move citizen-card authentication and validation (Security-layer communication) to discrete module

1 files changed, 100 insertions, 0 deletions

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/BaseAuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/BaseAuthenticationServer.java
new file mode 100644
index 000000000..5e3b6653b
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/BaseAuthenticationServer.java
@@ -0,0 +1,100 @@
+
+package at.gv.egovernment.moa.id.auth;
+
+import java.io.UnsupportedEncodingException;
+import java.util.Date;
+import java.util.List;
+import java.util.UUID;
+
+import org.opensaml.xml.util.XMLHelper;
+
+import org.w3c.dom.Element;
+
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
+import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
+import at.gv.egovernment.moa.id.client.SZRGWClient;
+import at.gv.egovernment.moa.id.client.SZRGWClientException;
+import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
+import at.gv.egovernment.moa.id.config.ConfigurationException;
+import at.gv.egovernment.moa.id.config.ConnectionParameter;
+import at.gv.egovernment.moa.id.config.auth.AuthConfiguration;
+import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
+import at.gv.egovernment.moa.id.storage.AssertionStorage;
+import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
+import at.gv.egovernment.moa.id.storage.DBExceptionStoreImpl;
+import at.gv.egovernment.moa.id.util.MOAIDMessageProvider;
+import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.util.MiscUtil;
+import at.gv.util.xsd.mis.MandateIdentifiers;
+import at.gv.util.xsd.mis.Target;
+import at.gv.util.xsd.srzgw.CreateIdentityLinkRequest;
+import at.gv.util.xsd.srzgw.CreateIdentityLinkRequest.PEPSData;
+import at.gv.util.xsd.srzgw.CreateIdentityLinkResponse;
+import at.gv.util.xsd.srzgw.MISType;
+import at.gv.util.xsd.srzgw.MISType.Filters;
+
+/**
+ * API for MOA ID Authentication Service.<br> {@link AuthenticationSession} is
+ * stored in a session store and retrieved by giving the session ID.
+ *
+ * @author Paul Ivancsics
+ * @version $Id: AuthenticationServer.java 1273 2012-02-27 14:50:18Z kstranacher
+ *          $
+ */
+public abstract class BaseAuthenticationServer extends MOAIDAuthConstants {
+
+	/**
+	 * Retrieves a session from the session store.
+	 *
+	 * @param id session ID
+	 * @return <code>AuthenticationSession</code> stored with given session ID (never {@code null}).
+	 * @throws AuthenticationException in case the session id does not reflect a valic, active session.
+	 */
+	public static AuthenticationSession getSession(String id)
+			throws AuthenticationException {
+		AuthenticationSession session;
+		try {
+			session = AuthenticationSessionStoreage.getSession(id);
+
+			if (session == null)
+				throw new AuthenticationException("auth.02", new Object[]{id});
+			return session;
+
+		} catch (MOADatabaseException e) {
+			throw new AuthenticationException("auth.02", new Object[]{id});
+
+		} catch (Exception e) {
+			throw new AuthenticationException("parser.04", new Object[]{id});
+		}
+	}
+
+	/**
+	 * Cleans up expired session and authentication data stores.
+	 */
+	public static void cleanup() {
+		long now = new Date().getTime();
+
+		try {
+			int sessionTimeOutCreated = AuthConfigurationProviderFactory.getInstance().getSSOCreatedTimeOut() * 1000;
+			int sessionTimeOutUpdated = AuthConfigurationProviderFactory.getInstance().getSSOUpdatedTimeOut() * 1000;
+			int authDataTimeOut = AuthConfigurationProviderFactory.getInstance().getTransactionTimeOut() * 1000;
+
+			//clean AuthenticationSessionStore
+			AuthenticationSessionStoreage.clean(now, sessionTimeOutCreated, sessionTimeOutUpdated);
+						
+			//clean AssertionStore
+			AssertionStorage assertionstore = AssertionStorage.getInstance();
+			assertionstore.clean(now, authDataTimeOut);
+
+			//clean ExeptionStore
+			DBExceptionStoreImpl exstore = DBExceptionStoreImpl.getStore();
+			exstore.clean(now, authDataTimeOut);
+			
+		} catch (Exception e) {
+			Logger.error("Session cleanUp FAILED!" , e);
+			
+		}
+		
+	}
+
+}