add EUPL headers

3 files changed, 87 insertions, 14 deletions

diff --git a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/Authenticate.java b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/Authenticate.java
index 68fef277b..917493848 100644
--- a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/Authenticate.java
+++ b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/Authenticate.java
@@ -1,3 +1,25 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
 package at.gv.egovernment.moa.id.demoOA.servlet.pvp2;
 
 import java.io.IOException;
@@ -75,6 +97,7 @@ public class Authenticate extends HttpServlet {
 	DocumentBuilder builder;
 
 
+	//generate AuthenticationRequest
 	protected void process(HttpServletRequest request,
 			HttpServletResponse response, Map<String,String> legacyParameter) throws ServletException, IOException {
 		try {
@@ -87,13 +110,10 @@ public class Authenticate extends HttpServlet {
 			SecureRandomIdentifierGenerator gen = new SecureRandomIdentifierGenerator();
 			authReq.setID(gen.generateIdentifier());
 			
-			HttpSession session = request.getSession();
-			if (session != null) {
-				session.setAttribute(Constants.SESSION_PVP2REQUESTID, authReq.getID());
-			}
 			
 			authReq.setAssertionConsumerServiceIndex(0);
 			authReq.setAttributeConsumingServiceIndex(0);
+			
 			authReq.setIssueInstant(new DateTime());
 			Subject subject = SAML2Utils.createSAMLObject(Subject.class);
 			NameID name = SAML2Utils.createSAMLObject(NameID.class);
@@ -121,13 +141,15 @@ public class Authenticate extends HttpServlet {
 				throw new ConfigurationException("No IDP EntityName configurated");
 			}
 			
-			HTTPMetadataProvider idpmetadata = config.getMetaDataProvier();
+			//get IDP metadata from metadataprovider
+			HTTPMetadataProvider idpmetadata = config.getMetaDataProvier();			
 			EntityDescriptor idpEntity = idpmetadata.getEntityDescriptor(entityname);
 			if (idpEntity == null) {
 				log.info("IDP EntityName is not found in IDP Metadata");
 				throw new ConfigurationException("IDP EntityName is not found in IDP Metadata");
 			}
 			
+			//select authentication-service url from metadata
 			SingleSignOnService redirectEndpoint = null;  
 			for (SingleSignOnService sss : 
 					idpEntity.getIDPSSODescriptor(SAMLConstants.SAML20P_NS).getSingleSignOnServices()) {
@@ -137,9 +159,9 @@ public class Authenticate extends HttpServlet {
 					redirectEndpoint = sss;  
 				}  
 			}
-			
 			authReq.setDestination(redirectEndpoint.getLocation());
 			
+			
 			RequestedAuthnContext reqAuthContext = 
 					SAML2Utils.createSAMLObject(RequestedAuthnContext.class);
 			
@@ -154,8 +176,8 @@ public class Authenticate extends HttpServlet {
 			
 			authReq.setRequestedAuthnContext(reqAuthContext);
 			
+			//sign authentication request
 			KeyStore keyStore = config.getPVP2KeyStore();
-
 			X509Credential authcredential = new KeyStoreX509CredentialAdapter(
 					keyStore, 
 					config.getPVP2KeystoreAuthRequestKeyAlias(), 
@@ -165,9 +187,9 @@ public class Authenticate extends HttpServlet {
 			signer.setSignatureAlgorithm(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA1);
 			signer.setCanonicalizationAlgorithm(SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS);
 			signer.setSigningCredential(authcredential);
-
 			authReq.setSignature(signer);
 
+			//generate Http-POST Binding message
 			VelocityEngine engine = new VelocityEngine();
 			engine.setProperty(RuntimeConstants.ENCODING_DEFAULT, "UTF-8");
 			engine.setProperty(RuntimeConstants.OUTPUT_ENCODING, "UTF-8");
diff --git a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/BuildMetadata.java b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/BuildMetadata.java
index f3821374a..95b776cc2 100644
--- a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/BuildMetadata.java
+++ b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/BuildMetadata.java
@@ -1,3 +1,25 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
 package at.gv.egovernment.moa.id.demoOA.servlet.pvp2;
 
 import java.io.IOException;
@@ -21,6 +43,7 @@ import javax.xml.transform.dom.DOMSource;
 import javax.xml.transform.stream.StreamResult;
 
 import org.apache.log4j.Logger;
+import org.joda.time.DateTime;
 import org.opensaml.common.impl.SecureRandomIdentifierGenerator;
 import org.opensaml.common.xml.SAMLConstants;
 import org.opensaml.saml2.core.NameIDType;
@@ -95,11 +118,17 @@ public class BuildMetadata extends HttpServlet {
 			spEntitiesDescriptor.setName(name);
 			spEntitiesDescriptor.setID(idGen.generateIdentifier());
 			
+			//set period of validity for metadata information
+			DateTime validUntil =  new DateTime();
+			spEntitiesDescriptor.setValidUntil(validUntil.plusDays(7));
+			
+			
 			EntityDescriptor spEntityDescriptor = SAML2Utils
 					.createSAMLObject(EntityDescriptor.class);
 
 			spEntitiesDescriptor.getEntityDescriptors().add(spEntityDescriptor);
 			
+			//set OA-ID (PublicURL Prefix) as identifier
 			String serviceURL = config.getPublicUrlPreFix(request);
 			if (!serviceURL.endsWith("/"))
 				serviceURL = serviceURL + "/";
@@ -181,23 +210,21 @@ public class BuildMetadata extends HttpServlet {
 			unspecifiednameIDFormat.setFormat(NameIDType.UNSPECIFIED);
 			
 			spSSODescriptor.getNameIDFormats().add(unspecifiednameIDFormat);
-						
+
+			//set HTTP-POST Binding assertion consumer service
 			AssertionConsumerService postassertionConsumerService = 
 					SAML2Utils.createSAMLObject(AssertionConsumerService.class);
 			
 			postassertionConsumerService.setIndex(0);
 			postassertionConsumerService.setBinding(SAMLConstants.SAML2_POST_BINDING_URI);
 			postassertionConsumerService.setLocation(serviceURL + Constants.SERVLET_PVP2ASSERTION);
-			
+		
 			spSSODescriptor.getAssertionConsumerServices().add(postassertionConsumerService);
 			
 			spSSODescriptor.addSupportedProtocol(SAMLConstants.SAML20P_NS);
 			
 			spEntityDescriptor.getRoleDescriptors().add(spSSODescriptor);
 			
-			spSSODescriptor.setWantAssertionsSigned(true);
-			spSSODescriptor.setAuthnRequestsSigned(true);
-			
 			AttributeConsumingService attributeService = 
 					SAML2Utils.createSAMLObject(AttributeConsumingService.class);
 			
@@ -207,10 +234,12 @@ public class BuildMetadata extends HttpServlet {
 			serviceName.setName(new LocalizedString("Default Service", "de"));
 			attributeService.getNames().add(serviceName);
 			
+			//set attributes which are requested
 			attributeService.getRequestAttributes().addAll(AttributeListBuilder.getRequestedAttributes());
-			
 			spSSODescriptor.getAttributeConsumingServices().add(attributeService);
 
+			
+			//build metadata
 			DocumentBuilder builder;
 			DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
 			
diff --git a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/DemoApplication.java b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/DemoApplication.java
index 2d32ce9af..f9c8d6cab 100644
--- a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/DemoApplication.java
+++ b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/DemoApplication.java
@@ -1,3 +1,25 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
 package at.gv.egovernment.moa.id.demoOA.servlet.pvp2;
 
 import java.io.IOException;