diff options
author | Thomas Lenz <tlenz@iaik.tugraz.at> | 2016-10-25 16:23:23 +0200 |
---|---|---|
committer | Thomas Lenz <tlenz@iaik.tugraz.at> | 2016-10-25 16:23:23 +0200 |
commit | f10fb18bac8e4b98460d100a4af42a943ddb75df (patch) | |
tree | d53343fb928cb0186f6fa88ef2684bbea490b413 /id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth | |
parent | 83a92eead9d389060ec43e9459c5a1367aefc29a (diff) | |
download | moa-id-spss-f10fb18bac8e4b98460d100a4af42a943ddb75df.tar.gz moa-id-spss-f10fb18bac8e4b98460d100a4af42a943ddb75df.tar.bz2 moa-id-spss-f10fb18bac8e4b98460d100a4af42a943ddb75df.zip |
fix another problem in session database
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth')
18 files changed, 1003 insertions, 490 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/BaseAuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/BaseAuthenticationServer.java index 20f2029cb..f0d9741d4 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/BaseAuthenticationServer.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/BaseAuthenticationServer.java @@ -4,11 +4,8 @@ package at.gv.egovernment.moa.id.auth; import org.springframework.beans.factory.annotation.Autowired; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; -import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants; import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; -import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; -import at.gv.egovernment.moa.id.storage.IAuthenticationSessionStoreage; /** * API for MOA ID Authentication Service.<br> {@link AuthenticationSession} is @@ -20,32 +17,7 @@ import at.gv.egovernment.moa.id.storage.IAuthenticationSessionStoreage; */ public abstract class BaseAuthenticationServer extends MOAIDAuthConstants { - @Autowired private IAuthenticationSessionStoreage authenticationSessionStorage; @Autowired protected AuthConfiguration authConfig; - /** - * Retrieves a session from the session store. - * - * @param id session ID - * @return <code>AuthenticationSession</code> stored with given session ID (never {@code null}). - * @throws AuthenticationException in case the session id does not reflect a valic, active session. - */ - public AuthenticationSession getSession(String id) - throws AuthenticationException { - AuthenticationSession session; - try { - session = authenticationSessionStorage.getSession(id); - - if (session == null) - throw new AuthenticationException("auth.02", new Object[]{id}); - return session; - - } catch (MOADatabaseException e) { - throw new AuthenticationException("auth.02", new Object[]{id}); - - } catch (Exception e) { - throw new AuthenticationException("parser.04", new Object[]{id}); - } - } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java index 16d320ea5..3264fc3bd 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java @@ -47,11 +47,7 @@ import org.w3c.dom.Element; import org.w3c.dom.Node; import org.w3c.dom.NodeList; -import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionStorageConstants; -import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute; -import at.gv.egovernment.moa.id.auth.data.IdentityLink; -import at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse; import at.gv.egovernment.moa.id.auth.exception.BuildException; import at.gv.egovernment.moa.id.auth.exception.DynamicOABuildException; import at.gv.egovernment.moa.id.auth.exception.ParseException; @@ -61,6 +57,11 @@ import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants; import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; import at.gv.egovernment.moa.id.commons.api.IRequest; +import at.gv.egovernment.moa.id.commons.api.data.ExtendedSAMLAttribute; +import at.gv.egovernment.moa.id.commons.api.data.IAuthenticationSession; +import at.gv.egovernment.moa.id.commons.api.data.IIdentityLink; +import at.gv.egovernment.moa.id.commons.api.data.IMISMandate; +import at.gv.egovernment.moa.id.commons.api.data.IVerifiyXMLSignatureResponse; import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; import at.gv.egovernment.moa.id.commons.api.exceptions.SessionDataStorageException; @@ -110,13 +111,13 @@ public class AuthenticationDataBuilder extends MOAIDAuthConstants { public IAuthData buildAuthenticationData(IRequest pendingReq, - AuthenticationSession session) throws ConfigurationException, BuildException, WrongParametersException, DynamicOABuildException { + IAuthenticationSession session) throws ConfigurationException, BuildException, WrongParametersException, DynamicOABuildException { return buildAuthenticationData(pendingReq, session, pendingReq.getOnlineApplicationConfiguration()); } public IAuthData buildAuthenticationData(IRequest pendingReq, - AuthenticationSession session, IOAAuthParameters oaParam) throws ConfigurationException, BuildException, WrongParametersException, DynamicOABuildException { + IAuthenticationSession session, IOAAuthParameters oaParam) throws ConfigurationException, BuildException, WrongParametersException, DynamicOABuildException { AuthenticationData authdata = null; //only needed for SAML1 legacy support @@ -253,7 +254,7 @@ public class AuthenticationDataBuilder extends MOAIDAuthConstants { } } - private void buildAuthDataFormMOASession(AuthenticationData authData, AuthenticationSession session, + private void buildAuthDataFormMOASession(AuthenticationData authData, IAuthenticationSession session, IOAAuthParameters oaParam, IRequest protocolRequest) throws BuildException, ConfigurationException { Collection<String> includedToGenericAuthData = null; @@ -273,8 +274,8 @@ public class AuthenticationDataBuilder extends MOAIDAuthConstants { //#################################################### //parse user info's from identityLink - IdentityLink idlFromPVPAttr = null; - IdentityLink identityLink = session.getIdentityLink(); + IIdentityLink idlFromPVPAttr = null; + IIdentityLink identityLink = session.getIdentityLink(); if (identityLink != null) { parseBasicUserInfosFromIDL(authData, identityLink, includedToGenericAuthData); @@ -515,7 +516,7 @@ public class AuthenticationDataBuilder extends MOAIDAuthConstants { } //mandate functionality - MISMandate misMandate = null; + IMISMandate misMandate = null; if (session.isMandateUsed()) { //#################################################### //set Mandate reference value @@ -766,7 +767,7 @@ public class AuthenticationDataBuilder extends MOAIDAuthConstants { //#################################################################### //parse AuthBlock signature-verification response //INFO: this parameters are only required for SAML1 auth. protocol - VerifyXMLSignatureResponse verifyXMLSigResp = session.getXMLVerifySignatureResponse(); + IVerifiyXMLSignatureResponse verifyXMLSigResp = session.getXMLVerifySignatureResponse(); if (verifyXMLSigResp != null) { authData.setQualifiedCertificate(verifyXMLSigResp .isQualifiedCertificate()); @@ -833,7 +834,7 @@ public class AuthenticationDataBuilder extends MOAIDAuthConstants { return false; } - private void parseBasicUserInfosFromIDL(AuthenticationData authData, IdentityLink identityLink, Collection<String> includedGenericSessionData) { + private void parseBasicUserInfosFromIDL(AuthenticationData authData, IIdentityLink identityLink, Collection<String> includedGenericSessionData) { //baseID or wbpk in case of BusinessService without SSO or BusinessService SSO authData.setIdentificationValue(identityLink.getIdentificationValue()); authData.setIdentificationType(identityLink.getIdentificationType()); @@ -919,7 +920,7 @@ public class AuthenticationDataBuilder extends MOAIDAuthConstants { * @return Pair<bPK, bPKType> which was received by PVP-Attribute and could be decrypted for this Service Provider, * or <code>null</code> if no attribute exists or can not decrypted */ - private Pair<String, String> getEncryptedbPKFromPVPAttribute(AuthenticationSession session, + private Pair<String, String> getEncryptedbPKFromPVPAttribute(IAuthenticationSession session, AuthenticationData authData, IOAAuthParameters spConfig) { //set List of encrypted bPKs to authData DAO String pvpEncbPKListAttr = session.getGenericDataFromSession(PVPConstants.ENC_BPK_LIST_NAME, String.class); @@ -981,7 +982,7 @@ public class AuthenticationDataBuilder extends MOAIDAuthConstants { * @param session MOASession, but never null * @return bPK, which was received by PVP-Attribute, or <code>null</code> if no attribute exists */ - private String getbPKValueFromPVPAttribute(AuthenticationSession session) { + private String getbPKValueFromPVPAttribute(IAuthenticationSession session) { String pvpbPKValueAttr = session.getGenericDataFromSession(PVPConstants.BPK_NAME, String.class); if (MiscUtil.isNotEmpty(pvpbPKValueAttr)) { @@ -1015,7 +1016,7 @@ public class AuthenticationDataBuilder extends MOAIDAuthConstants { * @param session MOASession, but never null * @return bPKType, which was received by PVP-Attribute, or <code>null</code> if no attribute exists */ - private String getbPKTypeFromPVPAttribute(AuthenticationSession session) { + private String getbPKTypeFromPVPAttribute(IAuthenticationSession session) { String pvpbPKTypeAttr = session.getGenericDataFromSession(PVPConstants.EID_SECTOR_FOR_IDENTIFIER_NAME, String.class); if (MiscUtil.isNotEmpty(pvpbPKTypeAttr)) { @@ -1065,7 +1066,7 @@ public class AuthenticationDataBuilder extends MOAIDAuthConstants { } - private IdentityLink buildOAspecificIdentityLink(IOAAuthParameters oaParam, IdentityLink idl, String bPK, String bPKType) throws MOAIDException { + private IIdentityLink buildOAspecificIdentityLink(IOAAuthParameters oaParam, IIdentityLink idl, String bPK, String bPKType) throws MOAIDException { if (oaParam.getBusinessService()) { Element idlassertion = idl.getSamlAssertion(); //set bpk/wpbk; @@ -1076,7 +1077,7 @@ public class AuthenticationDataBuilder extends MOAIDAuthConstants { prIdentificationType.getFirstChild().setNodeValue(bPKType); IdentityLinkAssertionParser idlparser = new IdentityLinkAssertionParser(idlassertion); - IdentityLink businessServiceIdl = idlparser.parseIdentityLink(); + IIdentityLink businessServiceIdl = idlparser.parseIdentityLink(); //resign IDL IdentityLinkReSigner identitylinkresigner = IdentityLinkReSigner.getInstance(); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SignatureVerificationUtils.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SignatureVerificationUtils.java index ac93d7af9..9ca15c76f 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SignatureVerificationUtils.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SignatureVerificationUtils.java @@ -29,12 +29,12 @@ import org.w3c.dom.Document; import org.w3c.dom.Element; import org.w3c.dom.Node; -import at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse; import at.gv.egovernment.moa.id.auth.exception.BuildException; import at.gv.egovernment.moa.id.auth.exception.ParseException; import at.gv.egovernment.moa.id.auth.exception.ServiceException; import at.gv.egovernment.moa.id.auth.invoke.SignatureVerificationInvoker; import at.gv.egovernment.moa.id.auth.parser.VerifyXMLSignatureResponseParser; +import at.gv.egovernment.moa.id.commons.api.data.IVerifiyXMLSignatureResponse; import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; import at.gv.egovernment.moa.util.Base64Utils; import at.gv.egovernment.moa.util.Constants; @@ -74,7 +74,7 @@ public class SignatureVerificationUtils { } } - public VerifyXMLSignatureResponse verify(byte[] signature, String trustProfileID) throws MOAIDException { + public IVerifiyXMLSignatureResponse verify(byte[] signature, String trustProfileID) throws MOAIDException { try { //build signature-verification request Element domVerifyXMLSignatureRequest = build(signature, trustProfileID); @@ -84,7 +84,7 @@ public class SignatureVerificationUtils { .verifyXMLSignature(domVerifyXMLSignatureRequest); // parses the <VerifyXMLSignatureResponse> - VerifyXMLSignatureResponse verifyXMLSignatureResponse = new VerifyXMLSignatureResponseParser( + IVerifiyXMLSignatureResponse verifyXMLSignatureResponse = new VerifyXMLSignatureResponseParser( domVerifyXMLSignatureResponse).parseData(); return verifyXMLSignatureResponse; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java index a72f6c2ea..94651915e 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java @@ -46,20 +46,26 @@ import java.util.Map; import org.apache.commons.collections4.map.HashedMap; +import at.gv.egovernment.moa.id.commons.api.data.ExtendedSAMLAttribute; +import at.gv.egovernment.moa.id.commons.api.data.IAuthenticationSession; +import at.gv.egovernment.moa.id.commons.api.data.IIdentityLink; +import at.gv.egovernment.moa.id.commons.api.data.IMISMandate; +import at.gv.egovernment.moa.id.commons.api.data.IVerifiyXMLSignatureResponse; import at.gv.egovernment.moa.id.commons.api.exceptions.SessionDataStorageException; -import at.gv.egovernment.moa.id.data.MISMandate; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.Constants; import at.gv.egovernment.moa.util.MiscUtil; import iaik.x509.X509Certificate; /** - * Session data to be stored between <code>AuthenticationServer</code> API calls. * - * @author Paul Ivancsics - * @version $Id$ + * Serializable implementation of the {@link IAuthenticationSession} interface, which could be stored into a + * AuthenticationSession database + * + * @author Thomas Lenz + * */ -public class AuthenticationSession implements Serializable { +public class AuthenticationSession implements Serializable, IAuthenticationSession { /** * @@ -94,7 +100,7 @@ public class AuthenticationSession implements Serializable { * * Mandate element */ - private MISMandate mandate; + private IMISMandate mandate; /** * Reference value for mandate bussiness service for the assertion @@ -110,7 +116,7 @@ public class AuthenticationSession implements Serializable { /** * identity link read from smartcard */ - private IdentityLink identityLink; + private IIdentityLink identityLink; /** * authentication block to be signed by the user @@ -151,7 +157,7 @@ public class AuthenticationSession implements Serializable { private String QAALevel = null; - private VerifyXMLSignatureResponse XMLVerifySignatureResponse; + private IVerifiyXMLSignatureResponse XMLVerifySignatureResponse; private boolean isForeigner; @@ -170,14 +176,61 @@ public class AuthenticationSession implements Serializable { } + /** + * @param id + * @param now + * @param moaSession + */ + public AuthenticationSession(String id, Date now, IAuthenticationSession moaSession) { + sessionID = id; + sessionCreated = now; + + authBlock = moaSession.getAuthBlock(); + authBlockTokken = moaSession.getAuthBlockTokken(); + authenticated = moaSession.isAuthenticated(); + bkuURL = moaSession.getBkuURL(); + extendedSAMLAttributesAUTH = moaSession.getExtendedSAMLAttributesAUTH(); + extendedSAMLAttributesOA = moaSession.getExtendedSAMLAttributesOA(); + + genericSessionDataStorate = moaSession.getGenericSessionDataStorage(); + + identityLink = moaSession.getIdentityLink(); + isForeigner = moaSession.isForeigner(); + isOW = moaSession.isOW(); + issueInstant = moaSession.getIssueInstant(); + mandate = moaSession.getMISMandate(); + mandateReferenceValue = moaSession.getMandateReferenceValue(); + misSessionID = moaSession.getMISSessionID(); + QAALevel = moaSession.getQAALevel(); + samlAttributeGebeORwbpk = moaSession.getSAMLAttributeGebeORwbpk(); + sessionCreated = moaSession.getSessionCreated(); + signerCertificate = moaSession.getEncodedSignerCertificate(); + useMandates = moaSession.isMandateUsed(); + XMLVerifySignatureResponse = moaSession.getXMLVerifySignatureResponse(); + + //TODO: implement session construction from existing eID information + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#isAuthenticated() + */ + @Override public boolean isAuthenticated() { return authenticated; } + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setAuthenticated(boolean) + */ + @Override public void setAuthenticated(boolean authenticated) { this.authenticated = authenticated; } + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getSignerCertificate() + */ + @Override public X509Certificate getSignerCertificate() { try { return new X509Certificate(signerCertificate); @@ -188,10 +241,18 @@ public class AuthenticationSession implements Serializable { } } + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getEncodedSignerCertificate() + */ + @Override public byte[] getEncodedSignerCertificate() { return this.signerCertificate; } + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setSignerCertificate(iaik.x509.X509Certificate) + */ + @Override public void setSignerCertificate(X509Certificate signerCertificate) { try { this.signerCertificate = signerCertificate.getEncoded(); @@ -201,174 +262,141 @@ public class AuthenticationSession implements Serializable { } } - /** - * Returns the identityLink. - * - * @return IdentityLink + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getIdentityLink() */ - public IdentityLink getIdentityLink() { + @Override + public IIdentityLink getIdentityLink() { return identityLink; } - /** - * Returns the sessionID. - * - * @return String + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getSessionID() */ + @Override public String getSessionID() { return sessionID; } - /** - * Sets the identityLink. - * - * @param identityLink - * The identityLink to set + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setIdentityLink(at.gv.egovernment.moa.id.auth.data.IdentityLink) */ - public void setIdentityLink(IdentityLink identityLink) { + @Override + public void setIdentityLink(IIdentityLink identityLink) { this.identityLink = identityLink; } - /** - * Sets the sessionID. - * - * @param sessionId - * The sessionID to set + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setSessionID(java.lang.String) */ + @Override public void setSessionID(String sessionId) { this.sessionID = sessionId; } - /** - * Returns the BKU URL. - * - * @return String + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getBkuURL() */ + @Override public String getBkuURL() { return bkuURL; } - /** - * Sets the bkuURL - * - * @param bkuURL - * The BKU URL to set + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setBkuURL(java.lang.String) */ + @Override public void setBkuURL(String bkuURL) { this.bkuURL = bkuURL; } - /** - * Returns the authBlock. - * - * @return String + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getAuthBlock() */ + @Override public String getAuthBlock() { return authBlock; } - /** - * Sets the authBlock. - * - * @param authBlock - * The authBlock to set + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setAuthBlock(java.lang.String) */ + @Override public void setAuthBlock(String authBlock) { this.authBlock = authBlock; } - /** - * Returns the SAML Attributes to be appended to the AUTHBlock. Maybe <code>null</code>. - * - * @return The SAML Attributes to be appended to the AUTHBlock. Maybe <code>null</code>. + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getExtendedSAMLAttributesAUTH() */ + @Override public List<ExtendedSAMLAttribute> getExtendedSAMLAttributesAUTH() { if (extendedSAMLAttributesAUTH == null) extendedSAMLAttributesAUTH = new ArrayList<ExtendedSAMLAttribute>(); return extendedSAMLAttributesAUTH; } - /** - * Sets the SAML Attributes to be appended to the AUTHBlock. - * - * @param extendedSAMLAttributesAUTH - * The SAML Attributes to be appended to the AUTHBlock. + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setExtendedSAMLAttributesAUTH(java.util.List) */ + @Override public void setExtendedSAMLAttributesAUTH(List<ExtendedSAMLAttribute> extendedSAMLAttributesAUTH) { this.extendedSAMLAttributesAUTH = extendedSAMLAttributesAUTH; } - /** - * Returns the SAML Attributes to be appended to the SAML assertion delivered to the online - * application. Maybe <code>null</code>. - * - * @return The SAML Attributes to be appended to the SAML assertion delivered to the online - * application + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getExtendedSAMLAttributesOA() */ + @Override public List<ExtendedSAMLAttribute> getExtendedSAMLAttributesOA() { return extendedSAMLAttributesOA; } - /** - * Sets the SAML Attributes to be appended to the SAML assertion delivered to the online - * application. - * - * @param extendedSAMLAttributesOA - * The SAML Attributes to be appended to the SAML assertion delivered to the online - * application. + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setExtendedSAMLAttributesOA(java.util.List) */ + @Override public void setExtendedSAMLAttributesOA(List<ExtendedSAMLAttribute> extendedSAMLAttributesOA) { this.extendedSAMLAttributesOA = extendedSAMLAttributesOA; } - /** - * Returns the boolean value for either a target or a wbPK is provided as SAML Attribute in the - * SAML Assertion or not. - * - * @return true either a target or a wbPK is provided as SAML Attribute in the SAML Assertion or - * false if not. + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getSAMLAttributeGebeORwbpk() */ + @Override public boolean getSAMLAttributeGebeORwbpk() { return this.samlAttributeGebeORwbpk; } - /** - * Sets the boolean value for either a target or a wbPK is provided as SAML Attribute in the - * SAML Assertion or not. - * - * @param samlAttributeGebeORwbpk - * The boolean for value either a target or wbPK is provided as SAML Attribute in the - * SAML Assertion or not. + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setSAMLAttributeGebeORwbpk(boolean) */ + @Override public void setSAMLAttributeGebeORwbpk(boolean samlAttributeGebeORwbpk) { this.samlAttributeGebeORwbpk = samlAttributeGebeORwbpk; } - /** - * Returns the issuing time of the AUTH-Block SAML assertion. - * - * @return The issuing time of the AUTH-Block SAML assertion. + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getIssueInstant() */ + @Override public String getIssueInstant() { return issueInstant; } - /** - * Sets the issuing time of the AUTH-Block SAML assertion. - * - * @param issueInstant - * The issueInstant to set. + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setIssueInstant(java.lang.String) */ + @Override public void setIssueInstant(String issueInstant) { this.issueInstant = issueInstant; } - /** - * - * @param useMandate - * indicates if mandate is used or not + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setUseMandate(java.lang.String) */ + @Override public void setUseMandate(String useMandate) { if (useMandate.compareToIgnoreCase("true") == 0) this.useMandates = true; @@ -377,141 +405,172 @@ public class AuthenticationSession implements Serializable { } + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setUseMandates(boolean) + */ + @Override public void setUseMandates(boolean useMandates) { this.useMandates = useMandates; } - /** - * @return + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#isMandateUsed() */ + @Override public boolean isMandateUsed() { return this.useMandates; } - /** - * - * @param misSessionID - * indicates the MIS session ID + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setMISSessionID(java.lang.String) */ + @Override public void setMISSessionID(String misSessionID) { this.misSessionID = misSessionID; } - /** - * Returns the MIS session ID - * - * @return + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getMISSessionID() */ + @Override public String getMISSessionID() { return this.misSessionID; } - /** - * @return the mandateReferenceValue + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getMandateReferenceValue() */ + @Override public String getMandateReferenceValue() { return mandateReferenceValue; } - /** - * @param mandateReferenceValue - * the mandateReferenceValue to set + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setMandateReferenceValue(java.lang.String) */ + @Override public void setMandateReferenceValue(String mandateReferenceValue) { this.mandateReferenceValue = mandateReferenceValue; } + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#isForeigner() + */ + @Override public boolean isForeigner() { return isForeigner; } + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setForeigner(boolean) + */ + @Override public void setForeigner(boolean isForeigner) { this.isForeigner = isForeigner; } - public VerifyXMLSignatureResponse getXMLVerifySignatureResponse() { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getXMLVerifySignatureResponse() + */ + @Override + public IVerifiyXMLSignatureResponse getXMLVerifySignatureResponse() { return XMLVerifySignatureResponse; } - public void setXMLVerifySignatureResponse(VerifyXMLSignatureResponse xMLVerifySignatureResponse) { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setXMLVerifySignatureResponse(at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse) + */ + @Override + public void setXMLVerifySignatureResponse(IVerifiyXMLSignatureResponse xMLVerifySignatureResponse) { XMLVerifySignatureResponse = xMLVerifySignatureResponse; } - public MISMandate getMISMandate() { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getMISMandate() + */ + @Override + public IMISMandate getMISMandate() { return mandate; } - public void setMISMandate(MISMandate mandate) { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setMISMandate(at.gv.egovernment.moa.id.data.MISMandate) + */ + @Override + public void setMISMandate(IMISMandate mandate) { this.mandate = mandate; } - /** - * @return the isOW + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#isOW() */ + @Override public boolean isOW() { return isOW; } - /** - * @param isOW - * the isOW to set + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setOW(boolean) */ + @Override public void setOW(boolean isOW) { this.isOW = isOW; } - /** - * @return the authBlockTokken + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getAuthBlockTokken() */ + @Override public String getAuthBlockTokken() { return authBlockTokken; } - /** - * @param authBlockTokken - * the authBlockTokken to set + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setAuthBlockTokken(java.lang.String) */ + @Override public void setAuthBlockTokken(String authBlockTokken) { this.authBlockTokken = authBlockTokken; } - /** - * eIDAS QAA level - * - * @return the qAALevel + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getQAALevel() */ + @Override public String getQAALevel() { return QAALevel; } - /** - * set QAA level in eIDAS form - * - * @param qAALevel the qAALevel to set + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setQAALevel(java.lang.String) */ + @Override public void setQAALevel(String qAALevel) { QAALevel = qAALevel; } - /** - * @return the sessionCreated + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getSessionCreated() */ + @Override public Date getSessionCreated() { return sessionCreated; } + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getGenericSessionDataStorage() + */ + @Override public Map<String, Object> getGenericSessionDataStorage() { return genericSessionDataStorate; } - /** - * Returns a generic session-data object with is stored with a specific identifier - * - * @param key The specific identifier of the session-data object - * @return The session-data object or null if no data is found with this key + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getGenericDataFromSession(java.lang.String) */ + @Override public Object getGenericDataFromSession(String key) { if (MiscUtil.isNotEmpty(key)) { return genericSessionDataStorate.get(key); @@ -523,13 +582,10 @@ public class AuthenticationSession implements Serializable { } - /** - * Returns a generic session-data object with is stored with a specific identifier - * - * @param key The specific identifier of the session-data object - * @param clazz The class type which is stored with this key - * @return The session-data object or null if no data is found with this key + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getGenericDataFromSession(java.lang.String, java.lang.Class) */ + @Override public <T> T getGenericDataFromSession(String key, final Class<T> clazz) { if (MiscUtil.isNotEmpty(key)) { Object data = genericSessionDataStorate.get(key); @@ -555,13 +611,10 @@ public class AuthenticationSession implements Serializable { } - /** - * Store a generic data-object to session with a specific identifier - * - * @param key Identifier for this data-object - * @param object Generic data-object which should be stored. This data-object had to be implement the 'java.io.Serializable' interface - * @throws SessionDataStorageException Error message if the data-object can not stored to generic session-data storage + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setGenericDataToSession(java.lang.String, java.lang.Object) */ + @Override public void setGenericDataToSession(String key, Object object) throws SessionDataStorageException { if (MiscUtil.isEmpty(key)) { Logger.warn("Generic session-data can not be stored with a 'null' key"); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSessionWrapper.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSessionWrapper.java new file mode 100644 index 000000000..5419e8ae0 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSessionWrapper.java @@ -0,0 +1,492 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.data; + +import java.security.cert.CertificateEncodingException; +import java.security.cert.CertificateException; +import java.util.ArrayList; +import java.util.Date; +import java.util.HashMap; +import java.util.List; +import java.util.Map; + +import at.gv.egovernment.moa.id.commons.api.data.AuthProzessDataConstants; +import at.gv.egovernment.moa.id.commons.api.data.ExtendedSAMLAttribute; +import at.gv.egovernment.moa.id.commons.api.data.IAuthenticationSession; +import at.gv.egovernment.moa.id.commons.api.data.IIdentityLink; +import at.gv.egovernment.moa.id.commons.api.data.IMISMandate; +import at.gv.egovernment.moa.id.commons.api.data.IVerifiyXMLSignatureResponse; +import at.gv.egovernment.moa.id.commons.api.exceptions.SessionDataStorageException; +import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.MiscUtil; +import iaik.x509.X509Certificate; + +/** + * @author tlenz + * + */ +public class AuthenticationSessionWrapper implements IAuthenticationSession, AuthProzessDataConstants { + + + private Map<String, Object> sessionData; + + /** + * @param genericDataStorage + */ + public AuthenticationSessionWrapper(Map<String, Object> genericDataStorage) { + this.sessionData = genericDataStorage; + } + + private <T> T wrapStringObject(String key, Object defaultValue, Class<T> clazz) { + if (MiscUtil.isNotEmpty(key)) { + Object obj = sessionData.get(key); + if (obj != null && clazz.isInstance(obj)) + return (T) obj; + } + + if (defaultValue == null) + return null; + + else if (clazz.isInstance(defaultValue)) + return (T)defaultValue; + + else { + Logger.error("DefaultValue: " + defaultValue.getClass().getName() + " is not of Type:" + clazz.getName()); + throw new IllegalStateException("DefaultValue: " + defaultValue.getClass().getName() + " is not of Type:" + clazz.getName()); + + } + } + + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#isAuthenticated() + */ + @Override + public boolean isAuthenticated() { + return wrapStringObject(FLAG_IS_AUTHENTICATED, false, Boolean.class); + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setAuthenticated(boolean) + */ + @Override + public void setAuthenticated(boolean authenticated) { + sessionData.put(FLAG_IS_AUTHENTICATED, authenticated); + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getSignerCertificate() + */ + @Override + public X509Certificate getSignerCertificate() { + byte[] encCert = getEncodedSignerCertificate(); + + if (encCert != null) { + try { + return new X509Certificate(encCert); + } + catch (CertificateException e) { + Logger.warn("Signer certificate can not be loaded from session database!", e); + + } + } + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getEncodedSignerCertificate() + */ + @Override + public byte[] getEncodedSignerCertificate() { + return wrapStringObject(VALUE_SIGNER_CERT, null, byte[].class); + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setSignerCertificate(iaik.x509.X509Certificate) + */ + @Override + public void setSignerCertificate(X509Certificate signerCertificate) { + try { + sessionData.put(VALUE_SIGNER_CERT, signerCertificate.getEncoded()); + + }catch (CertificateEncodingException e) { + Logger.warn("Signer certificate can not be stored to session database!", e); + } + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getIdentityLink() + */ + @Override + public IIdentityLink getIdentityLink() { + return wrapStringObject(VALUE_IDENTITYLINK, null, IIdentityLink.class); + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getSessionID() + */ + @Override + public String getSessionID() { + return wrapStringObject(VALUE_SESSIONID, null, String.class); + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setIdentityLink(at.gv.egovernment.moa.id.auth.data.IdentityLink) + */ + @Override + public void setIdentityLink(IIdentityLink identityLink) { + sessionData.put(VALUE_IDENTITYLINK, identityLink); + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setSessionID(java.lang.String) + */ + @Override + public void setSessionID(String sessionId) { + sessionData.put(VALUE_SESSIONID, sessionId); + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getBkuURL() + */ + @Override + public String getBkuURL() { + return wrapStringObject(VALUE_BKUURL, null, String.class); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setBkuURL(java.lang.String) + */ + @Override + public void setBkuURL(String bkuURL) { + sessionData.put(VALUE_BKUURL, bkuURL); + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getAuthBlock() + */ + @Override + public String getAuthBlock() { + return wrapStringObject(VALUE_AUTHBLOCK, null, String.class); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setAuthBlock(java.lang.String) + */ + @Override + public void setAuthBlock(String authBlock) { + sessionData.put(VALUE_AUTHBLOCK, authBlock); + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getExtendedSAMLAttributesAUTH() + */ + @Override + public List<ExtendedSAMLAttribute> getExtendedSAMLAttributesAUTH() { + return wrapStringObject(VALUE_EXTENTEDSAMLATTRAUTH, new ArrayList<ExtendedSAMLAttribute>(), List.class); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setExtendedSAMLAttributesAUTH(java.util.List) + */ + @Override + public void setExtendedSAMLAttributesAUTH(List<ExtendedSAMLAttribute> extendedSAMLAttributesAUTH) { + sessionData.put(VALUE_EXTENTEDSAMLATTRAUTH, extendedSAMLAttributesAUTH); + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getExtendedSAMLAttributesOA() + */ + @Override + public List<ExtendedSAMLAttribute> getExtendedSAMLAttributesOA() { + return wrapStringObject(VALUE_EXTENTEDSAMLATTROA, null, List.class); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setExtendedSAMLAttributesOA(java.util.List) + */ + @Override + public void setExtendedSAMLAttributesOA(List<ExtendedSAMLAttribute> extendedSAMLAttributesOA) { + sessionData.put(VALUE_EXTENTEDSAMLATTROA, extendedSAMLAttributesOA); + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getSAMLAttributeGebeORwbpk() + */ + @Override + public boolean getSAMLAttributeGebeORwbpk() { + return wrapStringObject(FLAG_SAMLATTRIBUTEGEBEORWBPK, false, Boolean.class); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setSAMLAttributeGebeORwbpk(boolean) + */ + @Override + public void setSAMLAttributeGebeORwbpk(boolean samlAttributeGebeORwbpk) { + sessionData.put(FLAG_SAMLATTRIBUTEGEBEORWBPK, samlAttributeGebeORwbpk); + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getIssueInstant() + */ + @Override + public String getIssueInstant() { + return wrapStringObject(VALUE_ISSUEINSTANT, null, String.class); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setIssueInstant(java.lang.String) + */ + @Override + public void setIssueInstant(String issueInstant) { + sessionData.put(VALUE_ISSUEINSTANT, issueInstant); + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setUseMandate(java.lang.String) + */ + @Override + public void setUseMandate(String useMandate) { + if (useMandate.compareToIgnoreCase("true") == 0) + setUseMandates(true); + else + setUseMandates(false); + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setUseMandates(boolean) + */ + @Override + public void setUseMandates(boolean useMandates) { + sessionData.put(FLAG_USE_MANDATE, useMandates); + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#isMandateUsed() + */ + @Override + public boolean isMandateUsed() { + return wrapStringObject(FLAG_USE_MANDATE, false, Boolean.class); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setMISSessionID(java.lang.String) + */ + @Override + public void setMISSessionID(String misSessionID) { + sessionData.put(VALUE_MISSESSIONID, misSessionID); + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getMISSessionID() + */ + @Override + public String getMISSessionID() { + return wrapStringObject(VALUE_MISSESSIONID, null, String.class); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getMandateReferenceValue() + */ + @Override + public String getMandateReferenceValue() { + return wrapStringObject(VALUE_MISREFVALUE, null, String.class); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setMandateReferenceValue(java.lang.String) + */ + @Override + public void setMandateReferenceValue(String mandateReferenceValue) { + sessionData.put(VALUE_MISREFVALUE, mandateReferenceValue); + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#isForeigner() + */ + @Override + public boolean isForeigner() { + return wrapStringObject(FLAG_IS_FOREIGNER, false, Boolean.class); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setForeigner(boolean) + */ + @Override + public void setForeigner(boolean isForeigner) { + sessionData.put(FLAG_IS_FOREIGNER, isForeigner); + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getXMLVerifySignatureResponse() + */ + @Override + public IVerifiyXMLSignatureResponse getXMLVerifySignatureResponse() { + return wrapStringObject(VALUE_VERIFYSIGRESP, null, IVerifiyXMLSignatureResponse.class); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setXMLVerifySignatureResponse(at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse) + */ + @Override + public void setXMLVerifySignatureResponse(IVerifiyXMLSignatureResponse xMLVerifySignatureResponse) { + sessionData.put(VALUE_VERIFYSIGRESP, xMLVerifySignatureResponse); + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getMISMandate() + */ + @Override + public IMISMandate getMISMandate() { + return wrapStringObject(VALUE_MISMANDATE, null, IMISMandate.class); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setMISMandate(at.gv.egovernment.moa.id.data.MISMandate) + */ + @Override + public void setMISMandate(IMISMandate mandate) { + sessionData.put(VALUE_MISMANDATE, mandate); + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#isOW() + */ + @Override + public boolean isOW() { + return wrapStringObject(FLAG_IS_ORGANWALTER, false, Boolean.class); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setOW(boolean) + */ + @Override + public void setOW(boolean isOW) { + sessionData.put(FLAG_IS_ORGANWALTER, isOW); + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getAuthBlockTokken() + */ + @Override + public String getAuthBlockTokken() { + return wrapStringObject(VALUE_AUTNBLOCKTOKKEN, null, String.class); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setAuthBlockTokken(java.lang.String) + */ + @Override + public void setAuthBlockTokken(String authBlockTokken) { + sessionData.put(VALUE_AUTNBLOCKTOKKEN, authBlockTokken); + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getQAALevel() + */ + @Override + public String getQAALevel() { + return wrapStringObject(VALUE_QAALEVEL, null, String.class); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setQAALevel(java.lang.String) + */ + @Override + public void setQAALevel(String qAALevel) { + sessionData.put(VALUE_QAALEVEL, qAALevel); + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getSessionCreated() + */ + @Override + public Date getSessionCreated() { + return wrapStringObject(VALUE_CREATED, null, Date.class); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getGenericSessionDataStorage() + */ + @Override + public Map<String, Object> getGenericSessionDataStorage() { + Map<String, Object> result = new HashMap<String, Object>(); + for (String el : sessionData.keySet()) { + if (el.startsWith(GENERIC_PREFIX)) + result.put(el.substring(GENERIC_PREFIX.length()), sessionData.get(el)); + + } + + return result; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getGenericDataFromSession(java.lang.String) + */ + @Override + public Object getGenericDataFromSession(String key) { + return sessionData.get(GENERIC_PREFIX + key); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getGenericDataFromSession(java.lang.String, java.lang.Class) + */ + @Override + public <T> T getGenericDataFromSession(String key, Class<T> clazz) { + return wrapStringObject(GENERIC_PREFIX + key, null, clazz); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setGenericDataToSession(java.lang.String, java.lang.Object) + */ + @Override + public void setGenericDataToSession(String key, Object object) throws SessionDataStorageException { + sessionData.put(GENERIC_PREFIX + key, object); + + } + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/ExtendedSAMLAttributeImpl.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/ExtendedSAMLAttributeImpl.java index c7fa58eaf..f1d48935f 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/ExtendedSAMLAttributeImpl.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/ExtendedSAMLAttributeImpl.java @@ -48,6 +48,8 @@ package at.gv.egovernment.moa.id.auth.data; import java.io.Serializable; +import at.gv.egovernment.moa.id.commons.api.data.ExtendedSAMLAttribute; + /** * This class contains SAML attributes to be appended to the SAML assertion delivered to * the Online application. @@ -92,13 +94,13 @@ public class ExtendedSAMLAttributeImpl implements ExtendedSAMLAttribute, Seriali * The following values are allowed: * <ul> * <li> - * {@link at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute#ADD_TO_AUTHBLOCK} + * {@link at.gv.egovernment.moa.id.commons.api.data.ExtendedSAMLAttribute#ADD_TO_AUTHBLOCK} * </li> * <li> - * {@link at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute#NOT_ADD_TO_AUTHBLOCK} + * {@link at.gv.egovernment.moa.id.commons.api.data.ExtendedSAMLAttribute#NOT_ADD_TO_AUTHBLOCK} * </li> * <li> - * {@link at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute#ADD_TO_AUTHBLOCK_ONLY} + * {@link at.gv.egovernment.moa.id.commons.api.data.ExtendedSAMLAttribute#ADD_TO_AUTHBLOCK_ONLY} * </li> * </ul> * @@ -111,28 +113,28 @@ public class ExtendedSAMLAttributeImpl implements ExtendedSAMLAttribute, Seriali } /** - * @see at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute#getValue() + * @see at.gv.egovernment.moa.id.commons.api.data.ExtendedSAMLAttribute#getValue() */ public Object getValue() { return value_; } /** - * @see at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute#getName() + * @see at.gv.egovernment.moa.id.commons.api.data.ExtendedSAMLAttribute#getName() */ public String getName() { return name_; } /** - * @see at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute#getNameSpace() + * @see at.gv.egovernment.moa.id.commons.api.data.ExtendedSAMLAttribute#getNameSpace() */ public String getNameSpace() { return namespace_; } /** - * @see at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute#getAddToAUTHBlock() + * @see at.gv.egovernment.moa.id.commons.api.data.ExtendedSAMLAttribute#getAddToAUTHBlock() */ public int getAddToAUTHBlock() { return addToAUTHBlock_; @@ -144,16 +146,16 @@ public class ExtendedSAMLAttributeImpl implements ExtendedSAMLAttribute, Seriali * @param addToAUTHBlock One of the following values: * <ul> * <li> - * {@link at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute#ADD_TO_AUTHBLOCK} + * {@link at.gv.egovernment.moa.id.commons.api.data.ExtendedSAMLAttribute#ADD_TO_AUTHBLOCK} * </li> * <li> - * {@link at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute#NOT_ADD_TO_AUTHBLOCK} + * {@link at.gv.egovernment.moa.id.commons.api.data.ExtendedSAMLAttribute#NOT_ADD_TO_AUTHBLOCK} * </li> * <li> - * {@link at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute#ADD_TO_AUTHBLOCK_ONLY} + * {@link at.gv.egovernment.moa.id.commons.api.data.ExtendedSAMLAttribute#ADD_TO_AUTHBLOCK_ONLY} * </li> * </ul> - * {@link at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute#ADD_TO_AUTHBLOCK} + * {@link at.gv.egovernment.moa.id.commons.api.data.ExtendedSAMLAttribute#ADD_TO_AUTHBLOCK} */ public void setAddToAUTHBlock(int addToAUTHBlock) { addToAUTHBlock_ = addToAUTHBlock; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/IdentityLink.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/IdentityLink.java index 78f1e14f0..2690bc2cc 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/IdentityLink.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/IdentityLink.java @@ -54,6 +54,7 @@ import javax.xml.transform.TransformerException; import org.w3c.dom.Element; +import at.gv.egovernment.moa.id.commons.api.data.IIdentityLink; import at.gv.egovernment.moa.util.DOMUtils; @@ -64,7 +65,7 @@ import at.gv.egovernment.moa.util.DOMUtils; * @author Paul Ivancsics * @version $Id$ */ -public class IdentityLink implements Serializable{ +public class IdentityLink implements Serializable, IIdentityLink{ private static final long serialVersionUID = 1L; @@ -128,188 +129,183 @@ public class IdentityLink implements Serializable{ public IdentityLink() { } - /** - * Returns the dateOfBirth. - * @return Calendar - */ - public String getDateOfBirth() { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IIdentityLink#getDateOfBirth() + */ + @Override +public String getDateOfBirth() { return dateOfBirth; } - /** - * Returns the familyName. - * @return String - */ - public String getFamilyName() { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IIdentityLink#getFamilyName() + */ + @Override +public String getFamilyName() { return familyName; } - /** - * Returns the givenName. - * @return String - */ - public String getGivenName() { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IIdentityLink#getGivenName() + */ + @Override +public String getGivenName() { return givenName; } - /** - * Returns the name. - * @return The name. - */ - public String getName() { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IIdentityLink#getName() + */ + @Override +public String getName() { if (name == null) { name = givenName + " " + familyName; } return name; } - /** - * Returns the identificationValue. - * <code>"identificationValue"</code> is the translation of <code>"Stammzahl"</code>. - * @return String - */ - public String getIdentificationValue() { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IIdentityLink#getIdentificationValue() + */ + @Override +public String getIdentificationValue() { return identificationValue; } - /** - * Returns the identificationType. - * <code>"identificationType"</code> type of the identificationValue in the IdentityLink. - * @return String + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IIdentityLink#getIdentificationType() */ + @Override public String getIdentificationType() { return identificationType; } - /** - * Sets the dateOfBirth. - * @param dateOfBirth The dateOfBirth to set - */ - public void setDateOfBirth(String dateOfBirth) { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IIdentityLink#setDateOfBirth(java.lang.String) + */ + @Override +public void setDateOfBirth(String dateOfBirth) { this.dateOfBirth = dateOfBirth; } - /** - * Sets the familyName. - * @param familyName The familyName to set - */ - public void setFamilyName(String familyName) { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IIdentityLink#setFamilyName(java.lang.String) + */ + @Override +public void setFamilyName(String familyName) { this.familyName = familyName; } - /** - * Sets the givenName. - * @param givenName The givenName to set - */ - public void setGivenName(String givenName) { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IIdentityLink#setGivenName(java.lang.String) + */ + @Override +public void setGivenName(String givenName) { this.givenName = givenName; } - /** - * Sets the identificationValue. - * <code>"identificationValue"</code> is the translation of <code>"Stammzahl"</code>. - * @param identificationValue The identificationValue to set - */ - public void setIdentificationValue(String identificationValue) { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IIdentityLink#setIdentificationValue(java.lang.String) + */ + @Override +public void setIdentificationValue(String identificationValue) { this.identificationValue = identificationValue; } - /** - * Sets the Type of the identificationValue. - * @param identificationType The type of identificationValue to set + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IIdentityLink#setIdentificationType(java.lang.String) */ + @Override public void setIdentificationType(String identificationType) { this.identificationType = identificationType; } - /** - * Returns the samlAssertion. - * @return Element - */ - public Element getSamlAssertion() { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IIdentityLink#getSamlAssertion() + */ + @Override +public Element getSamlAssertion() { return samlAssertion; } - /** - * Returns the samlAssertion. - * @return Element - */ - public String getSerializedSamlAssertion() { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IIdentityLink#getSerializedSamlAssertion() + */ + @Override +public String getSerializedSamlAssertion() { return serializedSamlAssertion; } - /** - * Sets the samlAssertion and the serializedSamlAssertion. - * @param samlAssertion The samlAssertion to set - */ - public void setSamlAssertion(Element samlAssertion) throws TransformerException, IOException { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IIdentityLink#setSamlAssertion(org.w3c.dom.Element) + */ + @Override +public void setSamlAssertion(Element samlAssertion) throws TransformerException, IOException { this.samlAssertion = samlAssertion; this.serializedSamlAssertion = DOMUtils.serializeNode(samlAssertion); } - /** - * Returns the dsigReferenceTransforms. - * @return Element[] - */ - public Element[] getDsigReferenceTransforms() { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IIdentityLink#getDsigReferenceTransforms() + */ + @Override +public Element[] getDsigReferenceTransforms() { return dsigReferenceTransforms; } - /** - * Sets the dsigReferenceTransforms. - * @param dsigReferenceTransforms The dsigReferenceTransforms to set - */ - public void setDsigReferenceTransforms(Element[] dsigReferenceTransforms) { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IIdentityLink#setDsigReferenceTransforms(org.w3c.dom.Element[]) + */ + @Override +public void setDsigReferenceTransforms(Element[] dsigReferenceTransforms) { this.dsigReferenceTransforms = dsigReferenceTransforms; } - /** - * Returns the publicKey. - * @return PublicKey[] - */ - public PublicKey[] getPublicKey() { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IIdentityLink#getPublicKey() + */ + @Override +public PublicKey[] getPublicKey() { return publicKey; } - /** - * Sets the publicKey. - * @param publicKey The publicKey to set - */ - public void setPublicKey(PublicKey[] publicKey) { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IIdentityLink#setPublicKey(java.security.PublicKey[]) + */ + @Override +public void setPublicKey(PublicKey[] publicKey) { this.publicKey = publicKey; } - /** - * Returns the prPerson. - * @return Element - */ - public Element getPrPerson() { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IIdentityLink#getPrPerson() + */ + @Override +public Element getPrPerson() { return prPerson; } - /** - * Sets the prPerson. - * @param prPerson The prPerson to set - */ - public void setPrPerson(Element prPerson) { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IIdentityLink#setPrPerson(org.w3c.dom.Element) + */ + @Override +public void setPrPerson(Element prPerson) { this.prPerson = prPerson; } - /** - * Returns the issuing time of the identity link SAML assertion. - * - * @return The issuing time of the identity link SAML assertion. - */ - public String getIssueInstant() { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IIdentityLink#getIssueInstant() + */ + @Override +public String getIssueInstant() { return issueInstant; } - /** - * Sets the issuing time of the identity link SAML assertion. - * - * @param issueInstant The issueInstant to set. - */ - public void setIssueInstant(String issueInstant) { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IIdentityLink#setIssueInstant(java.lang.String) + */ + @Override +public void setIssueInstant(String issueInstant) { this.issueInstant = issueInstant; } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/InfoboxValidationResult.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/InfoboxValidationResult.java index e9a278d0f..82263f7a1 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/InfoboxValidationResult.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/InfoboxValidationResult.java @@ -46,12 +46,13 @@ package at.gv.egovernment.moa.id.auth.data; +import at.gv.egovernment.moa.id.commons.api.data.ExtendedSAMLAttribute; /** * Includes the result of an extended infobox validation. * * If validation succeeds, an array of - * {@link at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute ExtendedSAMLAttributes} + * {@link at.gv.egovernment.moa.id.commons.api.data.ExtendedSAMLAttribute ExtendedSAMLAttributes} * maybe provided. Each of these SAML-Attributes will be either appended to the * final SAML-Assertion passed to the online application or to the AUTH-Block, * or to both. @@ -65,7 +66,7 @@ public interface InfoboxValidationResult { /** * The method returns <code>true</code> if validation succeeds. In that case * method {@link #getExtendedSamlAttributes()} may provide an array of - * {@link at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute + * {@link at.gv.egovernment.moa.id.commons.api.data.ExtendedSAMLAttribute * ExtendedSAMLAttributes} that should be appended to the final SAML-Assertion or the * AUTH-Block or to both. * <br> @@ -78,14 +79,14 @@ public interface InfoboxValidationResult { public boolean isValid(); /** - * Returns an array of {@link at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute + * Returns an array of {@link at.gv.egovernment.moa.id.commons.api.data.ExtendedSAMLAttribute * ExtendedSAMLAttributes} that should be added to the SAML-Assertion * provided to the online application. * The SAML-Attributes in that array will be added to the final * SAML-Assertion, the AUTH-Block, or both, exactly in the order as they are arranged * in the array this method returns. * - * @return An array of {@link at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute + * @return An array of {@link at.gv.egovernment.moa.id.commons.api.data.ExtendedSAMLAttribute * ExtendedSAMLAttributes} that should be added to the SAML-Assertion * provided to the online application, the AUTH-Block, or both. If no attributes should * be added this array maybe <code>null</code> or empty. diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/InfoboxValidationResultImpl.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/InfoboxValidationResultImpl.java index 0ba17eb2f..c5183d29c 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/InfoboxValidationResultImpl.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/InfoboxValidationResultImpl.java @@ -46,6 +46,7 @@ package at.gv.egovernment.moa.id.auth.data; +import at.gv.egovernment.moa.id.commons.api.data.ExtendedSAMLAttribute; /** * Default implementation of the {@link InfoboxValidationResult} interface. diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/VerifyXMLSignatureResponse.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/VerifyXMLSignatureResponse.java index 6cf1de319..c054976ec 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/VerifyXMLSignatureResponse.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/VerifyXMLSignatureResponse.java @@ -49,6 +49,7 @@ package at.gv.egovernment.moa.id.auth.data; import java.io.Serializable; import java.util.Date; +import at.gv.egovernment.moa.id.commons.api.data.IVerifiyXMLSignatureResponse; import iaik.x509.X509Certificate; /** @@ -59,7 +60,7 @@ import iaik.x509.X509Certificate; * @version $Id$ * */ -public class VerifyXMLSignatureResponse implements Serializable{ +public class VerifyXMLSignatureResponse implements Serializable, IVerifiyXMLSignatureResponse{ private static final long serialVersionUID = 1L; @@ -89,173 +90,179 @@ public class VerifyXMLSignatureResponse implements Serializable{ private Date signingDateTime; - /** - * Returns the certificateCheckCode. - * @return int - */ - public int getCertificateCheckCode() { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse#getCertificateCheckCode() + */ + @Override +public int getCertificateCheckCode() { return certificateCheckCode; } - /** - * Returns the signatureCheckCode. - * @return int - */ - public int getSignatureCheckCode() { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse#getSignatureCheckCode() + */ + @Override +public int getSignatureCheckCode() { return signatureCheckCode; } - /** - * Returns the xmlDSIGManifestCheckCode. - * @return int - */ - public int getXmlDSIGManifestCheckCode() { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse#getXmlDSIGManifestCheckCode() + */ + @Override +public int getXmlDSIGManifestCheckCode() { return xmlDSIGManifestCheckCode; } - /** - * Returns the xmlDsigSubjectName. - * @return String - */ - public String getXmlDsigSubjectName() { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse#getXmlDsigSubjectName() + */ + @Override +public String getXmlDsigSubjectName() { return xmlDsigSubjectName; } - /** - * Sets the certificateCheckCode. - * @param certificateCheckCode The certificateCheckCode to set - */ - public void setCertificateCheckCode(int certificateCheckCode) { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse#setCertificateCheckCode(int) + */ + @Override +public void setCertificateCheckCode(int certificateCheckCode) { this.certificateCheckCode = certificateCheckCode; } - /** - * Sets the signatureCheckCode. - * @param signatureCheckCode The signatureCheckCode to set - */ - public void setSignatureCheckCode(int signatureCheckCode) { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse#setSignatureCheckCode(int) + */ + @Override +public void setSignatureCheckCode(int signatureCheckCode) { this.signatureCheckCode = signatureCheckCode; } - /** - * Sets the xmlDSIGManifestCheckCode. - * @param xmlDSIGManifestCheckCode The xmlDSIGManifestCheckCode to set - */ - public void setXmlDSIGManifestCheckCode(int xmlDSIGManifestCheckCode) { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse#setXmlDSIGManifestCheckCode(int) + */ + @Override +public void setXmlDSIGManifestCheckCode(int xmlDSIGManifestCheckCode) { this.xmlDSIGManifestCheckCode = xmlDSIGManifestCheckCode; } - /** - * Sets the xmlDsigSubjectName. - * @param xmlDsigSubjectName The xmlDsigSubjectName to set - */ - public void setXmlDsigSubjectName(String xmlDsigSubjectName) { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse#setXmlDsigSubjectName(java.lang.String) + */ + @Override +public void setXmlDsigSubjectName(String xmlDsigSubjectName) { this.xmlDsigSubjectName = xmlDsigSubjectName; } - /** - * Returns the publicAuthorityCode. - * @return int - */ - public String getPublicAuthorityCode() { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse#getPublicAuthorityCode() + */ + @Override +public String getPublicAuthorityCode() { return publicAuthorityCode; } - /** - * Sets the publicAuthorityCode. - * @param publicAuthorityCode The publicAuthorityCode to set - */ - public void setPublicAuthorityCode(String publicAuthorityCode) { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse#setPublicAuthorityCode(java.lang.String) + */ + @Override +public void setPublicAuthorityCode(String publicAuthorityCode) { this.publicAuthorityCode = publicAuthorityCode; } - /** - * Returns the qualifiedCertificate. - * @return boolean - */ - public boolean isQualifiedCertificate() { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse#isQualifiedCertificate() + */ + @Override +public boolean isQualifiedCertificate() { return qualifiedCertificate; } - /** - * Returns the x509certificate. - * @return X509Certificate - */ - public X509Certificate getX509certificate() { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse#getX509certificate() + */ + @Override +public X509Certificate getX509certificate() { return x509certificate; } - /** - * Sets the qualifiedCertificate. - * @param qualifiedCertificate The qualifiedCertificate to set - */ - public void setQualifiedCertificate(boolean qualifiedCertificate) { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse#setQualifiedCertificate(boolean) + */ + @Override +public void setQualifiedCertificate(boolean qualifiedCertificate) { this.qualifiedCertificate = qualifiedCertificate; } - /** - * Sets the x509certificate. - * @param x509certificate The x509certificate to set - */ - public void setX509certificate(X509Certificate x509certificate) { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse#setX509certificate(iaik.x509.X509Certificate) + */ + @Override +public void setX509certificate(X509Certificate x509certificate) { this.x509certificate = x509certificate; } - /** - * Returns the xmlDSIGManigest. - * @return boolean - */ - public boolean isXmlDSIGManigest() { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse#isXmlDSIGManigest() + */ + @Override +public boolean isXmlDSIGManigest() { return xmlDSIGManigest; } - /** - * Sets the xmlDSIGManigest. - * @param xmlDSIGManigest The xmlDSIGManigest to set - */ - public void setXmlDSIGManigest(boolean xmlDSIGManigest) { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse#setXmlDSIGManigest(boolean) + */ + @Override +public void setXmlDSIGManigest(boolean xmlDSIGManigest) { this.xmlDSIGManigest = xmlDSIGManigest; } - /** - * Returns the publicAuthority. - * @return boolean - */ - public boolean isPublicAuthority() { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse#isPublicAuthority() + */ + @Override +public boolean isPublicAuthority() { return publicAuthority; } - /** - * Sets the publicAuthority. - * @param publicAuthority The publicAuthority to set - */ - public void setPublicAuthority(boolean publicAuthority) { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse#setPublicAuthority(boolean) + */ + @Override +public void setPublicAuthority(boolean publicAuthority) { this.publicAuthority = publicAuthority; } - /** - * Returns the the resulting code of the signature manifest check. - * - * @return The code of the sigature manifest check. - */ - public int getSignatureManifestCheckCode() { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse#getSignatureManifestCheckCode() + */ + @Override +public int getSignatureManifestCheckCode() { return signatureManifestCheckCode; } - /** - * Sets the signatureManifestCode. - * - * @param signatureManifestCheckCode The signatureManifestCode to set. - */ - public void setSignatureManifestCheckCode(int signatureManifestCheckCode) { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse#setSignatureManifestCheckCode(int) + */ + @Override +public void setSignatureManifestCheckCode(int signatureManifestCheckCode) { this.signatureManifestCheckCode = signatureManifestCheckCode; } - public Date getSigningDateTime() { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse#getSigningDateTime() + */ +@Override +public Date getSigningDateTime() { return signingDateTime; } - public void setSigningDateTime(Date signingDateTime) { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse#setSigningDateTime(java.util.Date) + */ +@Override +public void setSigningDateTime(Date signingDateTime) { this.signingDateTime = signingDateTime; } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/AbstractAuthServletTask.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/AbstractAuthServletTask.java index 1b78ff677..ec6dbc951 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/AbstractAuthServletTask.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/AbstractAuthServletTask.java @@ -22,18 +22,16 @@ import org.springframework.beans.factory.annotation.Autowired; import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger;
import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder;
-import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
import at.gv.egovernment.moa.id.commons.api.AuthConfiguration;
import at.gv.egovernment.moa.id.commons.api.IRequest;
+import at.gv.egovernment.moa.id.commons.api.data.IAuthenticationSession;
import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
import at.gv.egovernment.moa.id.moduls.IRequestStorage;
import at.gv.egovernment.moa.id.process.api.ExecutionContext;
import at.gv.egovernment.moa.id.process.springweb.MoaIdTask;
import at.gv.egovernment.moa.id.protocols.AbstractAuthProtocolModulController;
-import at.gv.egovernment.moa.id.storage.IAuthenticationSessionStoreage;
import at.gv.egovernment.moa.logging.Logger;
-import at.gv.egovernment.moa.util.MiscUtil;
/**
* Task based counterpart to {@link AuthServlet}, providing the same utility methods (error handling, parameter parsing
@@ -42,14 +40,14 @@ import at.gv.egovernment.moa.util.MiscUtil; public abstract class AbstractAuthServletTask extends MoaIdTask {
@Autowired protected IRequestStorage requestStoreage;
- @Autowired protected IAuthenticationSessionStoreage authenticatedSessionStorage;
+ //@Autowired protected IAuthenticationSessionStoreage authenticatedSessionStorage;
@Autowired protected MOAReversionLogger revisionsLogger;
@Autowired protected AuthConfiguration authConfig;
protected static final String ERROR_CODE_PARAM = "errorid";
protected IRequest pendingReq = null;
- protected AuthenticationSession moasession = null;
+ protected IAuthenticationSession moasession = null;
public abstract void execute(ExecutionContext executionContext, HttpServletRequest request,
HttpServletResponse response) throws TaskExecutionException;
@@ -77,28 +75,8 @@ public abstract class AbstractAuthServletTask extends MoaIdTask { * @throws MOADatabaseException
*/
protected void defaultTaskInitialization(HttpServletRequest req, ExecutionContext executionContext) throws MOAIDException, MOADatabaseException {
- String moasessionid = pendingReq.getMOASessionIdentifier();
- if (MiscUtil.isEmpty(moasessionid)) {
- Logger.warn("MOASessionID is empty.");
- throw new MOAIDException("auth.18", new Object[] {});
- }
-
- try {
- moasession = authenticatedSessionStorage.getSession(moasessionid);
-
- if (moasession == null) {
- Logger.warn("MOASessionID is empty.");
- throw new MOAIDException("auth.18", new Object[] {});
- }
-
- } catch (MOADatabaseException e) {
- Logger.info("MOASession with SessionID=" + moasessionid + " is not found in Database");
- throw new MOAIDException("init.04", new Object[] { moasessionid });
-
- } catch (Throwable e) {
- Logger.info("No HTTP Session found!");
- throw new MOAIDException("auth.18", new Object[] {});
- }
+ Logger.trace("Get MOASessionData object from pendingReq:" + pendingReq.getRequestID());
+ moasession = pendingReq.getMOASession();
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/EvaluateSSOConsentsTaskImpl.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/EvaluateSSOConsentsTaskImpl.java index dfb90da3a..1c26ff5ec 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/EvaluateSSOConsentsTaskImpl.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/EvaluateSSOConsentsTaskImpl.java @@ -30,6 +30,7 @@ import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Component; import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants; +import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask; @@ -37,6 +38,7 @@ import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException; import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; import at.gv.egovernment.moa.id.moduls.SSOManager; import at.gv.egovernment.moa.id.process.api.ExecutionContext; +import at.gv.egovernment.moa.id.storage.IAuthenticationSessionStoreage; import at.gv.egovernment.moa.id.util.ParamValidatorUtils; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; @@ -53,6 +55,7 @@ public class EvaluateSSOConsentsTaskImpl extends AbstractAuthServletTask { private static final String PARAM_SSO_CONSENTS = "value"; @Autowired private SSOManager ssoManager; + @Autowired protected IAuthenticationSessionStoreage authenticatedSessionStorage; /* (non-Javadoc) * @see at.gv.egovernment.moa.id.process.springweb.MoaIdTask#execute(at.gv.egovernment.moa.id.process.api.ExecutionContext, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse) @@ -72,12 +75,16 @@ public class EvaluateSSOConsentsTaskImpl extends AbstractAuthServletTask { ssoConsents = Boolean.parseBoolean(ssoConsentsString); //perform default task initialization - defaultTaskInitialization(request, executionContext); + //defaultTaskInitialization(request, executionContext); //check SSO session cookie and MOASession object String ssoId = ssoManager.getSSOSessionID(request); - boolean isValidSSOSession = ssoManager.isValidSSOSession(ssoId, pendingReq); - if (!(isValidSSOSession && moasession.isAuthenticated() )) { + boolean isValidSSOSession = ssoManager.isValidSSOSession(ssoId, pendingReq); + + //load MOA SSO-session from database + AuthenticationSession ssoMOSSession = authenticatedSessionStorage.getInternalSSOSession(pendingReq.getInternalSSOSessionIdentifier()); + + if (!(isValidSSOSession && ssoMOSSession.isAuthenticated() )) { Logger.info("Single Sign-On consents evaluator found NO valid SSO session. Stopping authentication process ..."); throw new AuthenticationException("auth.30", null); @@ -86,8 +93,13 @@ public class EvaluateSSOConsentsTaskImpl extends AbstractAuthServletTask { //Log consents evaluator event to revisionslog revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.AUTHPROCESS_SSO_ASK_USER_FINISHED, String.valueOf(ssoConsents)); + //Populate this pending request with SSO session information + pendingReq.populateMOASessionWithSSOInformation(ssoMOSSession); + + //user allow single sign-on authentication if (ssoConsents) { + //authenticate pending-request pendingReq.setAuthenticated(true); pendingReq.setAbortedByUser(false); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/FinalizeAuthenticationTask.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/FinalizeAuthenticationTask.java index 6a1ed7203..4eff0fcf5 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/FinalizeAuthenticationTask.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/FinalizeAuthenticationTask.java @@ -31,7 +31,6 @@ import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask; import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException; import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants; import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; -import at.gv.egovernment.moa.id.moduls.RequestImpl; import at.gv.egovernment.moa.id.process.api.ExecutionContext; import at.gv.egovernment.moa.logging.Logger; @@ -53,12 +52,10 @@ public class FinalizeAuthenticationTask extends AbstractAuthServletTask { try { defaultTaskInitialization(request, executionContext); - //set MOASession to authenticated and store MOASession + //set MOASession to authenticated moasession.setAuthenticated(true); - String newMOASessionID = authenticatedSessionStorage.changeSessionID(moasession); - //set pendingRequest to authenticated and set new MOASessionID - ((RequestImpl)pendingReq).setMOASessionIdentifier(newMOASessionID); + //set pending request to authenticated pendingReq.setAuthenticated(true); requestStoreage.storePendingRequest(pendingReq); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/IdentityLinkAssertionParser.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/IdentityLinkAssertionParser.java index a5783bfb7..8f7364f62 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/IdentityLinkAssertionParser.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/IdentityLinkAssertionParser.java @@ -61,6 +61,7 @@ import org.w3c.dom.traversal.NodeIterator; import at.gv.egovernment.moa.id.auth.data.IdentityLink; import at.gv.egovernment.moa.id.auth.exception.ECDSAConverterException; import at.gv.egovernment.moa.id.auth.exception.ParseException; +import at.gv.egovernment.moa.id.commons.api.data.IIdentityLink; import at.gv.egovernment.moa.id.util.ECDSAKeyValueConverter; import at.gv.egovernment.moa.util.Base64Utils; import at.gv.egovernment.moa.util.Constants; @@ -256,8 +257,8 @@ public class IdentityLinkAssertionParser { * @throws ParseException on any parsing error */ - public IdentityLink parseIdentityLink() throws ParseException { - IdentityLink identityLink; + public IIdentityLink parseIdentityLink() throws ParseException { + IIdentityLink identityLink; try { identityLink = new IdentityLink(); identityLink.setSamlAssertion(assertionElem); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java index 140c7aebc..92d76751f 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java @@ -30,13 +30,13 @@ import org.apache.commons.lang.StringEscapeUtils; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; -import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants; import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; import at.gv.egovernment.moa.id.commons.api.IRequest; +import at.gv.egovernment.moa.id.commons.api.data.IAuthenticationSession; import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; import at.gv.egovernment.moa.id.config.TargetToSectorNameMapper; import at.gv.egovernment.moa.id.process.api.ExecutionContext; @@ -51,7 +51,7 @@ public class StartAuthentificationParameterParser extends MOAIDAuthConstants{ @Autowired AuthConfiguration authConfig; - public void parse(AuthenticationSession moasession, + public void parse(IAuthenticationSession moasession, String target, String oaURL, String bkuURL, @@ -221,8 +221,8 @@ public class StartAuthentificationParameterParser extends MOAIDAuthConstants{ } - public void parse(ExecutionContext ec, HttpServletRequest req, - AuthenticationSession moasession, IRequest request) throws WrongParametersException, MOAIDException { + public void parse(ExecutionContext ec, IAuthenticationSession moasession, HttpServletRequest req, IRequest pendingReq) + throws WrongParametersException, MOAIDException { //get Parameters from request String oaURL = (String) ec.get(PARAM_OA); @@ -231,20 +231,20 @@ public class StartAuthentificationParameterParser extends MOAIDAuthConstants{ String useMandate = (String) ec.get(PARAM_USEMANDATE); String ccc = (String) ec.get(PARAM_CCC); - if (request.getOnlineApplicationConfiguration() != null && - request.getOnlineApplicationConfiguration().isOnlyMandateAllowed()) { - Logger.debug("Service " + request.getOnlineApplicationConfiguration().getPublicURLPrefix() + if (pendingReq.getOnlineApplicationConfiguration() != null && + pendingReq.getOnlineApplicationConfiguration().isOnlyMandateAllowed()) { + Logger.debug("Service " + pendingReq.getOnlineApplicationConfiguration().getPublicURLPrefix() + " only allows authentication with mandates. --> Set useMandate to TRUE."); - useMandate = String.valueOf(request.getOnlineApplicationConfiguration().isOnlyMandateAllowed()); + useMandate = String.valueOf(pendingReq.getOnlineApplicationConfiguration().isOnlyMandateAllowed()); } - oaURL = request.getOAURL(); + oaURL = pendingReq.getOAURL(); //only needed for SAML1 - String target = request.getGenericData("saml1_target", String.class); + String target = pendingReq.getGenericData("saml1_target", String.class); - parse(moasession, target, oaURL, bkuURL, templateURL, useMandate, ccc, req, request); + parse(moasession, target, oaURL, bkuURL, templateURL, useMandate, ccc, req, pendingReq); } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/VerifyXMLSignatureResponseParser.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/VerifyXMLSignatureResponseParser.java index 7bce406e0..b54a43fff 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/VerifyXMLSignatureResponseParser.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/VerifyXMLSignatureResponseParser.java @@ -56,6 +56,7 @@ import org.w3c.dom.Element; import at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse; import at.gv.egovernment.moa.id.auth.exception.ParseException; +import at.gv.egovernment.moa.id.commons.api.data.IVerifiyXMLSignatureResponse; import at.gv.egovernment.moa.util.Constants; import at.gv.egovernment.moa.util.DOMUtils; import at.gv.egovernment.moa.util.XPathUtils; @@ -168,9 +169,9 @@ public class VerifyXMLSignatureResponseParser { * @throws ParseException on any parsing error */ - public VerifyXMLSignatureResponse parseData() throws ParseException { + public IVerifiyXMLSignatureResponse parseData() throws ParseException { - VerifyXMLSignatureResponse respData=new VerifyXMLSignatureResponse(); + IVerifiyXMLSignatureResponse respData=new VerifyXMLSignatureResponse(); try { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/IDPSingleLogOutServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/IDPSingleLogOutServlet.java index 5e09380ae..a146f778e 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/IDPSingleLogOutServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/IDPSingleLogOutServlet.java @@ -134,16 +134,14 @@ public class IDPSingleLogOutServlet extends AbstractController { try { if (ssoManager.isValidSSOSession(ssoid, null)) { - String moaSessionID = authenicationStorage.getMOASessionSSOID(ssoid); - - if (MiscUtil.isNotEmpty(moaSessionID)) { - AuthenticationSession authSession = authenicationStorage.getSession(moaSessionID); - if(authSession != null) { - authManager.performSingleLogOut(req, resp, authSession, authURL); - return; + AuthenticationSession authSession = authenicationStorage.getInternalMOASessionWithSSOID(ssoid); + + if(authSession != null) { + authManager.performSingleLogOut(req, resp, authSession, authURL); + return; - } } + } } catch (Exception e) { handleErrorNoRedirect(e, req, resp, false); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java index 15333a933..8ef047300 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java @@ -56,6 +56,7 @@ import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; +import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.moduls.AuthenticationManager; @@ -105,8 +106,8 @@ public class LogOutServlet { //TODO: Single LogOut Implementation //delete SSO session and MOA session - String moasessionid = authenticatedSessionStorage.getMOASessionSSOID(ssoid); - authmanager.performOnlyIDPLogOut(req, resp, moasessionid); + AuthenticationSession moasessionid = authenticatedSessionStorage.getInternalMOASessionWithSSOID(ssoid); + authmanager.performOnlyIDPLogOut(moasessionid); Logger.info("User with SSO Id " + ssoid + " is logged out and get redirect to "+ redirectUrl); } else { |