diff options
| author | Thomas Lenz <tlenz@iaik.tugraz.at> | 2018-06-07 12:16:39 +0200 | 
|---|---|---|
| committer | Thomas Lenz <tlenz@iaik.tugraz.at> | 2018-06-07 12:16:39 +0200 | 
| commit | f807371b592e95511bb87c4a1ee2819e835663fc (patch) | |
| tree | 1aabc971f583ff2674b272325e31aefbb7891040 | |
| parent | ebd93e9389e630450e5b052a18a6a6fc8d05f611 (diff) | |
| download | moa-id-spss-f807371b592e95511bb87c4a1ee2819e835663fc.tar.gz moa-id-spss-f807371b592e95511bb87c4a1ee2819e835663fc.tar.bz2 moa-id-spss-f807371b592e95511bb87c4a1ee2819e835663fc.zip | |
some more refactoring stuff
13 files changed, 46 insertions, 844 deletions
| diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java index e72780cab..fdf806f78 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java @@ -47,9 +47,9 @@ import org.w3c.dom.Element;  import org.w3c.dom.Node;  import org.w3c.dom.NodeList; -import at.gv.egiz.eaaf.core.api.IOAAuthParameters;  import at.gv.egiz.eaaf.core.api.IRequest; -import at.gv.egiz.eaaf.core.api.data.IAuthData; +import at.gv.egiz.eaaf.core.api.idp.IAuthData; +import at.gv.egiz.eaaf.core.api.idp.IAuthenticationDataBuilder;  import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionStorageConstants;  import at.gv.egovernment.moa.id.auth.exception.BuildException;  import at.gv.egovernment.moa.id.auth.exception.DynamicOABuildException; @@ -58,6 +58,7 @@ import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;  import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser;  import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants;  import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters;  import at.gv.egovernment.moa.id.commons.api.data.ExtendedSAMLAttribute;  import at.gv.egovernment.moa.id.commons.api.data.IAuthenticationSession;  import at.gv.egovernment.moa.id.commons.api.data.IIdentityLink; @@ -100,7 +101,7 @@ import iaik.x509.X509Certificate;   *   */  @Service("AuthenticationDataBuilder") -public class AuthenticationDataBuilder extends MOAIDAuthConstants { +public class AuthenticationDataBuilder extends MOAIDAuthConstants implements IAuthenticationDataBuilder{  	@Autowired private IAuthenticationSessionStoreage authenticatedSessionStorage;  	@Autowired protected AuthConfiguration authConfig; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilder.java index a43e6a7fb..7f47d3dfe 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilder.java @@ -51,13 +51,13 @@ import java.util.Calendar;  import java.util.List;  import at.gv.egiz.eaaf.core.api.IRequest; +import at.gv.egiz.eaaf.core.impl.utils.DateTimeUtils;  import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants;  import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters;  import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException;  import at.gv.egovernment.moa.id.config.TargetToSectorNameMapper;  import at.gv.egovernment.moa.id.config.auth.OAAuthParameterDecorator;  import at.gv.egovernment.moa.util.Constants; -import at.gv.egovernment.moa.util.DateTimeUtils;  import at.gv.egovernment.moa.util.MiscUtil;  import at.gv.egovernment.moa.util.StringUtils; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/AuthenticationData.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/AuthenticationData.java deleted file mode 100644 index 14d78c88e..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/AuthenticationData.java +++ /dev/null @@ -1,820 +0,0 @@ -/** - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ -package at.gv.egovernment.moa.id.data; - -import java.io.Serializable; -import java.text.DateFormat; -import java.text.ParseException; -import java.text.SimpleDateFormat; -import java.util.ArrayList; -import java.util.Date; -import java.util.List; -import java.util.Map; - -import org.apache.commons.collections4.map.HashedMap; -import org.w3c.dom.Element; - -import at.gv.egiz.eaaf.core.api.idp.IAuthData; -import at.gv.egovernment.moa.id.commons.api.data.IIdentityLink; -import at.gv.egovernment.moa.id.commons.api.data.IMISMandate; -import at.gv.egovernment.moa.id.commons.api.exceptions.SessionDataStorageException; -import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; -import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.AssertionAttributeExtractorExeption; -import at.gv.egovernment.moa.id.util.PVPtoSTORKMapper; -import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.util.DOMUtils; -import at.gv.egovernment.moa.util.DateTimeUtils; -import at.gv.egovernment.moa.util.MiscUtil; - -/** - * @author tlenz - * - */ -public class AuthenticationData  implements IAuthData, Serializable { - -	private static final long serialVersionUID = -1042697056735596866L; -	public static final String IDENTITY_LINK_DATE_FORMAT = "yyyy-MM-dd"; -	 -	  /** -	   * URL of the MOA-ID Auth component issueing this assertion -	   */ -	  private String issuer; -	  /** -	   * time instant of issue of this assertion -	   */ -	  private Date issueInstant; -	  /** -	   * user identification value (Stammzahl); <code>null</code>,  -	   * if the authentication module is configured not to return this data -	   */ -	  private String identificationValue; -		/** -		 * user identification type -		 */ -	  private String identificationType; -		 -		/** -		 * user identityLink specialized to OAParamter -		 */ -	  private IIdentityLink identityLink; -		 -	  /** -	   * application specific user identifier (bPK/wbPK) -	   */ -	  private String bPK; -	   -	  /** -	   * application specific user identifier type -	   */ -	  private String bPKType; -	   -	  /** -	   * given name of the user -	   */ -	  private String givenName; -	  /** -	   * family name of the user -	   */ -	  private String familyName; -	  /** -	   * date of birth of the user -	   */ -	  private Date dateOfBirth; -	  /** -	   * says whether the certificate is a qualified certificate or not -	   */ -	  private boolean qualifiedCertificate; -	  /** -	   * says whether the certificate is a public authority or not -	   */ -	  private boolean publicAuthority; -	  /** -	   * public authority code (Behördenkennzeichen - BKZ) -	   */ -	  private String publicAuthorityCode; - -	  /** -	   * URL of the BKU -	   */ -	  private String bkuURL; -	  /** -	   * the corresponding <code>lt;saml:Assertion></code> -	   */ - -	  private boolean isBaseIDTransferRestrication = true; -	   -	   -	 /** -	  * STORK attributes from response -	  */ -	  private String ccc = null; -	   -	  private Map<String, Object> genericDataStorate = new HashedMap<String, Object>(); -	   -	  private byte[] signerCertificate = null; -	  	   -	  private String authBlock = null;  -	  private List<String> encbPKList = null; -	   -	  //ISA 1.18 attributes -	  private List<AuthenticationRole> roles = null; -	  private String pvpAttribute_OU = null; -	   -	  private boolean useMandate = false; -	  private IMISMandate mandate = null; -	  private String mandateReferenceValue = null; -	   -	  private boolean foreigner =false; -	  private String QAALevel = null; -	   -	  private boolean ssoSession = false; -	  private Date ssoSessionValidTo = null; - -//	  private boolean interfederatedSSOSession = false; -//	  private String interfederatedIDP = null; -	   -	  private String sessionIndex = null; -	  private String nameID = null; -	  private String nameIDFormat = null; -	   -	  public AuthenticationData() { -		  issueInstant = new Date(); -	  } -	  	   -	  /** -	   * Returns the publicAuthority. -	   * @return boolean -	   */ -	  public boolean isPublicAuthority() { -	    return publicAuthority; -	  } - -	  /** -	   * Returns the publicAuthorityCode. -	   * @return String -	   */ -	  public String getPublicAuthorityCode() { -	    return publicAuthorityCode; -	  } - -	  /** -	   * Returns the qualifiedCertificate. -	   * @return boolean -	   */ -	  public boolean isQualifiedCertificate() { -	    return qualifiedCertificate; -	  } - -	  /** -	   * Returns the bPK. -	   * @return String -	   */ -	  public String getBPK() { -	    return bPK; -	  } - -	  /** -	   * Sets the publicAuthority. -	   * @param publicAuthority The publicAuthority to set -	   */ -	  public void setPublicAuthority(boolean publicAuthority) { -	    this.publicAuthority = publicAuthority; -	  } - -	  /** -	   * Sets the publicAuthorityCode. -	   * @param publicAuthorityIdentification The publicAuthorityCode to set -	   */ -	  public void setPublicAuthorityCode(String publicAuthorityIdentification) { -	    this.publicAuthorityCode = publicAuthorityIdentification; -	  } - -	  /** -	   * Sets the qualifiedCertificate. -	   * @param qualifiedCertificate The qualifiedCertificate to set -	   */ -	  public void setQualifiedCertificate(boolean qualifiedCertificate) { -	    this.qualifiedCertificate = qualifiedCertificate; -	  } - -	  /** -	   * Sets the bPK. -	   * @param bPK The bPK to set -	   */ -	  public void setBPK(String bPK) { -	    this.bPK = bPK; -	  } - -	  /** -	   * Returns the dateOfBirth. -	   * @return String -	   */ -	  public Date getDateOfBirth() { -	    return dateOfBirth; -	  } - -	  public String getFormatedDateOfBirth() { -			DateFormat pvpDateFormat = new SimpleDateFormat(IDENTITY_LINK_DATE_FORMAT); -			if (getDateOfBirth() != null) -				return pvpDateFormat.format(getDateOfBirth()); -			else -				return "2999-12-31"; -		} -	   -	  /** -	   * Returns the familyName. -	   * @return String -	   */ -	  public String getFamilyName() { -	    return familyName; -	  } - -	  /** -	   * Returns the givenName. -	   * @return String -	   */ -	  public String getGivenName() { -	    return givenName; -	  } - -	  /** -	   * Holds the baseID of a citizen -	   *  -	   * @return baseID -	   */ -	  public String getIdentificationValue() { -	    return identificationValue; -	  } - -		/** -		 * Holds the type of the baseID -		 *  -		 * @return baseID-Type -		 */ -		public String getIdentificationType() { -			return identificationType; -		} - -	  /** -	   * Returns the issueInstant. -	   * @return String -	   */ -	  public String getIssueInstantString() { -	    return DateTimeUtils.buildDateTimeUTC(issueInstant); -	     -	  } - -	  /** -	   * Returns the issueInstant. -	   * @return String -	   */ -	  public Date getIssueInstant() { -	    return issueInstant; -	     -	  } -	   -	  public void setIssueInstant(Date date) { -		  this.issueInstant = date; -	  } -	   -	  /** -	   * Returns the issuer. -	   * @return String -	   */ -	  public String getIssuer() { -	    return issuer; -	  } -	   -	  /** -	   * Returns the BKU URL. -	   * @return String -	   */ -	  public String getBkuURL() { -	    return bkuURL; -	  } - -	  /** -	   * Sets the dateOfBirth. -	   * @param dateOfBirth The dateOfBirth to set -	   */ -	  public void setDateOfBirth(Date dateOfBirth) { -	    this.dateOfBirth = dateOfBirth; -	  } - -	  public void setDateOfBirth(String dateOfBirth) {		   -		  try {		   -			  if (MiscUtil.isNotEmpty(dateOfBirth)) { -				  DateFormat identityLinkFormat = new SimpleDateFormat(IDENTITY_LINK_DATE_FORMAT); -				  this.dateOfBirth = identityLinkFormat.parse(dateOfBirth); -			  } -			   -		  } catch (ParseException e) { -			  Logger.warn("Parse dateOfBirht from IdentityLink FAILED", e); -			   -		  }		   -	  } -	   -	  /** -	   * Sets the familyName. -	   * @param familyName The familyName to set -	   */ -	  public void setFamilyName(String familyName) { -	    this.familyName = familyName; -	  } - -	  /** -	   * Sets the givenName. -	   * @param givenName The givenName to set -	   */ -	  public void setGivenName(String givenName) { -	    this.givenName = givenName; -	  } - -	  /** -	   * Sets the identificationValue. -	   * @param identificationValue The identificationValue to set -	   */ -	  public void setIdentificationValue(String identificationValue) { -	    this.identificationValue = identificationValue; -	  } - -		/** -		 * Sets the identificationType. -		 * @param identificationType The identificationType to set -		 */ -		public void setIdentificationType(String identificationType) { -			this.identificationType = identificationType; -		} - -	  /** -	   * Sets the issuer. -	   * @param issuer The issuer to set -	   */ -	  public void setIssuer(String issuer) { -	    this.issuer = issuer; -	  } -	   -	  /** -	   * Sets the bkuURL -	   * @param url The BKU URL to set -	   */ -	  public void setBkuURL(String url) { -	    this.bkuURL = url; -	  } - -	public String getBPKType() { -		return bPKType; -	} - -	public void setBPKType(String bPKType) { -		this.bPKType = bPKType; -	} - -	/** -	 * @return the identityLink -	 */ -	public IIdentityLink getIdentityLink() { -		return identityLink; -	} - -	/** -	 * @param identityLink the identityLink to set -	 */ -	public void setIdentityLink(IIdentityLink identityLink) { -		this.identityLink = identityLink; -	} - -	/** -	 * @return the signerCertificate -	 */ -	public byte[] getSignerCertificate() { -		return signerCertificate; -	} - - -	/** -	 * @param signerCertificate the signerCertificate to set -	 */ -	public void setSignerCertificate(byte[] signerCertificate) { -		this.signerCertificate = signerCertificate; -	} - - -	/** -	 * @return the authBlock -	 */ -	public String getAuthBlock() { -		return authBlock; -	} - - -	/** -	 * @param authBlock the authBlock to set -	 */ -	public void setAuthBlock(String authBlock) { -		this.authBlock = authBlock; -	} - - -	/** -	 * @return the mandate -	 */ -	public IMISMandate getMISMandate() { -		return mandate; -	} - -	public Element getMandate() { -		if (mandate == null) -			return null; -		 -		//parse Element from mandate XML -		try { -			byte[] byteMandate = mandate.getMandate(); -			String stringMandate = new String(byteMandate); -			return DOMUtils.parseDocument(stringMandate, false, null, null).getDocumentElement(); -			 -		} -		catch (Throwable e) { -			Logger.warn("Mandate content could not be generated from MISMandate."); -			return null; -		} -	} -	 - -	/** -	 * @param mandate the mandate to set -	 */ -	public void setMISMandate(IMISMandate mandate) { -		this.mandate = mandate; -	} - - -	/** -	 * @return the useMandate -	 */ -	public boolean isUseMandate() { -		return useMandate; -	} - - -	/** -	 * @param useMandate the useMandate to set -	 */ -	public void setUseMandate(boolean useMandate) { -		this.useMandate = useMandate; -	} - - -	/** -	 * @return -	 */ -	public String getQAALevel() { -		if (this.QAALevel != null &&  -				this.QAALevel.startsWith(PVPConstants.EIDAS_QAA_PREFIX)) { -			String mappedQAA = PVPtoSTORKMapper.getInstance().mapeIDASQAAToSTORKQAA(this.QAALevel); -			if (MiscUtil.isNotEmpty(mappedQAA)) -				return mappedQAA; -			 -			else { -				Logger.error("eIDAS QAA-level:" + this.QAALevel  -						+ " can not be mapped to STORK QAA-level! Use " -						+ PVPConstants.STORK_QAA_1_1 + " as default value."); -				return PVPConstants.STORK_QAA_1_1; -				 -			} -			 -			 -		} else -			return this.QAALevel; -	} - -	 -	public String getEIDASQAALevel() { -		if (this.QAALevel != null &&  -				this.QAALevel.startsWith(PVPConstants.STORK_QAA_PREFIX)) { -			String mappedQAA = PVPtoSTORKMapper.getInstance().mapSTORKQAAToeIDASQAA(this.QAALevel); -			if (MiscUtil.isNotEmpty(mappedQAA)) -				return mappedQAA; -			 -			else { -				Logger.error("STORK QAA-level:" + this.QAALevel  -						+ " can not be mapped to eIDAS QAA-level! Use " -						+ PVPConstants.EIDAS_QAA_LOW + " as default value."); -				return PVPConstants.EIDAS_QAA_LOW; -				 -			} -			 -			 -		} else -			return this.QAALevel; -		 -	} -	 - -	/** -	 * @return -	 */ -	public boolean isForeigner() { -		return this.foreigner; -	} - - -	/** -	 * @param foreigner the foreigner to set -	 */ -	public void setForeigner(boolean foreigner) { -		this.foreigner = foreigner; -	} - - -	/** -	 * Store QAA level in eIDAS format to authentication Data -	 *  -	 * @param qAALevel the qAALevel to set -	 * @throws AssertionAttributeExtractorExeption  -	 */ -	public void setQAALevel(String qAALevel) { -			QAALevel = qAALevel; -			 -	} - -	/** -	 * @return the ssoSession -	 */ -	public boolean isSsoSession() { -		return ssoSession; -	} - - -	/** -	 * @param ssoSession the ssoSession to set -	 */ -	public void setSsoSession(boolean ssoSession) { -		this.ssoSession = ssoSession; -	} - -	/** -	 * @return the mandateReferenceValue -	 */ -	public String getMandateReferenceValue() { -		return mandateReferenceValue; -	} - -	/** -	 * @param mandateReferenceValue the mandateReferenceValue to set -	 */ -	public void setMandateReferenceValue(String mandateReferenceValue) { -		this.mandateReferenceValue = mandateReferenceValue; -	} - -	/** -	 * CountryCode of the citizen which is identified and authenticated -	 *  -	 * @return the CountryCode <pre>like. AT, SI, ...</pre> -	 */ -	public String getCcc() { -		return ccc; -	} - -	/** -	 * @param ccc the ccc to set -	 */ -	public void setCcc(String ccc) { -		this.ccc = ccc; -	} - -	/** -	 * @return the sessionIndex -	 */ -	public String getSessionIndex() { -		return sessionIndex; -	} - -	/** -	 * @param sessionIndex the sessionIndex to set -	 */ -	public void setSessionIndex(String sessionIndex) { -		this.sessionIndex = sessionIndex; -	} - -	/* (non-Javadoc) -	 * @see at.gv.egovernment.moa.id.data.IAuthData#getNameID() -	 */ -	@Override -	public String getNameID() { -		return this.nameID; -	} - -	/** -	 * @param nameID the nameID to set -	 */ -	public void setNameID(String nameID) { -		this.nameID = nameID; -	} - -	/** -	 * @return the nameIDFormat -	 */ -	public String getNameIDFormat() { -		return nameIDFormat; -	} - -	/** -	 * @param nameIDFormat the nameIDFormat to set -	 */ -	public void setNameIDFormat(String nameIDFormat) { -		this.nameIDFormat = nameIDFormat; -	} - -//	/** -//	 * @return the interfederatedSSOSession -//	 */ -//	public boolean isInterfederatedSSOSession() { -//		return interfederatedSSOSession; -//	} -// -//	/** -//	 * @param interfederatedSSOSession the interfederatedSSOSession to set -//	 */ -//	public void setInterfederatedSSOSession(boolean interfederatedSSOSession) { -//		this.interfederatedSSOSession = interfederatedSSOSession; -//	} -// -//	/** -//	 * @return the interfederatedIDP -//	 */ -//	public String getInterfederatedIDP() { -//		return interfederatedIDP; -//	} -// -//	/** -//	 * @param interfederatedIDP the interfederatedIDP to set -//	 */ -//	public void setInterfederatedIDP(String interfederatedIDP) { -//		this.interfederatedIDP = interfederatedIDP; -//	} - -	/** -	 * @return the ssoSessionValidTo -	 */ -	public Date getSsoSessionValidTo() { -		return ssoSessionValidTo; -	} - -	/** -	 * @param ssoSessionValidTo the ssoSessionValidTo to set -	 */ -	public void setSsoSessionValidTo(Date ssoSessionValidTo) { -		this.ssoSessionValidTo = ssoSessionValidTo; -	} - -	/** -	 * @return the encbPKList -	 */ -	public List<String> getEncbPKList() { -		return encbPKList; -	} - -	/** -	 * @param encbPKList the encbPKList to set -	 */ -	public void setEncbPKList(List<String> encbPKList) { -		this.encbPKList = encbPKList; -	} - -	/** -	 * @return the roles -	 */ -	public List<AuthenticationRole> getAuthenticationRoles() { -//		if (this.roles == null) { -//			this.roles = new ArrayList<AuthenticationRole>(); -//			this.roles.add(new AuthenticationRole("xxpvprole", "xxpvprole")); -//			this.roles.add(new AuthenticationRole("yypvprole", "yypvprole")); -//		} -		 -		return roles; -	} - -	//ISA 1.18 attributes -	/** -	 * @param roles the roles to set -	 */ -	public void addAuthenticationRole(AuthenticationRole role) { -		if (this.roles == null) -			this.roles = new ArrayList<AuthenticationRole>(); - -		this.roles.add(role); -	} -	 -	/** -	 * @return the pvpAttribute_OU -	 */ -	public String getPvpAttribute_OU() { -		return pvpAttribute_OU; -	} - -	/** -	 * @param pvpAttribute_OU the pvpAttribute_OU to set -	 */ -	public void setPvpAttribute_OU(String pvpAttribute_OU) { -		this.pvpAttribute_OU = pvpAttribute_OU; -	} - -	/* (non-Javadoc) -	 * @see at.gv.egovernment.moa.id.data.IAuthData#isBusinessService() -	 */ -	@Override -	public boolean isBaseIDTransferRestrication() { -		return isBaseIDTransferRestrication; -	} - -	/** -	 * @param isBaseIDTransmittionAllowed the isBaseIDTransmittionAllowed to set -	 */ -	public void setBaseIDTransferRestrication(boolean isBaseIDTransferRestrication) { -		this.isBaseIDTransferRestrication = isBaseIDTransferRestrication; -	} -	 -	/** -	 * Returns a generic data-object with is stored with a specific identifier  -	 *  -	 * @param key The specific identifier of the data object -	 * @param clazz The class type which is stored with this key -	 * @return The data object or null if no data is found with this key -	 */ -	public <T> T getGenericData(String key, final Class<T> clazz) { -		if (MiscUtil.isNotEmpty(key)) { -			Object data = genericDataStorate.get(key);			 -			 -			if (data == null) -				return null; -			 -			try { -				@SuppressWarnings("unchecked") -				T test = (T) data; -				return test; -				 -			} catch (Exception e) { -				Logger.warn("Generic authentication-data object can not be casted to requsted type", e); -				return null; -				 -			} -			 -		}  -		 -		Logger.warn("Can not load generic session-data with key='null'"); -		return null; -				 -	} -	 -	/** -	 * Store a generic data-object to session with a specific identifier -	 *  -	 * @param key Identifier for this data-object -	 * @param object Generic data-object which should be stored. This data-object had to be implement the 'java.io.Serializable' interface -	 * @throws SessionDataStorageException Error message if the data-object can not stored to generic session-data storage -	 */ -	public void setGenericData(String key, Object object) throws SessionDataStorageException { -		if (MiscUtil.isEmpty(key)) { -			Logger.warn("Generic session-data can not be stored with a 'null' key"); -			throw new SessionDataStorageException("Generic data can not be stored with a 'null' key", null); -			 -		} -		 -		if (object != null) { -			if (!Serializable.class.isInstance(object)) { -				Logger.warn("Generic data can only store objects which implements the 'Seralizable' interface"); -				throw new SessionDataStorageException("Generic data can only store objects which implements the 'Seralizable' interface", null); -				 -			}						 -		} -		 -		if (genericDataStorate.containsKey(key)) -			Logger.debug("Overwrite generic data with key:" + key); -		else -			Logger.trace("Add generic data with key:" + key + " to session."); -		 -		genericDataStorate.put(key, object); -	} -	 -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java index b36b5af30..718f730b0 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java @@ -28,6 +28,7 @@ import javax.servlet.http.Cookie;  import javax.servlet.http.HttpServletRequest;  import javax.servlet.http.HttpServletResponse; +import org.apache.commons.lang3.StringUtils;  import org.springframework.beans.factory.annotation.Autowired;  import org.springframework.stereotype.Service; @@ -38,6 +39,7 @@ import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;  import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionExtensions;  import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants;  import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; +import at.gv.egovernment.moa.id.commons.api.data.IAuthenticationSession;  import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException;  import at.gv.egovernment.moa.id.commons.api.exceptions.SessionDataStorageException;  import at.gv.egovernment.moa.id.commons.db.dao.session.AuthenticatedSessionStore; @@ -114,6 +116,25 @@ public class SSOManager {  	} +	protected String createNewSSOSessionCookie(HttpServletRequest req, HttpServletResponse resp,  +	IRequest pendingReq, IAuthenticationSession moaSession) { +		Logger.debug("Add SSO information to MOASession."); + +		//Store SSO information into database +		String newSSOSessionId = createSSOSessionInformations(moaSession.getSessionID(),  +				pendingReq.getSPEntityId()); + +		//set SSO cookie to response +		if (StringUtils.isNotEmpty(newSSOSessionId)) { +			setSSOSessionID(req, resp, newSSOSessionId); + +		} else { +			deleteSSOSessionID(req, resp); + +		} + +		return newSSOSessionId; +	}  	public boolean isValidSSOSession(String ssoSessionID, IRequest protocolRequest) throws ConfigurationException, SessionDataStorageException { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java index e6298527b..038e384f3 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java @@ -55,8 +55,8 @@ import org.springframework.stereotype.Controller;  import org.springframework.web.bind.annotation.RequestMapping;  import org.springframework.web.bind.annotation.RequestMethod; -import at.gv.egiz.eaaf.core.api.IOAAuthParameters;  import at.gv.egiz.eaaf.core.api.IRequest; +import at.gv.egiz.eaaf.core.api.idp.IModulInfo;  import at.gv.egiz.eaaf.core.exceptions.AuthnRequestValidatorException;  import at.gv.egiz.eaaf.core.exceptions.InvalidProtocolRequestException;  import at.gv.egiz.eaaf.core.exceptions.NoPassivAuthenticationException; @@ -67,6 +67,7 @@ import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;  import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;  import at.gv.egovernment.moa.id.auth.frontend.velocity.VelocityLogAdapter;  import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters;  import at.gv.egovernment.moa.id.commons.api.data.IAuthenticationSession;  import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;  import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; @@ -100,7 +101,7 @@ import at.gv.egovernment.moa.logging.Logger;  import at.gv.egovernment.moa.util.MiscUtil;  @Controller -public class PVP2XProtocol extends AbstractAuthProtocolModulController  { +public class PVP2XProtocol extends AbstractAuthProtocolModulController implements IModulInfo {  	@Autowired IDPCredentialProvider pvpCredentials;  	@Autowired SAMLVerificationEngineSP samlVerificationEngine; diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/MOAIDConstants.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/MOAIDConstants.java index 958fb25ce..c56116255 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/MOAIDConstants.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/MOAIDConstants.java @@ -77,8 +77,6 @@ public class MOAIDConstants {      public static final List<String> ALLOWED_eIDAS_LOA;      public static final List<String> JDBC_DRIVER_NEEDS_WORKAROUND; -    public static final String UNIQUESESSIONIDENTIFIER = "uniqueSessionIdentifier"; -          public static final String eIDAS_LOA_LOW = "http://eidas.europa.eu/LoA/low";      public static final String eIDAS_LOA_SUBSTANTIAL = "http://eidas.europa.eu/LoA/substantial";      public static final String eIDAS_LOA_HIGH = "http://eidas.europa.eu/LoA/high"; diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/data/AuthProzessDataConstants.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/data/AuthProzessDataConstants.java index db413b0f5..e816349c8 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/data/AuthProzessDataConstants.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/data/AuthProzessDataConstants.java @@ -26,7 +26,7 @@ package at.gv.egovernment.moa.id.commons.api.data;   * @author tlenz   *   */ -public interface AuthProzessDataConstants { +public interface AuthProzessDataConstants extends EAAFConstants {  	public static final String GENERIC_PREFIX 					= "generic_"; @@ -37,10 +37,9 @@ public interface AuthProzessDataConstants {  	public static final String FLAG_IS_AUTHENTICATED 			= "direct_flagIsAuth";  	public static final String FLAG_SAMLATTRIBUTEGEBEORWBPK 	= "direct_SAMLAttributeGebeORwbpk"; -	 -	public static final String VALUE_CREATED 					= "direct_created"; +  	public static final String VALUE_ISSUEINSTANT 				= "direct_issueInstant"; -	public static final String VALUE_SESSIONID 					= "direct_sessionId"; +	  	public static final String VALUE_SIGNER_CERT 				= "direct_signerCert";  	public static final String VALUE_IDENTITYLINK 				= "direct_idl";	  	public static final String VALUE_BKUURL 					= "direct_bkuUrl"; diff --git a/id/server/moa-id-commons/src/test/java/test/at/gv/egovernment/moa/util/DateTimeUtilsTest.java b/id/server/moa-id-commons/src/test/java/test/at/gv/egovernment/moa/util/DateTimeUtilsTest.java index e3468b89f..aed2efff2 100644 --- a/id/server/moa-id-commons/src/test/java/test/at/gv/egovernment/moa/util/DateTimeUtilsTest.java +++ b/id/server/moa-id-commons/src/test/java/test/at/gv/egovernment/moa/util/DateTimeUtilsTest.java @@ -31,10 +31,9 @@ import java.util.Date;  import java.util.GregorianCalendar;  import java.util.TimeZone; +import at.gv.egiz.eaaf.core.impl.utils.DateTimeUtils;  import junit.framework.TestCase; -import at.gv.egovernment.moa.util.DateTimeUtils; -  /**   * @author Patrick Peck   * @version $Id$ diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java index f12ef1994..97f56c6f4 100644 --- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java @@ -28,6 +28,7 @@ import org.xml.sax.SAXException;  import at.gv.egiz.eaaf.core.api.IOAAuthParameters;  import at.gv.egiz.eaaf.core.api.IRequest;  import at.gv.egiz.eaaf.core.impl.utils.DataURLBuilder; +import at.gv.egiz.eaaf.core.impl.utils.DateTimeUtils;  import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;  import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger;  import at.gv.egovernment.moa.id.auth.builder.AuthenticationBlockAssertionBuilder; @@ -71,7 +72,6 @@ import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants;  import at.gv.egovernment.moa.logging.Logger;  import at.gv.egovernment.moa.util.Constants;  import at.gv.egovernment.moa.util.DOMUtils; -import at.gv.egovernment.moa.util.DateTimeUtils;  import at.gv.egovernment.moa.util.FileUtils;  import at.gv.egovernment.moa.util.MiscUtil;  import at.gv.egovernment.moa.util.StringUtils; diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASProtocol.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASProtocol.java index 019a61b7c..8ed9e1f2e 100644 --- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASProtocol.java +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASProtocol.java @@ -43,8 +43,8 @@ import org.springframework.stereotype.Controller;  import org.springframework.web.bind.annotation.RequestMapping;  import org.springframework.web.bind.annotation.RequestMethod; -import at.gv.egiz.eaaf.core.api.IOAAuthParameters;  import at.gv.egiz.eaaf.core.api.IRequest; +import at.gv.egiz.eaaf.core.api.idp.IModulInfo;  import at.gv.egiz.eaaf.core.impl.idp.controller.AbstractAuthProtocolModulController;  import at.gv.egiz.eaaf.core.impl.idp.controller.protocols.RequestImpl;  import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils; @@ -59,6 +59,7 @@ import at.gv.egovernment.moa.id.auth.modules.eidas.exceptions.EIDASException;  import at.gv.egovernment.moa.id.auth.modules.eidas.utils.SAMLEngineUtils;  import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants;  import at.gv.egovernment.moa.id.commons.MOAIDConstants; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters;  import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;  import at.gv.egovernment.moa.logging.Logger;  import at.gv.egovernment.moa.util.MiscUtil; @@ -81,7 +82,7 @@ import eu.eidas.engine.exceptions.EIDASSAMLEngineException;   * @author tlenz   */  @Controller -public class EIDASProtocol extends AbstractAuthProtocolModulController { +public class EIDASProtocol extends AbstractAuthProtocolModulController implements IModulInfo {      public static final String NAME = EIDASProtocol.class.getName();      public static final String PATH = "eidas";	 diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20Protocol.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20Protocol.java index 55348b5f8..5acb1c547 100644 --- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20Protocol.java +++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20Protocol.java @@ -18,6 +18,7 @@ import org.springframework.web.bind.annotation.RequestMethod;  import com.google.gson.JsonObject;  import at.gv.egiz.eaaf.core.api.IRequest; +import at.gv.egiz.eaaf.core.api.idp.IModulInfo;  import at.gv.egiz.eaaf.core.exceptions.InvalidProtocolRequestException;  import at.gv.egiz.eaaf.core.exceptions.ProtocolNotActiveException;  import at.gv.egiz.eaaf.core.impl.idp.controller.AbstractAuthProtocolModulController; @@ -34,7 +35,7 @@ import at.gv.egovernment.moa.logging.Logger;  import at.gv.egovernment.moa.util.MiscUtil;  @Controller -public class OAuth20Protocol extends AbstractAuthProtocolModulController { +public class OAuth20Protocol extends AbstractAuthProtocolModulController implements IModulInfo {  	public static final String NAME = OAuth20Protocol.class.getName();  	public static final String PATH = "id_oauth20"; diff --git a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/ReceiveQualeIDTask.java b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/ReceiveQualeIDTask.java index add6d78e4..2ad19e088 100644 --- a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/ReceiveQualeIDTask.java +++ b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/ReceiveQualeIDTask.java @@ -26,6 +26,7 @@ import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;  import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;  import at.gv.egiz.eaaf.core.impl.idp.controller.AbstractAuthProtocolModulController;  import at.gv.egiz.eaaf.core.impl.utils.DataURLBuilder; +import at.gv.egiz.eaaf.core.impl.utils.DateTimeUtils;  import at.gv.egiz.eaaf.core.impl.utils.TransactionIDUtils;  import at.gv.egovernment.moa.id.auth.modules.sl20_auth.Constants;  import at.gv.egovernment.moa.id.auth.modules.sl20_auth.data.VerificationResult; @@ -41,7 +42,6 @@ import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants;  import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;  import at.gv.egovernment.moa.id.process.api.ExecutionContext;  import at.gv.egovernment.moa.util.Base64Utils; -import at.gv.egovernment.moa.util.DateTimeUtils;  import at.gv.egovernment.moa.util.MiscUtil;  import at.gv.egovernment.moaspss.logging.Logger;  import iaik.esi.sva.util.X509Utils; diff --git a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java index 19fadb318..8dfe10268 100644 --- a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java +++ b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java @@ -35,18 +35,19 @@ import org.springframework.stereotype.Controller;  import org.springframework.web.bind.annotation.RequestMapping;  import org.springframework.web.bind.annotation.RequestMethod; +import at.gv.egiz.eaaf.core.api.IRequest; +import at.gv.egiz.eaaf.core.api.idp.IModulInfo; +import at.gv.egiz.eaaf.core.exceptions.InvalidProtocolRequestException; +import at.gv.egiz.eaaf.core.exceptions.ProtocolNotActiveException; +import at.gv.egiz.eaaf.core.impl.idp.controller.AbstractAuthProtocolModulController;  import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants; -import at.gv.egovernment.moa.id.auth.exception.InvalidProtocolRequestException; -import at.gv.egovernment.moa.id.auth.exception.ProtocolNotActiveException;  import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;  import at.gv.egovernment.moa.id.auth.servlet.RedirectServlet;  import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants;  import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; -import at.gv.egovernment.moa.id.commons.api.IRequest;  import at.gv.egovernment.moa.id.commons.api.data.SAML1ConfigurationParameters;  import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;  import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; -import at.gv.egovernment.moa.id.protocols.AbstractAuthProtocolModulController;  import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants;  import at.gv.egovernment.moa.id.util.ParamValidatorUtils;  import at.gv.egovernment.moa.logging.Logger; @@ -62,7 +63,7 @@ import at.gv.egovernment.moa.util.URLEncoder;   */  @Controller -public class SAML1Protocol extends AbstractAuthProtocolModulController { +public class SAML1Protocol extends AbstractAuthProtocolModulController implements IModulInfo {  	@Autowired private SAML1AuthenticationServer saml1AuthServer; | 
