException("Argument webServiceURL must not be null."); + } + if (sessionId == null) { + throw new NullPointerException("Argument sessionId must not be null."); + } + + // ssl settings + if (sSLSocketFactory != null) { + SZRGWSecureSocketFactory fac = new SZRGWSecureSocketFactory(sSLSocketFactory); + Protocol.registerProtocol("https", new Protocol("https", fac, 443)); + } + + + try { + Document doc = DocumentBuilderFactory.newInstance().newDocumentBuilder().newDocument(); + Element mirElement = doc.createElementNS(MIS_NS, "MandateIssueRequest"); + Element sessionIdElement = doc.createElementNS(MIS_NS, "SessionID"); + sessionIdElement.appendChild(doc.createTextNode(sessionId)); + mirElement.appendChild(sessionIdElement); + + // send soap request + Element mandateIssueResponseElement = sendSOAPRequest(webServiceURL, mirElement); + + // check for error + checkForError(mandateIssueResponseElement); + + // check for session id + NodeList mandateElements = XPathAPI.selectNodeList(mandateIssueResponseElement, "//mis:MandateIssueResponse/mis:Mandates/mis:Mandate", NS_NODE); + + if (mandateElements == null || mandateElements.getLength() == 0) { + throw new MISSimpleClientException("No mandates found in response."); + } + + ArrayList<MISMandate> foundMandates = new ArrayList<MISMandate>(); + for (int i=0; i<mandateElements.getLength(); i++) { + Element mandate = (Element) mandateElements.item(i); + + MISMandate misMandate = new MISMandate(); + if (mandate.hasAttribute("ProfessionalRepresentative")) { +// System.out.println("OID: " + mandate.getAttribute("ProfessionalRepresentative")); + misMandate.setProfRep(mandate.getAttribute("ProfessionalRepresentative")); + } + if (mandate.hasAttribute("OWbPK")) { + misMandate.setOWbPK(mandate.getAttribute("OWbPK")); +// System.out.println("OWBPK: " + mandate.getAttribute("OWbPK")); + } + + //misMandate.setMandate(Base64.decodeBase64(DOMUtils.getText(mandate))); + misMandate.setMandate(Base64.decodeBase64(DOMUtils.getText(mandate).getBytes())); + misMandate.setFullMandateIncluded(true); + + foundMandates.add(misMandate); + } + return foundMandates; + } catch (ParserConfigurationException e) { + throw new MISSimpleClientException("service.06", e); + } catch (DOMException e) { + throw new MISSimpleClientException("service.06", e); + } catch (TransformerException e) { + throw new MISSimpleClientException("service.06", e); + } + } + + public static MISSessionId sendSessionIdRequest(String webServiceURL, byte[] idl, byte[] cert, String oaFriendlyName, String redirectURL, String referenceValue, List<String> mandateIdentifier, String targetType, byte[] authBlock, SSLSocketFactory sSLSocketFactory) throws MISSimpleClientException { + if (webServiceURL == null) { + throw new MISSimpleClientException("service.04"); + } + if (idl == null) { + throw new NullPointerException("Argument idl must not be null."); + } + if (redirectURL == null) { + throw new NullPointerException("Argument redirectURL must not be null."); + } + + // ssl settings + if (sSLSocketFactory != null) { + SZRGWSecureSocketFactory fac = new SZRGWSecureSocketFactory(sSLSocketFactory); + Protocol.registerProtocol("https", new Protocol("https", fac, 443)); + } + + try { + Document doc = DocumentBuilderFactory.newInstance().newDocumentBuilder().newDocument(); + Element mirElement = doc.createElementNS(MIS_NS, "MandateIssueRequest"); + Element idlElement = doc.createElementNS(MIS_NS, "IdentityLink"); + + + idlElement.appendChild(doc.createTextNode(new String(Base64.encodeBase64(idl)))); + mirElement.appendChild(idlElement); + + if (cert != null && cert.length > 0) { + Element certElement = doc.createElementNS(MIS_NS, "X509SignatureCertificate"); + certElement.appendChild(doc.createTextNode(new String(Base64.encodeBase64(cert)))); + //certElement.appendChild(doc.createTextNode(Base64.encodeBase64(cert))); + // certElement.appendChild(doc.createTextNode(new String(Base64.encodeBase64(cert)))); + mirElement.appendChild(certElement); + } + + if (!StringUtils.isEmpty(oaFriendlyName)) { + Element oaFriendlyNameElement = doc.createElementNS(MIS_NS, "OAFriendlyName"); + oaFriendlyNameElement.appendChild(doc.createTextNode(oaFriendlyName)); + mirElement.appendChild(oaFriendlyNameElement); + } + + Element redirectElement = doc.createElementNS(MIS_NS, "RedirectURL"); + redirectElement.appendChild(doc.createTextNode(redirectURL)); + mirElement.appendChild(redirectElement); + + Element referenceValueElement = doc.createElementNS(MIS_NS, "ReferenceValue"); + referenceValueElement.appendChild(doc.createTextNode(referenceValue)); + mirElement.appendChild(referenceValueElement); + + if (mandateIdentifier != null && mandateIdentifier.size() > 0) { + Element filtersElement = doc.createElementNS(MIS_NS, "Filters"); + Element mandateIdentifiersElement = doc.createElementNS(MIS_NS, "MandateIdentifiers"); + for (int i=0; i<mandateIdentifier.size(); i++) { + Element mandateIdentifierElement = doc.createElementNS(MIS_NS, "MandateIdentifier"); + mandateIdentifierElement.appendChild(doc.createTextNode(mandateIdentifier.get(i))); + mandateIdentifiersElement.appendChild(mandateIdentifierElement); + } + filtersElement.appendChild(mandateIdentifiersElement); + mirElement.appendChild(filtersElement); + } + + //add Target element + Element targetElement = doc.createElementNS(MIS_NS, "Target"); + Element targetTypeElement = doc.createElementNS(MIS_NS, "Type"); + targetTypeElement.appendChild(doc.createTextNode(targetType)); + targetElement.appendChild(targetTypeElement); + mirElement.appendChild(targetElement); + + //add AuthBlock element + Element authBlockElement = doc.createElementNS(MIS_NS, "authBlock"); + authBlockElement.appendChild(doc.createTextNode(new String(Base64.encodeBase64(authBlock)))); + mirElement.appendChild(authBlockElement); + + // send soap request + Element mandateIssueResponseElement = sendSOAPRequest(webServiceURL, mirElement); + + // check for error + checkForError(mandateIssueResponseElement); + + // check for session id + //String sessionId = ((Node) XPathAPI.selectSingleNode(mandateIssueResponseElement, "/mis:MandateIssueResponse/mis:SessionID/text()", NS_NODE)).getNodeValue(); + Node sessionIdNode = ((Node) XPathAPI.selectSingleNode(mandateIssueResponseElement, "//mis:MandateIssueResponse/mis:SessionID/text()", NS_NODE)); + if (sessionIdNode == null) { + throw new MISSimpleClientException("SessionId not found in response."); + } + String sessionId = sessionIdNode.getNodeValue(); + + Node guiRedirectURLNode = ((Node) XPathAPI.selectSingleNode(mandateIssueResponseElement, "//mis:MandateIssueResponse/mis:GuiRedirectURL/text()", NS_NODE)); + if (guiRedirectURLNode == null) { + throw new MISSimpleClientException("GuiRedirectURL not found in response."); + } + String guiRedirectURL = guiRedirectURLNode.getNodeValue(); + + // create return object + MISSessionId msid = new MISSessionId(); + msid.setSessiondId(sessionId); + msid.setRedirectURL(guiRedirectURL); + + return msid; + } catch (ParserConfigurationException e) { + throw new MISSimpleClientException("service.06", e); + } catch (DOMException e) { + throw new MISSimpleClientException("service.06", e); + } catch (TransformerException e) { + throw new MISSimpleClientException("service.06", e); + } + + } + + private static void checkForError(Element mandateIssueResponseElement) throws MISSimpleClientException { + if (mandateIssueResponseElement == null) { + throw new NullPointerException("Argument mandateIssueResponseElement must not be null."); + } + try { + Element errorElement = (Element) XPathAPI.selectSingleNode(mandateIssueResponseElement, "//mis:MandateIssueResponse/mis:Error", NS_NODE); + if (errorElement != null) { + String code = ((Node) XPathAPI.selectSingleNode(mandateIssueResponseElement, "//mis:MandateIssueResponse/mis:Error/mis:Code/text()", NS_NODE)).getNodeValue(); + String text = ((Node) XPathAPI.selectSingleNode(mandateIssueResponseElement, "//mis:MandateIssueResponse/mis:Error/mis:Text/text()", NS_NODE)).getNodeValue(); + throw new MISSimpleClientException("service.05", code, text); } + + } catch (TransformerException e) { + throw new MISSimpleClientException("auth.15", e); + } + } + + private static Element sendSOAPRequest(String webServiceURL, Element request) throws MISSimpleClientException { + +// try { +// System.out.println("REQUEST-MIS: \n" + DOMUtils.serializeNode(request)); +// } catch (TransformerException e1) { +// e1.printStackTrace(); +// } catch (IOException e1) { +// e1.printStackTrace(); +// } + + if (webServiceURL == null) { + throw new NullPointerException("Argument webServiceURL must not be null."); + } + if (request == null) { + throw new NullPointerException("Argument request must not be null."); + } + try { + HttpClient httpclient = HttpClientWithProxySupport.getHttpClient(); + PostMethod post = new PostMethod(webServiceURL); + StringRequestEntity re = new StringRequestEntity(DOMUtils.serializeNode(packIntoSOAP(request)),"text/xml", "UTF-8"); + post.setRequestEntity(re); + int responseCode = httpclient.executeMethod(post); + + if (responseCode != 200) { + throw new MISSimpleClientException("Invalid HTTP response code " + responseCode); + } + //Element elem = parse(post.getResponseBodyAsStream()); + Document doc = DOMUtils.parseDocumentSimple(post.getResponseBodyAsStream()); + return unpackFromSOAP(doc.getDocumentElement()); + + } catch(IOException e) { + throw new MISSimpleClientException("service.04", e); + + } catch (TransformerException e) { + throw new MISSimpleClientException("service.06", e); + + } catch (SAXException e) { + throw new MISSimpleClientException("service.06", e); + + } catch (ParserConfigurationException e) { + throw new MISSimpleClientException("service.06", e); + + } catch (Exception e) { + throw new MISSimpleClientException("service.06", e); + + } + + } + + private static Element packIntoSOAP(Element element) throws MISSimpleClientException { + try { + Document doc = DocumentBuilderFactory.newInstance().newDocumentBuilder().newDocument(); + Element soapEnvelope = doc.createElement("Envelope"); + soapEnvelope.setAttribute("xmlns", SOAP_NS); + Element soapBody = doc.createElement("Body"); + soapEnvelope.appendChild(soapBody); + soapBody.appendChild(doc.importNode(element, true)); + return soapEnvelope; + } catch(ParserConfigurationException e) { + throw new MISSimpleClientException("service.06", e); + } + } + + private static Element unpackFromSOAP(Element element) throws MISSimpleClientException { + try { + return (Element) XPathAPI.selectSingleNode(element, "/soap:Envelope/soap:Body/child::*[position()=1]", NS_NODE); + } catch(TransformerException e) { + throw new MISSimpleClientException("service.06", e); + } + } +} diff --git a/id/server/idserverlib/src/main/resources/META-INF/services/at.gv.egovernment.moa.id.auth.modules.AuthModule b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/resources/META-INF/services/at.gv.egovernment.moa.id.auth.modules.AuthModule index 865096055..865096055 100644 --- a/id/server/idserverlib/src/main/resources/META-INF/services/at.gv.egovernment.moa.id.auth.modules.AuthModule +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/resources/META-INF/services/at.gv.egovernment.moa.id.auth.modules.AuthModule diff --git a/id/server/idserverlib/src/main/resources/at/gv/egovernment/moa/id/auth/modules/internal/DefaultAuthentication.process.xml b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/resources/at/gv/egovernment/moa/id/auth/modules/internal/DefaultAuthentication.process.xml index 31f8f68b6..e9e95e922 100644 --- a/id/server/idserverlib/src/main/resources/at/gv/egovernment/moa/id/auth/modules/internal/DefaultAuthentication.process.xml +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/resources/at/gv/egovernment/moa/id/auth/modules/internal/DefaultAuthentication.process.xml @@ -1,50 +1,50 @@ -<?xml version="1.0" encoding="UTF-8"?>
-<pd:ProcessDefinition id="DefaultAuthentication" xmlns:pd="http://reference.e-government.gv.at/namespace/moa/process/definition/v1">
-
-<!--
- - National authentication with Austrian Citizen Card and mobile signature with our without mandate.
- - Legacy authentication for foreign citizens using MOCCA supported signature cards.
--->
- <pd:Task id="createIdentityLinkForm" class="at.gv.egovernment.moa.id.auth.modules.internal.tasks.CreateIdentityLinkFormTask" />
- <pd:Task id="verifyIdentityLink" class="at.gv.egovernment.moa.id.auth.modules.internal.tasks.VerifyIdentityLinkTask" async="true" />
- <pd:Task id="verifyAuthBlock" class="at.gv.egovernment.moa.id.auth.modules.internal.tasks.VerifyAuthenticationBlockTask" async="true" />
- <pd:Task id="verifyCertificate" class="at.gv.egovernment.moa.id.auth.modules.internal.tasks.VerifyCertificateTask" async="true" />
- <pd:Task id="getMISMandate" class="at.gv.egovernment.moa.id.auth.modules.internal.tasks.GetMISSessionIDTask" async="true" />
- <pd:Task id="certificateReadRequest" class="at.gv.egovernment.moa.id.auth.modules.internal.tasks.CertificateReadRequestTask" />
- <pd:Task id="prepareAuthBlockSignature" class="at.gv.egovernment.moa.id.auth.modules.internal.tasks.PrepareAuthBlockSignatureTask" />
- <pd:Task id="prepareGetMISMandate" class="at.gv.egovernment.moa.id.auth.modules.internal.tasks.PrepareGetMISMandateTask" />
- <pd:Task id="finalizeAuthentication" class="at.gv.egovernment.moa.id.auth.modules.internal.tasks.FinalizeAuthenticationTask" />
- <pd:Task id="getForeignID" class="at.gv.egovernment.moa.id.auth.modules.internal.tasks.GetForeignIDTask" async="true" />
-
- <!-- Process is triggered either by GenerateIFrameTemplateServlet (upon bku selection) or by AuthenticationManager (upon legacy authentication start using legacy parameters. -->
- <pd:StartEvent id="start" />
-
- <pd:Transition from="start" to="createIdentityLinkForm" />
-
- <pd:Transition from="createIdentityLinkForm" to="verifyIdentityLink" />
-
- <pd:Transition from="verifyIdentityLink" to="certificateReadRequest" conditionExpression="!ctx['identityLinkAvailable'] || ctx['useMandate']" />
- <pd:Transition from="verifyIdentityLink" to="prepareAuthBlockSignature" />
-
- <pd:Transition from="prepareAuthBlockSignature" to="verifyAuthBlock" />
- <!-- Note: verifyAuthBlock still creates a MIS session and redirects the user to the MIS gui. This should be separated from the auth block verification. -->
-
- <pd:Transition from="certificateReadRequest" to="verifyCertificate" />
- <!-- Note: verifyCertificate still creates the auth block to be signed which should be separated from certificat verification. -->
-
- <pd:Transition from="verifyCertificate" to="verifyAuthBlock" conditionExpression="ctx['useMandate']" />
- <pd:Transition from="verifyCertificate" to="getForeignID" />
-
- <pd:Transition from="verifyAuthBlock" to="prepareGetMISMandate" conditionExpression="ctx['useMandate']" />
- <pd:Transition from="verifyAuthBlock" to="finalizeAuthentication" />
-
- <pd:Transition from="prepareGetMISMandate" to="getMISMandate" />
-
- <pd:Transition from="getMISMandate" to="finalizeAuthentication" />
- <pd:Transition from="getForeignID" to="finalizeAuthentication" />
-
- <pd:Transition from="finalizeAuthentication" to="end" />
-
- <pd:EndEvent id="end" />
-
-</pd:ProcessDefinition>
+<?xml version="1.0" encoding="UTF-8"?> +<pd:ProcessDefinition id="DefaultAuthentication" xmlns:pd="http://reference.e-government.gv.at/namespace/moa/process/definition/v1"> + +<!-- + - National authentication with Austrian Citizen Card and mobile signature with our without mandate. + - Legacy authentication for foreign citizens using MOCCA supported signature cards. +--> + <pd:Task id="createIdentityLinkForm" class="at.gv.egovernment.moa.id.auth.modules.internal.tasks.CreateIdentityLinkFormTask" /> + <pd:Task id="verifyIdentityLink" class="at.gv.egovernment.moa.id.auth.modules.internal.tasks.VerifyIdentityLinkTask" async="true" /> + <pd:Task id="verifyAuthBlock" class="at.gv.egovernment.moa.id.auth.modules.internal.tasks.VerifyAuthenticationBlockTask" async="true" /> + <pd:Task id="verifyCertificate" class="at.gv.egovernment.moa.id.auth.modules.internal.tasks.VerifyCertificateTask" async="true" /> + <pd:Task id="getMISMandate" class="at.gv.egovernment.moa.id.auth.modules.internal.tasks.GetMISSessionIDTask" async="true" /> + <pd:Task id="certificateReadRequest" class="at.gv.egovernment.moa.id.auth.modules.internal.tasks.CertificateReadRequestTask" /> + <pd:Task id="prepareAuthBlockSignature" class="at.gv.egovernment.moa.id.auth.modules.internal.tasks.PrepareAuthBlockSignatureTask" /> + <pd:Task id="prepareGetMISMandate" class="at.gv.egovernment.moa.id.auth.modules.internal.tasks.PrepareGetMISMandateTask" /> + <pd:Task id="finalizeAuthentication" class="at.gv.egovernment.moa.id.auth.modules.internal.tasks.FinalizeAuthenticationTask" /> + <pd:Task id="getForeignID" class="at.gv.egovernment.moa.id.auth.modules.internal.tasks.GetForeignIDTask" async="true" /> + + <!-- Process is triggered either by GenerateIFrameTemplateServlet (upon bku selection) or by AuthenticationManager (upon legacy authentication start using legacy parameters. --> + <pd:StartEvent id="start" /> + + <pd:Transition from="start" to="createIdentityLinkForm" /> + + <pd:Transition from="createIdentityLinkForm" to="verifyIdentityLink" /> + + <pd:Transition from="verifyIdentityLink" to="certificateReadRequest" conditionExpression="!ctx['identityLinkAvailable'] || ctx['useMandate']" /> + <pd:Transition from="verifyIdentityLink" to="prepareAuthBlockSignature" /> + + <pd:Transition from="prepareAuthBlockSignature" to="verifyAuthBlock" /> + <!-- Note: verifyAuthBlock still creates a MIS session and redirects the user to the MIS gui. This should be separated from the auth block verification. --> + + <pd:Transition from="certificateReadRequest" to="verifyCertificate" /> + <!-- Note: verifyCertificate still creates the auth block to be signed which should be separated from certificat verification. --> + + <pd:Transition from="verifyCertificate" to="verifyAuthBlock" conditionExpression="ctx['useMandate']" /> + <pd:Transition from="verifyCertificate" to="getForeignID" /> + + <pd:Transition from="verifyAuthBlock" to="prepareGetMISMandate" conditionExpression="ctx['useMandate']" /> + <pd:Transition from="verifyAuthBlock" to="finalizeAuthentication" /> + + <pd:Transition from="prepareGetMISMandate" to="getMISMandate" /> + + <pd:Transition from="getMISMandate" to="finalizeAuthentication" /> + <pd:Transition from="getForeignID" to="finalizeAuthentication" /> + + <pd:Transition from="finalizeAuthentication" to="end" /> + + <pd:EndEvent id="end" /> + +</pd:ProcessDefinition> diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/AllTests.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/AllTests.java index d0d104d69..d0d104d69 100644 --- a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/AllTests.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/AllTests.java diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilderTest.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilderTest.java index 4c2b3ec8a..4c2b3ec8a 100644 --- a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilderTest.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilderTest.java diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureBuilderTest.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureBuilderTest.java index c133602b1..c133602b1 100644 --- a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureBuilderTest.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureBuilderTest.java diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilderTest.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilderTest.java index 7b364789b..7b364789b 100644 --- a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilderTest.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilderTest.java diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/InfoboxReadRequestBuilderTest.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/InfoboxReadRequestBuilderTest.java index ec15a209c..ec15a209c 100644 --- a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/InfoboxReadRequestBuilderTest.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/InfoboxReadRequestBuilderTest.java diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/PersonDataBuilderTest.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/PersonDataBuilderTest.java index b26fd4738..b26fd4738 100644 --- a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/PersonDataBuilderTest.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/PersonDataBuilderTest.java diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/parser/AllTests.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/test/java/test/at/gv/egovernment/moa/id/auth/parser/AllTests.java index d293ff347..d293ff347 100644 --- a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/parser/AllTests.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/test/java/test/at/gv/egovernment/moa/id/auth/parser/AllTests.java diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/parser/IdentityLinkAssertionParserTest.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/test/java/test/at/gv/egovernment/moa/id/auth/parser/IdentityLinkAssertionParserTest.java index 977764878..977764878 100644 --- a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/parser/IdentityLinkAssertionParserTest.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/test/java/test/at/gv/egovernment/moa/id/auth/parser/IdentityLinkAssertionParserTest.java diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/parser/InfoboxReadResponseParserTest.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/test/java/test/at/gv/egovernment/moa/id/auth/parser/InfoboxReadResponseParserTest.java index 8d7dee597..8d7dee597 100644 --- a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/parser/InfoboxReadResponseParserTest.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/test/java/test/at/gv/egovernment/moa/id/auth/parser/InfoboxReadResponseParserTest.java diff --git a/id/server/modules/moa-id-modules-saml1/pom.xml b/id/server/modules/moa-id-modules-saml1/pom.xml index a969098b6..26a082431 100644 --- a/id/server/modules/moa-id-modules-saml1/pom.xml +++ b/id/server/modules/moa-id-modules-saml1/pom.xml @@ -17,6 +17,12 @@ <repositoryPath>${basedir}/../../../../repository</repositoryPath> </properties> + <dependencies> + <dependency> + <groupId>MOA.id.server.modules</groupId> + <artifactId>moa-id-modul-citizencard_authentication</artifactId> + </dependency> + </dependencies> </project>
\ No newline at end of file diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilder.java b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilder.java index eeca78e60..eeca78e60 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilder.java +++ b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilder.java diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/SAMLArtifactParser.java b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/auth/parser/SAMLArtifactParser.java index 0e0b42cde..0e0b42cde 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/SAMLArtifactParser.java +++ b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/auth/parser/SAMLArtifactParser.java diff --git a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java index 2019b0d20..b94348856 100644 --- a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java +++ b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java @@ -31,7 +31,6 @@ import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute; import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; import at.gv.egovernment.moa.id.auth.servlet.RedirectServlet; -import at.gv.egovernment.moa.id.auth.stork.STORKResponseProcessor; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.data.IAuthData; @@ -73,7 +72,7 @@ public class GetArtifactAction implements IAction { // add other stork attributes to MOA assertion if available if(null != authData.getStorkAttributes()) { - List<ExtendedSAMLAttribute> moaExtendedSAMLAttibutes = STORKResponseProcessor.addAdditionalSTORKAttributes(authData.getStorkAttributes()); + List<ExtendedSAMLAttribute> moaExtendedSAMLAttibutes = SAML1AuthenticationServer.addAdditionalSTORKAttributes(authData.getStorkAttributes()); authData.getExtendedSAMLAttributesOA().addAll(moaExtendedSAMLAttibutes); Logger.info("MOA assertion assembled and SAML Artifact generated."); } diff --git a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java index e70e71d49..eb869756e 100644 --- a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java +++ b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java @@ -25,6 +25,7 @@ package at.gv.egovernment.moa.id.protocols.saml1; import java.io.ByteArrayOutputStream; import java.io.IOException; import java.util.List; +import java.util.Vector; import javax.xml.bind.JAXBContext; import javax.xml.bind.JAXBElement; @@ -33,9 +34,13 @@ import javax.xml.namespace.QName; import javax.xml.parsers.ParserConfigurationException; import javax.xml.transform.TransformerException; +import org.apache.commons.lang3.StringEscapeUtils; import org.w3c.dom.Element; import org.xml.sax.SAXException; +import eu.stork.peps.auth.commons.IPersonalAttributeList; +import eu.stork.peps.auth.commons.PersonalAttribute; + import at.gv.egovernment.moa.id.auth.AuthenticationServer; import at.gv.egovernment.moa.id.auth.builder.AuthenticationDataAssertionBuilder; import at.gv.egovernment.moa.id.auth.builder.BPKBuilder; @@ -43,6 +48,7 @@ import at.gv.egovernment.moa.id.auth.builder.PersonDataBuilder; import at.gv.egovernment.moa.id.auth.builder.SAMLArtifactBuilder; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute; +import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttributeImpl; import at.gv.egovernment.moa.id.auth.data.IdentityLink; import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; import at.gv.egovernment.moa.id.auth.exception.BuildException; @@ -120,6 +126,43 @@ public class SAML1AuthenticationServer extends AuthenticationServer { } /** + * Transforms additional STORK attributes to MOA Extended attributes + * @param iPersonalAttributeList STORK attribute list + * @return + */ + public static List<ExtendedSAMLAttribute> addAdditionalSTORKAttributes(IPersonalAttributeList iPersonalAttributeList) { + List<ExtendedSAMLAttribute> moaExtendedSAMLAttributeList = new Vector<ExtendedSAMLAttribute>(); + + if(null == iPersonalAttributeList) + return moaExtendedSAMLAttributeList; + + Logger.trace("Adding the following attributes to MOA assertion: "); + int count = 0; + + for (PersonalAttribute attribute : iPersonalAttributeList) { + Object attributeValue = attribute.getValue(); + if (null == attributeValue) + attributeValue = attribute.getComplexValue(); + + // escape attributeValue + attributeValue = StringEscapeUtils.escapeXml10(attributeValue.toString()); + // and remove trailing and tailing brackets. Might break something but we never saw an array with more than one entry! + attributeValue = ((String) attributeValue).substring(1, ((String) attributeValue).length() - 1); + + ExtendedSAMLAttribute extendedSAMLAttribute = + new ExtendedSAMLAttributeImpl(attribute.getName(), attributeValue, Constants.STORK_NS_URI, 0); + moaExtendedSAMLAttributeList.add(extendedSAMLAttribute); + count++; + Logger.trace("Additional attribute: " + attribute.getName()); + } + + Logger.debug("Added " + count + " STORK attribute(s) to the MOA assertion."); + + return moaExtendedSAMLAttributeList; + } + + + /** * Retrieves <code>AuthenticationData</code> indexed by the SAML artifact. * The <code>AuthenticationData</code> is deleted from the store upon end of * this call. diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilderTest.java b/id/server/modules/moa-id-modules-saml1/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilderTest.java index ebdec6d22..ebdec6d22 100644 --- a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilderTest.java +++ b/id/server/modules/moa-id-modules-saml1/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilderTest.java diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/parser/SAMLArtifactParserTest.java b/id/server/modules/moa-id-modules-saml1/src/test/java/test/at/gv/egovernment/moa/id/auth/parser/SAMLArtifactParserTest.java index 961c8d0b5..961c8d0b5 100644 --- a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/parser/SAMLArtifactParserTest.java +++ b/id/server/modules/moa-id-modules-saml1/src/test/java/test/at/gv/egovernment/moa/id/auth/parser/SAMLArtifactParserTest.java diff --git a/id/server/modules/module-monitoring/pom.xml b/id/server/modules/module-monitoring/pom.xml index 60ab6b6c0..0718f9017 100644 --- a/id/server/modules/module-monitoring/pom.xml +++ b/id/server/modules/module-monitoring/pom.xml @@ -8,9 +8,7 @@ <version>${moa-id-version}</version> </parent> - <groupId>MOA.id.server.modules</groupId> <artifactId>moa-id-module-monitoring</artifactId> - <version>${moa-id-version}</version> <packaging>jar</packaging> <name>MOA ID-Module Monitoring</name> @@ -19,4 +17,11 @@ <repositoryPath>${basedir}/../../../../repository</repositoryPath> </properties> + <dependencies> + <dependency> + <groupId>MOA.id.server.modules</groupId> + <artifactId>moa-id-modul-citizencard_authentication</artifactId> + </dependency> + </dependencies> + </project> diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/CreateStorkAuthRequestFormTask.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/CreateStorkAuthRequestFormTask.java index 06dfc95d3..a8792cd8f 100644 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/CreateStorkAuthRequestFormTask.java +++ b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/CreateStorkAuthRequestFormTask.java @@ -43,9 +43,8 @@ import eu.stork.peps.auth.commons.STORKAuthnRequest; import eu.stork.peps.auth.engine.STORKSAMLEngine;
import eu.stork.peps.exceptions.STORKSAMLEngineException;
-import at.gv.egovernment.moa.id.auth.AuthenticationServer;
+import at.gv.egovernment.moa.id.auth.BaseAuthenticationServer;
import at.gv.egovernment.moa.id.auth.builder.CreateXMLSignatureRequestBuilder;
-import at.gv.egovernment.moa.id.auth.builder.StartAuthenticationBuilder;
import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
@@ -62,7 +61,6 @@ import at.gv.egovernment.moa.id.config.stork.STORKConfig; import at.gv.egovernment.moa.id.config.stork.StorkAttribute;
import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
-import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventLog;
import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger;
import at.gv.egovernment.moa.id.moduls.IRequest;
import at.gv.egovernment.moa.id.moduls.RequestStorage;
@@ -123,7 +121,7 @@ public class CreateStorkAuthRequestFormTask extends AbstractAuthServletTask { if (!ParamValidatorUtils.isValidSessionID(sessionID)) {
throw new WrongParametersException("CreateStorkAuthRequestFormTask", PARAM_SESSIONID, "auth.12");
}
- AuthenticationSession moasession = AuthenticationServer.getSession(sessionID);
+ AuthenticationSession moasession = BaseAuthenticationServer.getSession(sessionID);
pendingRequestID = AuthenticationSessionStoreage.getPendingRequestID(sessionID);
IRequest pendingReq = RequestStorage.getPendingRequest(pendingRequestID);
diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorHandleLocalSignResponseTask.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorHandleLocalSignResponseTask.java index a631489be..7b9fa3f12 100644 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorHandleLocalSignResponseTask.java +++ b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorHandleLocalSignResponseTask.java @@ -19,7 +19,7 @@ import org.apache.velocity.app.VelocityEngine; import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger;
-import at.gv.egovernment.moa.id.auth.AuthenticationServer;
+import at.gv.egovernment.moa.id.auth.BaseAuthenticationServer;
import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder;
import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
@@ -112,7 +112,7 @@ public class PepsConnectorHandleLocalSignResponseTask extends AbstractPepsConnec try {
// load MOASession from database
- AuthenticationSession moaSession = AuthenticationServer.getSession(moaSessionID);
+ AuthenticationSession moaSession = BaseAuthenticationServer.getSession(moaSessionID);
// change MOASessionID
moaSessionID = AuthenticationSessionStoreage.changeSessionID(moaSession);
diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorHandleResponseWithoutSignatureTask.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorHandleResponseWithoutSignatureTask.java index d16719b3b..304e5f495 100644 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorHandleResponseWithoutSignatureTask.java +++ b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorHandleResponseWithoutSignatureTask.java @@ -21,7 +21,7 @@ import org.apache.velocity.VelocityContext; import org.apache.velocity.app.VelocityEngine;
import org.opensaml.saml2.core.StatusCode;
-import at.gv.egovernment.moa.id.auth.AuthenticationServer;
+import at.gv.egovernment.moa.id.auth.BaseAuthenticationServer;
import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder;
import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
@@ -187,7 +187,7 @@ public class PepsConnectorHandleResponseWithoutSignatureTask extends AbstractPep pendingRequestID = AuthenticationSessionStoreage.getPendingRequestID(moaSessionID);
// load MOASession from database
- AuthenticationSession moaSession = AuthenticationServer.getSession(moaSessionID);
+ AuthenticationSession moaSession = BaseAuthenticationServer.getSession(moaSessionID);
// change MOASessionID
moaSessionID = AuthenticationSessionStoreage.changeSessionID(moaSession);
diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorTask.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorTask.java index 01dad4ebb..b505605ab 100644 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorTask.java +++ b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorTask.java @@ -35,7 +35,8 @@ import org.w3c.dom.Node; import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger;
-import at.gv.egovernment.moa.id.auth.AuthenticationServer;
+
+import at.gv.egovernment.moa.id.auth.BaseAuthenticationServer;
import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder;
import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
import at.gv.egovernment.moa.id.auth.data.IdentityLink;
@@ -225,7 +226,7 @@ public class PepsConnectorTask extends AbstractAuthServletTask { IRequest pendingReq = RequestStorage.getPendingRequest(pendingRequestID);
// load MOASession from database
- AuthenticationSession moaSession = AuthenticationServer.getSession(moaSessionID);
+ AuthenticationSession moaSession = BaseAuthenticationServer.getSession(moaSessionID);
// change MOASessionID
moaSessionID = AuthenticationSessionStoreage.changeSessionID(moaSession);
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKException.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKException.java index a91e1bc5a..79641d085 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKException.java +++ b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKException.java @@ -1,64 +1,64 @@ -/*******************************************************************************
- * Copyright 2014 Federal Chancellery Austria
- * MOA-ID has been developed in a cooperation between BRZ, the Federal
- * Chancellery Austria - ICT staff unit, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- ******************************************************************************/
-/**
- *
- */
-package at.gv.egovernment.moa.id.auth.stork;
-
-
-/**
- * Exception thrown if error occurs in STORK processing
- * @author bzwattendorfer
- *
- */
-public class STORKException extends Exception{
-
- /**
- *
- */
- private static final long serialVersionUID = 1L;
-
- public STORKException() {
- super();
-
- }
-
- public STORKException(String message, Throwable cause) {
- super(message, cause);
-
- }
-
- public STORKException(String message) {
- super(message);
-
- }
-
- public STORKException(Throwable cause) {
- super(cause);
-
- }
-
-
-
-
-}
+/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + ******************************************************************************/ +/** + * + */ +package at.gv.egovernment.moa.id.auth.stork; + + +/** + * Exception thrown if error occurs in STORK processing + * @author bzwattendorfer + * + */ +public class STORKException extends Exception{ + + /** + * + */ + private static final long serialVersionUID = 1L; + + public STORKException() { + super(); + + } + + public STORKException(String message, Throwable cause) { + super(message, cause); + + } + + public STORKException(String message) { + super(message); + + } + + public STORKException(Throwable cause) { + super(cause); + + } + + + + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java index 3809ec4bc..65a3637a9 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java +++ b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java @@ -1,323 +1,286 @@ -/*******************************************************************************
- * Copyright 2014 Federal Chancellery Austria
- * MOA-ID has been developed in a cooperation between BRZ, the Federal
- * Chancellery Austria - ICT staff unit, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- ******************************************************************************/
-/**
- *
- */
-package at.gv.egovernment.moa.id.auth.stork;
-
-import java.io.ByteArrayInputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.util.List;
-import java.util.Vector;
-
-import javax.activation.DataSource;
-import javax.xml.transform.Source;
-import javax.xml.transform.TransformerConfigurationException;
-import javax.xml.transform.TransformerException;
-import javax.xml.transform.TransformerFactoryConfigurationError;
-import javax.xml.transform.stream.StreamSource;
-
-import org.apache.commons.io.IOUtils;
-import org.apache.commons.lang3.StringEscapeUtils;
-
-import at.gv.egovernment.moa.id.auth.AuthenticationServer;
-import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute;
-import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttributeImpl;
-import at.gv.egovernment.moa.id.auth.data.IdentityLink;
-import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
-import at.gv.egovernment.moa.id.auth.exception.ParseException;
-import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser;
-import at.gv.egovernment.moa.id.client.SZRGWClientException;
-import at.gv.egovernment.moa.logging.Logger;
-import at.gv.egovernment.moa.util.Constants;
-import at.gv.egovernment.moa.util.DateTimeUtils;
-import at.gv.egovernment.moa.util.StringUtils;
-import at.gv.util.xsd.srzgw.CreateIdentityLinkResponse;
-import eu.stork.oasisdss.api.ApiUtils;
-import eu.stork.oasisdss.api.LightweightSourceResolver;
-import eu.stork.oasisdss.api.exceptions.ApiUtilsException;
-import eu.stork.oasisdss.api.exceptions.UtilsException;
-import eu.stork.oasisdss.profile.SignResponse;
-import eu.stork.peps.auth.commons.IPersonalAttributeList;
-import eu.stork.peps.auth.commons.PersonalAttribute;
-
-/**
- *
- * Handles all functionality for the processing of a STORK response
- * @author bzwattendorfer
- *
- */
-public class STORKResponseProcessor {
-
- /** OASIS DSS Namespace */
- public static final String OASIS_DSS_NS = "urn:oasis:names:tc:dss:1.0:core:schema";
-
- /** OASIS DSS Success Message */
- public static final String OASIS_DSS_SUCCESS_MSG = "urn:oasis:names:tc:dss:1.0:resultmajor:Success";
-
- /**
- * Checks for attribute.
- *
- * @param attributeName the attribute name
- * @param attributeList the attribute list
- * @return true, if successful
- */
- public static boolean hasAttribute(String attributeName, IPersonalAttributeList attributeList) {
- try {
- getAttributeValue(attributeName, attributeList);
- return true;
- } catch(STORKException e) {
- return false;
- }
- }
-
- /**
- * helper for reading attributes. Handles logging and error handling.
- *
- * @param attributeName the attribute name
- * @param attributeList the attribute list
- * @return the attribute value
- * @throws STORKException the sTORK exception
- */
- private static String getAttributeValue(String attributeName, IPersonalAttributeList attributeList) throws STORKException {
- return getAttributeValue(attributeName, attributeList, true);
- }
- public static String getAttributeValue(String attributeName, IPersonalAttributeList attributeList, boolean throwException) throws STORKException {
- try {
- String result = attributeList.get(attributeName).getValue().get(0);
- Logger.trace(attributeName + " : " + result);
- return result;
- } catch(Exception e) {
- Logger.error(attributeName + " not found in response");
- if(throwException)
- throw new STORKException(attributeName + " not found in response");
- else
- return null;
- }
- }
-
- /**
- * Handels connection to SZR-GW and returns Identity Link on success.
- *
- * @param attributeList the attribute list
- * @param oaFriendlyName the oa friendly name
- * @param targetType the target type
- * @param targetValue the target value
- * @param filters the filters
- * @param citizenSignature2
- * @return Identity Link
- * @throws STORKException the sTORK exception
- * @throws MOAIDException
- */
- public static IdentityLink connectToSZRGateway(IPersonalAttributeList attributeList, String oaFriendlyName, String targetType, String targetValue, List<String> filters, String citizenSignature) throws STORKException, MOAIDException {
- Logger.trace("Calling SZR Gateway with the following attributes:");
-
- CreateIdentityLinkResponse identityLinkResponse = null;
- IdentityLink identityLink = null;
- try {
- Logger.trace("Starting call...");
-
- // if there is no signedDoc attribute, we cannot go on
- if(citizenSignature==null || citizenSignature.length()==0)
- {
- String signResponseString = getAttributeValue("signedDoc", attributeList);
-
- //Extract signature from SIgnResponse
- Source response1 = new StreamSource(new java.io.StringReader(signResponseString));
- SignResponse dssSignResponse = ApiUtils.unmarshal(response1, SignResponse.class);
- citizenSignature = getCitizienSignatureFromSignResponse(dssSignResponse);
- }
-
- String fiscalNumber = getAttributeValue("fiscalNumber", attributeList, false);
-
- // if we have a signedDoc we test for a representation case
- // - according to stork samlengine and commons
- if(hasAttribute("mandate", attributeList)) {
- // we have a representation case
- String mandate = getAttributeValue("mandate", attributeList, false);
-
- if(!hasAttribute("dateOfBirth", attributeList)) {
- // if we get here, we have a natural person representing a legal person
- String organizationAddress = getAttributeValue("canonicalRegisteredAddress", attributeList, false);
- String organizationType = getAttributeValue("translateableType", attributeList, false);
-
- identityLinkResponse = AuthenticationServer.getInstance().getIdentityLink(citizenSignature, null, null, mandate, organizationAddress, organizationType, targetType, targetValue, oaFriendlyName, filters, fiscalNumber);
- } else {
- // if we get here, we have a natural person representing another natural person
- String eIdentifier = getAttributeValue("eIdentifier", attributeList, false);
- String givenName = getAttributeValue("givenName", attributeList, false);
- String lastName = getAttributeValue("surname", attributeList, false);
- String dateOfBirth = getAttributeValue("dateOfBirth", attributeList, false);
-
- // gender attribute is mandatory here because of some legal stuff
- String gender = getAttributeValue("gender", attributeList, false);
-
- if (!StringUtils.isEmpty(dateOfBirth))
- dateOfBirth = DateTimeUtils.formatPEPSDateToMOADate(dateOfBirth);
-
- identityLinkResponse = AuthenticationServer.getInstance().getIdentityLink(eIdentifier,
- givenName, lastName, dateOfBirth, gender, citizenSignature, null,
- null, mandate, targetType, targetValue, oaFriendlyName, filters, fiscalNumber);
- }
- }
- // - according to stork spec
- else if(hasAttribute("mandateContent", attributeList) || hasAttribute("representative", attributeList) || hasAttribute("represented", attributeList)) {
- // we have a representation case
- String representative = getAttributeValue("representative", attributeList, false);
- String represented = getAttributeValue("represented", attributeList, false);
- String mandate = getAttributeValue("mandateContent", attributeList, false);
-
- if(!hasAttribute("dateOfBirth", attributeList)) {
- // if we get here, we have a natural person representing a legal person
- String organizationAddress = getAttributeValue("canonicalRegisteredAddress", attributeList, false);
- String organizationType = getAttributeValue("translateableType", attributeList, false);
-
- identityLinkResponse = AuthenticationServer.getInstance().getIdentityLink(citizenSignature, representative, represented, mandate, organizationAddress, organizationType, targetType, targetValue, oaFriendlyName, filters, fiscalNumber);
- } else {
- // if we get here, we have a natural person representing another natural person
- String eIdentifier = getAttributeValue("eIdentifier", attributeList, false);
- String givenName = getAttributeValue("givenName", attributeList, false);
- String lastName = getAttributeValue("surname", attributeList, false);
- String dateOfBirth = getAttributeValue("dateOfBirth", attributeList, false);
-
- // gender attribute is mandatory here because of some legal stuff
- String gender = getAttributeValue("gender", attributeList, false);
-
- if (!StringUtils.isEmpty(dateOfBirth))
- dateOfBirth = DateTimeUtils.formatPEPSDateToMOADate(dateOfBirth);
-
- identityLinkResponse = AuthenticationServer.getInstance().getIdentityLink(eIdentifier,
- givenName, lastName, dateOfBirth, gender, citizenSignature, representative,
- represented, mandate, targetType, targetValue, oaFriendlyName, filters, fiscalNumber);
- }
- } else {
- // we do not have a representation case
- String eIdentifier = getAttributeValue("eIdentifier", attributeList, false);
- String givenName = getAttributeValue("givenName", attributeList, false);
- String lastName = getAttributeValue("surname", attributeList, false);
- String dateOfBirth = getAttributeValue("dateOfBirth", attributeList, false);
- if (!StringUtils.isEmpty(dateOfBirth))
- dateOfBirth = DateTimeUtils.formatPEPSDateToMOADate(dateOfBirth);
- identityLinkResponse = AuthenticationServer.getInstance().getIdentityLink(eIdentifier, givenName, lastName, dateOfBirth, citizenSignature, fiscalNumber);
- }
-
- if (null != identityLinkResponse.getErrorResponse()){
- throw new SZRGWClientException("service.08", (String)identityLinkResponse.getErrorResponse().getErrorCode(),
- (String)identityLinkResponse.getErrorResponse().getInfo());
- }
- else {
- IdentityLinkAssertionParser ilParser = new IdentityLinkAssertionParser(new ByteArrayInputStream(identityLinkResponse.getIdentityLink()));
- identityLink = ilParser.parseIdentityLink();
-
- Logger.debug("Received Identity Link from SZR Gateway");
- //TODO: is this ok?
-// if (StringUtils.isEmpty(identityLink.getDateOfBirth())) {
-// identityLink.setDateOfBirth("9999-12-31");
-// }
-
- }
-
- } catch (ParseException e) {
- Logger.error("Error parsing IdentityLink received from SZR-Gateway: ", e);
- throw new MOAIDException("auth.25", null, e);
- } catch (ApiUtilsException e) {
- Logger.error("Error parsing IdentityLink received from SZR-Gateway: ", e);
- throw new MOAIDException("auth.25", null, e);
- } catch (IllegalArgumentException e) {
- Logger.error("Error parsing IdentityLink received from SZR-Gateway: ", e);
- throw new MOAIDException("auth.25", null, e);
- } catch (TransformerConfigurationException e) {
- Logger.error("Error parsing IdentityLink received from SZR-Gateway: ", e);
- throw new MOAIDException("auth.25", null, e);
- } catch (UtilsException e) {
- Logger.error("Error parsing IdentityLink received from SZR-Gateway: ", e);
- throw new MOAIDException("auth.25", null, e);
- } catch (TransformerException e) {
- Logger.error("Error parsing IdentityLink received from SZR-Gateway: ", e);
- throw new MOAIDException("auth.25", null, e);
- } catch (TransformerFactoryConfigurationError e) {
- Logger.error("Error parsing IdentityLink received from SZR-Gateway: ", e);
- throw new MOAIDException("auth.25", null, e);
- } catch (IOException e) {
- Logger.error("Error parsing IdentityLink received from SZR-Gateway: ", e);
- throw new MOAIDException("auth.25", null, e);
- }
-
- return identityLink;
-
- }
-
-
- /**
- * Transforms additional STORK attributes to MOA Extended attributes
- * @param iPersonalAttributeList STORK attribute list
- * @return
- */
- public static List<ExtendedSAMLAttribute> addAdditionalSTORKAttributes(IPersonalAttributeList iPersonalAttributeList) {
- List<ExtendedSAMLAttribute> moaExtendedSAMLAttributeList = new Vector<ExtendedSAMLAttribute>();
-
- if(null == iPersonalAttributeList)
- return moaExtendedSAMLAttributeList;
-
- Logger.trace("Adding the following attributes to MOA assertion: ");
- int count = 0;
-
- for (PersonalAttribute attribute : iPersonalAttributeList) {
- Object attributeValue = attribute.getValue();
- if (null == attributeValue)
- attributeValue = attribute.getComplexValue();
-
- // escape attributeValue
- attributeValue = StringEscapeUtils.escapeXml10(attributeValue.toString());
- // and remove trailing and tailing brackets. Might break something but we never saw an array with more than one entry!
- attributeValue = ((String) attributeValue).substring(1, ((String) attributeValue).length() - 1);
-
- ExtendedSAMLAttribute extendedSAMLAttribute =
- new ExtendedSAMLAttributeImpl(attribute.getName(), attributeValue, Constants.STORK_NS_URI, 0);
- moaExtendedSAMLAttributeList.add(extendedSAMLAttribute);
- count++;
- Logger.trace("Additional attribute: " + attribute.getName());
- }
-
- Logger.debug("Added " + count + " STORK attribute(s) to the MOA assertion.");
-
- return moaExtendedSAMLAttributeList;
- }
-
- private static String getCitizienSignatureFromSignResponse(SignResponse dssSignResponse) throws IllegalArgumentException, TransformerConfigurationException, UtilsException, TransformerException, TransformerFactoryConfigurationError, IOException, ApiUtilsException
- {
- // fetch signed doc
- DataSource ds = LightweightSourceResolver.getDataSource(dssSignResponse);
- if(ds == null){
- throw new ApiUtilsException("No datasource found in response");
- }
-
- InputStream incoming = ds.getInputStream();
- String citizenSignature = IOUtils.toString(incoming);
- incoming.close();
-
- return citizenSignature;
- }
-
-}
+/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + ******************************************************************************/ +/** + * + */ +package at.gv.egovernment.moa.id.auth.stork; + +import java.io.ByteArrayInputStream; +import java.io.IOException; +import java.io.InputStream; +import java.util.List; +import java.util.Vector; + +import javax.activation.DataSource; +import javax.xml.transform.Source; +import javax.xml.transform.TransformerConfigurationException; +import javax.xml.transform.TransformerException; +import javax.xml.transform.TransformerFactoryConfigurationError; +import javax.xml.transform.stream.StreamSource; + +import org.apache.commons.io.IOUtils; +import org.apache.commons.lang3.StringEscapeUtils; + +import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute; +import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttributeImpl; +import at.gv.egovernment.moa.id.auth.data.IdentityLink; +import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +import at.gv.egovernment.moa.id.auth.exception.ParseException; +import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser; +import at.gv.egovernment.moa.id.client.SZRGWClientException; +import at.gv.egovernment.moa.id.client.utils.SZRGWClientUtils; +import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.Constants; +import at.gv.egovernment.moa.util.DateTimeUtils; +import at.gv.egovernment.moa.util.StringUtils; +import at.gv.util.xsd.srzgw.CreateIdentityLinkResponse; +import eu.stork.oasisdss.api.ApiUtils; +import eu.stork.oasisdss.api.LightweightSourceResolver; +import eu.stork.oasisdss.api.exceptions.ApiUtilsException; +import eu.stork.oasisdss.api.exceptions.UtilsException; +import eu.stork.oasisdss.profile.SignResponse; +import eu.stork.peps.auth.commons.IPersonalAttributeList; +import eu.stork.peps.auth.commons.PersonalAttribute; + +/** + * + * Handles all functionality for the processing of a STORK response + * @author bzwattendorfer + * + */ +public class STORKResponseProcessor { + + /** OASIS DSS Namespace */ + public static final String OASIS_DSS_NS = "urn:oasis:names:tc:dss:1.0:core:schema"; + + /** OASIS DSS Success Message */ + public static final String OASIS_DSS_SUCCESS_MSG = "urn:oasis:names:tc:dss:1.0:resultmajor:Success"; + + /** + * Checks for attribute. + * + * @param attributeName the attribute name + * @param attributeList the attribute list + * @return true, if successful + */ + public static boolean hasAttribute(String attributeName, IPersonalAttributeList attributeList) { + try { + getAttributeValue(attributeName, attributeList); + return true; + } catch(STORKException e) { + return false; + } + } + + /** + * helper for reading attributes. Handles logging and error handling. + * + * @param attributeName the attribute name + * @param attributeList the attribute list + * @return the attribute value + * @throws STORKException the sTORK exception + */ + private static String getAttributeValue(String attributeName, IPersonalAttributeList attributeList) throws STORKException { + return getAttributeValue(attributeName, attributeList, true); + } + public static String getAttributeValue(String attributeName, IPersonalAttributeList attributeList, boolean throwException) throws STORKException { + try { + String result = attributeList.get(attributeName).getValue().get(0); + Logger.trace(attributeName + " : " + result); + return result; + } catch(Exception e) { + Logger.error(attributeName + " not found in response"); + if(throwException) + throw new STORKException(attributeName + " not found in response"); + else + return null; + } + } + + /** + * Handels connection to SZR-GW and returns Identity Link on success. + * + * @param attributeList the attribute list + * @param oaFriendlyName the oa friendly name + * @param targetType the target type + * @param targetValue the target value + * @param filters the filters + * @param citizenSignature2 + * @return Identity Link + * @throws STORKException the sTORK exception + * @throws MOAIDException + */ + public static IdentityLink connectToSZRGateway(IPersonalAttributeList attributeList, String oaFriendlyName, String targetType, String targetValue, List<String> filters, String citizenSignature) throws STORKException, MOAIDException { + Logger.trace("Calling SZR Gateway with the following attributes:"); + + CreateIdentityLinkResponse identityLinkResponse = null; + IdentityLink identityLink = null; + try { + Logger.trace("Starting call..."); + + // if there is no signedDoc attribute, we cannot go on + if(citizenSignature==null || citizenSignature.length()==0) + { + String signResponseString = getAttributeValue("signedDoc", attributeList); + + //Extract signature from SIgnResponse + Source response1 = new StreamSource(new java.io.StringReader(signResponseString)); + SignResponse dssSignResponse = ApiUtils.unmarshal(response1, SignResponse.class); + citizenSignature = getCitizienSignatureFromSignResponse(dssSignResponse); + } + + String fiscalNumber = getAttributeValue("fiscalNumber", attributeList, false); + + // if we have a signedDoc we test for a representation case + // - according to stork samlengine and commons + if(hasAttribute("mandate", attributeList)) { + // we have a representation case + String mandate = getAttributeValue("mandate", attributeList, false); + + if(!hasAttribute("dateOfBirth", attributeList)) { + // if we get here, we have a natural person representing a legal person + String organizationAddress = getAttributeValue("canonicalRegisteredAddress", attributeList, false); + String organizationType = getAttributeValue("translateableType", attributeList, false); + + identityLinkResponse = SZRGWClientUtils.getIdentityLink(citizenSignature, null, null, mandate, organizationAddress, organizationType, targetType, targetValue, oaFriendlyName, filters, fiscalNumber); + } else { + // if we get here, we have a natural person representing another natural person + String eIdentifier = getAttributeValue("eIdentifier", attributeList, false); + String givenName = getAttributeValue("givenName", attributeList, false); + String lastName = getAttributeValue("surname", attributeList, false); + String dateOfBirth = getAttributeValue("dateOfBirth", attributeList, false); + + // gender attribute is mandatory here because of some legal stuff + String gender = getAttributeValue("gender", attributeList, false); + + if (!StringUtils.isEmpty(dateOfBirth)) + dateOfBirth = DateTimeUtils.formatPEPSDateToMOADate(dateOfBirth); + + identityLinkResponse = SZRGWClientUtils.getIdentityLink(eIdentifier, + givenName, lastName, dateOfBirth, gender, citizenSignature, null, + null, mandate, targetType, targetValue, oaFriendlyName, filters, fiscalNumber); + } + } + // - according to stork spec + else if(hasAttribute("mandateContent", attributeList) || hasAttribute("representative", attributeList) || hasAttribute("represented", attributeList)) { + // we have a representation case + String representative = getAttributeValue("representative", attributeList, false); + String represented = getAttributeValue("represented", attributeList, false); + String mandate = getAttributeValue("mandateContent", attributeList, false); + + if(!hasAttribute("dateOfBirth", attributeList)) { + // if we get here, we have a natural person representing a legal person + String organizationAddress = getAttributeValue("canonicalRegisteredAddress", attributeList, false); + String organizationType = getAttributeValue("translateableType", attributeList, false); + + identityLinkResponse = SZRGWClientUtils.getIdentityLink(citizenSignature, representative, represented, mandate, organizationAddress, organizationType, targetType, targetValue, oaFriendlyName, filters, fiscalNumber); + } else { + // if we get here, we have a natural person representing another natural person + String eIdentifier = getAttributeValue("eIdentifier", attributeList, false); + String givenName = getAttributeValue("givenName", attributeList, false); + String lastName = getAttributeValue("surname", attributeList, false); + String dateOfBirth = getAttributeValue("dateOfBirth", attributeList, false); + + // gender attribute is mandatory here because of some legal stuff + String gender = getAttributeValue("gender", attributeList, false); + + if (!StringUtils.isEmpty(dateOfBirth)) + dateOfBirth = DateTimeUtils.formatPEPSDateToMOADate(dateOfBirth); + + identityLinkResponse = SZRGWClientUtils.getIdentityLink(eIdentifier, + givenName, lastName, dateOfBirth, gender, citizenSignature, representative, + represented, mandate, targetType, targetValue, oaFriendlyName, filters, fiscalNumber); + } + } else { + // we do not have a representation case + String eIdentifier = getAttributeValue("eIdentifier", attributeList, false); + String givenName = getAttributeValue("givenName", attributeList, false); + String lastName = getAttributeValue("surname", attributeList, false); + String dateOfBirth = getAttributeValue("dateOfBirth", attributeList, false); + if (!StringUtils.isEmpty(dateOfBirth)) + dateOfBirth = DateTimeUtils.formatPEPSDateToMOADate(dateOfBirth); + identityLinkResponse = SZRGWClientUtils.getIdentityLink(eIdentifier, givenName, lastName, dateOfBirth, citizenSignature, fiscalNumber); + } + + if (null != identityLinkResponse.getErrorResponse()){ + throw new SZRGWClientException("service.08", (String)identityLinkResponse.getErrorResponse().getErrorCode(), + (String)identityLinkResponse.getErrorResponse().getInfo()); + } + else { + IdentityLinkAssertionParser ilParser = new IdentityLinkAssertionParser(new ByteArrayInputStream(identityLinkResponse.getIdentityLink())); + identityLink = ilParser.parseIdentityLink(); + + Logger.debug("Received Identity Link from SZR Gateway"); + //TODO: is this ok? +// if (StringUtils.isEmpty(identityLink.getDateOfBirth())) { +// identityLink.setDateOfBirth("9999-12-31"); +// } + + } + + } catch (ParseException e) { + Logger.error("Error parsing IdentityLink received from SZR-Gateway: ", e); + throw new MOAIDException("auth.25", null, e); + } catch (ApiUtilsException e) { + Logger.error("Error parsing IdentityLink received from SZR-Gateway: ", e); + throw new MOAIDException("auth.25", null, e); + } catch (IllegalArgumentException e) { + Logger.error("Error parsing IdentityLink received from SZR-Gateway: ", e); + throw new MOAIDException("auth.25", null, e); + } catch (TransformerConfigurationException e) { + Logger.error("Error parsing IdentityLink received from SZR-Gateway: ", e); + throw new MOAIDException("auth.25", null, e); + } catch (UtilsException e) { + Logger.error("Error parsing IdentityLink received from SZR-Gateway: ", e); + throw new MOAIDException("auth.25", null, e); + } catch (TransformerException e) { + Logger.error("Error parsing IdentityLink received from SZR-Gateway: ", e); + throw new MOAIDException("auth.25", null, e); + } catch (TransformerFactoryConfigurationError e) { + Logger.error("Error parsing IdentityLink received from SZR-Gateway: ", e); + throw new MOAIDException("auth.25", null, e); + } catch (IOException e) { + Logger.error("Error parsing IdentityLink received from SZR-Gateway: ", e); + throw new MOAIDException("auth.25", null, e); + } + + return identityLink; + + } + + private static String getCitizienSignatureFromSignResponse(SignResponse dssSignResponse) throws IllegalArgumentException, TransformerConfigurationException, UtilsException, TransformerException, TransformerFactoryConfigurationError, IOException, ApiUtilsException + { + // fetch signed doc + DataSource ds = LightweightSourceResolver.getDataSource(dssSignResponse); + if(ds == null){ + throw new ApiUtilsException("No datasource found in response"); + } + + InputStream incoming = ds.getInputStream(); + String citizenSignature = IOUtils.toString(incoming); + incoming.close(); + + return citizenSignature; + } + +} diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java index 59db5797d..4d3c01bee 100644 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java +++ b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java @@ -29,6 +29,7 @@ import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.data.IAuthData; +import at.gv.egovernment.moa.id.data.MISMandate; import at.gv.egovernment.moa.id.data.SLOInformationImpl; import at.gv.egovernment.moa.id.data.SLOInformationInterface; import at.gv.egovernment.moa.id.moduls.IAction; @@ -36,7 +37,6 @@ import at.gv.egovernment.moa.id.moduls.IRequest; import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; import at.gv.egovernment.moa.id.storage.AssertionStorage; import at.gv.egovernment.moa.id.util.VelocityProvider; -import at.gv.egovernment.moa.id.util.client.mis.simple.MISMandate; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; import eu.stork.peps.auth.commons.*; diff --git a/id/server/modules/pom.xml b/id/server/modules/pom.xml index fcba9428b..db03326ea 100644 --- a/id/server/modules/pom.xml +++ b/id/server/modules/pom.xml @@ -24,10 +24,11 @@ <module>module-monitoring</module> <module>moa-id-modules-saml1</module> <module>moa-id-module-openID</module> + <module>moa-id-modul-citizencard_authentication</module> </modules> <dependencies> - <dependency> + <dependency> <groupId>MOA.id.server</groupId> <artifactId>moa-id-lib</artifactId> <exclusions> @@ -450,7 +450,13 @@ <groupId>MOA.id.server.modules</groupId> <artifactId>moa-id-module-openID</artifactId> <version>${moa-id-version}</version> - </dependency> + </dependency> + <dependency> + <groupId>MOA.id.server.modules</groupId> + <artifactId>moa-id-modul-citizencard_authentication</artifactId> + <version>${moa-id-version}</version> + </dependency> + <dependency> <groupId>MOA.spss.server</groupId> <artifactId>moa-spss-lib</artifactId> |