add PVP2 Demo Application

change SZRGWClient to JAXWs

4 files changed, 291 insertions, 0 deletions

diff --git a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/utils/ApplicationBean.java b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/utils/ApplicationBean.java
new file mode 100644
index 000000000..83f9a8b2c
--- /dev/null
+++ b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/utils/ApplicationBean.java
@@ -0,0 +1,93 @@
+package at.gv.egovernment.moa.id.demoOA.utils;
+
+import java.io.Serializable;
+
+public class ApplicationBean implements Serializable {
+
+	private static final long serialVersionUID = -1280536194708616850L;
+	
+	private String familyName;
+	private String givenName;
+	private String dateOfBirth;
+	private String assertion;
+	
+	private boolean isLogin = false; 
+	
+	private String errorMessage;
+	
+	/**
+	 * @return the familyName
+	 */
+	public String getFamilyName() {
+		return familyName;
+	}
+	/**
+	 * @param familyName the familyName to set
+	 */
+	public void setFamilyName(String familyName) {
+		this.familyName = familyName;
+	}
+	/**
+	 * @return the givenName
+	 */
+	public String getGivenName() {
+		return givenName;
+	}
+	/**
+	 * @param givenName the givenName to set
+	 */
+	public void setGivenName(String givenName) {
+		this.givenName = givenName;
+	}
+	/**
+	 * @return the dateOfBirth
+	 */
+	public String getDateOfBirth() {
+		return dateOfBirth;
+	}
+	/**
+	 * @param dateOfBirth the dateOfBirth to set
+	 */
+	public void setDateOfBirth(String dateOfBirth) {
+		this.dateOfBirth = dateOfBirth;
+	}
+	/**
+	 * @return the assertion
+	 */
+	public String getAssertion() {
+		return assertion;
+	}
+	/**
+	 * @param assertion the assertion to set
+	 */
+	public void setAssertion(String assertion) {
+		this.assertion = assertion;
+	}
+	/**
+	 * @return the errorMessage
+	 */
+	public String getErrorMessage() {
+		return errorMessage;
+	}
+	/**
+	 * @param errorMessage the errorMessage to set
+	 */
+	public void setErrorMessage(String errorMessage) {
+		this.errorMessage = errorMessage;
+	}
+	/**
+	 * @return the isLogin
+	 */
+	public boolean isLogin() {
+		return isLogin;
+	}
+	/**
+	 * @param isLogin the isLogin to set
+	 */
+	public void setLogin(boolean isLogin) {
+		this.isLogin = isLogin;
+	}
+
+	
+	
+}
diff --git a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/utils/AttributeListBuilder.java b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/utils/AttributeListBuilder.java
new file mode 100644
index 000000000..8c9d15d11
--- /dev/null
+++ b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/utils/AttributeListBuilder.java
@@ -0,0 +1,57 @@
+package at.gv.egovernment.moa.id.demoOA.utils;
+
+import java.util.ArrayList;
+import java.util.List;
+
+import org.opensaml.saml2.core.Attribute;
+import org.opensaml.saml2.metadata.RequestedAttribute;
+
+import at.gv.egovernment.moa.id.demoOA.PVPConstants;
+
+
+
+public class AttributeListBuilder implements PVPConstants{
+
+	protected static RequestedAttribute buildReqAttribute(String name, String friendlyName, boolean required) {
+		RequestedAttribute attribute = SAML2Utils.createSAMLObject(RequestedAttribute.class);
+		attribute.setIsRequired(required);
+		attribute.setName(name);
+		attribute.setFriendlyName(friendlyName);
+		attribute.setNameFormat(Attribute.URI_REFERENCE);
+		return attribute;
+	}
+	
+	public static List<RequestedAttribute> getRequestedAttributes() {
+		List<RequestedAttribute> requestedAttributes = new ArrayList<RequestedAttribute>();
+		
+		requestedAttributes.add(buildReqAttribute(PVP_VERSION_NAME, PVP_VERSION_FRIENDLY_NAME, true));
+		requestedAttributes.add(buildReqAttribute(PRINCIPAL_NAME_NAME, PRINCIPAL_NAME_FRIENDLY_NAME, true));
+		requestedAttributes.add(buildReqAttribute(GIVEN_NAME_NAME, GIVEN_NAME_FRIENDLY_NAME, true));
+		requestedAttributes.add(buildReqAttribute(BIRTHDATE_NAME, BIRTHDATE_FRIENDLY_NAME, false));
+		requestedAttributes.add(buildReqAttribute(BPK_NAME, BPK_FRIENDLY_NAME, true));
+		
+		requestedAttributes.add(buildReqAttribute(EID_CITIZEN_QAA_LEVEL_NAME, EID_CITIZEN_QAA_LEVEL_FRIENDLY_NAME, true));
+		requestedAttributes.add(buildReqAttribute(EID_ISSUING_NATION_NAME, EID_ISSUING_NATION_FRIENDLY_NAME, true));
+		requestedAttributes.add(buildReqAttribute(EID_SECTOR_FOR_IDENTIFIER_NAME, EID_SECTOR_FOR_IDENTIFIER_FRIENDLY_NAME, true));
+		requestedAttributes.add(buildReqAttribute(EID_SIGNER_CERTIFICATE_NAME, EID_SIGNER_CERTIFICATE_FRIENDLY_NAME, true));		
+		requestedAttributes.add(buildReqAttribute(EID_CCS_URL_NAME, EID_CCS_URL_FRIENDLY_NAME, true));		
+		requestedAttributes.add(buildReqAttribute(EID_AUTH_BLOCK_NAME, EID_AUTH_BLOCK_FRIENDLY_NAME, true));		
+		requestedAttributes.add(buildReqAttribute(EID_IDENTITY_LINK_NAME, EID_IDENTITY_LINK_FRIENDLY_NAME, true));
+		
+		requestedAttributes.add(buildReqAttribute(MANDATE_TYPE_NAME, MANDATE_TYPE_FRIENDLY_NAME, false));
+		requestedAttributes.add(buildReqAttribute(MANDATE_FULL_MANDATE_NAME, MANDATE_FULL_MANDATE_FRIENDLY_NAME, false));
+		requestedAttributes.add(buildReqAttribute(MANDATE_LEG_PER_FULL_NAME_NAME, MANDATE_LEG_PER_FULL_NAME_FRIENDLY_NAME, false));
+		requestedAttributes.add(buildReqAttribute(MANDATE_LEG_PER_SOURCE_PIN_NAME, MANDATE_LEG_PER_SOURCE_PIN_FRIENDLY_NAME, false));
+		requestedAttributes.add(buildReqAttribute(MANDATE_LEG_PER_SOURCE_PIN_TYPE_NAME, MANDATE_LEG_PER_SOURCE_PIN_TYPE_FRIENDLY_NAME, false));
+		
+		requestedAttributes.add(buildReqAttribute(MANDATE_NAT_PER_BIRTHDATE_NAME, MANDATE_NAT_PER_BIRTHDATE_FRIENDLY_NAME, false));
+		requestedAttributes.add(buildReqAttribute(MANDATE_NAT_PER_BPK_NAME, MANDATE_NAT_PER_BPK_FRIENDLY_NAME, false));
+		requestedAttributes.add(buildReqAttribute(MANDATE_NAT_PER_FAMILY_NAME_NAME, MANDATE_NAT_PER_FAMILY_NAME_FRIENDLY_NAME, false));
+		requestedAttributes.add(buildReqAttribute(MANDATE_NAT_PER_GIVEN_NAME_NAME, MANDATE_NAT_PER_GIVEN_NAME_FRIENDLY_NAME, false));
+		
+		requestedAttributes.add(buildReqAttribute(MANDATE_REFERENCE_VALUE_NAME, MANDATE_REFERENCE_VALUE_FRIENDLY_NAME, false));
+		requestedAttributes.add(buildReqAttribute(MANDATE_PROF_REP_OID_NAME, MANDATE_PROF_REP_OID_FRIENDLY_NAME, false));
+		requestedAttributes.add(buildReqAttribute(MANDATE_PROF_REP_DESC_NAME, MANDATE_PROF_REP_DESC_FRIENDLY_NAME, false));
+		return requestedAttributes;
+	}
+}
diff --git a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/utils/MetaDataVerificationFilter.java b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/utils/MetaDataVerificationFilter.java
new file mode 100644
index 000000000..2b4e20ba0
--- /dev/null
+++ b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/utils/MetaDataVerificationFilter.java
@@ -0,0 +1,54 @@
+package at.gv.egovernment.moa.id.demoOA.utils;
+
+import java.util.Iterator;
+
+import org.opensaml.saml2.metadata.EntitiesDescriptor;
+import org.opensaml.saml2.metadata.EntityDescriptor;
+import org.opensaml.saml2.metadata.provider.FilterException;
+import org.opensaml.saml2.metadata.provider.MetadataFilter;
+import org.opensaml.security.SAMLSignatureProfileValidator;
+import org.opensaml.xml.XMLObject;
+import org.opensaml.xml.security.x509.BasicX509Credential;
+import org.opensaml.xml.signature.Signature;
+import org.opensaml.xml.signature.SignatureValidator;
+import org.opensaml.xml.validation.ValidationException;
+
+public class MetaDataVerificationFilter implements MetadataFilter {
+
+	BasicX509Credential credential;
+	
+	public MetaDataVerificationFilter(BasicX509Credential credential) {
+		this.credential = credential;
+	}
+	
+	
+	public void doFilter(XMLObject metadata) throws FilterException {
+		if (metadata instanceof EntitiesDescriptor) {
+			EntitiesDescriptor entitiesDescriptor = (EntitiesDescriptor) metadata;
+			
+			if(entitiesDescriptor.getSignature() == null) {
+				throw new FilterException("IDP metadata is not signed", null);
+			}
+			
+			Signature sign = entitiesDescriptor.getSignature();
+			
+			try {
+			
+			//Validate signature
+				SAMLSignatureProfileValidator profileValidator = new SAMLSignatureProfileValidator();
+				profileValidator.validate(sign);
+
+				
+			//Verify signature
+			SignatureValidator sigValidator = new SignatureValidator(credential);
+			sigValidator.validate(sign);
+							
+			} catch (ValidationException e) {
+				throw new FilterException("IDP metadata validation error", e);
+				
+			}
+			
+		}
+	}
+	
+}
diff --git a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/utils/SAML2Utils.java b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/utils/SAML2Utils.java
new file mode 100644
index 000000000..f04caf888
--- /dev/null
+++ b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/utils/SAML2Utils.java
@@ -0,0 +1,87 @@
+package at.gv.egovernment.moa.id.demoOA.utils;
+
+import java.io.IOException;
+import java.util.Iterator;
+import java.util.Map;
+
+import javax.xml.namespace.QName;
+import javax.xml.parsers.DocumentBuilder;
+import javax.xml.parsers.DocumentBuilderFactory;
+import javax.xml.parsers.ParserConfigurationException;
+import javax.xml.transform.TransformerException;
+
+import org.opensaml.Configuration;
+import org.opensaml.DefaultBootstrap;
+import org.opensaml.xml.ConfigurationException;
+import org.opensaml.xml.XMLObject;
+import org.opensaml.xml.XMLObjectBuilder;
+import org.opensaml.xml.XMLObjectBuilderFactory;
+import org.opensaml.xml.io.Marshaller;
+import org.opensaml.xml.io.MarshallingException;
+import org.w3c.dom.Document;
+
+
+public class SAML2Utils {
+
+	static {
+		try {
+			DefaultBootstrap.bootstrap();
+		} catch (ConfigurationException e) {
+			// TODO Auto-generated catch block
+			e.printStackTrace();
+		}
+		DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
+		factory.setNamespaceAware(true);
+		factory.setValidating(false);
+		try {
+			builder = factory.newDocumentBuilder();
+		} catch (ParserConfigurationException e) {
+			// TODO Auto-generated catch block
+			e.printStackTrace();
+		}
+	}
+
+	private static DocumentBuilder builder;
+
+	public static <T> T createSAMLObject(final Class<T> clazz) {
+		try {
+
+			XMLObjectBuilderFactory builderFactory = Configuration
+					.getBuilderFactory();
+
+			QName defaultElementName = (QName) clazz.getDeclaredField(
+					"DEFAULT_ELEMENT_NAME").get(null);
+			Map<QName, XMLObjectBuilder> builder = builderFactory.getBuilders();
+			Iterator<QName> it = builder.keySet().iterator();
+
+			while (it.hasNext()) {
+				QName qname = it.next();
+				if (qname.equals(defaultElementName)) {
+					System.out.printf("Builder for: %s\n", qname.toString());
+				}
+			}
+			XMLObjectBuilder xmlBuilder = builderFactory
+					.getBuilder(defaultElementName);
+			
+			T object = (T) xmlBuilder.buildObject(defaultElementName);
+			return object;
+		} catch (Throwable e) {
+			System.out.printf("Failed to create object for: %s\n",
+					clazz.toString());
+			e.printStackTrace();
+			return null;
+		}
+	}
+
+	public static Document asDOMDocument(XMLObject object) throws IOException,
+			MarshallingException, TransformerException {
+		org.w3c.dom.Document document = builder.newDocument();
+		Marshaller out = Configuration.getMarshallerFactory().getMarshaller(
+				object);
+		out.marshall(object, document);
+		return (Document) document;
+	}
+	
+
+	
+}