diff options
| author | (no author) <(no author)@d688527b-c9ab-4aba-bd8d-4036d912da1d> | 2004-06-28 20:46:16 +0000 |
|---|---|---|
| committer | (no author) <(no author)@d688527b-c9ab-4aba-bd8d-4036d912da1d> | 2004-06-28 20:46:16 +0000 |
| commit | a5694b6491307efb55893ac7ea61920b48d8c9cc (patch) | |
| tree | 8f601119d277a90bbddae005d8fc02272dde01e3 /id.server/src/at/gv/egovernment/moa/id/proxy | |
| parent | 4dd1877ef3771633e096509dae7b8c99fee9ce4b (diff) | |
| download | moa-id-spss-a5694b6491307efb55893ac7ea61920b48d8c9cc.tar.gz moa-id-spss-a5694b6491307efb55893ac7ea61920b48d8c9cc.tar.bz2 moa-id-spss-a5694b6491307efb55893ac7ea61920b48d8c9cc.zip | |
This commit was manufactured by cvs2svn to create tagtags/Root_proxy_parameter_ordering_projekt
'Root_proxy_parameter_ordering_projekt'.
git-svn-id: https://joinup.ec.europa.eu/svn/moa-idspss/tags/Root_proxy_parameter_ordering_projekt@146 d688527b-c9ab-4aba-bd8d-4036d912da1d
Diffstat (limited to 'id.server/src/at/gv/egovernment/moa/id/proxy')
15 files changed, 0 insertions, 1659 deletions
diff --git a/id.server/src/at/gv/egovernment/moa/id/proxy/ConnectionBuilder.java b/id.server/src/at/gv/egovernment/moa/id/proxy/ConnectionBuilder.java deleted file mode 100644 index 8039b67a6..000000000 --- a/id.server/src/at/gv/egovernment/moa/id/proxy/ConnectionBuilder.java +++ /dev/null @@ -1,54 +0,0 @@ -package at.gv.egovernment.moa.id.proxy; - -import java.io.IOException; -import java.net.HttpURLConnection; -import java.util.Map; - -import javax.net.ssl.SSLSocketFactory; -import javax.servlet.http.HttpServletRequest; - -/** - * Builder for {@link java.net.URLConnection} objects used to forward requests - * to the remote online application. - * - * @author Paul Ivancsics - * @version $Id$ - */ - -public interface ConnectionBuilder { - - /** - * Builds an HttpURLConnection to a {@link java.net.URL} which is derived - * from an {@link HttpServletRequest} URL, by substitution of a - * public URL prefix for the real URL prefix.<br> - * The HttpURLConnection has been created by {@link java.net.URL#openConnection}, but - * it has not yet been connected to by {@link java.net.URLConnection#connect}.<br> - * The field settings of the HttpURLConnection are: - * <ul> - * <li><code>allowUserInteraction = false</code></li> - * <li><code>doInput = true</code></li> - * <li><code>doOutput = true</code></li> - * <li><code>requestMethod = request.getMethod()</code></li> - * <li><code>useCaches = false</code></li> - * </ul> - * - * @param request the incoming request which shall be forwarded - * @param publicURLPrefix the public URL prefix to be substituted by the real URL prefix - * @param realURLPrefix the URL prefix to substitute the public URL prefix - * @param sslSocketFactory factory to be used for creating an SSL socket in case - * of a URL for scheme <code>"https:"</code>; - * <br>if <code>null</code>, the default SSL socket factory would be used - * @param parameters parameters to be forwarded - * @return a URLConnection created by {@link java.net.URL#openConnection}, connecting to - * the requested URL with <code>publicURLPrefix</code> substituted by <code>realURLPrefix</code> - * @throws IOException if an I/O exception occurs during opening the connection - * @see java.net.URL#openConnection() - * @see com.sun.net.ssl.HttpsURLConnection#getDefaultSSLSocketFactory() - */ - public HttpURLConnection buildConnection( - HttpServletRequest request, - String publicURLPrefix, - String realURLPrefix, - SSLSocketFactory sslSocketFactory, - Map parameters) throws IOException; -} diff --git a/id.server/src/at/gv/egovernment/moa/id/proxy/ConnectionBuilderFactory.java b/id.server/src/at/gv/egovernment/moa/id/proxy/ConnectionBuilderFactory.java deleted file mode 100644 index ff7787839..000000000 --- a/id.server/src/at/gv/egovernment/moa/id/proxy/ConnectionBuilderFactory.java +++ /dev/null @@ -1,68 +0,0 @@ -package at.gv.egovernment.moa.id.proxy; - -import java.util.HashMap; -import java.util.Map; - -import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.proxy.OAProxyParameter; -import at.gv.egovernment.moa.id.config.proxy.ProxyConfigurationProvider; - -/** - * Factory delivering a {@link ConnectionBuilder} implementation for - * an online application, initialized from configuration data. - * @author Paul Ivancsics - * @version $Id$ - */ -public class ConnectionBuilderFactory { - - /** default connection builder to be used for online application - * where no special implementation of the <code>ConnectionBuilder</code> - * interface is configured - */ - private static ConnectionBuilder defaultConnectionBuilder; - /** mapping from online application public URL prefix to an implementation - * of the <code>ConnectionBuilder</code> interface to be used; - * if no mapping is given for an online application, the - * <code>DefaultConnectionBuilder</code> will be used */ - private static Map connectionBuilderMap; - - /** - * Initializes the <code>ConnectionBuilder</code> map from the configuration data. - * @throws ConfigurationException when the configuration cannot be read, - * or when a class name configured cannot be instantiated - */ - public static void initialize() throws ConfigurationException { - defaultConnectionBuilder = new DefaultConnectionBuilder(); - connectionBuilderMap = new HashMap(); - ProxyConfigurationProvider proxyConf = ProxyConfigurationProvider.getInstance(); - for (int i = 0; i < proxyConf.getOnlineApplicationParameters().length; i++) { - OAProxyParameter oaParam = proxyConf.getOnlineApplicationParameters()[i]; - String publicURLPrefix = oaParam.getPublicURLPrefix(); - String className = oaParam.getConnectionBuilderImpl(); - if (className != null) { - try { - ConnectionBuilder cb = (ConnectionBuilder)Class.forName(className).newInstance(); - connectionBuilderMap.put(publicURLPrefix, cb); - } - catch (Throwable ex) { - throw new ConfigurationException("config.07", new Object[] {publicURLPrefix}, ex); - } - } - } - } - - /** - * Gets the <code>ConnectionBuilder</code> implementation to be used for the given - * online application. - * @param publicURLPrefix public URL prefix of the online application - * @return <code>ConnectionBuilder</code> implementation - */ - public static ConnectionBuilder getConnectionBuilder(String publicURLPrefix) { - ConnectionBuilder cb = (ConnectionBuilder) connectionBuilderMap.get(publicURLPrefix); - if (cb == null) - return defaultConnectionBuilder; - else - return cb; - } - -} diff --git a/id.server/src/at/gv/egovernment/moa/id/proxy/LoginParameterResolver.java b/id.server/src/at/gv/egovernment/moa/id/proxy/LoginParameterResolver.java deleted file mode 100644 index f43bbd9e4..000000000 --- a/id.server/src/at/gv/egovernment/moa/id/proxy/LoginParameterResolver.java +++ /dev/null @@ -1,76 +0,0 @@ -package at.gv.egovernment.moa.id.proxy; - -import java.util.Map; - -import at.gv.egovernment.moa.id.config.proxy.OAConfiguration; -import at.gv.egovernment.moa.id.data.AuthenticationData; - -/** - * Determines authentication parameters and headers to be added to a {@link java.net.URLConnection} - * to the remote online application. - * Utilizes {@link OAConfiguration} and {@link AuthenticationData}. - * - * @author Paul Ivancsics - * @version $Id$ - */ -public interface LoginParameterResolver { - - /** Constants used in <code>MOAIDConfiguration-1.2.xsd</code>, type <code>MOAAuthDataType</code>, - * naming predicates used by the <code>LoginParameterResolver</code>. */ - public static final String MOAGivenName = "MOAGivenName"; - /** Constant used in <code>MOAIDConfiguration-1.2.xsd</code>, type <code>MOAAuthDataType</code> */ - public static final String MOAFamilyName = "MOAFamilyName"; - /** Constant used in <code>MOAIDConfiguration-1.2.xsd</code>, type <code>MOAAuthDataType</code> */ - public static final String MOADateOfBirth = "MOADateOfBirth"; - /** Constant used in <code>MOAIDConfiguration-1.2.xsd</code>, type <code>MOAAuthDataType</code> */ - public static final String MOABPK = "MOABPK"; - /** Constant used in <code>MOAIDConfiguration-1.2.xsd</code>, type <code>MOAAuthDataType</code> */ - public static final String MOAPublicAuthority = "MOAPublicAuthority"; - /** Constant used in <code>MOAIDConfiguration-1.2.xsd</code>, type <code>MOAAuthDataType</code> */ - public static final String MOABKZ = "MOABKZ"; - /** Constant used in <code>MOAIDConfiguration-1.2.xsd</code>, type <code>MOAAuthDataType</code> */ - public static final String MOAQualifiedCertificate = "MOAQualifiedCertificate"; - /** Constant used in <code>MOAIDConfiguration-1.2.xsd</code>, type <code>MOAAuthDataType</code> */ - public static final String MOAStammzahl = "MOAStammzahl"; - /** Constant used in <code>MOAIDConfiguration-1.2.xsd</code>, type <code>MOAAuthDataType</code> */ - public static final String MOAIdentificationValueType = "MOAIdentificationValueType"; - /** Constant used in <code>MOAIDConfiguration-1.2.xsd</code>, type <code>MOAAuthDataType</code> */ - public static final String MOAIPAddress = "MOAIPAddress"; - - /** - * Returns authentication headers to be added to a URLConnection. - * - * @param oaConf configuration data - * @param authData authentication data - * @param clientIPAddress client IP address - * @return A map, the keys being header names and values being corresponding header values. - * <br>In case of authentication type <code>"basic-auth"</code>, header fields - * <code>username</code> and <code>password</code>. - * <br>In case of authentication type <code>"header-auth"</code>, header fields - * derived from parameter mapping and authentication data provided. - * <br>Otherwise, an empty map. - */ - public Map getAuthenticationHeaders( - OAConfiguration oaConf, - AuthenticationData authData, - String clientIPAddress) throws LoginParameterResolverException, NotAllowedException; - - /** - * Returns request parameters to be added to a URLConnection. - * - * @param oaConf configuration data - * @param authData authentication data - * @param clientIPAddress client IP address - * @return A map, the keys being parameter names and values being corresponding parameter values. - * <br>In case of authentication type <code>"param-auth"</code>, parameters - * derived from parameter mapping and authentication data provided. - * <br>Otherwise, an empty map. - */ - public Map getAuthenticationParameters( - OAConfiguration oaConf, - AuthenticationData authData, - String clientIPAddress) throws LoginParameterResolverException, NotAllowedException; - - public void configure(String configuration) throws LoginParameterResolverException; - -} diff --git a/id.server/src/at/gv/egovernment/moa/id/proxy/LoginParameterResolverException.java b/id.server/src/at/gv/egovernment/moa/id/proxy/LoginParameterResolverException.java deleted file mode 100644 index 3aa2368bf..000000000 --- a/id.server/src/at/gv/egovernment/moa/id/proxy/LoginParameterResolverException.java +++ /dev/null @@ -1,37 +0,0 @@ -package at.gv.egovernment.moa.id.proxy; - -import at.gv.egovernment.moa.id.MOAIDException; - -/** - * Exception thrown while proxying a request to the online application - * - * @author Rudolf Schamberger - * @version $Id$ - */ -public class LoginParameterResolverException extends MOAIDException { - - /** - * Constructor for LoginParameterResolverException. - * @param messageId - * @param parameters - */ - public LoginParameterResolverException( - String messageId, - Object[] parameters) { - super(messageId, parameters); - } - - /** - * Constructor for LoginParameterResolverException. - * @param messageId - * @param parameters - * @param wrapped - */ - public LoginParameterResolverException( - String messageId, - Object[] parameters, - Throwable wrapped) { - super(messageId, parameters, wrapped); - } - -} diff --git a/id.server/src/at/gv/egovernment/moa/id/proxy/LoginParameterResolverFactory.java b/id.server/src/at/gv/egovernment/moa/id/proxy/LoginParameterResolverFactory.java deleted file mode 100644 index 856afe74c..000000000 --- a/id.server/src/at/gv/egovernment/moa/id/proxy/LoginParameterResolverFactory.java +++ /dev/null @@ -1,83 +0,0 @@ -package at.gv.egovernment.moa.id.proxy; - -import java.lang.reflect.InvocationTargetException; -import java.lang.reflect.Method; -import java.util.HashMap; -import java.util.Map; - -import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.proxy.OAProxyParameter; -import at.gv.egovernment.moa.id.config.proxy.ProxyConfigurationProvider; - -/** - * Factory delivering a {@link LoginParameterResolver} implementation for - * an online application, initialized from configuration data. - * @author Paul Ivancsics - * @version $Id$ - */ -public class LoginParameterResolverFactory { - - /** default login parameter resolver to be used for online application - * where no special implementation of the <code>LoginParameterResolver</code> - * interface is configured - */ - private static LoginParameterResolver defaultLoginParameterResolver; - /** mapping from online application public URL prefix to an implementation - * of the <code>LoginParameterResolver</code> interface to be used; - * if no mapping is given for an online application, the - * <code>DefaultLoginParameterResolver</code> will be used */ - private static Map loginParameterResolverMap; - - /** - * Initializes the <code>LoginParameterResolver</code> map from the configuration data. - * @throws ConfigurationException when the configuration cannot be read, - * or when a class name configured cannot be instantiated - */ - public static void initialize() throws ConfigurationException { - defaultLoginParameterResolver = new DefaultLoginParameterResolver(); - loginParameterResolverMap = new HashMap(); - ProxyConfigurationProvider proxyConf = ProxyConfigurationProvider.getInstance(); - for (int i = 0; i < proxyConf.getOnlineApplicationParameters().length; i++) { - OAProxyParameter oaParam = proxyConf.getOnlineApplicationParameters()[i]; - String publicURLPrefix = oaParam.getPublicURLPrefix(); - String className = oaParam.getLoginParameterResolverImpl(); - String configuration = oaParam.getLoginParameterResolverConfiguration(); - - if (className != null) { - try { - Class lprClass = Class.forName(className); - LoginParameterResolver lpr = (LoginParameterResolver)Class.forName(className).newInstance(); - - Class[] argumentTypes = { String.class }; - Method confMethod = lprClass.getMethod( "configure", argumentTypes ); - - Object[] arguments = { new String(configuration) }; - confMethod.invoke( lpr, arguments ); - - loginParameterResolverMap.put(publicURLPrefix, lpr); - } - catch (InvocationTargetException lpex) { - throw new ConfigurationException("config.11", new Object[] {className}, lpex); - } - catch (Throwable ex) { - throw new ConfigurationException("config.07", new Object[] {publicURLPrefix}, ex); - } - } - } - } - - /** - * Gets the <code>LoginParameterResolver</code> implementation to be used for the given - * online application. - * @param publicURLPrefix public URL prefix of the online application - * @return <code>LoginParameterResolver</code> implementation - */ - public static LoginParameterResolver getLoginParameterResolver(String publicURLPrefix) { - LoginParameterResolver lpr = (LoginParameterResolver) loginParameterResolverMap.get(publicURLPrefix); - if (lpr == null) - return defaultLoginParameterResolver; - else - return lpr; - } - -} diff --git a/id.server/src/at/gv/egovernment/moa/id/proxy/MOAIDProxyInitializer.java b/id.server/src/at/gv/egovernment/moa/id/proxy/MOAIDProxyInitializer.java deleted file mode 100644 index da5d36678..000000000 --- a/id.server/src/at/gv/egovernment/moa/id/proxy/MOAIDProxyInitializer.java +++ /dev/null @@ -1,91 +0,0 @@ -package at.gv.egovernment.moa.id.proxy; - -import iaik.pki.PKIException; -import iaik.pki.jsse.IAIKX509TrustManager; - -import java.io.IOException; -import java.security.GeneralSecurityException; - -import javax.net.ssl.SSLSocketFactory; - -import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.ConnectionParameter; -import at.gv.egovernment.moa.id.config.proxy.OAProxyParameter; -import at.gv.egovernment.moa.id.config.proxy.ProxyConfigurationProvider; -import at.gv.egovernment.moa.id.iaik.config.LoggerConfigImpl; -import at.gv.egovernment.moa.id.util.AxisSecureSocketFactory; -import at.gv.egovernment.moa.id.util.MOAIDMessageProvider; -import at.gv.egovernment.moa.id.util.SSLUtils; -import at.gv.egovernment.moa.logging.Logger; - -/** - * Web application initializer - * - * @author Paul Ivancsics - * @version $Id$ - */ -public class MOAIDProxyInitializer { - - /** - * Initializes the web application components which need initialization: - * logging, JSSE, MOA-ID Auth configuration, Axis, session cleaner. - */ - public static void initialize() - throws ConfigurationException, IOException, GeneralSecurityException, PKIException { - - Logger.setHierarchy("moa.id.proxy"); - - // Restricts TLS cipher suites - System.setProperty("https.cipherSuites", "SSL_RSA_WITH_RC4_128_SHA,SSL_RSA_WITH_RC4_128_MD5,SSL_RSA_WITH_3DES_EDE_CBC_SHA"); - - // load some jsse classes so that the integrity of the jars can be verified - // before the iaik jce is installed as the security provider - // this workaround is only needed when sun jsse is used in conjunction with - // iaik-jce (on jdk1.3) - ClassLoader cl = MOAIDProxyInitializer.class.getClassLoader(); - try { - cl.loadClass("javax.security.cert.Certificate"); // from jcert.jar - } - catch (ClassNotFoundException e) { - Logger.warn(MOAIDMessageProvider.getInstance().getMessage("init.01", null), e); - } - - // Initializes the SSLSocketFactory store - SSLUtils.initialize(); - - // Initializes IAIKX509TrustManager logging - String log4jConfigURL = System.getProperty("log4j.configuration"); - if (log4jConfigURL != null) { - IAIKX509TrustManager.initLog(new LoggerConfigImpl(log4jConfigURL)); - } - - // Loads the configuration - ProxyConfigurationProvider proxyConf = ProxyConfigurationProvider.reload(); - - // Initializes the Axis secure socket factory for use in calling the MOA-Auth web service, - // using configuration data - ConnectionParameter connParamAuth = proxyConf.getAuthComponentConnectionParameter(); - if (connParamAuth.isHTTPSURL()) { - SSLSocketFactory ssf = SSLUtils.getSSLSocketFactory(proxyConf, connParamAuth); - AxisSecureSocketFactory.initialize(ssf); - } - - // Initializes the Axis secure socket factories for use in calling the online applications, - // using configuration data - OAProxyParameter[] oaParams = proxyConf.getOnlineApplicationParameters(); - for (int i = 0; i < oaParams.length; i++) { - OAProxyParameter oaParam = oaParams[i]; - ConnectionParameter oaConnParam = oaParam.getConnectionParameter(); - if (oaConnParam.isHTTPSURL()) - SSLUtils.getSSLSocketFactory(proxyConf, oaConnParam); - } - - // Initializes the ConnectionBuilderFactory from configuration data - ConnectionBuilderFactory.initialize(); - - // Initializes the LoginParameterResolverFactory from configuration data - LoginParameterResolverFactory.initialize(); - - } - -} diff --git a/id.server/src/at/gv/egovernment/moa/id/proxy/NotAllowedException.java b/id.server/src/at/gv/egovernment/moa/id/proxy/NotAllowedException.java deleted file mode 100644 index 849160a7b..000000000 --- a/id.server/src/at/gv/egovernment/moa/id/proxy/NotAllowedException.java +++ /dev/null @@ -1,39 +0,0 @@ -package at.gv.egovernment.moa.id.proxy; - -import at.gv.egovernment.moa.id.MOAIDException; - -/** - * Exception thrown while proxying a request to the online application - * Reason for this exception: the dedicated LoginParameterResolver does - * not allow access to the desired ressource. - * - * @author Rudolf Schamberger - * @version $Id$ - */ -public class NotAllowedException extends MOAIDException { - - /** - * Constructor for NotAllowedException. - * @param messageId - * @param parameters - */ - public NotAllowedException( - String messageId, - Object[] parameters) { - super(messageId, parameters); - } - - /** - * Constructor for NotAllowedException. - * @param messageId - * @param parameters - * @param wrapped - */ - public NotAllowedException( - String messageId, - Object[] parameters, - Throwable wrapped) { - super(messageId, parameters, wrapped); - } - -} diff --git a/id.server/src/at/gv/egovernment/moa/id/proxy/WebmailLoginParameterResolver.class b/id.server/src/at/gv/egovernment/moa/id/proxy/WebmailLoginParameterResolver.class Binary files differdeleted file mode 100644 index 49200265a..000000000 --- a/id.server/src/at/gv/egovernment/moa/id/proxy/WebmailLoginParameterResolver.class +++ /dev/null diff --git a/id.server/src/at/gv/egovernment/moa/id/proxy/XMLLoginParameterResolverEncryptedData.java b/id.server/src/at/gv/egovernment/moa/id/proxy/XMLLoginParameterResolverEncryptedData.java deleted file mode 100644 index 8a93148bb..000000000 --- a/id.server/src/at/gv/egovernment/moa/id/proxy/XMLLoginParameterResolverEncryptedData.java +++ /dev/null @@ -1,655 +0,0 @@ -package at.gv.egovernment.moa.id.proxy; - -import iaik.security.provider.IAIK; - -import java.io.BufferedInputStream; -import java.io.File; -import java.io.FileInputStream; -import java.io.InputStream; -import java.io.UnsupportedEncodingException; - -import javax.crypto.Cipher; -import javax.crypto.BadPaddingException; -import javax.crypto.IllegalBlockSizeException; -import javax.crypto.NoSuchPaddingException; -import javax.crypto.spec.IvParameterSpec; - -import java.security.InvalidAlgorithmParameterException; -import java.security.Key; -import java.security.InvalidKeyException; -import java.security.NoSuchAlgorithmException; -import java.security.NoSuchProviderException; -import java.security.Security; - - - -import at.gv.egovernment.moa.id.config.proxy.OAConfiguration; -import at.gv.egovernment.moa.id.data.AuthenticationData; -import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.util.Base64Utils; -import at.gv.egovernment.moa.util.Constants; -import at.gv.egovernment.moa.util.DOMUtils; -import at.gv.egovernment.moa.util.FileUtils; -import at.gv.egovernment.moa.util.URLEncoder; -import at.gv.egovernment.moa.id.config.ConfigurationProvider; - -import java.io.IOException; -import java.util.*; - -import javax.xml.parsers.ParserConfigurationException; -import org.w3c.dom.*; -import org.xml.sax.SAXException; - -/** - * XMLLoginParameterResolver an implementation of implementation of interface - * <code>LoginParameterResolver</code> - * This implementation used to map identities stored in an XML file to parameters - * which are given to OAs. - * - * @author Rudolf Schamberger - * @version $Id$ - */ -public class XMLLoginParameterResolverEncryptedData implements LoginParameterResolver { - - //file which is parsed and interpreted for paremeter resolving. - private String identityFile; - - private Cipher blowfishCipher; - private Key key; - /** - * inner class used to store mapped parameters - */ - class LPRParams { - - /** - * getter method for parameter Enabled. - * Parameter Enabled decides if mapped parameters should be used by XMLLoginParameterResolver - */ - public boolean getEnabled() { - return enabled.booleanValue(); - } - - /** - * getter method for parameter UN (username) - * @return Parameter UN or <code>null</code> not set. - */ - public String getUN() { - return UN; - } - - /** - * getter method for parameter UN (username) - * @return Parameter UN or <code>null</code> not set. - */ - //TODO XMLLPR decrypt - public String getPlainUN() { - //Security.addProvider(); - - - return UN; - } - - - /** - * getter method for parameter PW (password) - * @return Parameter PW or <code>null</code> not set. - */ - public String getPW() { - return PW; - } - - /** - * getter method for generic parameter Param1 - * @return Parameter Param1 or <code>null</code> not set. - */ - public String getParam1() { - return Param1; - } - - /** - * getter method for generic parameter Param2 - * @return Parameter Param2 or <code>null</code> not set. - */ - public String getParam2() { - return Param2; - } - - /** - * getter method for generic parameter Param3 - * @return Parameter Param3 or <code>null</code> not set. - */ - public String getParam3() { - return Param3; - } - - /** - * Returns a string representation of LPRParams - * - * @return a <code>String</code> representation of this object. - * @see XMLLoginParameterResolver.LPRParams - */ - public String toString() { - return "Enabled: " - + enabled.toString() - + "UN: '" - + UN - + "' PW: '" - + PW - + "' Param1: '" - + Param1 - + "' Param2: '" - + Param2 - + "' Param3: '" - + Param3 - + "'\n"; - } - - //private member variables used to store the parameters - private Boolean enabled = null; - private String UN = null; - private String PW = null; - private String Param1 = null; - private String Param2 = null; - private String Param3 = null; - - /** - * Constructs a newly allocated <code>XMLLoginParameterResolver.LPRParams</code> object. - * - * @param enabled enable user mapping to parameter set for the parameter set. - * @param UN username used in HTTP 401 - BasicAuthentication - * @param PW password used in HTTP 401 - BasicAuthentication - * @param Param1 generic parameter1 used in HeaderAuthentication and ParameterAuthentication - * @param Param2 generic parameter2 used in HeaderAuthentication and ParameterAuthentication - * @param Param3 generic parameter3 used in HeaderAuthentication and ParameterAuthentication - **/ - LPRParams(boolean enabled, String UN, String PW, String Param1, String Param2, String Param3) { - this.enabled = new Boolean(enabled); - this.UN = UN; - this.PW = PW; - this.Param1 = Param1; - this.Param1 = Param2; - this.Param1 = Param3; - } - - /** - * Constructs a newly allocated <code>XMLLoginParameterResolver.LPRParams</code> object. - * - * @param enabled enable user mapping to parameter set for the parameter set. - * @param UN username used in HTTP 401 - BasicAuthentication - * @param PW password used in HTTP 401 - BasicAuthentication - **/ - LPRParams(boolean enabled, String UN, String PW) { - this(enabled, UN, PW, null, null, null); - } - } - - /** - * Constructs a newly allocated <code>XMLLoginParameterResolver</code> object. - **/ - public XMLLoginParameterResolverEncryptedData() { - bPKMap = new HashMap(); - namedMap = new HashMap(); - } - - /** - * configuration method - * @param configuration enabled enable user mapping to parameter set for the parameter set. - */ - public void configure(String configuration) throws LoginParameterResolverException { - File idFile; - Element rootElement; - - Security.addProvider(new IAIK()); - try { - blowfishCipher = Cipher.getInstance("Blowfish/CBC/PKCS5Padding", "IAIK"); - - } catch (NoSuchPaddingException e) { - throw new LoginParameterResolverException("config.11", - new Object[] { "XMLLoginParameterResolver: NoSuchPaddingException \n" + e.toString()}); - } catch (NoSuchProviderException e) { - throw new LoginParameterResolverException("config.11", - new Object[] { "XMLLoginParameterResolver: NoSuchProviderException \n" + e.toString()}); - } catch (NoSuchAlgorithmException e) { - throw new LoginParameterResolverException("config.11", - new Object[] { "XMLLoginParameterResolver: NoSuchAlgorithmException \n" + e.toString()}); - } - - String plaintext = "start"; - String encrypted = encryptData(plaintext, "1234567890123456", "123hochgeheim"); - String decrypted = decryptData(encrypted, "1234567890123456", "123hochgeheim"); - Logger.debug("plaintext: " + plaintext); - Logger.debug("encrypted: " + encrypted); - Logger.debug("decrypted: " + decrypted); - - //make file name absolut (if it is relative to main config file) - //TODO MOAID XMLLPR check - String moaIDConfigFileName = System.getProperty(ConfigurationProvider.CONFIG_PROPERTY_NAME); - String rootConfigFileDir = new File(moaIDConfigFileName).getParent(); - this.identityFile = FileUtils.makeAbsoluteURL(configuration, rootConfigFileDir); - - if (null == identityFile || false == (idFile = new File(identityFile)).canRead()) { - throw new LoginParameterResolverException("config.11", - new Object[] { "XMLLoginParameterResolver: could not read '" + identityFile + "' " }); - } - try { - rootElement = readXMLFile(identityFile); - } catch (IOException lex) { - Logger.error(lex.toString()); - throw new LoginParameterResolverException("config.11", - new Object[] { "XMLLoginParameterResolver: could not read '" + identityFile + "' " }); - - } catch (SAXException sex) { - Logger.error(sex.toString()); - throw new LoginParameterResolverException("config.11", - new Object[] { "XMLLoginParameterResolver: parsing problem in file:'" + identityFile + "' ", sex.toString() }); - } catch (ParserConfigurationException e) { - // TODO XMLPR Auto-generated catch block - Logger.error(e.toString()); - throw new LoginParameterResolverException("config.11", - new Object[] { "XMLLoginParameterResolver: parsing problem in file:'" + identityFile + "' ", e.toString() }); - } - buildInfo(rootElement); - isConfigured = true; - } - - /** - * encryptData method uses parameters masterSecret and bPK as key information to encrypt plaintext - * @param plaintext - * @param bPK - * @param masterSecret - * @returns encrypted data (blowfish encrypted, base64 encoded) - * @throws LoginParameterResolverException - */ - public String encryptData(String plaintext, String bPK, String masterSecret) throws LoginParameterResolverException - { - try { - String keyString = bPK + masterSecret; - key = new iaik.security.cipher.SecretKey(keyString.getBytes("UTF-8"), "Blowfish"); - IvParameterSpec param = new IvParameterSpec(new byte [] {0,0,0,0,0,0,0,0}); - - blowfishCipher.init(Cipher.ENCRYPT_MODE, key, param); - byte [] cipherText = blowfishCipher.doFinal(plaintext.getBytes("UTF-8")); - return Base64Utils.encode(cipherText); - } catch (UnsupportedEncodingException e) { - throw new LoginParameterResolverException("config.14", new Object [] {"Blowfish: " + e.toString()}); - } catch (InvalidKeyException e) { - throw new LoginParameterResolverException("config.14", new Object [] {"Blowfish: " + e.toString()}); - } catch (BadPaddingException e) { - throw new LoginParameterResolverException("config.14", new Object [] {"Blowfish: " + e.toString()}); - } catch (IllegalBlockSizeException e) { - throw new LoginParameterResolverException("config.14", new Object [] {"Blowfish: " + e.toString()}); - } catch (IllegalStateException e) { - throw new LoginParameterResolverException("config.14", new Object [] {"Blowfish: " + e.toString()}); - } catch (InvalidAlgorithmParameterException e) { - throw new LoginParameterResolverException("config.14", new Object [] {"Blowfish: " + e.toString()}); - } catch (IOException e) { - throw new LoginParameterResolverException("config.14", new Object [] {"Blowfish: " + e.toString()}); - } - } - - - /** - * encryptData method uses parameters masterSecret and bPK as key information to decrypt ciphertext - * @param ciphertext (blowfish encrypted, base64encoded) - * @param bPK - * @param masterSecret - * @returns decrypted Data (plaintext) - * @throws LoginParameterResolverException - */ - public String decryptData(String ciphertext, String bPK, String masterSecret) throws LoginParameterResolverException - { - try { - String keyString = bPK + masterSecret; - key = new iaik.security.cipher.SecretKey(keyString.getBytes("UTF-8"), "Blowfish"); - IvParameterSpec param = new IvParameterSpec(new byte [] {0,0,0,0,0,0,0,0}); - blowfishCipher.init(Cipher.DECRYPT_MODE, key, param); - byte [] plaintext = blowfishCipher.doFinal(Base64Utils.decode(ciphertext, true)); - return new String(plaintext); - } catch (UnsupportedEncodingException e) { - throw new LoginParameterResolverException("config.14", new Object [] {"Blowfish: " + e.toString()}); - } catch (InvalidKeyException e) { - throw new LoginParameterResolverException("config.14", new Object [] {"Blowfish: " + e.toString()}); - } catch (BadPaddingException e) { - throw new LoginParameterResolverException("config.14", new Object [] {"Blowfish: " + e.toString()}); - } catch (IllegalBlockSizeException e) { - throw new LoginParameterResolverException("config.14", new Object [] {"Blowfish: " + e.toString()}); - } catch (IllegalStateException e) { - throw new LoginParameterResolverException("config.14", new Object [] {"Blowfish: " + e.toString()}); - } catch (InvalidAlgorithmParameterException e) { - throw new LoginParameterResolverException("config.14", new Object [] {"Blowfish: " + e.toString()}); - } catch (IOException e) { - throw new LoginParameterResolverException("config.14", new Object [] {"Blowfish: " + e.toString()}); - } - } - - - - /** - * @see at.gv.egovernment.moa.id.proxy.LoginParameterResolver#getAuthenticationHeaders(at.gv.egovernment.moa.id.config.proxy.OAConfiguration, at.gv.egovernment.moa.id.auth.data.AuthenticationData, java.lang.String) - */ - public Map getAuthenticationHeaders( - OAConfiguration oaConf, - AuthenticationData authData, - String clientIPAddress) throws LoginParameterResolverException, NotAllowedException { - Map result = new HashMap(); - - if (!isConfigured) { - //TODO XMLLPR - throw new LoginParameterResolverException("XMLLoginParameterResolver with configuration '" + - identityFile + "' is not configured!", null); - } - - //get the Identity of the user - String famName = resolveValue("MOAFamilyName", authData, clientIPAddress); - String givenName = resolveValue("MOAGivenName", authData, clientIPAddress); - String dateOfBirth = resolveValue("MOADateOfBirth", authData, clientIPAddress); - String bPK = resolveValue("MOABPK", authData, clientIPAddress); - String userid = ""; - String password = ""; - LPRParams params = null; - boolean userFound = false; - - //try bPK and named search - params = bPKIdentitySearch(bPK); - - if (null == params) - params = namedIdentitySearch(famName, givenName, dateOfBirth); - - //if both searches failed, report error. - if(null == params) - throw new NotAllowedException("User:_bPK:'" +bPK+ ", " + famName + ", " + givenName + "' not authorized.", null); - - //HTTP 401 - Basic Authentication - if (oaConf.getAuthType().equals("basic")) { - userid = (null != params.getUN()) ? params.getUN() : ""; - password = (null != params.getPW()) ? params.getPW() : ""; - - try { - String userIDPassword = userid + ":" + password; - String credentials = Base64Utils.encode(userIDPassword.getBytes("UTF-8")); - Logger.debug("XMLLoginParameterResolver: calculated credentials: " + credentials); - result.put("Authorization", "Basic " + credentials); - } catch (IOException ignore) { - throw new LoginParameterResolverException("config.14", new Object[] {"internal error while encoding in Base64"}); - } - } else if (oaConf.getAuthType().equals("header")) { //HTTP Authentication - String key; - String resolvedValue; - //TODO MOAID XMLLPR select value through OA-ConfigFile; - if(null != params.getUN()) result.put("UN", params.getUN()); - if(null != params.getPW()) result.put("UN", params.getPW()); - if(null != params.getParam1()) result.put("UN", params.getParam1()); - if(null != params.getParam2()) result.put("UN", params.getParam2()); - if(null != params.getParam3()) result.put("UN", params.getParam3()); - - } else { - throw new LoginParameterResolverException("config.14", new Object[] {"AuthType not supported"}); - } - - return result; - } - - /** - * @see at.gv.egovernment.moa.id.proxy.LoginParameterResolver#getAuthenticationParameters(at.gv.egovernment.moa.id.config.proxy.OAConfiguration, at.gv.egovernment.moa.id.auth.data.AuthenticationData, java.lang.String) - */ - public Map getAuthenticationParameters( - OAConfiguration oaConf, - AuthenticationData authData, - String clientIPAddress) throws LoginParameterResolverException, NotAllowedException { - - Map result = new HashMap(); - - if (!isConfigured) { - Logger.warn("XMLLoginParameterResolver with configuration '" + identityFile + " is not configured"); - return result; - } - - String famName = resolveValue("MOAFamilyName", authData, clientIPAddress); - String givenName = resolveValue("MOAGivenName", authData, clientIPAddress); - String dateOfBirth = resolveValue("MOADateOfBirth", authData, clientIPAddress); - String bPK = resolveValue("MOABPK", authData, clientIPAddress); - String userid = ""; - String password = ""; - LPRParams params = null; - - //try bPK and named search - params = bPKIdentitySearch(bPK); - - if (null == params) - params = namedIdentitySearch(famName, givenName, dateOfBirth); - - //if both searches failed, report error. - if(null == params) - throw new NotAllowedException("User:_bPK:'" +bPK+ ", " + famName + ", " + givenName + "' not authorized.", null); - - //TODO MOAID XMLLPR URLEncoder.encode - if (oaConf.getAuthType().equals("param")) { - try { - if(null != params.getUN()) result.put(XSD_UNATTR, URLEncoder.encode(params.getUN(),"ISO-8859-1")); - if(null != params.getPW()) result.put(XSD_PWATTR, URLEncoder.encode(params.getPW(),"ISO-8859-1")); - if(null != params.getParam1()) result.put(XSD_PARAM1ATTR, URLEncoder.encode(params.getParam1(),"ISO-8859-1")); - if(null != params.getParam2()) result.put(XSD_PARAM2ATTR, URLEncoder.encode(params.getParam2(),"ISO-8859-1")); - if(null != params.getParam3()) result.put(XSD_PARAM3ATTR, URLEncoder.encode(params.getParam3(),"ISO-8859-1")); - } catch (UnsupportedEncodingException e) { - // ISO-8859-1 is supported - throw new LoginParameterResolverException("URLEncoder error", null); - } - } else { - throw new LoginParameterResolverException("AuthType not supported", null); - } - return result; - } - - /** - * Resolves a login header or parameter value. - * @param predicate header or parameter predicate name from online application configuration - * @param authData authentication data for current login - * @param clientIPAddress client IP address - * @return header or parameter value resolved; <code>null</code> if unknown name is given - */ - private static String resolveValue( - String predicate, - AuthenticationData authData, - String clientIPAddress) { - if (predicate.equals("MOAGivenName")) - return authData.getGivenName(); - if (predicate.equals("MOAFamilyName")) - return authData.getFamilyName(); - if (predicate.equals("MOADateOfBirth")) - return authData.getDateOfBirth(); - if (predicate.equals("MOABPK")) - return authData.getPBK(); - if (predicate.equals("MOAPublicAuthority")) - if (authData.isPublicAuthority()) - return "true"; - else - return "false"; - if (predicate.equals("MOABKZ")) - return authData.getPublicAuthorityCode(); - if (predicate.equals("MOAQualifiedCertificate")) - if (authData.isQualifiedCertificate()) - return "true"; - else - return "false"; - if (predicate.equals("MOAStammzahl")) - return authData.getIdentificationValue(); - if (predicate.equals(MOAIdentificationValueType)) - return authData.getIdentificationType(); - if (predicate.equals("MOAIPAddress")) - return clientIPAddress; - else - return null; - } - - /** - * reads, parses the configuration file of XMLLoginParameterResolver and returns the document element. - * @param fileName of the configuration file. - */ - private Element readXMLFile(String fileName) throws ParserConfigurationException, SAXException, IOException { - Logger.info("XMLLoginParameterResolver: Loading and parsing XMLPLoginParameterConfiguration configuration: " + fileName); - - InputStream stream = null; - Element configElem; - - stream = new BufferedInputStream(new FileInputStream(fileName)); - configElem = DOMUtils.parseDocument(stream, true, Constants.ALL_SCHEMA_LOCATIONS, null).getDocumentElement(); - return configElem; - } - - /** - * buildInfo builds up the internal data mapping between the "Identities" and the "Parameters" from the parsed XML file. - * @param root document root element. - */ - private void buildInfo(Element root) { - NodeList idList = root.getElementsByTagName(XSD_IDELEM); - NodeList paramList = root.getElementsByTagName(XSD_PARAMELEM); - for (int i = 0; i < idList.getLength(); i++) - Logger.debug("XMLLoginParameterResolver: LocalName idList: " + idList.item(i).getLocalName()); - - for (int i = 0; i < paramList.getLength(); i++) - Logger.debug("XMLLoginParameterResolver: LocalName paramList: " + paramList.item(i).getLocalName()); - - for (int i = 0; i < idList.getLength(); i++) { - Element tmpElem = (Element) idList.item(i); - NodeList tmpList = tmpElem.getElementsByTagName(XSD_NAMEDIDELEM); - for (int j = 0; j < tmpList.getLength(); j++) - Logger.debug("XMLLoginParameterResolver: LocalName tmp: " + tmpList.item(j).getLocalName()); - - //Search for NamedIdentity Elements - if (1 == tmpList.getLength()) { - tmpElem = (Element) tmpList.item(0); - String tmpStr = tmpElem.getAttribute(XSD_SURNAMEATTR) + "," + - tmpElem.getAttribute(XSD_GIVENNAMEATTR) + "," + - tmpElem.getAttribute(XSD_BIRTHDATEATTR); - boolean tmpBool = false; - if (tmpElem.getFirstChild() != null - && "1".compareTo(tmpElem.getFirstChild().getNodeValue()) == 0) - tmpBool = true; - //TODO XMLLPR remove - Logger.debug("XMLLoginParameterResolver: tmpStr: " + tmpStr + " value: " + (new Boolean(tmpBool)).toString()); - tmpElem = (Element) paramList.item(i); - Logger.debug("XMLLoginParameterResolver: attribute UN: " + tmpElem.getAttribute(XSD_UNATTR) + - " attribute PW: " + tmpElem.getAttribute(XSD_PWATTR) + - " attribute Param1: " + tmpElem.getAttribute(XSD_PARAM1ATTR) + - " attribute Param2: " + tmpElem.getAttribute(XSD_PARAM2ATTR) + - " attribute Param3: " + tmpElem.getAttribute(XSD_PARAM3ATTR) ); - namedMap.put(tmpStr, new LPRParams(tmpBool, tmpElem.getAttribute(XSD_UNATTR), tmpElem.getAttribute(XSD_PWATTR), - tmpElem.getAttribute(XSD_PARAM1ATTR), tmpElem.getAttribute(XSD_PARAM2ATTR), - tmpElem.getAttribute(XSD_PARAM3ATTR)) ); - } else { //bPKIdentity Elements - - tmpList = tmpElem.getElementsByTagName(XSD_BPKIDELEM); - if (1 == tmpList.getLength()) { - tmpElem = (Element) tmpList.item(0); - String tmpStr = tmpElem.getAttribute(XSD_BPKATTR); - boolean tmpBool = false; - if (tmpElem.getFirstChild() != null - && "1".compareTo(tmpElem.getFirstChild().getNodeValue()) == 0) - tmpBool = true; - Logger.debug("XMLLoginParameterResolver: tmpStr: " + tmpStr + " value: " + (new Boolean(tmpBool)).toString()); - tmpElem = (Element) paramList.item(i); - Logger.debug("XMLLoginParameterResolver: attribute UN: " + tmpElem.getAttribute(XSD_UNATTR) + - " attribute PW: " + tmpElem.getAttribute(XSD_PWATTR) + - " attribute Param1: " + tmpElem.getAttribute(XSD_PARAM1ATTR) + - " attribute Param2: " + tmpElem.getAttribute(XSD_PARAM2ATTR) + - " attribute Param3: " + tmpElem.getAttribute(XSD_PARAM3ATTR) ); - namedMap.put(tmpStr, new LPRParams(tmpBool, tmpElem.getAttribute(XSD_UNATTR), tmpElem.getAttribute(XSD_PWATTR), - tmpElem.getAttribute(XSD_PARAM1ATTR), tmpElem.getAttribute(XSD_PARAM2ATTR), - tmpElem.getAttribute(XSD_PARAM3ATTR)) ); - } else { - Logger.warn( - "XMLLoginParameterResolver: wrong format no Elements " + XSD_NAMEDIDELEM + " or " + XSD_BPKIDELEM + " found"); - } - } - } - - Logger.debug("namedMap:" + namedMap.toString()); - Logger.debug("bPKMap:" + bPKMap.toString()); - } - - /** - * searches for a given bPK and returns the appropriate LPRParams structure - * @param bPK search argument - * @returns LPRParams if bPK could be found in internal mappings or null otherwise. - */ - LPRParams bPKIdentitySearch(String bPK) { - //search for mapping with bPK of the user - Logger.info("XMLLoginParameterResolver: search for login data mapped to bPK:" + bPK); - LPRParams params = (LPRParams) bPKMap.get(bPK); - if (null == params) { - Logger.info("XMLLoginParameterResolver: params for bPK: " + bPK + " not found!"); - return null; - } else if (params.getEnabled()) { - Logger.info("XMLLoginParameterResolver: bPK: " + bPK + "found in list; user is enabled"); - Logger.debug("XMLLoginParameterResolver: using: " + params.toString()); - return params; - } - Logger.info("XMLLoginParameterResolver: bPK: " + bPK + "found in list but user is NOT enabled"); - return null; - } - - /** - * searches for a given namedIdentity and returns the appropriate LPRParams structure - * @param surName surname search argument - * @param givenName givenname search argument - * @param dateOfBirth dateofbirth search argument - * @returns LPRParams if bPK could be found in internal mappings or null otherwise. - */ - LPRParams namedIdentitySearch(String surName, String givenName, String dateOfBirth) { - Logger.info("XMLLoginParameterResolver: search for login data for SurName:" + surName + - " GivenName: " + givenName + - " DateOfBirth" + dateOfBirth); - - //try first a search with surname, givenname and birthdate - LPRParams params = (LPRParams) namedMap.get(surName + "," + givenName + "," + dateOfBirth); - if (null == params) { - Logger.debug("XMLLoginParameterResolver: params for Surname: " + surName + " GivenName: " + - givenName + "BirthDate: " + dateOfBirth + " not found!"); - - //try a search with surname, givenname only - params = (LPRParams) namedMap.get(surName + "," + givenName + "," + XSD_BIRTHDATEBLANKATTR); - if(null == params) { - Logger.debug("XMLLoginParameterResolver: params for Surname: " + surName + " GivenName: " + - givenName + " not found!"); - return null; - } - } - - if (params.getEnabled()) { - Logger.info("XMLLoginParameterResolver: Surname:" + surName - + " GivenName: " - + givenName - + " found in list; user is enabled"); - Logger.debug("XMLLoginParameterResolver: using: " + params.toString()); - return params; - } - Logger.info( - "XMLLoginParameterResolver: SurName:" - + surName - + " GivenName: " - + givenName - + "found in list; user is NOT enabled"); - return null; - } - - //public static final String XSD_MAPPING = "Mapping"; - - //public static final String XSD_DOCELEM = "MOAIdentities"; - public static final String XSD_IDELEM = "Identity"; - public static final String XSD_NAMEDIDELEM = "NamedIdentity"; - public static final String XSD_BPKIDELEM = "bPKIdentity"; - public static final String XSD_PARAMELEM = "Parameters"; - public static final String XSD_SURNAMEATTR = "SurName"; - public static final String XSD_GIVENNAMEATTR = "GivenName"; - public static final String XSD_BIRTHDATEATTR = "BirthDate"; - public static final String XSD_BIRTHDATEBLANKATTR = "any"; - public static final String XSD_BPKATTR = "bPK"; - public static final String XSD_UNATTR = "UN"; - public static final String XSD_PWATTR = "PW"; - public static final String XSD_PARAM1ATTR = "Param1"; - public static final String XSD_PARAM2ATTR = "Param2"; - public static final String XSD_PARAM3ATTR = "Param3"; - private Map bPKMap; - private Map namedMap; - private boolean isConfigured = false; -}
\ No newline at end of file diff --git a/id.server/src/at/gv/egovernment/moa/id/proxy/builder/SAMLRequestBuilder.java b/id.server/src/at/gv/egovernment/moa/id/proxy/builder/SAMLRequestBuilder.java deleted file mode 100644 index e0e1fde4a..000000000 --- a/id.server/src/at/gv/egovernment/moa/id/proxy/builder/SAMLRequestBuilder.java +++ /dev/null @@ -1,55 +0,0 @@ -package at.gv.egovernment.moa.id.proxy.builder; - -import java.text.MessageFormat; -import java.util.Calendar; - -import org.w3c.dom.Element; - -import at.gv.egovernment.moa.id.BuildException; -import at.gv.egovernment.moa.util.Constants; -import at.gv.egovernment.moa.util.DOMUtils; -import at.gv.egovernment.moa.util.DateTimeUtils; - -/** - * Builder for the <code><samlp:Request></code> used for querying - * the authentication data <code><saml:Assertion></code>. - * - * @author Paul Ivancsics - * @version $Id$ - */ -public class SAMLRequestBuilder implements Constants { - /** samlp-Request template */ - private static final String REQUEST = - "<samlp:Request xmlns:samlp=\"urn:oasis:names:tc:SAML:1.0:protocol\" RequestID=\"{0}\" MajorVersion=\"1\" MinorVersion=\"0\" IssueInstant=\"{1}\">" + - "<samlp:AssertionArtifact>{2}</samlp:AssertionArtifact>" + - "</samlp:Request>"; - - /** - * Constructor for SAMLRequestBuilder. - */ - public SAMLRequestBuilder() { - super(); - } - - /** - * Builds the <code><samlp:Request></code>. - * @param requestID request ID - * @param samlArtifactBase64 SAML artifact, encoded BASE64 - * @return the DOM element - */ - public Element build(String requestID, String samlArtifactBase64) throws BuildException { - try { - String issueInstant = DateTimeUtils.buildDateTime(Calendar.getInstance()); - String request = MessageFormat.format(REQUEST, new Object[] {requestID, issueInstant, samlArtifactBase64}); - Element requestElem = DOMUtils.parseDocument(request, false, ALL_SCHEMA_LOCATIONS, null).getDocumentElement(); - return requestElem; - } - catch (Throwable ex) { - throw new BuildException( - "builder.00", - new Object[] {"samlp:Request", ex.toString()}, - ex); - } - } - -} diff --git a/id.server/src/at/gv/egovernment/moa/id/proxy/invoke/GetAuthenticationDataInvoker.java b/id.server/src/at/gv/egovernment/moa/id/proxy/invoke/GetAuthenticationDataInvoker.java deleted file mode 100644 index 4e9a72111..000000000 --- a/id.server/src/at/gv/egovernment/moa/id/proxy/invoke/GetAuthenticationDataInvoker.java +++ /dev/null @@ -1,143 +0,0 @@ -package at.gv.egovernment.moa.id.proxy.invoke; - -import java.lang.reflect.InvocationTargetException; -import java.lang.reflect.Method; -import java.util.Vector; - -import javax.xml.namespace.QName; -import javax.xml.rpc.Call; -import javax.xml.rpc.Service; -import javax.xml.rpc.ServiceFactory; - -import org.apache.axis.message.SOAPBodyElement; -import org.w3c.dom.Element; - -import at.gv.egovernment.moa.id.AuthenticationException; -import at.gv.egovernment.moa.id.BuildException; -import at.gv.egovernment.moa.id.ParseException; -import at.gv.egovernment.moa.id.ServiceException; -import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.ConnectionParameter; -import at.gv.egovernment.moa.id.config.proxy.ProxyConfigurationProvider; -import at.gv.egovernment.moa.id.data.AuthenticationData; -import at.gv.egovernment.moa.id.data.SAMLStatus; -import at.gv.egovernment.moa.id.proxy.builder.SAMLRequestBuilder; -import at.gv.egovernment.moa.id.proxy.parser.SAMLResponseParser; -import at.gv.egovernment.moa.id.proxy.servlet.ProxyException; -import at.gv.egovernment.moa.id.util.Random; - -/** - * Invoker of - * <ul> - * <li>either the GetAuthenticationData web service of MOA-ID Auth</li> - * <li>or the API call {@link at.gv.egovernment.moa.id.auth.AuthenticationServer#getAuthenticationData},</li> - * </ul> - * depending of the configuration. - * - * @author Paul Ivancsics - * @version $Id$ - */ -public class GetAuthenticationDataInvoker { - /** Create a new QName object for the webservice endpoint */ - private static final QName SERVICE_QNAME = new QName("GetAuthenticationData"); - - /** invoked object for API call of MOA-ID Auth */ - private static Object apiServer = null; - /** invoked method for API call of MOA-ID Auth */ - private static Method apiMethod = null; - - /** - * Invokes the service passing domain model objects. - * @param samlArtifact SAML artifact - * @return AuthenticationData object - * @throws ServiceException on any exception thrown - */ - /** - * Get authentication data from the MOA-ID Auth component, - * either via API call or via web service call. - * @param samlArtifact SAML artifact to be used as a parameter - * @return AuthenticationData - */ - public AuthenticationData getAuthenticationData(String samlArtifact) - throws ConfigurationException, ProxyException, BuildException, ServiceException, ParseException, AuthenticationException { - - ConnectionParameter authConnParam = - ProxyConfigurationProvider.getInstance().getAuthComponentConnectionParameter(); - if (authConnParam == null) { - try { - if (apiServer == null) { - Class serverClass = Class.forName("at.gv.egovernment.moa.id.auth.AuthenticationServer"); - Method getInstanceMethod = serverClass.getMethod("getInstance", null); - apiServer = getInstanceMethod.invoke(null, null); - apiMethod = serverClass.getMethod( - "getAuthenticationData", new Class[] {String.class}); - } - AuthenticationData authData = (AuthenticationData)apiMethod.invoke(apiServer, new Object[] {samlArtifact}); - return authData; - } - catch (InvocationTargetException ex) { - Throwable targetEx = ex.getTargetException(); - if (targetEx instanceof AuthenticationException) - throw (AuthenticationException) targetEx; - else - throw new ProxyException("proxy.09", new Object[] {targetEx.toString()}); - } - catch (Throwable ex) { - throw new ProxyException("proxy.09", new Object[] {ex.toString()}); - } - } - else { - Element samlpRequest = new SAMLRequestBuilder().build(Random.nextRandom(), samlArtifact); - Element samlpResponse = getAuthenticationData(samlpRequest); - SAMLResponseParser srp = new SAMLResponseParser(samlpResponse); - SAMLStatus status = srp.parseStatusCode(); - if (! "samlp:Success".equals(status.getStatusCode())) { - // on error status throw exception - String code = status.getStatusCode(); - if (status.getSubStatusCode() != null && status.getSubStatusCode().length() > 0) - code += "(" + status.getSubStatusCode() + ")"; - throw new ServiceException("service.02", new Object[] {code, status.getStatusMessage()}); - } - return srp.parseAuthenticationData(); - } - } - - /** - * Invokes the service passing DOM elements. - * @param request request DOM element - * @return response DOM element - * @throws ServiceException on any exception thrown - */ - public Element getAuthenticationData(Element request) throws ServiceException { - try { - Service service = ServiceFactory.newInstance().createService(SERVICE_QNAME); - Call call = service.createCall(); - SOAPBodyElement body = - new SOAPBodyElement(request); - SOAPBodyElement[] params = new SOAPBodyElement[] {body}; - Vector responses; - SOAPBodyElement response; - - String endPoint; - ConnectionParameter authConnParam = - ProxyConfigurationProvider.getInstance().getAuthComponentConnectionParameter(); - - //If the ConnectionParameter do NOT exist, we throw an exception .... - if (authConnParam!=null) { - endPoint = authConnParam.getUrl(); - call.setTargetEndpointAddress(endPoint); - responses = (Vector) call.invoke(SERVICE_QNAME, params); - response = (SOAPBodyElement) responses.get(0); - return response.getAsDOM(); - } - else - { - throw new ServiceException("service.01", null); - } - } - catch (Exception ex) { - throw new ServiceException("service.00", new Object[] {ex.toString()}, ex); - } - } - -} diff --git a/id.server/src/at/gv/egovernment/moa/id/proxy/parser/AuthenticationDataAssertionParser.java b/id.server/src/at/gv/egovernment/moa/id/proxy/parser/AuthenticationDataAssertionParser.java deleted file mode 100644 index a78a8d587..000000000 --- a/id.server/src/at/gv/egovernment/moa/id/proxy/parser/AuthenticationDataAssertionParser.java +++ /dev/null @@ -1,152 +0,0 @@ -package at.gv.egovernment.moa.id.proxy.parser; - -import org.w3c.dom.Element; - -import at.gv.egovernment.moa.id.ParseException; -import at.gv.egovernment.moa.id.data.AuthenticationData; -import at.gv.egovernment.moa.util.BoolUtils; -import at.gv.egovernment.moa.util.Constants; -import at.gv.egovernment.moa.util.DOMUtils; -import at.gv.egovernment.moa.util.XPathUtils; - -/** - * Parser for the <code><saml:Assertion></code> returned by the - * <code>GetAuthenticationData</code> web service. - * @author Paul Ivancsics - * @version $Id$ - */ -public class AuthenticationDataAssertionParser implements Constants { - - /** Prefix for SAML-Xpath-expressions */ - private static String SAML = SAML_PREFIX + ":"; - /** Prefix for PersonData-Xpath-expressions */ - private static String PR = PD_PREFIX + ":"; - /** Prefix for Attribute MajorVersion in an Xpath-expression */ - private static String MAJOR_VERSION_XPATH = - "@MajorVersion"; - /** Prefix for Attribute MinorVersion in an Xpath-expression */ - private static String MINOR_VERSION_XPATH = - "@MinorVersion"; - /** Prefix for Attribute AssertionID in an Xpath-expression */ - private static String ASSERTION_ID_XPATH = - "@AssertionID"; - /** Prefix for Attribute Issuer in an Xpath-expression */ - private static String ISSUER_XPATH = - "@Issuer"; - /** Prefix for Attribute IssueInstant in an Xpath-expression */ - private static String ISSUE_INSTANT_XPATH = - "@IssueInstant"; - /** Prefix for Element AttributeStatement in an Xpath-expression */ - private static String ATTRIBUTESTATEMENT_XPATH = - SAML + "AttributeStatement/"; - /** Prefix for Element NameIdentifier in an Xpath-expression */ - private static String BPK_XPATH = - ATTRIBUTESTATEMENT_XPATH + - SAML + "Subject/" + - SAML + "NameIdentifier"; - /** Prefix for Element Person in an Xpath-expression */ - private static String PERSONDATA_XPATH = - ATTRIBUTESTATEMENT_XPATH + - SAML + "Attribute[@AttributeName=\"PersonData\"]/" + - SAML + "AttributeValue/" + - PR + "Person/"; - /** Prefix for Element Value in an Xpath-expression */ - private static String IDENTIFICATION_VALUE_XPATH = - PERSONDATA_XPATH + - PR + "Identification/" + - PR + "Value"; - private static String IDENTIFICATION_TYPE_XPATH = - PERSONDATA_XPATH + - PR + "Identification/" + - PR + "Type"; - - /** Prefix for Element GivenName in an Xpath-expression */ - private static String GIVEN_NAME_XPATH = - PERSONDATA_XPATH + - PR + "Name/" + - PR + "GivenName"; - /** Prefix for Element FamilyName in an Xpath-expression */ - private static String FAMILY_NAME_XPATH = - PERSONDATA_XPATH + - PR + "Name/" + - PR + "FamilyName"; - /** Prefix for Element DateOfBirth in an Xpath-expression */ - private static String DATE_OF_BIRTH_XPATH = - PERSONDATA_XPATH + - PR + "DateOfBirth"; - /** Prefix for Element AttributeValue in an Xpath-expression */ - private static String IS_QUALIFIED_CERT_XPATH = - ATTRIBUTESTATEMENT_XPATH + - SAML + "Attribute[@AttributeName=\"isQualifiedCertificate\"]/" + - SAML + "AttributeValue"; - /** Prefix for Element AttributeValue in an Xpath-expression */ - private static String PUBLIC_AUTHORITY_XPATH = - ATTRIBUTESTATEMENT_XPATH + - SAML + "Attribute[@AttributeName=\"isPublicAuthority\"]/" + - SAML + "AttributeValue"; - /** Element samlAssertion represents the SAML:Assertion */ - private Element samlAssertion; - - /** - * Constructor - * @param samlAssertion samlpResponse the <code><samlp:Response></code> as a DOM element - */ - public AuthenticationDataAssertionParser(Element samlAssertion) { - this.samlAssertion = samlAssertion; - } - - /** - * Parses the <code><saml:Assertion></code>. - * @return <code>AuthenticationData</code> object - * @throws ParseException on any error - */ - public AuthenticationData parseAuthenticationData() - throws ParseException { - - try { - AuthenticationData authData = new AuthenticationData(); - //ÄNDERN: NUR der Identification-Teil - authData.setSamlAssertion(DOMUtils.serializeNode(samlAssertion)); - authData.setMajorVersion(new Integer( - XPathUtils.getAttributeValue(samlAssertion, MAJOR_VERSION_XPATH, "-1")).intValue()); - authData.setMinorVersion(new Integer( - XPathUtils.getAttributeValue(samlAssertion, MINOR_VERSION_XPATH, "-1")).intValue()); - authData.setAssertionID( - XPathUtils.getAttributeValue(samlAssertion, ASSERTION_ID_XPATH, "")); - authData.setIssuer( - XPathUtils.getAttributeValue(samlAssertion, ISSUER_XPATH, "")); - authData.setIssueInstant( - XPathUtils.getAttributeValue(samlAssertion, ISSUE_INSTANT_XPATH, "")); - authData.setPBK( - XPathUtils.getElementValue(samlAssertion, BPK_XPATH, "")); - authData.setIdentificationValue( - XPathUtils.getElementValue(samlAssertion, IDENTIFICATION_VALUE_XPATH, "")); - authData.setIdentificationType( - XPathUtils.getElementValue(samlAssertion, IDENTIFICATION_TYPE_XPATH, "")); - authData.setGivenName( - XPathUtils.getElementValue(samlAssertion, GIVEN_NAME_XPATH, "")); - authData.setFamilyName( - XPathUtils.getElementValue(samlAssertion, FAMILY_NAME_XPATH, "")); - authData.setDateOfBirth( - XPathUtils.getElementValue(samlAssertion, DATE_OF_BIRTH_XPATH, "")); - authData.setQualifiedCertificate(BoolUtils.valueOf( - XPathUtils.getElementValue(samlAssertion, IS_QUALIFIED_CERT_XPATH, ""))); - String publicAuthority = - XPathUtils.getElementValue(samlAssertion, PUBLIC_AUTHORITY_XPATH, null); - if (publicAuthority == null) { - authData.setPublicAuthority(false); - authData.setPublicAuthorityCode(""); - } - else { - authData.setPublicAuthority(true); - if (! publicAuthority.equalsIgnoreCase("true")) - authData.setPublicAuthorityCode(publicAuthority); - } - return authData; - } - catch (Throwable t) { - throw new ParseException("parser.01", new Object[] { t.toString() }, t); - } - } - -} diff --git a/id.server/src/at/gv/egovernment/moa/id/proxy/parser/SAMLResponseParser.java b/id.server/src/at/gv/egovernment/moa/id/proxy/parser/SAMLResponseParser.java deleted file mode 100644 index 9f77578fd..000000000 --- a/id.server/src/at/gv/egovernment/moa/id/proxy/parser/SAMLResponseParser.java +++ /dev/null @@ -1,100 +0,0 @@ -package at.gv.egovernment.moa.id.proxy.parser; - -import org.w3c.dom.Element; - -import at.gv.egovernment.moa.id.ParseException; -import at.gv.egovernment.moa.id.data.AuthenticationData; -import at.gv.egovernment.moa.id.data.SAMLStatus; -import at.gv.egovernment.moa.util.Constants; -import at.gv.egovernment.moa.util.XPathUtils; - -/** - * Parser for the <code><samlp:Response></code> returned by the - * <code>GetAuthenticationData</code> web service. - * @author Paul Ivancsics - * @version $Id$ - */ -public class SAMLResponseParser implements Constants { - /** Element containing the samlResponse */ - private Element samlResponse; - /** Xpath prefix for reaching SAMLP Namespaces */ - private static String SAMLP = SAMLP_PREFIX + ":"; - /** Xpath prefix for reaching SAML Namespaces */ - private static String SAML = SAML_PREFIX + ":"; - /** Xpath prefix for reaching PersonData Namespaces */ - private static String PR = PD_PREFIX + ":"; - /** Xpath expression for reaching the SAMLP:Response element */ - private static final String ROOT = - "/" + SAMLP + "Response/"; - /** Xpath expression for reaching the SAMLP:Status element */ - private static final String STATUS_XPATH = - ROOT + - SAMLP + "Status/"; - /** Xpath expression for reaching the SAMLP:StatusCode_Value attribute */ - private static final String STATUSCODE_XPATH = - STATUS_XPATH + - SAMLP + "StatusCode/@Value"; - /** Xpath expression for reaching the SAMLP:SubStatusCode_Value attribute */ - private static final String SUBSTATUSCODE_XPATH = - STATUS_XPATH + - SAMLP + "StatusCode/" + - SAMLP + "StatusCode/@Value"; - /** Xpath expression for reaching the SAMLP:StatusMessage element */ - private static final String STATUSMESSAGE_XPATH = - STATUS_XPATH + - SAMLP + "StatusMessage"; - /** Xpath expression for reaching the SAML:Assertion element */ - private static String ASSERTION_XPATH = - ROOT + - SAML + "Assertion"; - - /** - * Constructor - * @param samlResponse the <code><samlp:Response></code> as a DOM element - */ - public SAMLResponseParser(Element samlResponse) { - this.samlResponse = samlResponse; - } - - /** - * Parses the <code><samlp:StatusCode></code> from the <code><samlp:Response></code>. - * @return <code>AuthenticationData</code> object - * @throws ParseException on any parsing error - */ - public SAMLStatus parseStatusCode() - throws ParseException { - - SAMLStatus status = new SAMLStatus(); - try { - status.setStatusCode( - XPathUtils.getAttributeValue(samlResponse, STATUSCODE_XPATH, "")); - status.setSubStatusCode( - XPathUtils.getAttributeValue(samlResponse, SUBSTATUSCODE_XPATH, "")); - status.setStatusMessage( - XPathUtils.getElementValue(samlResponse, STATUSMESSAGE_XPATH, "")); - } - catch (Throwable t) { - throw new ParseException("parser.01", new Object[] { t.toString() }, t); - } - return status; - } - - /** - * Parses the <code><saml:Assertion></code> from the <code><samlp:Response></code>. - * @return <code>AuthenticationData</code> object - * @throws ParseException on any parsing error - */ - public AuthenticationData parseAuthenticationData() - throws ParseException { - - Element samlAssertion; - try { - samlAssertion = (Element)XPathUtils.selectSingleNode(samlResponse, ASSERTION_XPATH); - } - catch (Throwable t) { - throw new ParseException("parser.01", new Object[] { t.toString() }, t); - } - return new AuthenticationDataAssertionParser(samlAssertion).parseAuthenticationData(); - } - -} diff --git a/id.server/src/at/gv/egovernment/moa/id/proxy/servlet/ConfigurationServlet.java b/id.server/src/at/gv/egovernment/moa/id/proxy/servlet/ConfigurationServlet.java deleted file mode 100644 index 4ab2e2cf7..000000000 --- a/id.server/src/at/gv/egovernment/moa/id/proxy/servlet/ConfigurationServlet.java +++ /dev/null @@ -1,71 +0,0 @@ -package at.gv.egovernment.moa.id.proxy.servlet; - -import java.io.IOException; -import java.text.DateFormat; -import java.util.Date; -import java.util.Locale; - -import javax.servlet.ServletConfig; -import javax.servlet.ServletException; -import javax.servlet.http.HttpServlet; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import at.gv.egovernment.moa.id.proxy.MOAIDProxyInitializer; -import at.gv.egovernment.moa.id.util.HTTPRequestJSPForwarder; -import at.gv.egovernment.moa.id.util.MOAIDMessageProvider; -import at.gv.egovernment.moa.logging.Logger; - -/** - * Servlet requested for updating the MOA-ID Auth configuration from configuration file - * - * @author Paul Ivancsics - * @version $Id$ - */ -public class ConfigurationServlet extends HttpServlet { - - /** - * Handle a HTTP GET request, used to indicated that the MOA - * configuration needs to be updated (reloaded). - * - * @see javax.servlet.http.HttpServlet#doGet(HttpServletRequest, HttpServletResponse) - */ - public void doGet(HttpServletRequest request, HttpServletResponse response) - throws ServletException, IOException { - - MOAIDMessageProvider msg = MOAIDMessageProvider.getInstance(); - try { - MOAIDProxyInitializer.initialize(); - - String message = msg.getMessage("config.00", new Object[] - { DateFormat.getTimeInstance(DateFormat.MEDIUM, Locale.GERMAN).format(new Date())} ); - Logger.info(message); - - HTTPRequestJSPForwarder.forwardNamed(message, "/message-proxy.jsp", getServletContext(), request, response); - } catch (Throwable t) { - String errorMessage = msg.getMessage("config.04", null); - Logger.error(errorMessage, t); - HTTPRequestJSPForwarder.forwardNamed(errorMessage, "/message-proxy.jsp", getServletContext(), request, response); - } - } - - /** - * Do the same as <code>doGet</code>. - * - * @see javax.servlet.http.HttpServlet#doPost(HttpServletRequest, HttpServletResponse) - */ - public void doPost(HttpServletRequest request, HttpServletResponse response) - throws ServletException, IOException { - doGet(request, response); - } - -/** - * Calls the web application initializer. - * - * @see javax.servlet.Servlet#init(ServletConfig) - */ -public void init(ServletConfig servletConfig) throws ServletException { - super.init(servletConfig); -} - -}
\ No newline at end of file diff --git a/id.server/src/at/gv/egovernment/moa/id/proxy/servlet/ProxyException.java b/id.server/src/at/gv/egovernment/moa/id/proxy/servlet/ProxyException.java deleted file mode 100644 index 0080c010e..000000000 --- a/id.server/src/at/gv/egovernment/moa/id/proxy/servlet/ProxyException.java +++ /dev/null @@ -1,35 +0,0 @@ -package at.gv.egovernment.moa.id.proxy.servlet; - -import at.gv.egovernment.moa.id.MOAIDException; - -/** - * Exception thrown while proxying a request to the online application - * - * @author Paul Ivancsics - * @version $Id$ - */ -public class ProxyException extends MOAIDException { - - /** - * Constructor for ProxyException. - * @param messageId - * @param parameters - */ - public ProxyException(String messageId, Object[] parameters) { - super(messageId, parameters); - } - - /** - * Constructor for ProxyException. - * @param messageId - * @param parameters - * @param wrapped - */ - public ProxyException( - String messageId, - Object[] parameters, - Throwable wrapped) { - super(messageId, parameters, wrapped); - } - -} |