MOA-ID version 1.1 (initial)

git-svn-id: https://joinup.ec.europa.eu/svn/moa-idspss/trunk@19 d688527b-c9ab-4aba-bd8d-4036d912da1d

5 files changed, 717 insertions, 0 deletions

diff --git a/id.server/src/at/gv/egovernment/moa/id/data/AuthenticationData.java b/id.server/src/at/gv/egovernment/moa/id/data/AuthenticationData.java
new file mode 100644
index 000000000..aac1dc422
--- /dev/null
+++ b/id.server/src/at/gv/egovernment/moa/id/data/AuthenticationData.java
@@ -0,0 +1,314 @@
+package at.gv.egovernment.moa.id.data;
+
+import java.util.Date;
+
+/**
+ * Encapsulates authentication data contained in a <code>&lt;saml:Assertion&gt;</code>.
+ *
+ * @author Paul Ivancsics
+ * @version $Id$
+ */
+
+public class AuthenticationData {
+  /**
+   * major version number of the SAML assertion
+   */
+  private int majorVersion;
+  /**
+   * minor version number of the SAML assertion
+   */
+  private int minorVersion;
+  /**
+   * identifier for this assertion
+   */
+  private String assertionID;
+  /**
+   * URL of the MOA-ID Auth component issueing this assertion
+   */
+  private String issuer;
+  /**
+   * time instant of issue of this assertion
+   */
+  private String issueInstant;
+  /**
+   * user identification (ZMR-Zahl); <code>null</code>, 
+   * if the authentication module is configured not to return this data
+   */
+  private String identificationValue;
+  /**
+   * application specific user identifier (VPK)
+   */
+  private String vpk;
+  /**
+   * given name of the user
+   */
+  private String givenName;
+  /**
+   * family name of the user
+   */
+  private String familyName;
+  /**
+   * date of birth of the user
+   */
+  private String dateOfBirth;
+  /**
+   * says whether the certificate is a qualified certificate or not
+   */
+  private boolean qualifiedCertificate;
+  /**
+   * says whether the certificate is a public authority or not
+   */
+  private boolean publicAuthority;
+  /**
+   * public authority code (Beh&ouml;rdenkennzeichen - BKZ)
+   */
+  private String publicAuthorityCode;
+  /**
+   * the corresponding <code>lt;saml:Assertion&gt;</code>
+   */
+  private String samlAssertion;
+  /**
+   * creation timestamp
+   */
+  Date timestamp;
+
+  /**
+   * Constructor for AuthenticationData.
+   */
+  public AuthenticationData() {
+    timestamp = new Date();
+  }
+
+  /**
+   * Returns the minorVersion.
+   * @return int
+   */
+  public int getMinorVersion() {
+    return minorVersion;
+  }
+
+  /**
+   * Returns the publicAuthority.
+   * @return boolean
+   */
+  public boolean isPublicAuthority() {
+    return publicAuthority;
+  }
+
+  /**
+   * Returns the publicAuthorityCode.
+   * @return String
+   */
+  public String getPublicAuthorityCode() {
+    return publicAuthorityCode;
+  }
+
+  /**
+   * Returns the qualifiedCertificate.
+   * @return boolean
+   */
+  public boolean isQualifiedCertificate() {
+    return qualifiedCertificate;
+  }
+
+  /**
+   * Returns the vpk.
+   * @return String
+   */
+  public String getVPK() {
+    return vpk;
+  }
+
+  /**
+   * Sets the minorVersion.
+   * @param minorVersion The minorVersion to set
+   */
+  public void setMinorVersion(int minorVersion) {
+    this.minorVersion = minorVersion;
+  }
+
+  /**
+   * Sets the publicAuthority.
+   * @param publicAuthority The publicAuthority to set
+   */
+  public void setPublicAuthority(boolean publicAuthority) {
+    this.publicAuthority = publicAuthority;
+  }
+
+  /**
+   * Sets the publicAuthorityCode.
+   * @param publicAuthorityCode The publicAuthorityCode to set
+   */
+  public void setPublicAuthorityCode(String publicAuthorityIdentification) {
+    this.publicAuthorityCode = publicAuthorityIdentification;
+  }
+
+  /**
+   * Sets the qualifiedCertificate.
+   * @param qualifiedCertificate The qualifiedCertificate to set
+   */
+  public void setQualifiedCertificate(boolean qualifiedCertificate) {
+    this.qualifiedCertificate = qualifiedCertificate;
+  }
+
+  /**
+   * Sets the vpk.
+   * @param vpk The vpk to set
+   */
+  public void setVPK(String vpk) {
+    this.vpk = vpk;
+  }
+
+  /**
+   * Returns the assertionID.
+   * @return String
+   */
+  public String getAssertionID() {
+    return assertionID;
+  }
+
+  /**
+   * Returns the dateOfBirth.
+   * @return String
+   */
+  public String getDateOfBirth() {
+    return dateOfBirth;
+  }
+
+  /**
+   * Returns the familyName.
+   * @return String
+   */
+  public String getFamilyName() {
+    return familyName;
+  }
+
+  /**
+   * Returns the givenName.
+   * @return String
+   */
+  public String getGivenName() {
+    return givenName;
+  }
+
+  /**
+   * Returns the identificationValue.
+   * @return String
+   */
+  public String getIdentificationValue() {
+    return identificationValue;
+  }
+
+  /**
+   * Returns the issueInstant.
+   * @return String
+   */
+  public String getIssueInstant() {
+    return issueInstant;
+  }
+
+  /**
+   * Returns the issuer.
+   * @return String
+   */
+  public String getIssuer() {
+    return issuer;
+  }
+
+  /**
+   * Returns the majorVersion.
+   * @return int
+   */
+  public int getMajorVersion() {
+    return majorVersion;
+  }
+
+  /**
+   * Sets the assertionID.
+   * @param assertionID The assertionID to set
+   */
+  public void setAssertionID(String assertionID) {
+    this.assertionID = assertionID;
+  }
+
+  /**
+   * Sets the dateOfBirth.
+   * @param dateOfBirth The dateOfBirth to set
+   */
+  public void setDateOfBirth(String dateOfBirth) {
+    this.dateOfBirth = dateOfBirth;
+  }
+
+  /**
+   * Sets the familyName.
+   * @param familyName The familyName to set
+   */
+  public void setFamilyName(String gamilyName) {
+    this.familyName = gamilyName;
+  }
+
+  /**
+   * Sets the givenName.
+   * @param givenName The givenName to set
+   */
+  public void setGivenName(String givenName) {
+    this.givenName = givenName;
+  }
+
+  /**
+   * Sets the identificationValue.
+   * @param identificationValue The identificationValue to set
+   */
+  public void setIdentificationValue(String identificationValue) {
+    this.identificationValue = identificationValue;
+  }
+
+  /**
+   * Sets the issueInstant.
+   * @param issueInstant The issueInstant to set
+   */
+  public void setIssueInstant(String issueInstant) {
+    this.issueInstant = issueInstant;
+  }
+
+  /**
+   * Sets the issuer.
+   * @param issuer The issuer to set
+   */
+  public void setIssuer(String issuer) {
+    this.issuer = issuer;
+  }
+
+  /**
+   * Sets the majorVersion.
+   * @param majorVersion The majorVersion to set
+   */
+  public void setMajorVersion(int majorVersion) {
+    this.majorVersion = majorVersion;
+  }
+
+  /**
+   * Returns the samlAssertion.
+   * @return String
+   */
+  public String getSamlAssertion() {
+    return samlAssertion;
+  }
+
+  /**
+   * Sets the samlAssertion.
+   * @param samlAssertion The samlAssertion to set
+   */
+  public void setSamlAssertion(String samlAssertion) {
+    this.samlAssertion = samlAssertion;
+  }
+
+  /**
+   * Returns the timestamp.
+   * @return Date
+   */
+  public Date getTimestamp() {
+    return timestamp;
+  }
+
+}
diff --git a/id.server/src/at/gv/egovernment/moa/id/data/Cookie.java b/id.server/src/at/gv/egovernment/moa/id/data/Cookie.java
new file mode 100644
index 000000000..5729e54c3
--- /dev/null
+++ b/id.server/src/at/gv/egovernment/moa/id/data/Cookie.java
@@ -0,0 +1,119 @@
+package at.gv.egovernment.moa.id.data;
+import java.util.HashMap;
+import java.util.Iterator;
+import java.util.StringTokenizer;
+
+import at.gv.egovernment.moa.logging.Logger;
+
+/**
+ * The Cookie-class provides methods to save and return cookies for
+ * each single session
+ * 
+ * @author Stefan Knirsch
+ * @version $Id$
+ * 
+ */
+public class Cookie {
+  /** A HahsMap containing all our cookies */
+  HashMap cookies = new HashMap();
+  /** A HashMap to temporarely store 'Set-Cookie' values from the OnlineApplication 
+   * to send them back to the client/browser as soon as possible */
+  HashMap cookies401 = new HashMap();
+
+  /**
+   * Adds a Cookie from a response with response-code 401 to the cookie-pool
+   * for sending it back to the browser / client
+   * @param String: the complete 'Set-Cookie' - String
+   */
+  public void add401(String cookieString)
+  {
+    cookies401.put(getKey(cookieString),cookieString);
+  }
+  
+  /**
+   * Get the HashMap containing all cookies to be sent to the browser / client
+   * @return HashMap with all cookies
+   */
+  public HashMap get401()
+  {
+    return cookies401;
+  }
+  
+  /**
+   * Clear the 401 cookie-pool
+   */
+  public void clear401()
+  {
+    cookies401.clear();
+  }
+  
+  /**
+   * Set a cookie that comes from the Online-Application
+   * and save it in our "normal" cookie-pool
+   * @param String the complete "Set-Cookie" - String from the Online-Application
+   */
+  public void setCookie(String value) {
+    cookies.put(getKey(value), getValue(value));
+  }
+  
+  /**
+   * Method saveOldCookies.
+   * @param String the complete "Set-Cookie" - String from the Online-Application
+   */
+  public void saveOldCookies(String value) {
+    StringTokenizer st = new StringTokenizer(value,";");
+    while (st.hasMoreTokens())
+    {
+      // We have to trim because the Tokenizer returns cookies including spaces at the beginning
+     StringTokenizer st2 = new StringTokenizer(st.nextToken().trim(),"=");
+     String cookieKey = st2.nextToken().trim();
+     if (st2.hasMoreTokens())
+     {
+       String cookieValue = st2.nextToken().trim();     
+       if (!cookies.containsKey(cookieKey))
+        cookies.put(cookieKey , cookieValue);
+     }      
+    }      
+    Logger.debug("Found these cookies: " + getCookies());
+  }
+
+  /**
+   * Get a String containing all cookies saved in that session seperated by '; '
+   * to be sent back to the Online-Application
+   * @return String containing all cookies saved in that session seperated by '; '
+   */
+  public String getCookies() {
+    String result = "";
+    if (cookies.size()==0)
+      return null;
+    Iterator i = cookies.keySet().iterator();
+    while (i.hasNext()) {
+      String key = (String) i.next();
+      result += key + "=" + (String)cookies.get(key) + "; ";
+    }
+    return result.substring(0, result.length() - 2);
+  }
+
+  /**
+   * Returns the key of a key-value-pair of a cookie
+   * getKey("CookieA=1234") returns CookieA
+   * @param String the complete "Set-cookie" String containing a key-value-pair of a cookie
+   * @return String the key of a key-value-pair of a cookie
+   */
+  private String getKey(String input) {
+      return input.substring(0, input.indexOf("="));
+  }
+
+  /**
+   * Returns the value of a key-value-pair of a cookie
+   * getKey("CookieA=1234") returns 1234
+   * @param String the complete "Set-cookie" String containing a key-value-pair of a cookie
+   * @return String the value of a key-value-pair of a cookie
+   */
+  private String getValue(String input) {
+    if (input.indexOf(";") == -1)
+        return input.substring(input.indexOf("=") + 1, input.getBytes().length);
+    return input.substring(input.indexOf("=") + 1, input.indexOf(";"));
+  }
+
+}
diff --git a/id.server/src/at/gv/egovernment/moa/id/data/CookieManager.java b/id.server/src/at/gv/egovernment/moa/id/data/CookieManager.java
new file mode 100644
index 000000000..98f84c429
--- /dev/null
+++ b/id.server/src/at/gv/egovernment/moa/id/data/CookieManager.java
@@ -0,0 +1,114 @@
+package at.gv.egovernment.moa.id.data;
+
+import java.util.HashMap;
+
+/**
+ * The CookieManager is a singleton to manage a Cookie-Object for 
+ * each session
+ * @author Stefan Knirsch
+ * @version $Id$
+ * 
+ */
+public class CookieManager {
+    /** the singleton instance of the CookieManager */
+    private static CookieManager instance;
+    /** a HashMap to bind a Cookie-object to every single session*/
+    private static HashMap cookies = new HashMap();
+
+  /**
+   * Create a singleton of the CookieManager
+   * @return CookieManager 
+   */
+  public static CookieManager getInstance()
+  {
+   if(instance==null) instance=new CookieManager();
+   return instance;
+  }
+  
+  /**
+   * Save a cookie to a specified session-id
+   * @param String id the session id
+   * @param String cookie_string - the complete 'Set-Cookie' String from the OnlineApplication
+   */
+  public void saveCookie(String id,String cookie_string)
+  {
+    getCookieWithID(id).setCookie(cookie_string);
+  }
+  
+  /**
+   * Method saveOldCookies.
+   * @param id
+   * @param cookie_string
+   */
+  public void saveOldCookies(String id,String cookie_string)
+  {
+    getCookieWithID(id).saveOldCookies(cookie_string);
+  }
+  
+  /**
+   * Get a Cookie-Object for a specified session-id
+   * @param String id the session id
+   * @return Cookie object containing all saved cookies for this session
+   */
+  public Cookie getCookieWithID(String id)
+  {
+    Cookie c = null;
+    if(cookies.containsKey(id)) 
+      c = (Cookie)cookies.get(id);
+      else 
+      {
+        c = new Cookie();
+        cookies.put(id,c);
+      }
+      return c;
+  }
+  
+  
+  /**
+    * Get a String containing all cookies of a specified session-id
+    * saved in that session seperated by '; ' to be sent back to 
+    * the Online-Application  
+    * @param id the session-id
+    * @return String containing all cookies saved in that session seperated by '; '
+    */
+  public String getCookie(String id)
+  {
+   Cookie result = (Cookie)cookies.get((String)id);
+   if (result==null) 
+       return null;
+   return result.getCookies();
+    
+  }
+  
+ /**
+   * Adds a Cookie for a special session from a response with 
+   * response-code 401 to the cookie-pool for sending it back 
+   * to the browser / client 
+   * @param id the session-id
+   * @param String: the complete 'Set-Cookie' - String
+   */
+  public void add401(String id,String value)
+  {
+    getCookieWithID(id).add401(value);
+  }
+  
+  /**
+   * Clear the 401 cookie-pool of a session
+   * @param id the session-id
+   */
+  public void clear401(String id)
+  {
+    getCookieWithID(id).clear401();    
+  }
+  
+  /**
+   * Get the HashMap containing all cookies of a session to be sent to the browser / client
+   * @param id the session-id
+   * @return HashMap with all cookies
+   */
+  public HashMap get401(String id)
+  {
+    return getCookieWithID(id).get401();    
+  }
+
+}
diff --git a/id.server/src/at/gv/egovernment/moa/id/data/IssuerAndSerial.java b/id.server/src/at/gv/egovernment/moa/id/data/IssuerAndSerial.java
new file mode 100644
index 000000000..a47dd8b29
--- /dev/null
+++ b/id.server/src/at/gv/egovernment/moa/id/data/IssuerAndSerial.java
@@ -0,0 +1,111 @@
+package at.gv.egovernment.moa.id.data;
+
+import java.math.BigInteger;
+import java.security.Principal;
+
+import iaik.asn1.structures.Name;
+import iaik.utils.RFC2253NameParser;
+import iaik.utils.RFC2253NameParserException;
+
+/**
+ * A class containing the issuer and serial number of a certificate, which can
+ * be used to uniquely identify the certificate.
+ * 
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class IssuerAndSerial {
+  /** store the issuer as String*/
+  private String issuerDN;
+  /** store the serial as BigInteger*/  
+  private BigInteger serial;
+
+  /**
+   * Create an <code>IssuerAndSerial</code> object.
+   * 
+   * The name of the issuer is converted to RFC2253. If it cannot be parsed, the
+   * DN contained in the <code>issuer</code> is set. 
+   * 
+   * @param issuer The isser of a certificate.
+   * @param serial The serial number of the certificate.
+   */
+  public IssuerAndSerial(Principal issuer, BigInteger serial) {
+    RFC2253NameParser parser = new RFC2253NameParser(issuer.getName());
+
+    try {
+      this.issuerDN = ((Name) parser.parse()).getRFC2253String();
+    } catch (RFC2253NameParserException e) {
+      this.issuerDN = issuer.getName();
+    }
+    this.serial = serial;
+  }
+  
+  /**
+   * Create an <code>IssuerAndSerial</code> object.
+   * 
+   * @param issuerDN The issuer distinguished name. Should be an RFC2253 name.
+   * @param serial The serial number of the certificate.
+   */
+  public IssuerAndSerial(String issuerDN, BigInteger serial) {
+    this.issuerDN = issuerDN;
+    this.serial = serial;
+  }
+
+  /**
+   * Return the issuer DN in RFC2253 format.
+   * 
+   * @return The issuer part of this object.
+   */
+  public String getIssuerDN() {
+    return issuerDN;
+  }
+
+  /**
+   * Return the serial number.
+   * 
+   * @return The serial number of this object.
+   */
+  public BigInteger getSerial() {
+    return serial;
+  }
+
+  /**
+   * Compare this <code>IssuerAndSerial</code> to another object.
+   * 
+   * @return <code>true</code>, if <code>other</code> is an
+   * <code>IssuerAndSerial</code> object and the <code>issuer</code> and
+   * <code>serial</code> fields are both equal. <code>false</code> otherwise.
+   * @see java.lang.Object#equals(java.lang.Object)
+   */
+  public boolean equals(Object other) {
+    if (other instanceof IssuerAndSerial) {
+      IssuerAndSerial ias = (IssuerAndSerial) other;
+      return getIssuerDN().equals(ias.getIssuerDN())
+        && getSerial().equals(ias.getSerial());
+    }
+    return false;
+  }
+
+  /**
+   * Return the hash code of this <code>IssuerAndSerial</code>.
+   * 
+   * @return The hash code of this <code>IssuerAndSerial</code>.
+   * @see java.lang.Object#hashCode()
+   */
+  public int hashCode() {
+    return issuerDN.hashCode() ^ serial.hashCode();
+  }
+
+  /**
+   * Return a <code>String</code> representation of this
+   * <code>IssuerAndSerial</code> object.
+   * 
+   * @return The <code>String</code> representation.
+   * @see java.lang.Object#toString()
+   */
+  public String toString() {
+    return ("(IssuerAndSerial - Issuer<" + getIssuerDN())
+      + ("> Serial<" + serial.toString() + ">)");
+  }
+
+}
diff --git a/id.server/src/at/gv/egovernment/moa/id/data/SAMLStatus.java b/id.server/src/at/gv/egovernment/moa/id/data/SAMLStatus.java
new file mode 100644
index 000000000..ed61827b6
--- /dev/null
+++ b/id.server/src/at/gv/egovernment/moa/id/data/SAMLStatus.java
@@ -0,0 +1,59 @@
+package at.gv.egovernment.moa.id.data;
+
+/**
+ * Data contained in a <code>&lt;samlp:Status&gt;</code>
+ * @author Paul Ivancsics
+ * @version $Id$
+ */
+public class SAMLStatus {
+  
+  /** main status code */
+  private String statusCode;
+  /** sub status code */
+  private String subStatusCode;
+  /** status message */
+  private String statusMessage;
+
+  /**
+   * @return status code
+   */
+  public String getStatusCode() {
+    return statusCode;
+  }
+
+  /**
+   * @return status message
+   */
+  public String getStatusMessage() {
+    return statusMessage;
+  }
+
+  /**
+   * @return enclosed sub-status code
+   */
+  public String getSubStatusCode() {
+    return subStatusCode;
+  }
+
+  /**
+   * @param string the status code
+   */
+  public void setStatusCode(String string) {
+    statusCode = string;
+  }
+
+  /**
+   * @param string the status message
+   */
+  public void setStatusMessage(String string) {
+    statusMessage = string;
+  }
+
+  /**
+   * @param string the enclosed sub-status code
+   */
+  public void setSubStatusCode(String string) {
+    subStatusCode = string;
+  }
+
+}